From 0f8c9d08164623573c1c848d1a4468e74b24db98 Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Fri, 1 Oct 2010 17:49:05 -0700 Subject: [PATCH] Handle picky windows RODC servers --- lib/krb5/init_creds_pw.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c index 869687aa6..29b882d05 100644 --- a/lib/krb5/init_creds_pw.c +++ b/lib/krb5/init_creds_pw.c @@ -1418,6 +1418,17 @@ krb5_init_creds_set_service(krb5_context context, if (ret) return ret; } + + /* + * This is for Windows RODC that are picky about what name type + * the server principal have, and the really strange part is that + * they are picky about the AS-REQ name type and not the TGS-REQ + * later. Oh well. + */ + + if (krb5_principal_is_krbtgt(context, principal)) + krb5_principal_set_type(context, principal, KRB5_NT_SRV_INST); + krb5_free_principal(context, ctx->cred.server); ctx->cred.server = principal; -- 2.11.4.GIT