s3: Give machine password changes 10 minutes of time

This is what we do at domain join time as well, see
lib/netapi/joindomain.c:141

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 3c685fd9a7fcfeeefc3f66620f942aa7ed67b9dd..bbcca06a601088ad74fdc1e3dc1fd65e92e66e10 100644 (file)
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -625,11 +625,14 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
        if (cli->dc->negotiate_flags & NETLOGON_NEG_PASSWORD_SET2) {
 
                struct netr_CryptPassword new_password;
+               uint32_t old_timeout;
 
                init_netr_CryptPassword(new_trust_pwd_cleartext,
                                        cli->dc->session_key,
                                        &new_password);
 
+               old_timeout = dcerpc_binding_handle_set_timeout(b, 600000);
+
                status = dcerpc_netr_ServerPasswordSet2(b, mem_ctx,
                                                        cli->srv_name_slash,
                                                        cli->dc->account_name,
@@ -639,6 +642,9 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
                                                        &srv_cred,
                                                        &new_password,
                                                        &result);
+
+               dcerpc_binding_handle_set_timeout(b, old_timeout);
+
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(0,("dcerpc_netr_ServerPasswordSet2 failed: %s\n",
                                nt_errstr(status)));
@@ -647,9 +653,13 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
        } else {
 
                struct samr_Password new_password;
+               uint32_t old_timeout;
+
                memcpy(new_password.hash, new_trust_passwd_hash, sizeof(new_password.hash));
                netlogon_creds_des_encrypt(cli->dc, &new_password);
 
+               old_timeout = dcerpc_binding_handle_set_timeout(b, 600000);
+
                status = dcerpc_netr_ServerPasswordSet(b, mem_ctx,
                                                       cli->srv_name_slash,
                                                       cli->dc->account_name,
@@ -659,6 +669,9 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
                                                       &srv_cred,
                                                       &new_password,
                                                       &result);
+
+               dcerpc_binding_handle_set_timeout(b, old_timeout);
+
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(0,("dcerpc_netr_ServerPasswordSet failed: %s\n",
                                nt_errstr(status)));