summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libsmb/namequery_dc.c25
-rw-r--r--source3/nsswitch/winbindd_cm.c34
2 files changed, 37 insertions, 22 deletions
diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c
index 7dac69e2db..bdac833d13 100644
--- a/source3/libsmb/namequery_dc.c
+++ b/source3/libsmb/namequery_dc.c
@@ -98,15 +98,22 @@ static BOOL ads_dc_name(const char *domain,
}
#ifdef HAVE_KRB5
- if (is_our_primary_domain(domain) && (ads->config.flags & ADS_KDC) && ads_closest_dc(ads)) {
- /* We're going to use this KDC for this realm/domain.
- If we are using sites, then force the krb5 libs
- to use this KDC. */
-
- create_local_private_krb5_conf_for_domain(realm,
- domain,
- sitename,
- ads->ldap.ip);
+ if (is_our_primary_domain(domain) && (ads->config.flags & ADS_KDC)) {
+ if (ads_closest_dc(ads)) {
+ /* We're going to use this KDC for this realm/domain.
+ If we are using sites, then force the krb5 libs
+ to use this KDC. */
+
+ create_local_private_krb5_conf_for_domain(realm,
+ domain,
+ sitename,
+ ads->ldap.ip);
+ } else {
+ create_local_private_krb5_conf_for_domain(realm,
+ domain,
+ NULL,
+ ads->ldap.ip);
+ }
}
#endif
break;
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index 0888a934d1..28d8179cb6 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -1084,21 +1084,29 @@ static BOOL dcip_to_name(const struct winbindd_domain *domain, struct in_addr ip
DEBUG(10,("dcip_to_name: flags = 0x%x\n", (unsigned int)ads->config.flags));
- if (domain->primary && (ads->config.flags & ADS_KDC) && ads_closest_dc(ads)) {
- char *sitename = sitename_fetch(ads->config.realm);
-
- /* We're going to use this KDC for this realm/domain.
- If we are using sites, then force the krb5 libs
- to use this KDC. */
-
- create_local_private_krb5_conf_for_domain(domain->alt_name,
- domain->name,
- sitename,
- ip);
-
+ if (domain->primary && (ads->config.flags & ADS_KDC)) {
+ if (ads_closest_dc(ads)) {
+ char *sitename = sitename_fetch(ads->config.realm);
+
+ /* We're going to use this KDC for this realm/domain.
+ If we are using sites, then force the krb5 libs
+ to use this KDC. */
+
+ create_local_private_krb5_conf_for_domain(domain->alt_name,
+ domain->name,
+ sitename,
+ ip);
+
+ SAFE_FREE(sitename);
+ } else {
+ /* use an off site KDC */
+ create_local_private_krb5_conf_for_domain(domain->alt_name,
+ domain->name,
+ NULL,
+ ip);
+ }
winbindd_set_locator_kdc_envs(domain);
- SAFE_FREE(sitename);
/* Ensure we contact this DC also. */
saf_store( domain->name, name);
saf_store( domain->alt_name, name);