From d471e52d23bf89e472c34c58dd9f113e669323a4 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 13 Dec 2006 11:19:51 +0000
Subject: r20149: Remove the smb.conf distinction between PDC and BDC.  Now the
 correct way to setup a Samba4 DC is to set 'server role = domain controller'.

We use the fSMORoleOwner attribute in the base DN to determine the PDC.

This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.

Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.

We also now use the ldb database to determine if we should run the
global catalog service.

In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.

Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
---
 source4/rpc_server/lsa/dcesrv_lsa.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

(limited to 'source4/rpc_server/lsa')

diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 0b2c5a0cfb..4a207645b4 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -277,6 +277,7 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
 		"objectSid", 
 		"objectGUID", 
 		"nTMixedDomain",
+		"fSMORoleOwner",
 		NULL
 	};
 	struct ldb_result *ref_res;
@@ -317,7 +318,7 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
 	if (ret != LDB_SUCCESS) {
 		return NT_STATUS_INVALID_SYSTEM_SERVICE;
 	}
-	talloc_steal(state, dom_res);
+	talloc_steal(mem_ctx, dom_res);
 	if (dom_res->count != 1) {
 		return NT_STATUS_NO_SUCH_DOMAIN;		
 	}
@@ -333,7 +334,7 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
 	}
 
 	state->mixed_domain = ldb_msg_find_attr_as_uint(dom_res->msgs[0], "nTMixedDomain", 0);
-
+	
 	talloc_free(dom_res);
 
 	ret = ldb_search_exp_fmt(state->sam_ldb, state, &ref_res,
@@ -431,11 +432,12 @@ static WERROR dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_call_state
 		case ROLE_DOMAIN_MEMBER:
 			role		= DS_ROLE_MEMBER_SERVER;
 			break;
-		case ROLE_DOMAIN_BDC:
-			role		= DS_ROLE_BACKUP_DC;
-			break;
-		case ROLE_DOMAIN_PDC:
-			role		= DS_ROLE_PRIMARY_DC;
+		case ROLE_DOMAIN_CONTROLLER:
+			if (samdb_is_pdc(state->sam_ldb)) {
+				role	= DS_ROLE_PRIMARY_DC;
+			} else {
+				role    = DS_ROLE_BACKUP_DC;
+			}
 			break;
 		}
 
@@ -449,8 +451,7 @@ static WERROR dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_call_state
 			W_ERROR_HAVE_NO_MEMORY(domain);
 			/* TODO: what is with dns_domain and forest and guid? */
 			break;
-		case ROLE_DOMAIN_BDC:
-		case ROLE_DOMAIN_PDC:
+		case ROLE_DOMAIN_CONTROLLER:
 			flags		= DS_ROLE_PRIMARY_DS_RUNNING;
 
 			if (state->mixed_domain == 1) {
-- 
cgit