summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-09-14 15:48:19 +1000
committerAndrew Tridgell <tridge@samba.org>2010-09-15 15:39:35 +1000
commitfede78f29d15bb718186122f136cc25f0557773f (patch)
tree41ff242f8a763263d786467e1bffe80796944187
parent898674cb1ca5b071653acfe3bcfeac895fffc6c8 (diff)
downloadsamba-fede78f29d15bb718186122f136cc25f0557773f.tar.gz
samba-fede78f29d15bb718186122f136cc25f0557773f.tar.bz2
samba-fede78f29d15bb718186122f136cc25f0557773f.zip
s4-cldap: don't set the writable bit when we are a RODC
when we are a RODC, don't respond with the writable bit in the server type response of netlogon requests Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/cldap_server/netlogon.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index d1fde899a5..1dd3cb7e0e 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -71,7 +71,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
const char *pdc_ip;
struct ldb_dn *domain_dn = NULL;
struct interface *ifaces;
- bool user_known;
+ bool user_known, am_rodc;
NTSTATUS status;
/* the domain parameter could have an optional trailing "." */
@@ -233,7 +233,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type =
DS_SERVER_DS | DS_SERVER_TIMESERV |
- DS_SERVER_CLOSEST | DS_SERVER_WRITABLE |
+ DS_SERVER_CLOSEST |
DS_SERVER_GOOD_TIMESERV;
#if 0
@@ -261,6 +261,10 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= DS_SERVER_KDC;
}
+ if (samdb_rodc(sam_ctx, &am_rodc) != LDB_SUCCESS && !am_rodc) {
+ server_type |= DS_SERVER_WRITABLE;
+ }
+
#if 0
/* w2k8-r2 as a sole DC does not claim this */
if (ldb_dn_compare(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx)) == 0) {