diff options
author | Andrew Bartlett <abartlet@samba.org> | 2013-05-16 10:32:50 +1000 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2013-05-16 22:51:26 +0200 |
commit | 2ed6b0818a68ac07bd9c4270522aa8e2098ec140 (patch) | |
tree | f378ca904afaa37f610033500857c424457a54fe | |
parent | 9b24f6523e8c78879ada3e6d2927ebbb21dabfdc (diff) | |
download | samba-2ed6b0818a68ac07bd9c4270522aa8e2098ec140.tar.gz samba-2ed6b0818a68ac07bd9c4270522aa8e2098ec140.tar.bz2 samba-2ed6b0818a68ac07bd9c4270522aa8e2098ec140.zip |
auth: Ensure auth_sam is not used on the AD DC
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 16 22:51:26 CEST 2013 on sn-devel-104
-rw-r--r-- | source3/auth/auth_sam.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 7faa8de027..a34f9a5852 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -108,6 +108,13 @@ static NTSTATUS auth_init_sam(struct auth_context *auth_context, const char *par { struct auth_methods *result; + if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC + && !lp_parm_bool(-1, "server role check", "inhibit", false)) { + DEBUG(0, ("server role = 'active directory domain controller' not compatible with running the auth_sam module. \n")); + DEBUGADD(0, ("You should not set 'auth methods' when running the AD DC.\n")); + exit(1); + } + result = talloc_zero(auth_context, struct auth_methods); if (result == NULL) { return NT_STATUS_NO_MEMORY; |