From 9d37ee52e0d616b60e6644050d259e884ee5870d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 30 Aug 2006 18:48:49 +0000 Subject: r17937: Move the saf_ cache into the tcp ad connection code. Cause winbindd to set site support before doing the generic AD server lookup. Jeremy. (This used to be commit a9833941715472ece747bce69ef53ba8ad98d7a5) --- source3/nsswitch/winbindd_cm.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'source3/nsswitch') diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index cea30f730d..2f2bfb60ee 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -652,7 +652,7 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain, int iplist_size = 0; int i; BOOL is_our_domain; - + enum security_types sec = (enum security_types)lp_security(); is_our_domain = strequal(domain->name, lp_workgroup()); @@ -665,13 +665,27 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain, return True; } +#ifdef WITH_ADS + if (sec == SEC_ADS) { + /* We need to make sure we know the local site before + doing any DNS queries, as this will restrict the + get_sorted_dc_list() call below to only fetching + DNS records for the correct site. */ + + /* Find any DC to get the site record. + We deliberately don't care about the + return here. */ + get_dc_name(domain->name, lp_realm(), dcname, &ip); + } +#endif + /* try standard netbios queries first */ get_sorted_dc_list(domain->name, &ip_list, &iplist_size, False); /* check for security = ads and use DNS if we can */ - if ( iplist_size==0 && lp_security() == SEC_ADS ) + if ( iplist_size==0 && sec == SEC_ADS ) get_sorted_dc_list(domain->alt_name, &ip_list, &iplist_size, True); /* FIXME!! this is where we should re-insert the GETDC requests --jerry */ -- cgit