s4:rpc_server: Set Kerberos to desired

author Andreas Schneider <asn@samba.org>

Thu, 8 Apr 2021 13:45:42 +0000 (15:45 +0200)

committer Andrew Bartlett <abartlet@samba.org>

Wed, 28 Apr 2021 03:43:34 +0000 (03:43 +0000)
author Andreas Schneider <asn@samba.org>
Thu, 8 Apr 2021 13:45:42 +0000 (15:45 +0200)
committer Andrew Bartlett <abartlet@samba.org>
Wed, 28 Apr 2021 03:43:34 +0000 (03:43 +0000)
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c

index 2b63305cde272d683fe818d1146dfdaca0e3cd6e..17bcbf42cbb3cc4b98962c2f3b627bc0bc112593 100644 (file)
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -679,6 +679,7 @@ NTSTATUS dcesrv_gensec_prepare(
         struct cli_credentials *server_creds = NULL;
         struct imessaging_context *imsg_ctx =
                 dcesrv_imessaging_context(call->conn);
+       bool ok;
  
         server_creds = cli_credentials_init_server(call->auth_state,
                                                    call->conn->dce_ctx->lp_ctx);
@@ -686,6 +687,14 @@ NTSTATUS dcesrv_gensec_prepare(
                 DEBUG(1, ("Failed to init server credentials\n"));
                 return NT_STATUS_NO_MEMORY;
         }
+       /* This is required for ncalrpc_as_system. */
+       ok = cli_credentials_set_kerberos_state(server_creds,
+                                               CRED_USE_KERBEROS_DESIRED,
+                                               CRED_SPECIFIED);
+       if (!ok) {
+               DBG_WARNING("Failed to set kerberos state\n");
+               return NT_STATUS_INTERNAL_ERROR;
+       }
  
         return samba_server_gensec_start(mem_ctx,
                                          call->event_ctx,
author	Andreas Schneider <asn@samba.org>
	Thu, 8 Apr 2021 13:45:42 +0000 (15:45 +0200)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 28 Apr 2021 03:43:34 +0000 (03:43 +0000)