From eb1aa6a2cc0331cbbbc5ea466e5695e4df39e6ee Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 6 Jan 2004 00:13:56 +0000 Subject: (merge from 3.0) Change our Domain controller lookup routines to more carefully seperate DNS names (realms) from NetBIOS domain names. Until now, we would experience delays as we broadcast lookups for DNS names onto the local network segments. Now if DNS comes back negative, we fall straight back to looking up the short name. Andrew Bartlett (This used to be commit 4c3bd0a99e464198d243da302ff1868189b4dcff) --- source3/auth/auth_domain.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'source3/auth') diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 43e7597cd9..0f34bcc0e2 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -165,6 +165,9 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, if ( !NT_STATUS_IS_OK(nt_status) ) { DEBUG(0,("domain_client_validate: Domain password server not available.\n")); + if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) { + return NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE; + } return nt_status; } @@ -290,7 +293,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, /* we need our DC to send the net_sam_logon() request to */ - if ( !get_dc_name(domain, dc_name, &dc_ip) ) { + if ( !get_dc_name(domain, NULL, dc_name, &dc_ip) ) { DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n", user_info->domain.str)); return NT_STATUS_NO_LOGON_SERVERS; @@ -385,7 +388,7 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte /* use get_dc_name() for consistency even through we know that it will be a netbios name */ - if ( !get_dc_name(user_info->domain.str, dc_name, &dc_ip) ) { + if ( !get_dc_name(user_info->domain.str, NULL, dc_name, &dc_ip) ) { DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n", user_info->domain.str)); return NT_STATUS_NO_LOGON_SERVERS; -- cgit