From de63a5ad91eabb22c58338779ddb4bc16ab647ac Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 24 Nov 2009 16:51:30 +0100 Subject: s3: Always try SamLogonEx Required for cluster systems working in a Samba domain. With NT4 this won't work, but real NT4 DCs should not be around in environments that pay big bucks for a cluster... And if they are, they can always install a Samba DC trusting that NT4 domain. --- source3/winbindd/winbindd_cm.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source3/winbindd/winbindd_cm.c') diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 95e1daf0b7..e310d426a2 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2471,9 +2471,13 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, } /* - * Try NetSamLogonEx for AD domains + * Always try netr_LogonSamLogonEx. We will fall back for NT4 + * which gives DCERPC_FAULT_OP_RNG_ERROR (function not + * supported). We used to only try SamLogonEx for AD, but + * Samba DCs can also do it. And because we don't distinguish + * between Samba and NT4, always try it once. */ - domain->can_do_samlogon_ex = domain->active_directory; + domain->can_do_samlogon_ex = true; *cli = conn->netlogon_pipe; return NT_STATUS_OK; -- cgit