summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_cm.c
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-08-30 18:48:49 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:39:00 -0500
commit9d37ee52e0d616b60e6644050d259e884ee5870d (patch)
tree181f2127ff8f7adbdc6d04464530d748fe58a874 /source3/nsswitch/winbindd_cm.c
parentf2b3143cf72c9d8f391b867353757770d1f0b012 (diff)
downloadsamba-9d37ee52e0d616b60e6644050d259e884ee5870d.tar.gz
samba-9d37ee52e0d616b60e6644050d259e884ee5870d.tar.bz2
samba-9d37ee52e0d616b60e6644050d259e884ee5870d.zip
r17937: Move the saf_ cache into the tcp ad connection code.
Cause winbindd to set site support before doing the generic AD server lookup. Jeremy. (This used to be commit a9833941715472ece747bce69ef53ba8ad98d7a5)
Diffstat (limited to 'source3/nsswitch/winbindd_cm.c')
-rw-r--r--source3/nsswitch/winbindd_cm.c18
1 files changed, 16 insertions, 2 deletions
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index cea30f730d..2f2bfb60ee 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -652,7 +652,7 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain,
int iplist_size = 0;
int i;
BOOL is_our_domain;
-
+ enum security_types sec = (enum security_types)lp_security();
is_our_domain = strequal(domain->name, lp_workgroup());
@@ -665,13 +665,27 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain,
return True;
}
+#ifdef WITH_ADS
+ if (sec == SEC_ADS) {
+ /* We need to make sure we know the local site before
+ doing any DNS queries, as this will restrict the
+ get_sorted_dc_list() call below to only fetching
+ DNS records for the correct site. */
+
+ /* Find any DC to get the site record.
+ We deliberately don't care about the
+ return here. */
+ get_dc_name(domain->name, lp_realm(), dcname, &ip);
+ }
+#endif
+
/* try standard netbios queries first */
get_sorted_dc_list(domain->name, &ip_list, &iplist_size, False);
/* check for security = ads and use DNS if we can */
- if ( iplist_size==0 && lp_security() == SEC_ADS )
+ if ( iplist_size==0 && sec == SEC_ADS )
get_sorted_dc_list(domain->alt_name, &ip_list, &iplist_size, True);
/* FIXME!! this is where we should re-insert the GETDC requests --jerry */