From 58d0b638c802241655b205b1974e48f477c2eaeb Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 23 Jun 2010 10:33:15 +1000
Subject: s4:schannel Open the schannel_store.tdb at startup

This will allow TDB_CLEAR_IF_FIRST behaviour in future

Signed-off-by: Jeremy Allison <jra@samba.org>
---
 source4/smbd/server.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 88917c4f38..11415a1424 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -31,6 +31,7 @@
 #include "ntvfs/ntvfs.h"
 #include "ntptr/ntptr.h"
 #include "auth/gensec/gensec.h"
+#include "libcli/auth/schannel.h"
 #include "smbd/process_model.h"
 #include "param/secrets.h"
 #include "smbd/pidfile.h"
@@ -400,6 +401,13 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[
 		return 1;
 	}
 
+	if (lp_server_role(cmdline_lp_ctx) == ROLE_DOMAIN_CONTROLLER) {
+		if (!open_schannel_session_store(talloc_autofree_context(), lp_private_dir(cmdline_lp_ctx))) {
+			DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
+			exit(1);
+		}
+	}
+
 	gensec_init(cmdline_lp_ctx); /* FIXME: */
 
 	ntptr_init(cmdline_lp_ctx);	/* FIXME: maybe run this in the initialization function 
-- 
cgit