From 3cb1caf0ef9fa7b3e96f2ff1d878357bef3a60d3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 9 Sep 2009 11:26:50 +1000 Subject: s4: allow repl:RODC=true/false to set ourselves as a RODC I think this is what windows DCs use to see that we are read-only, but I am not sure. Needs more testing. --- source4/libnet/libnet_become_dc.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source4/libnet/libnet_become_dc.c') diff --git a/source4/libnet/libnet_become_dc.c b/source4/libnet/libnet_become_dc.c index 2d35b40cfa..9ba801bb6f 100644 --- a/source4/libnet/libnet_become_dc.c +++ b/source4/libnet/libnet_become_dc.c @@ -2767,8 +2767,12 @@ static void becomeDC_drsuapi_update_refs_send(struct libnet_BecomeDC_state *s, r->in.req.req1.dest_dsa_dns_name= ntds_dns_name; r->in.req.req1.dest_dsa_guid = s->dest_dsa.ntds_guid; r->in.req.req1.options = DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE - | DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE - | DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE; + | DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE; + + /* I think this is how we mark ourselves as a RODC */ + if (!lp_parm_bool(s->libnet->lp_ctx, NULL, "repl", "RODC", false)) { + r->in.req.req1.options |= DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE; + } req = dcerpc_drsuapi_DsReplicaUpdateRefs_send(drsuapi->pipe, r, r); composite_continue_rpc(c, req, recv_fn, s); -- cgit