Changeset 751 for trunk/server/source3/winbindd/winbindd_pam.c
- Timestamp:
- Nov 29, 2012, 1:59:04 PM (13 years ago)
- File:
-
- 1 edited
-
trunk/server/source3/winbindd/winbindd_pam.c (modified) (10 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/server/source3/winbindd/winbindd_pam.c
r745 r751 307 307 &token->sids, 308 308 &token->num_sids, 309 true , false);309 true); 310 310 if (!NT_STATUS_IS_OK(status)) { 311 311 TALLOC_FREE(frame); … … 641 641 service, 642 642 user, 643 pass, 643 644 realm, 644 645 uid, … … 958 959 service, 959 960 state->request->data.auth.user, 961 state->request->data.auth.pass, 960 962 domain->alt_name, 961 963 uid, … … 1079 1081 state->request->data.auth.user, name_domain, name_user, name_domain)); 1080 1082 1081 contact_domain = find_our_domain(); 1083 result = NT_STATUS_NO_SUCH_USER; 1084 goto done; 1082 1085 } 1083 1086 } … … 1166 1169 DEBUG(3,("could not open handle to NETLOGON pipe (error: %s)\n", 1167 1170 nt_errstr(result))); 1171 if (NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT)) { 1172 if (attempts > 0) { 1173 DEBUG(3, ("This is the second problem for this " 1174 "particular call, forcing the close of " 1175 "this connection\n")); 1176 invalidate_cm_connection(&domain->conn); 1177 } else { 1178 DEBUG(3, ("First call to cm_connect_netlogon " 1179 "has timed out, retrying\n")); 1180 continue; 1181 } 1182 } 1168 1183 return result; 1169 1184 } … … 1221 1236 } 1222 1237 1223 if (domain->can_do_samlogon_ex ) {1238 if (domain->can_do_samlogon_ex && domain->can_do_validation6) { 1224 1239 result = rpccli_netlogon_sam_network_logon_ex( 1225 1240 netlogon_pipe, 1226 1241 mem_ctx, 1227 0, 1242 logon_parameters, 1243 server, /* server name */ 1244 username, /* user name */ 1245 domainname, /* target domain */ 1246 workstation, /* workstation */ 1247 chal, 1248 6, 1249 lm_response, 1250 nt_response, 1251 info3); 1252 } else { 1253 result = rpccli_netlogon_sam_network_logon( 1254 netlogon_pipe, 1255 mem_ctx, 1256 logon_parameters, 1228 1257 server, /* server name */ 1229 1258 username, /* user name */ … … 1235 1264 nt_response, 1236 1265 info3); 1237 } else {1238 result = rpccli_netlogon_sam_network_logon(1239 netlogon_pipe,1240 mem_ctx,1241 0,1242 server, /* server name */1243 username, /* user name */1244 domainname, /* target domain */1245 workstation, /* workstation */1246 chal,1247 domain->can_do_validation6 ? 6 : 3,1248 lm_response,1249 nt_response,1250 info3);1251 1266 } 1252 1267 … … 1309 1324 1310 1325 if ( NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) ) { 1311 DEBUG(3,("winbind d_pam_auth: sam_logon returned "1326 DEBUG(3,("winbind_samlogon_retry_loop: sam_logon returned " 1312 1327 "ACCESS_DENIED. Maybe the trust account " 1313 1328 "password was changed and we didn't know it. " … … 1320 1335 } while ( (attempts < 2) && retry ); 1321 1336 1337 if (NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT)) { 1338 DEBUG(3,("winbind_samlogon_retry_loop: sam_network_logon(ex) " 1339 "returned NT_STATUS_IO_TIMEOUT after the retry." 1340 "Killing connections to domain %s\n", 1341 domainname)); 1342 invalidate_cm_connection(&domain->conn); 1343 } 1322 1344 return result; 1323 1345 } … … 2086 2108 } 2087 2109 2110 /* 2111 * Remove any mlock'ed memory creds in the child 2112 * we might be using for krb5 ticket renewal. 2113 */ 2114 2115 winbindd_delete_memory_creds(state->request->data.logoff.user); 2116 2088 2117 #else 2089 2118 result = NT_STATUS_NOT_SUPPORTED;
Note:
See TracChangeset
for help on using the changeset viewer.
