summaryrefslogtreecommitdiff
path: root/source3/auth/auth_domain.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-06 00:13:56 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-06 00:13:56 +0000
commiteb1aa6a2cc0331cbbbc5ea466e5695e4df39e6ee (patch)
treef469a55452e23482ec6c14a40c1fe8dced40b370 /source3/auth/auth_domain.c
parenta9598d2e88fcd5384640baa963000e4f02679985 (diff)
downloadsamba-eb1aa6a2cc0331cbbbc5ea466e5695e4df39e6ee.tar.gz
samba-eb1aa6a2cc0331cbbbc5ea466e5695e4df39e6ee.tar.bz2
samba-eb1aa6a2cc0331cbbbc5ea466e5695e4df39e6ee.zip
(merge from 3.0)
Change our Domain controller lookup routines to more carefully seperate DNS names (realms) from NetBIOS domain names. Until now, we would experience delays as we broadcast lookups for DNS names onto the local network segments. Now if DNS comes back negative, we fall straight back to looking up the short name. Andrew Bartlett (This used to be commit 4c3bd0a99e464198d243da302ff1868189b4dcff)
Diffstat (limited to 'source3/auth/auth_domain.c')
-rw-r--r--source3/auth/auth_domain.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 43e7597cd9..0f34bcc0e2 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -165,6 +165,9 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
if ( !NT_STATUS_IS_OK(nt_status) ) {
DEBUG(0,("domain_client_validate: Domain password server not available.\n"));
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) {
+ return NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE;
+ }
return nt_status;
}
@@ -290,7 +293,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
/* we need our DC to send the net_sam_logon() request to */
- if ( !get_dc_name(domain, dc_name, &dc_ip) ) {
+ if ( !get_dc_name(domain, NULL, dc_name, &dc_ip) ) {
DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n",
user_info->domain.str));
return NT_STATUS_NO_LOGON_SERVERS;
@@ -385,7 +388,7 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte
/* use get_dc_name() for consistency even through we know that it will be
a netbios name */
- if ( !get_dc_name(user_info->domain.str, dc_name, &dc_ip) ) {
+ if ( !get_dc_name(user_info->domain.str, NULL, dc_name, &dc_ip) ) {
DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n",
user_info->domain.str));
return NT_STATUS_NO_LOGON_SERVERS;