summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJim McDonough <jmcd@samba.org>2005-08-12 15:28:19 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:00:29 -0500
commitdcf2200411f8a98eaee03b6fa235e1e9aa41b3f3 (patch)
treeb400a971a76035293d7f5760e262ec1f6b412ed8 /source3/rpc_server
parent4a9637495ecdcf97e211e0af174e2429379e3945 (diff)
downloadsamba-dcf2200411f8a98eaee03b6fa235e1e9aa41b3f3.tar.gz
samba-dcf2200411f8a98eaee03b6fa235e1e9aa41b3f3.tar.bz2
samba-dcf2200411f8a98eaee03b6fa235e1e9aa41b3f3.zip
r9261: Fix #2976: windows member servers wouldn't alloc connections from users
defined locally because if we didn't find them as a DC we were marking the response as authoritative. Now if it's not a domain we know, we mark the response non-authoritative. Fix from jpjanosi@us.ibm.com (This used to be commit d522277b86ff728f6f2b9feb2f8e3fa38c43d162)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_netlog_nt.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 388d649c3c..78ff669d07 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -716,6 +716,15 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
/* Check account and password */
if (!NT_STATUS_IS_OK(status)) {
+ /* If we don't know what this domain is, we need to
+ indicate that we are not authoritative. This
+ allows the client to decide if it needs to try
+ a local user. Fix by jpjanosi@us.ibm.com, #2976 */
+ if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)
+ && !strequal(nt_domain, get_global_sam_name())
+ && !is_trusted_domain(nt_domain) )
+ r_u->auth_resp = 0; /* We are not authoritative */
+
free_server_info(&server_info);
return status;
}