DCs might run password filter modules that can delay the setting of
the machine password for a significant amount of time
use the same timeout as in the other paths of domain join
(e.g. rpccli_netlogon_set_trust_password)
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
9755541ed156d71df98607375ee3b925266c3c74)
The last 2 patches address bug #8955 - NetrServerPasswordSet2 timeout is too
short.
struct samr_Ids name_types;
union samr_UserInfo user_info;
struct dcerpc_binding_handle *b = NULL;
struct samr_Ids name_types;
union samr_UserInfo user_info;
struct dcerpc_binding_handle *b = NULL;
+ unsigned int old_timeout = 0;
struct samr_CryptPassword crypt_pwd;
struct samr_CryptPasswordEx crypt_pwd_ex;
struct samr_CryptPassword crypt_pwd;
struct samr_CryptPasswordEx crypt_pwd_ex;
/* Set password on machine account - first try level 26 */
/* Set password on machine account - first try level 26 */
+ /*
+ * increase the timeout as password filter modules on the DC
+ * might delay the operation for a significant amount of time
+ */
+ old_timeout = rpccli_set_timeout(pipe_hnd, 600000);
+
init_samr_CryptPasswordEx(r->in.machine_password,
&cli->user_session_key,
&crypt_pwd_ex);
init_samr_CryptPasswordEx(r->in.machine_password,
&cli->user_session_key,
&crypt_pwd_ex);
+ old_timeout = rpccli_set_timeout(pipe_hnd, old_timeout);
+
if (!NT_STATUS_IS_OK(status)) {
dcerpc_samr_DeleteUser(b, mem_ctx,
if (!NT_STATUS_IS_OK(status)) {
dcerpc_samr_DeleteUser(b, mem_ctx,