moved the domain sid lookup and enumeration of trusted domains into

the backends

at startup, loop until we get the domain sid for our primary domain,
trying every 10 seconds. This makes winbindd handle a room-wide power
failure better
(This used to be commit 7c60ae59378be1b2af2e57ee3927966a29a797a5)

1 files changed, 46 insertions, 2 deletions

diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index 8a98a2626d..e0d1b69c60 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -460,6 +460,49 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq)
 	return result;
 }
 
+/* get a list of trusted domains */
+static NTSTATUS trusted_domains(struct winbindd_domain *domain,
+				TALLOC_CTX *mem_ctx,
+				uint32 *num_domains,
+				char ***names,
+				DOM_SID **dom_sids)
+{
+	CLI_POLICY_HND *hnd;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+	uint32 enum_ctx = 0;
+
+	if (!(hnd = cm_get_lsa_handle(lp_workgroup())))
+		goto done;
+
+	result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx,
+					&hnd->pol, &enum_ctx, num_domains, 
+					names, dom_sids);
+done:
+	return result;
+}
+
+/* find the domain sid for a domain */
+static NTSTATUS domain_sid(struct winbindd_domain *domain, DOM_SID *sid)
+{
+	NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+	TALLOC_CTX *mem_ctx;
+	CLI_POLICY_HND *hnd;
+	fstring level5_dom;
+
+	if (!(mem_ctx = talloc_init()))
+		return NT_STATUS_NO_MEMORY;
+
+	/* Get sam handle */
+	if (!(hnd = cm_get_lsa_handle(domain->name)))
+		goto done;
+
+	status = cli_lsa_query_info_policy(hnd->cli, mem_ctx,
+					   &hnd->pol, 0x05, level5_dom, sid);
+
+done:
+	talloc_destroy(mem_ctx);
+	return status;
+}
 
 /* the rpc backend methods are exposed via this structure */
 struct winbindd_methods msrpc_methods = {
@@ -470,6 +513,7 @@ struct winbindd_methods msrpc_methods = {
 	query_user,
 	lookup_usergroups,
 	lookup_groupmem,
-	sequence_number
+	sequence_number,
+	trusted_domains,
+	domain_sid
 };
-