s3:net_ads: use cli_credentials_get_principal() in order to call kerberos functions

This is better than the value from cli_credentials_get_username()...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index f368724215bdc58b92a55f7e814d01e83ed049c4..e8e6ea2ac92b29320dd018dd52ce16ce2bafecb1 100644 (file)
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -3254,6 +3254,7 @@ static int net_ads_kerberos_pac_common(struct net_context *c, int argc, const ch
        int ret = -1;
        const char *impersonate_princ_s = NULL;
        const char *local_service = NULL;
+       const char *principal = NULL;
        const char *password = NULL;
        int i;
 
@@ -3280,10 +3281,15 @@ static int net_ads_kerberos_pac_common(struct net_context *c, int argc, const ch
                }
        }
 
+       principal = cli_credentials_get_principal(c->creds, c);
+       if (principal == NULL) {
+               d_printf("cli_credentials_get_principal() failed\n");
+               goto out;
+       }
        password = cli_credentials_get_password(c->creds);
 
        status = kerberos_return_pac(c,
-                                    c->opt_user_name,
+                                    principal,
                                     password,
                                     0,
                                     NULL,
@@ -3445,6 +3451,7 @@ static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **
 {
        int ret = -1;
        NTSTATUS status;
+       const char *principal = NULL;
        const char *password = NULL;
 
        if (c->display_usage) {
@@ -3456,9 +3463,14 @@ static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **
                return -1;
        }
 
+       principal = cli_credentials_get_principal(c->creds, c);
+       if (principal == NULL) {
+               d_printf("cli_credentials_get_principal() failed\n");
+               return -1;
+       }
        password = cli_credentials_get_password(c->creds);
 
-       ret = kerberos_kinit_password_ext(c->opt_user_name,
+       ret = kerberos_kinit_password_ext(principal,
                                          password,
                                          0,
                                          NULL,