s4:param Modify secrets_get_domain_sid to give more useful errors

This also moves the calls to secrets_get_domain_sid back into
winbind_task_init(), so that we can terminate with a much more
detailed error message.  (The previous message was simply
NT_STATUS_CANT_ACCESS_DOMAIN_INFO).

Andrew Bartlett

3 files changed, 34 insertions, 59 deletions

diff --git a/source4/winbind/config.mk b/source4/winbind/config.mk
index 16c1652fe4..17cbd956e4 100644
--- a/source4/winbind/config.mk
+++ b/source4/winbind/config.mk
@@ -20,7 +20,6 @@ PRIVATE_DEPENDENCIES = \
 
 WINBIND_OBJ_FILES = $(addprefix $(winbindsrcdir)/, \
 		wb_server.o \
-		wb_setup_domains.o \
 		wb_irpc.o \
 		wb_samba3_protocol.o \
 		wb_samba3_cmd.o \
diff --git a/source4/winbind/wb_server.c b/source4/winbind/wb_server.c
index fdf8deaa2c..03a443ac16 100644
--- a/source4/winbind/wb_server.c
+++ b/source4/winbind/wb_server.c
@@ -2,8 +2,9 @@
    Unix SMB/CIFS implementation.
    Main winbindd server routines
 
-   Copyright (C) Stefan Metzmacher	2005
+   Copyright (C) Stefan Metzmacher	2005-2008
    Copyright (C) Andrew Tridgell	2005
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2010
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -26,6 +27,7 @@
 #include "lib/tsocket/tsocket.h"
 #include "libcli/util/tstream.h"
 #include "param/param.h"
+#include "param/secrets.h"
 
 void wbsrv_terminate_connection(struct wbsrv_connection *wbconn, const char *reason)
 {
@@ -195,6 +197,8 @@ static void winbind_task_init(struct task_server *task)
 	NTSTATUS status;
 	struct wbsrv_service *service;
 	struct wbsrv_listen_socket *listen_socket;
+	char *errstring;
+	struct dom_sid *primary_sid;
 
 	task_server_set_title(task, "task[winbind]");
 
@@ -226,11 +230,36 @@ static void winbind_task_init(struct task_server *task)
 	if (!service) goto nomem;
 	service->task	= task;
 
-	status = wbsrv_setup_domains(service);
-	if (!NT_STATUS_IS_OK(status)) {
-		task_server_terminate(task, nt_errstr(status), true);
-		return;
+
+	/* Find the primary SID, depending if we are a standalone
+	 * server (what good is winbind in this case, but anyway...),
+	 * or are in a domain as a member or a DC */
+	switch (lp_server_role(service->task->lp_ctx)) {
+	case ROLE_STANDALONE:
+		primary_sid = secrets_get_domain_sid(service,
+						     service->task->event_ctx,
+						     service->task->lp_ctx,
+						     lp_netbios_name(service->task->lp_ctx), &errstring);
+		if (!primary_sid) {
+			char *message = talloc_asprintf(task, "Cannot start Winbind (standalone configuration): %s", errstring);
+			task_server_terminate(task, message, true);
+			return;
+		}
+		break;
+	case ROLE_DOMAIN_MEMBER:
+	case ROLE_DOMAIN_CONTROLLER:
+		primary_sid = secrets_get_domain_sid(service,
+						     service->task->event_ctx,
+						     service->task->lp_ctx,
+						     lp_workgroup(service->task->lp_ctx), &errstring);
+		if (!primary_sid) {
+			char *message = talloc_asprintf(task, "Cannot start Winbind (domain configuration): %s", errstring);
+			task_server_terminate(task, message, true);
+			return;
+		}
+		break;
 	}
+	service->primary_sid = primary_sid;
 
 	service->idmap_ctx = idmap_init(service, task->event_ctx, task->lp_ctx);
 	if (service->idmap_ctx == NULL) {
diff --git a/source4/winbind/wb_setup_domains.c b/source4/winbind/wb_setup_domains.c
deleted file mode 100644
index 5ce6500d4d..0000000000
--- a/source4/winbind/wb_setup_domains.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
-   Unix SMB/CIFS implementation.
-
-   Copyright (C) Stefan Metzmacher 2008
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "winbind/wb_server.h"
-#include "smbd/service_task.h"
-#include "param/secrets.h"
-#include "param/param.h"
-
-NTSTATUS wbsrv_setup_domains(struct wbsrv_service *service)
-{
-	const struct dom_sid *primary_sid;
-
-	/*
-	 * This is a bit more difficult here: when we are a domain controller
-	 * or a joined domain member the first call will work. But if we are
-	 * a standalone server or unjoined member then the second is the right
-	 * one.
-	 */
-	primary_sid = secrets_get_domain_sid(service,
-					     service->task->event_ctx,
-					     service->task->lp_ctx,
-					     lp_workgroup(service->task->lp_ctx));
-	if (primary_sid == NULL) {
-		primary_sid = secrets_get_domain_sid(service,
-						     service->task->event_ctx,
-						     service->task->lp_ctx,
-						     lp_netbios_name(service->task->lp_ctx));
-	}
-	if (primary_sid == NULL) {
-		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
-	}
-
-	service->primary_sid = primary_sid;
-
-	return NT_STATUS_OK;
-}