diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-08-16 13:31:33 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-08-16 23:13:07 +0200 |
commit | 4c5019d507fbe0c9ae328463a3392323fc9e6d51 (patch) | |
tree | 02c8ce5f0e54819bb11255785e739ed3735acacf | |
parent | f3b69da2aeb637398b0670cfb4a29379a8000d91 (diff) | |
download | samba-4c5019d507fbe0c9ae328463a3392323fc9e6d51.tar.gz samba-4c5019d507fbe0c9ae328463a3392323fc9e6d51.tar.bz2 samba-4c5019d507fbe0c9ae328463a3392323fc9e6d51.zip |
s4:cldap_server: set DS_SERVER_SELECT_SECRET_DOMAIN_6 if we're a RODC
metze
-rw-r--r-- | source4/cldap_server/netlogon.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c index 4777fcca9c..f5703d3f32 100644 --- a/source4/cldap_server/netlogon.c +++ b/source4/cldap_server/netlogon.c @@ -73,7 +73,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, const char *pdc_ip; struct ldb_dn *domain_dn = NULL; struct interface *ifaces; - bool user_known, am_rodc; + bool user_known = false, am_rodc = false; NTSTATUS status; /* the domain parameter could have an optional trailing "." */ @@ -230,10 +230,6 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, server_type |= DS_SERVER_PDC; } - if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) { - server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6; - } - if (samdb_is_gc(sam_ctx)) { server_type |= DS_SERVER_GC; } @@ -250,6 +246,14 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, server_type |= DS_SERVER_WRITABLE; } + if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) { + if (server_type & DS_SERVER_WRITABLE) { + server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6; + } else { + server_type |= DS_SERVER_SELECT_SECRET_DOMAIN_6; + } + } + if (version & (NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_5EX_WITH_IP)) { pdc_name = lpcfg_netbios_name(lp_ctx); } else { |