From 9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 3 Jun 2004 18:00:22 +0000 Subject: r991: Allow winbindd to use the domain trust account password for setting up an schannel connection. This solves the problem of a Samba DC running winbind, trusting a native mode AD domain, and needing to enumerate AD users via wbinfo -u. (This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea) --- source3/auth/auth_util.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/auth') diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 9a03e7fe13..e6cc0fe5b3 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1425,8 +1425,10 @@ BOOL is_trusted_domain(const char* dom_name) /* if we are a DC, then check for a direct trust relationships */ - if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) { + if ( IS_DC ) { become_root(); + DEBUG (5,("is_trusted_domain: Checking for domain trust with [%s]\n", + dom_name )); ret = secrets_fetch_trusted_domain_password(dom_name, &pass, &trustdom_sid, &lct); unbecome_root(); SAFE_FREE(pass); -- cgit