From 6fada7a82aa67e7b80ff003bd527092da68542c8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 31 Aug 2006 01:20:21 +0000 Subject: r17943: The horror, the horror. Add KDC site support by writing out a custom krb5.conf file containing the KDC I need. This may suck.... Needs some testing :-). Jeremy. (This used to be commit d500e1f96d92dfcc6292c448d1b399195f762d89) --- source3/libsmb/namequery_dc.c | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c index ed71a9816a..4099cc9dd8 100644 --- a/source3/libsmb/namequery_dc.c +++ b/source3/libsmb/namequery_dc.c @@ -38,8 +38,9 @@ static BOOL ads_dc_name(const char *domain, char *sitename = sitename_fetch(); int i; - if (!realm && strequal(domain, lp_workgroup())) + if (!realm && strequal(domain, lp_workgroup())) { realm = lp_realm(); + } /* Try this 3 times then give up. */ for( i =0 ; i < 3; i++) { @@ -64,22 +65,34 @@ static BOOL ads_dc_name(const char *domain, } /* Now we've found a server, see if our sitename - has changed. If so, we need to re-do the query + has changed. If so, we need to re-do the DNS query to ensure we only find servers in our site. */ - if (!sitename_changed(sitename)) { - break; + if (sitename_changed(sitename)) { + SAFE_FREE(sitename); + sitename = sitename_fetch(); + ads_destroy(&ads); + continue; } - ads_destroy(&ads); - } +#ifdef HAVE_KRB5 + if ((ads->config.flags & ADS_KDC) && sitename) { + /* We're going to use this KDC for this realm/domain. + If we are using sites, then force the krb5 libs + to use this KDC. */ + create_local_private_krb5_conf_for_domain(realm, + domain, + ads->ldap_ip); + } +#endif + break; + } if (i == 3) { DEBUG(1,("ads_dc_name: sitename (now \"%s\") keeps changing ???\n", sitename ? sitename : "")); SAFE_FREE(sitename); - ads_destroy(&ads); return False; } -- cgit