From 521c708fe45ab0d8b9e31391cc8b8aae59e0c27f Mon Sep 17 00:00:00 2001
From: Matthias Dieter Wallnöfer <mdw@samba.org>
Date: Wed, 23 Nov 2011 20:32:57 +0100
Subject: s4:netlogon RPC server - DsRGetDcNameEx - set the DNS name flags
 correctly

The rules are explained in MS-NRPC 2.2.1.2.1.

Patch inspired by Matthieu Patou.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---
 source4/rpc_server/netlogon/dcerpc_netlogon.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'source4/rpc_server/netlogon')

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 814b9699ed..125fb3859e 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1791,9 +1791,23 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call,
 		return ntstatus_to_werror(status);
 	}
 
+	/*
+	 * According to MS-NRPC 2.2.1.2.1 we should set the "DS_DNS_FOREST_ROOT"
+	 * (O) flag when the returned forest name is in DNS format. This is here
+	 * always the case (see below).
+	 */
+	response.data.nt5_ex.server_type |= DS_DNS_FOREST_ROOT;
+
 	if (r->in.flags & DS_RETURN_DNS_NAME) {
 		dc_name = response.data.nt5_ex.pdc_dns_name;
 		domain_name = response.data.nt5_ex.dns_domain;
+		/*
+		 * According to MS-NRPC 2.2.1.2.1 we should set the
+		 * "DS_DNS_CONTROLLER" (M) and "DS_DNS_DOMAIN" (N) flags when
+		 * the returned information is in DNS form.
+		 */
+		response.data.nt5_ex.server_type |=
+			DS_DNS_CONTROLLER | DS_DNS_DOMAIN;
 	} else if (r->in.flags & DS_RETURN_FLAT_NAME) {
 		dc_name = response.data.nt5_ex.pdc_name;
 		domain_name = response.data.nt5_ex.domain_name;
-- 
cgit