diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-09-14 15:48:19 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-09-15 15:39:35 +1000 |
commit | fede78f29d15bb718186122f136cc25f0557773f (patch) | |
tree | 41ff242f8a763263d786467e1bffe80796944187 | |
parent | 898674cb1ca5b071653acfe3bcfeac895fffc6c8 (diff) | |
download | samba-fede78f29d15bb718186122f136cc25f0557773f.tar.gz samba-fede78f29d15bb718186122f136cc25f0557773f.tar.bz2 samba-fede78f29d15bb718186122f136cc25f0557773f.zip |
s4-cldap: don't set the writable bit when we are a RODC
when we are a RODC, don't respond with the writable bit in the server
type response of netlogon requests
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source4/cldap_server/netlogon.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c index d1fde899a5..1dd3cb7e0e 100644 --- a/source4/cldap_server/netlogon.c +++ b/source4/cldap_server/netlogon.c @@ -71,7 +71,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, const char *pdc_ip; struct ldb_dn *domain_dn = NULL; struct interface *ifaces; - bool user_known; + bool user_known, am_rodc; NTSTATUS status; /* the domain parameter could have an optional trailing "." */ @@ -233,7 +233,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, server_type = DS_SERVER_DS | DS_SERVER_TIMESERV | - DS_SERVER_CLOSEST | DS_SERVER_WRITABLE | + DS_SERVER_CLOSEST | DS_SERVER_GOOD_TIMESERV; #if 0 @@ -261,6 +261,10 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, server_type |= DS_SERVER_KDC; } + if (samdb_rodc(sam_ctx, &am_rodc) != LDB_SUCCESS && !am_rodc) { + server_type |= DS_SERVER_WRITABLE; + } + #if 0 /* w2k8-r2 as a sole DC does not claim this */ if (ldb_dn_compare(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx)) == 0) { |