From 06435acf3b9afa94019f7654cda4ad9386c6384b Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 18 May 2011 11:53:34 +1000
Subject: s3-testparm Warn more on incorrect use of 'password server'

---
 source3/utils/testparm.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index 0e920ec696..edb11a6b05 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -128,17 +128,32 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n");
 	 * Password server sanity checks.
 	 */
 
-	if((lp_security() == SEC_SERVER || lp_security() >= SEC_DOMAIN) && !lp_passwordserver()) {
+	if((lp_security() == SEC_SERVER || lp_security() >= SEC_DOMAIN) && !*lp_passwordserver()) {
 		const char *sec_setting;
 		if(lp_security() == SEC_SERVER)
 			sec_setting = "server";
 		else if(lp_security() == SEC_DOMAIN)
 			sec_setting = "domain";
+		else if(lp_security() == SEC_ADS)
+			sec_setting = "ads";
 		else
 			sec_setting = "";
 
 		fprintf(stderr, "ERROR: The setting 'security=%s' requires the 'password server' parameter be set \
-to a valid password server.\n", sec_setting );
+to the default value * or a valid password server.\n", sec_setting );
+		ret = 1;
+	}
+
+	if((lp_security() >= SEC_DOMAIN) && (strcmp(lp_passwordserver(), "*") != 0)) {
+		const char *sec_setting;
+		if(lp_security() == SEC_DOMAIN)
+			sec_setting = "domain";
+		else if(lp_security() == SEC_ADS)
+			sec_setting = "ads";
+		else
+			sec_setting = "";
+
+		fprintf(stderr, "WARNING: The setting 'security=%s' is should NOT be combined with the 'password server' parameter.\n  (by default Samba will discover the correct DC to contact automatically).\n", sec_setting );
 		ret = 1;
 	}
 
-- 
cgit