Bug 13726 - Anonymous connection used by certain net rpc commands run with -k
Anonymous connection used by certain net rpc commands run with -k
Status: ASSIGNED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Tools
4.8.2
All All
: P5 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-12-19 20:44 UTC by jstephen
Modified: 2019-01-14 09:21 UTC (History)
2 users (show)

See Also:


Attachments
master (1.79 KB, patch)
2019-01-09 16:57 UTC, jstephen
no flags Details
v4.9 backport (1.79 KB, patch)
2019-01-09 16:57 UTC, jstephen
asn: review+
npower: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description jstephen 2018-12-19 20:44:59 UTC
A customer states the following command fails when the net command attempts to use anonymous user against AD.

#kinit <username>
Password for <username>@<DOMAINNAME>: 
#net -d 1 -k -S HOSTNAME.FQDN RPC GETSID 
Cannot connect to server (anonymously).

the flag NET_FLAGS_ANONYMOUS is set in 'net rpc getsid' and 'net rpc changetrustpw' code even if -k is used.
Comment 1 jstephen 2019-01-09 16:57:16 UTC
Created attachment 14761 [details]
master
Comment 2 jstephen 2019-01-09 16:57:47 UTC
Created attachment 14762 [details]
v4.9 backport
Comment 3 Andreas Schneider 2019-01-10 13:13:24 UTC
Karolin, please add the patch to the next 4.9 release. Thanks!
Comment 4 Karolin Seeger 2019-01-14 09:21:15 UTC
(In reply to Andreas Schneider from comment #3)
Pushed to autobuild-v4-9-test.