summaryrefslogtreecommitdiff
path: root/source4/cldap_server/netlogon.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/cldap_server/netlogon.c')
-rw-r--r--source4/cldap_server/netlogon.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index 4777fcca9c..f5703d3f32 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -73,7 +73,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
const char *pdc_ip;
struct ldb_dn *domain_dn = NULL;
struct interface *ifaces;
- bool user_known, am_rodc;
+ bool user_known = false, am_rodc = false;
NTSTATUS status;
/* the domain parameter could have an optional trailing "." */
@@ -230,10 +230,6 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= DS_SERVER_PDC;
}
- if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) {
- server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6;
- }
-
if (samdb_is_gc(sam_ctx)) {
server_type |= DS_SERVER_GC;
}
@@ -250,6 +246,14 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= DS_SERVER_WRITABLE;
}
+ if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) {
+ if (server_type & DS_SERVER_WRITABLE) {
+ server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6;
+ } else {
+ server_type |= DS_SERVER_SELECT_SECRET_DOMAIN_6;
+ }
+ }
+
if (version & (NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_5EX_WITH_IP)) {
pdc_name = lpcfg_netbios_name(lp_ctx);
} else {