git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 90025b6) | patch
kdc: Remove PAC_TYPE_ATTRIBUTES_INFO from RODC-issued tickets
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Wed, 24 Nov 2021 21:53:49 +0000 (10:53 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 30 Nov 2021 02:42:31 +0000 (02:42 +0000)
commit4b60e9516497c2e7f1545fe50887d0336b9893f2
tree7fcb0ec65b2634af5c092577c90ece3f03ecc47btree
parent90025b6a4d250a15c0f988a9a9150ecfb63069efcommit | diff
kdc: Remove PAC_TYPE_ATTRIBUTES_INFO from RODC-issued tickets

Windows ignores PAC_TYPE_ATTRIBUTES_INFO and always issues a PAC when
presented with an RODC-issued TGT. By removing this PAC buffer from
RODC-issued tickets, we ensure that an RODC-issued ticket will still
result in a PAC if it is first renewed or validated by the main DC.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
selftest/knownfail_heimdal_kdc diff | blob | history
source4/kdc/wdc-samba4.c diff | blob | history
Samba Shared Repository