summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2008-04-02 12:29:24 +0200
committerGünther Deschner <gd@samba.org>2008-04-02 12:29:24 +0200
commit832adaa5ab46a3fdceb2c26942615ac7a4ddf522 (patch)
treefa2eec0319d635054d632a2925dc74380acf61d2
parentda7863c4c9cc22ae8392b0ce42bb360ced5c0581 (diff)
downloadsamba-832adaa5ab46a3fdceb2c26942615ac7a4ddf522.tar.gz
samba-832adaa5ab46a3fdceb2c26942615ac7a4ddf522.tar.bz2
samba-832adaa5ab46a3fdceb2c26942615ac7a4ddf522.zip
Fix "net rpc trustdom establish" for win2k8 trusts.
When establishing trusts to a windows 2008 dc, the NetServerEnum2 RAP call fails with some exotic RAP failure. Let's just try a netlogon getdcname call in that case to convince ourselve we're talking to a proper machine. Rafael, looks ok? Guenther (This used to be commit b12edbeffee1f7d1fd971cde9189e5137ddeb35b)
-rw-r--r--source3/utils/net_rpc.c66
1 files changed, 52 insertions, 14 deletions
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 25c1f4261e..0d47b653c3 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -5841,7 +5841,49 @@ static int rpc_trustdom_del(int argc, const char **argv)
return -1;
}
}
-
+
+static NTSTATUS rpc_trustdom_get_pdc(struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *domain_name)
+{
+ char *dc_name = NULL;
+ const char *buffer = NULL;
+ struct rpc_pipe_client *netr;
+ NTSTATUS status;
+
+ /* Use NetServerEnum2 */
+
+ if (cli_get_pdc_name(cli, domain_name, &dc_name)) {
+ SAFE_FREE(dc_name);
+ return NT_STATUS_OK;
+ }
+
+ DEBUG(1,("NetServerEnum2 error: Couldn't find primary domain controller\
+ for domain %s\n", domain_name));
+
+ /* Try netr_GetDcName */
+
+ netr = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, &status);
+ if (!netr) {
+ return status;
+ }
+
+ status = rpccli_netr_GetDcName(netr, mem_ctx,
+ cli->desthost,
+ domain_name,
+ &buffer,
+ NULL);
+ cli_rpc_pipe_close(netr);
+
+ if (NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ DEBUG(1,("netr_GetDcName error: Couldn't find primary domain controller\
+ for domain %s\n", domain_name));
+
+ return status;
+}
/**
* Establish trust relationship to a trusting domain.
@@ -5866,7 +5908,6 @@ static int rpc_trustdom_establish(int argc, const char **argv)
char* domain_name;
char* acct_name;
fstring pdc_name;
- char *dc_name;
union lsa_PolicyInformation *info = NULL;
/*
@@ -5927,18 +5968,6 @@ static int rpc_trustdom_establish(int argc, const char **argv)
return -1;
}
- /*
- * Use NetServerEnum2 to make sure we're talking to a proper server
- */
-
- if (!cli_get_pdc_name(cli, domain_name, &dc_name)) {
- DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
- for domain %s\n", domain_name));
- cli_shutdown(cli);
- return -1;
- }
- SAFE_FREE(dc_name);
-
if (!(mem_ctx = talloc_init("establishing trust relationship to "
"domain %s", domain_name))) {
DEBUG(0, ("talloc_init() failed\n"));
@@ -5946,6 +5975,15 @@ static int rpc_trustdom_establish(int argc, const char **argv)
return -1;
}
+ /* Make sure we're talking to a proper server */
+
+ nt_status = rpc_trustdom_get_pdc(cli, mem_ctx, domain_name);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
/*
* Call LsaOpenPolicy and LsaQueryInfo
*/