diff options
-rw-r--r-- | source3/nsswitch/wb_common.c | 17 | ||||
-rw-r--r-- | source3/smbd/server.c | 5 |
2 files changed, 22 insertions, 0 deletions
diff --git a/source3/nsswitch/wb_common.c b/source3/nsswitch/wb_common.c index ed0075a358..0ec29aa2d7 100644 --- a/source3/nsswitch/wb_common.c +++ b/source3/nsswitch/wb_common.c @@ -29,6 +29,17 @@ /* Global variables. These are effectively the client state information */ static int established_socket = -1; /* fd for winbindd socket */ +static char *excluded_domain; + +/* + smbd needs to be able to exclude lookups for its own domain +*/ +void winbind_exclude_domain(const char *domain) +{ + if (excluded_domain) free(excluded_domain); + excluded_domain = strdup(domain); +} + /* Initialise a request structure */ @@ -321,6 +332,12 @@ NSS_STATUS winbindd_request(int req_type, return NSS_STATUS_NOTFOUND; } + /* smbd may have excluded this domain */ + if (excluded_domain && + strcasecmp(excluded_domain, request->domain) == 0) { + return NSS_STATUS_NOTFOUND; + } + if (!response) { ZERO_STRUCT(lresponse); response = &lresponse; diff --git a/source3/smbd/server.c b/source3/smbd/server.c index f753d615ed..7947b9cbc0 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -693,6 +693,11 @@ static void usage(char *pname) return(-1); init_structs(); + + /* don't call winbind for our domain if we are the DC */ + if (lp_domain_logons()) { + winbind_exclude_domain(lp_workgroup()); + } #ifdef WITH_PROFILE if (!profile_setup(False)) { |