From 0f6d51f34baa816b6ec422c8bc28687f0a3073de Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Tue, 26 Apr 2016 17:21:46 +0200
Subject: [PATCH] s3:libnet:libnet_join: add netbios aliases as SPNs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add all listed smb.conf netbios aliases as SPNs to the machine account:

  HOST/NETBIOS_ALIAS@REALM

and

  HOST/netbios_alias.dnsdomain.name@REALM

Bug: https://bugzilla.samba.org/show_bug.cgi?id=1703

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May  4 17:58:05 CEST 2016 on sn-devel-144
---
 source3/libnet/libnet_join.c | 60 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)

diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index ef6c995..a28864d 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -463,6 +463,7 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
 	size_t num_spns = 0;
 	char *spn = NULL;
 	bool ok;
+	const char **netbios_aliases = NULL;
 
 	/* Find our DN */
 
@@ -524,6 +525,65 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
 		}
 	}
 
+	netbios_aliases = lp_netbios_aliases();
+	if (netbios_aliases != NULL) {
+		for (; *netbios_aliases != NULL; netbios_aliases++) {
+			/*
+			 * Add HOST/NETBIOSNAME
+			 */
+			spn = talloc_asprintf(mem_ctx, "HOST/%s", *netbios_aliases);
+			if (spn == NULL) {
+				TALLOC_FREE(spn);
+				return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+			}
+			if (!strupper_m(spn)) {
+				TALLOC_FREE(spn);
+				return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+			}
+
+			ok = ads_element_in_array(spn_array, num_spns, spn);
+			if (ok) {
+				TALLOC_FREE(spn);
+				continue;
+			}
+			ok = add_string_to_array(spn_array, spn,
+						 &spn_array, &num_spns);
+			if (!ok) {
+				TALLOC_FREE(spn);
+				return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+			}
+			TALLOC_FREE(spn);
+
+			/*
+			 * Add HOST/netbiosname.domainname
+			 */
+			if (r->out.dns_domain_name == NULL) {
+				continue;
+			}
+			fstr_sprintf(my_fqdn, "%s.%s",
+				     *netbios_aliases,
+				     r->out.dns_domain_name);
+
+			spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn);
+			if (spn == NULL) {
+				return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+			}
+
+			ok = ads_element_in_array(spn_array, num_spns, spn);
+			if (ok) {
+				TALLOC_FREE(spn);
+				continue;
+			}
+			ok = add_string_to_array(spn_array, spn,
+						 &spn_array, &num_spns);
+			if (!ok) {
+				TALLOC_FREE(spn);
+				return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+			}
+			TALLOC_FREE(spn);
+		}
+	}
+
 	/* make sure to NULL terminate the array */
 	spn_array = talloc_realloc(mem_ctx, spn_array, const char *, num_spns + 1);
 	if (spn_array == NULL) {
-- 
2.8.0.rc3.226.g39d4020