--- samba/source/smbd/sesssetup.c.orig 2004/08/26 21:35:15 1.1.1.10 +++ samba/source/smbd/sesssetup.c 2005/03/03 01:28:40 @@ -154,6 +154,11 @@ uint8 tok_id[2]; DATA_BLOB nullblob = data_blob(NULL, 0); fstring real_username; +#ifdef WITH_OPENDIRECTORY + SAM_ACCOUNT *sam_pass=NULL; + BOOL trustaccount = False; + char *fullname=NULL; +#endif ZERO_STRUCT(ticket); ZERO_STRUCT(auth_data); @@ -248,18 +253,50 @@ if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); +#ifdef WITH_OPENDIRECTORY + + if (lp_opendirectory() && strchr_m(client, '$')) { + DEBUG(1,("Lookup trust account via passdb (%s)\n",user)); + pdb_init_sam(&sam_pass); + trustaccount = pdb_getsampwnam(sam_pass, client); + if (trustaccount == True) { + fullname = pdb_get_fullname (sam_pass); + fstrcpy(real_username, fullname); + DEBUG(1,("trust account found via passdb fullname(%s)\n",fullname)); + } + pdb_free_sam(&sam_pass); + } + if (!trustaccount) { +#endif SAFE_FREE(user); SAFE_FREE(client); data_blob_free(&ap_rep); data_blob_free(&session_key); return ERROR_NT(NT_STATUS_LOGON_FAILURE); +#ifdef WITH_OPENDIRECTORY } +#endif + } /* setup the string used by %U */ sub_set_smb_name( real_username ); + reload_services(True); +#ifdef WITH_OPENDIRECTORY + if (trustaccount && lp_opendirectory()) { + if (!NT_STATUS_IS_OK(ret = make_server_info_guest(&server_info))) + { + DEBUG(1,("make_server_info_guest (TRUST ACCOUNT) failed!\n")); + SAFE_FREE(user); + SAFE_FREE(client); + data_blob_free(&ap_rep); + data_blob_free(&session_key); + return ERROR_NT(ret); + } + } else { +#endif if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw))) { DEBUG(1,("make_server_info_from_pw failed!\n")); @@ -269,7 +306,9 @@ data_blob_free(&session_key); return ERROR_NT(ret); } - +#ifdef WITH_OPENDIRECTORY + } +#endif /* make_server_info_pw does not set the domain. Without this we end up * with the local netbios name in substitutions for %D. */