summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source4/winbind/wb_init_domain.c8
-rw-r--r--source4/winbind/wb_pam_auth.c1
2 files changed, 6 insertions, 3 deletions
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index 6b8606bb0c..69ea9c7533 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -161,9 +161,10 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx,
state->domain->netlogon_pipe = NULL;
if ((!cli_credentials_is_anonymous(state->domain->schannel_creds)) &&
- ((lp_server_role() == ROLE_DOMAIN_MEMBER) &&
- (dom_sid_equal(state->domain->info->sid,
- state->service->primary_sid)))) {
+ ((lp_server_role() == ROLE_DOMAIN_MEMBER) ||
+ (lp_server_role() == ROLE_DOMAIN_CONTROLLER)) &&
+ (dom_sid_equal(state->domain->info->sid,
+ state->service->primary_sid))) {
state->domain->netlogon_binding->flags |= DCERPC_SCHANNEL;
/* For debugging, it can be a real pain if all the traffic is encrypted */
@@ -233,6 +234,7 @@ static bool retry_with_schannel(struct init_domain_state *state,
void (*continuation)(struct composite_context *))
{
struct composite_context *ctx;
+ state->ctx->status = NT_STATUS_OK;
if (state->domain->netlogon_binding->flags & DCERPC_SCHANNEL
&& !(binding->flags & DCERPC_SCHANNEL)) {
/* Opening a policy handle failed, perhaps it was
diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c
index e29bb7c472..fffb7c408c 100644
--- a/source4/winbind/wb_pam_auth.c
+++ b/source4/winbind/wb_pam_auth.c
@@ -128,6 +128,7 @@ static void pam_auth_crap_recv_domain(struct composite_context *ctx)
struct wbsrv_domain *domain;
state->ctx->status = wb_sid2domain_recv(ctx, &domain);
+ if (!composite_is_ok(state->ctx)) return;
state->creds_state =
cli_credentials_get_netlogon_creds(domain->schannel_creds);
generated by cgit (git 2.34.1) at 2024-11-06 05:11:52 +0000