summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-08-16 13:31:33 +0200
committerStefan Metzmacher <metze@samba.org>2012-08-16 23:13:07 +0200
commit4c5019d507fbe0c9ae328463a3392323fc9e6d51 (patch)
tree02c8ce5f0e54819bb11255785e739ed3735acacf
parentf3b69da2aeb637398b0670cfb4a29379a8000d91 (diff)
downloadsamba-4c5019d507fbe0c9ae328463a3392323fc9e6d51.tar.gz
samba-4c5019d507fbe0c9ae328463a3392323fc9e6d51.tar.bz2
samba-4c5019d507fbe0c9ae328463a3392323fc9e6d51.zip
s4:cldap_server: set DS_SERVER_SELECT_SECRET_DOMAIN_6 if we're a RODC
metze
-rw-r--r--source4/cldap_server/netlogon.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index 4777fcca9c..f5703d3f32 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -73,7 +73,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
const char *pdc_ip;
struct ldb_dn *domain_dn = NULL;
struct interface *ifaces;
- bool user_known, am_rodc;
+ bool user_known = false, am_rodc = false;
NTSTATUS status;
/* the domain parameter could have an optional trailing "." */
@@ -230,10 +230,6 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= DS_SERVER_PDC;
}
- if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) {
- server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6;
- }
-
if (samdb_is_gc(sam_ctx)) {
server_type |= DS_SERVER_GC;
}
@@ -250,6 +246,14 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= DS_SERVER_WRITABLE;
}
+ if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) {
+ if (server_type & DS_SERVER_WRITABLE) {
+ server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6;
+ } else {
+ server_type |= DS_SERVER_SELECT_SECRET_DOMAIN_6;
+ }
+ }
+
if (version & (NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_5EX_WITH_IP)) {
pdc_name = lpcfg_netbios_name(lp_ctx);
} else {