summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/cldap_server/cldap_server.h3
-rw-r--r--source4/cldap_server/netlogon.c25
-rw-r--r--source4/nbt_server/dgram/netlogon.c2
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c2
-rw-r--r--source4/torture/rpc/netlogon.c9
5 files changed, 34 insertions, 7 deletions
diff --git a/source4/cldap_server/cldap_server.h b/source4/cldap_server/cldap_server.h
index 2eaf59401f..e40a1bd4ba 100644
--- a/source4/cldap_server/cldap_server.h
+++ b/source4/cldap_server/cldap_server.h
@@ -43,6 +43,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
const char *src_address,
uint32_t version,
struct loadparm_context *lp_ctx,
- struct netlogon_samlogon_response *netlogon);
+ struct netlogon_samlogon_response *netlogon,
+ bool fill_on_blank_request);
#include "cldap_server/proto.h"
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index e24f1b376e..06c61aca24 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -51,7 +51,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
const char *src_address,
uint32_t version,
struct loadparm_context *lp_ctx,
- struct netlogon_samlogon_response *netlogon)
+ struct netlogon_samlogon_response *netlogon,
+ bool fill_on_blank_request)
{
const char *dom_attrs[] = {"objectGUID", NULL};
const char *none_attrs[] = {NULL};
@@ -170,8 +171,24 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
}
}
- if (dom_res == NULL) {
- DEBUG(2,("Unable to get domain informations if no parameter of the list [long domainname, short domainname, GUID, SID] was specified!\n"));
+ if (dom_res == NULL && fill_on_blank_request) {
+ /* blank inputs gives our domain - tested against
+ w2k8r2. Without this ADUC on Win7 won't start */
+ domain_dn = ldb_get_default_basedn(sam_ctx);
+ ret = ldb_search(sam_ctx, mem_ctx, &dom_res,
+ domain_dn, LDB_SCOPE_BASE, dom_attrs,
+ "objectClass=domain");
+ if (ret != LDB_SUCCESS) {
+ DEBUG(2,("Error finding domain '%s'/'%s' in sam: %s\n",
+ lp_dnsdomain(lp_ctx),
+ ldb_dn_get_linearized(domain_dn),
+ ldb_errstring(sam_ctx)));
+ return NT_STATUS_NO_SUCH_DOMAIN;
+ }
+ }
+
+ if (dom_res == NULL) {
+ DEBUG(2,(__location__ ": Unable to get domain informations with no inputs\n"));
return NT_STATUS_NO_SUCH_DOMAIN;
}
@@ -437,7 +454,7 @@ void cldapd_netlogon_request(struct cldap_socket *cldap,
status = fill_netlogon_samlogon_response(cldapd->samctx, tmp_ctx, domain, NULL, NULL, domain_guid,
user, acct_control,
tsocket_address_inet_addr_string(src, tmp_ctx),
- version, cldapd->task->lp_ctx, &netlogon);
+ version, cldapd->task->lp_ctx, &netlogon, false);
if (!NT_STATUS_IS_OK(status)) {
goto failed;
}
diff --git a/source4/nbt_server/dgram/netlogon.c b/source4/nbt_server/dgram/netlogon.c
index 8fec15a675..c9d864c3c3 100644
--- a/source4/nbt_server/dgram/netlogon.c
+++ b/source4/nbt_server/dgram/netlogon.c
@@ -124,7 +124,7 @@ static void nbtd_netlogon_samlogon(struct dgram_mailslot_handler *dgmslot,
status = fill_netlogon_samlogon_response(samctx, packet, NULL, name->name, sid, NULL,
netlogon->req.logon.user_name, netlogon->req.logon.acct_control, src->addr,
- netlogon->req.logon.nt_version, iface->nbtsrv->task->lp_ctx, &netlogon_response.data.samlogon);
+ netlogon->req.logon.nt_version, iface->nbtsrv->task->lp_ctx, &netlogon_response.data.samlogon, false);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(2,("NBT netlogon query failed domain=%s sid=%s version=%d - %s\n",
name->name, dom_sid_string(packet, sid), netlogon->req.logon.nt_version, nt_errstr(status)));
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 2650dc7e59..b55ad57350 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1568,7 +1568,7 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call,
r->in.client_account,
r->in.mask, addr,
NETLOGON_NT_VERSION_5EX_WITH_IP,
- lp_ctx, &response);
+ lp_ctx, &response, true);
if (!NT_STATUS_IS_OK(status)) {
return ntstatus_to_werror(status);
}
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 1fc902b59e..d6bc013e8a 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -2271,6 +2271,15 @@ static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
struct netr_DsRGetDCNameInfo *info = NULL;
struct dcerpc_binding_handle *b = p->binding_handle;
+ torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
+ ZERO_STRUCT(r.in);
+ r.in.flags = DS_RETURN_DNS_NAME;
+ r.out.info = &info;
+
+ status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
+ torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
+
r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.client_account = NULL;
r.in.mask = 0x00000000;