summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2007-12-11 12:47:28 +0100
committerMichael Adam <obnox@samba.org>2007-12-13 10:15:16 +0100
commit5d9c97703432bbca7d45948708b5b21a3718559a (patch)
tree3bf8896e3dc0e49da99c558ae8965fea45917751 /source3
parent4884f5d23af41a0b88b98a0485cb3935beb820fe (diff)
downloadsamba-5d9c97703432bbca7d45948708b5b21a3718559a.tar.gz
samba-5d9c97703432bbca7d45948708b5b21a3718559a.tar.bz2
samba-5d9c97703432bbca7d45948708b5b21a3718559a.zip
Streamline logic in cm_connect_netlogon()
by retrieving trust password only, when it will be used. Michael (This used to be commit cdc60d8ae8c0ef804206b20b451e9557f97d4439)
Diffstat (limited to 'source3')
-rw-r--r--source3/winbindd/winbindd_cm.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 0a96e04052..d5c8b9955f 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2219,10 +2219,6 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
return NT_STATUS_OK;
}
- if ((IS_DC || domain->primary) && !get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) {
- return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
- }
-
netlogon_pipe = cli_rpc_pipe_open_noauth(conn->cli, PI_NETLOGON,
&result);
if (netlogon_pipe == NULL) {
@@ -2234,11 +2230,16 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
neg_flags &= ~NETLOGON_NEG_SCHANNEL;
goto no_schannel;
}
-
+
if (lp_client_schannel() != False) {
neg_flags |= NETLOGON_NEG_SCHANNEL;
}
+ if (!get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) {
+ cli_rpc_pipe_close(netlogon_pipe);
+ return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+ }
+
/* if we are a DC and this is a trusted domain, then we need to use our
domain name in the net_req_auth2() request */