summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-05 04:10:28 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-05 04:10:28 +0000
commita7f8c26d24b78dc6a0f829cf7b53112e5ddbdeda (patch)
tree7452bffcb646e5c1fb4c02d43b61645733c5c97e /source3/auth
parent72de1cd0f7701cb0b66c4eebc0c103a6b62c1cd7 (diff)
downloadsamba-a7f8c26d24b78dc6a0f829cf7b53112e5ddbdeda.tar.gz
samba-a7f8c26d24b78dc6a0f829cf7b53112e5ddbdeda.tar.bz2
samba-a7f8c26d24b78dc6a0f829cf7b53112e5ddbdeda.zip
Change our Domain controller lookup routines to more carefully seperate
DNS names (realms) from NetBIOS domain names. Until now, we would experience delays as we broadcast lookups for DNS names onto the local network segments. Now if DNS comes back negative, we fall straight back to looking up the short name. Andrew Bartlett (This used to be commit 32397c8b01f1dec7b05140d210bb32f836a80ca6)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_domain.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 43e7597cd9..0f34bcc0e2 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -165,6 +165,9 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
if ( !NT_STATUS_IS_OK(nt_status) ) {
DEBUG(0,("domain_client_validate: Domain password server not available.\n"));
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) {
+ return NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE;
+ }
return nt_status;
}
@@ -290,7 +293,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
/* we need our DC to send the net_sam_logon() request to */
- if ( !get_dc_name(domain, dc_name, &dc_ip) ) {
+ if ( !get_dc_name(domain, NULL, dc_name, &dc_ip) ) {
DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n",
user_info->domain.str));
return NT_STATUS_NO_LOGON_SERVERS;
@@ -385,7 +388,7 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte
/* use get_dc_name() for consistency even through we know that it will be
a netbios name */
- if ( !get_dc_name(user_info->domain.str, dc_name, &dc_ip) ) {
+ if ( !get_dc_name(user_info->domain.str, NULL, dc_name, &dc_ip) ) {
DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n",
user_info->domain.str));
return NT_STATUS_NO_LOGON_SERVERS;