diff options
author | Gerald (Jerry) Carter <jerry@samba.org> | 2008-01-04 13:31:07 -0600 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2008-01-04 13:31:07 -0600 |
commit | 9a45dcef4d7c0f85d371afb2f7e09ae63bb7ae65 (patch) | |
tree | db5bf72fd0ae498b3541585b43a4cf21dba44315 /source3/winbindd | |
parent | f215dec8311b733c2db52c87a4e34dafecbea736 (diff) | |
download | samba-9a45dcef4d7c0f85d371afb2f7e09ae63bb7ae65.tar.gz samba-9a45dcef4d7c0f85d371afb2f7e09ae63bb7ae65.tar.bz2 samba-9a45dcef4d7c0f85d371afb2f7e09ae63bb7ae65.zip |
When connecting to an AD DC, use the DsGetDCName variant.
This allows us to deal with child domains in transitive forest trusts.
It also allows us to fill in the forest name to the target domain to the
struct winbindd_domain *.
(This used to be commit ed30516bb0f55f9ba466debf91b6e33d1c28a484)
Diffstat (limited to 'source3/winbindd')
-rw-r--r-- | source3/winbindd/winbindd_cm.c | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 33674d2cf7..99e401d53f 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -601,8 +601,34 @@ static bool get_dc_name_via_netlogon(const struct winbindd_domain *domain, orig_timeout = cli_set_timeout(netlogon_pipe->cli, 35000); - werr = rpccli_netlogon_getanydcname(netlogon_pipe, mem_ctx, our_domain->dcname, + if (our_domain->active_directory) { + struct DS_DOMAIN_CONTROLLER_INFO *domain_info = NULL; + + werr = rpccli_netlogon_dsr_getdcname(netlogon_pipe, + mem_ctx, + our_domain->dcname, + domain->name, + NULL, + NULL, + DS_RETURN_DNS_NAME, + &domain_info); + if (W_ERROR_IS_OK(werr)) { + fstrcpy(tmp, domain_info->domain_controller_name); + if (strlen(domain->alt_name) == 0) { + fstrcpy(domain->alt_name, + CONST_DISCARD(char*, domain_info->domain_name)); + } + if (strlen(domain->forest_name) == 0) { + fstrcpy(domain->forest_name, + CONST_DISCARD(char*, domain_info->dns_forest_name)); + } + } + } else { + + werr = rpccli_netlogon_getanydcname(netlogon_pipe, mem_ctx, + our_domain->dcname, domain->name, &tmp); + } /* And restore our original timeout. */ cli_set_timeout(netlogon_pipe->cli, orig_timeout); @@ -1869,9 +1895,17 @@ no_lsarpc_ds: if (dns_name) fstrcpy(domain->alt_name, dns_name); - if ( forest_name ) + /* See if we can set some domain trust flags about + ourself */ + + if ( forest_name ) { fstrcpy(domain->forest_name, forest_name); + if (strequal(domain->forest_name, domain->alt_name)) { + domain->domain_flags = DS_DOMAIN_TREE_ROOT; + } + } + if (dom_sid) sid_copy(&domain->sid, dom_sid); } else { |