parse_domain_user(state->request->data.auth.user, name_domain, name_user);
- if (!lookup_cached_name(state->mem_ctx,
- name_domain,
+ if (!lookup_cached_name(name_domain,
name_user,
&sid,
&type)) {
my_info3->base.bad_password_count = 0;
result = winbindd_update_creds_by_info3(domain,
- state->mem_ctx,
state->request->data.auth.user,
state->request->data.auth.pass,
my_info3);
failed:
result = winbindd_update_creds_by_info3(domain,
- state->mem_ctx,
state->request->data.auth.user,
NULL,
my_info3);
DEBUG(3, ("[%5lu]: dual pam auth %s\n", (unsigned long)state->pid,
state->request->data.auth.user));
- if (!check_request_flags(state->request->flags)) {
- result = NT_STATUS_INVALID_PARAMETER_MIX;
- goto done;
- }
-
/* Parse domain and username */
name_map_status = normalize_name_unmap(state->mem_ctx,
goto done;
}
- if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) {
+ if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)
+ && lp_winbind_offline_logon()) {
- if (lp_winbind_offline_logon()) {
- result = winbindd_store_creds(domain,
- state->mem_ctx,
+ result = winbindd_store_creds(domain,
state->request->data.auth.user,
state->request->data.auth.pass,
info3);
- }
}
-
if (state->request->flags & WBFLAG_PAM_GET_PWD_POLICY) {
struct winbindd_domain *our_domain = find_our_domain();
state->request->data.auth_crap.user[sizeof(state->request->data.auth_crap.user)-1]=0;
state->request->data.auth_crap.domain[sizeof(state->request->data.auth_crap.domain)-1]=0;
- if (!check_request_flags(state->request->flags)) {
- result = NT_STATUS_INVALID_PARAMETER_MIX;
- goto done;
- }
-
name_user = state->request->data.auth_crap.user;
-
- if (*state->request->data.auth_crap.domain) {
- name_domain = state->request->data.auth_crap.domain;
- } else if (lp_winbind_use_default_domain()) {
- name_domain = lp_workgroup();
- } else {
- DEBUG(5,("no domain specified with username (%s) - failing auth\n",
- name_user));
- result = NT_STATUS_NO_SUCH_USER;
- goto done;
- }
+ name_domain = state->request->data.auth_crap.domain;
+ workstation = state->request->data.auth_crap.workstation;
DEBUG(3, ("[%5lu]: pam auth crap domain: %s user: %s\n", (unsigned long)state->pid,
name_domain, name_user));
- if (*state->request->data.auth_crap.workstation) {
- workstation = state->request->data.auth_crap.workstation;
- } else {
- workstation = global_myname();
- }
-
if (state->request->data.auth_crap.lm_resp_len > sizeof(state->request->data.auth_crap.lm_resp)
|| state->request->data.auth_crap.nt_resp_len > sizeof(state->request->data.auth_crap.nt_resp)) {
if (!(state->request->flags & WBFLAG_BIG_NTLMV2_BLOB) ||
if (NT_STATUS_IS_OK(result) && (state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) {
if (lp_winbind_offline_logon()) {
result = winbindd_update_creds_by_name(contact_domain,
- state->mem_ctx, user,
- newpass);
+ user, newpass);
/* Again, this happens when we login from gdm or xdm
* and the password expires, *BUT* cached crendentials
* doesn't exist. winbindd_update_creds_by_name()