[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Tue Sep 28 00:40:02 MDT 2010
The branch, master has been updated
via c7f6ab8 s4-provision: fixed the authority response for our SOA record
via 0bbbfa0 s4-dns: implemented RODC DNS update in dns update task
via c4d2b6f s4-netlogon: added RODC DNS update call fwded to dnsupdate task
via 6237d56 s4-dns: added --update-list option to samba_dnsupdate
via 7d38079 pidl: added ifdef guards around ndr headers
via bc47af5 s4-kdc: added ifdef guards in kdc.h
via 1587b46 s4-ldb: removed an unused variable
via 17aa2b3 s4-kcc: fixed a incorrect context to kcctpl_get_all_bridgehead_dcs
via e313667 s4-dsdb: added samdb_find_site_for_computer() and samdb_find_ntdsguid_for_computer()
via c972790 s4-auth: removed unused variable dom_sid
from 94dc2c1 s3: Lift smbd_messaging_context() from open_sockets_smbd()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c7f6ab890e8e70f27ddc975abec58b5e0cf8d6a5
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 22:53:06 2010 -0700
s4-provision: fixed the authority response for our SOA record
some clients rely on this being the hostname, not the domain
Autobuild-User: Andrew Tridgell <tridge at samba.org>
Autobuild-Date: Tue Sep 28 06:39:19 UTC 2010 on sn-devel-104
commit 0bbbfa04f60b173912cedcfe08590fe43b5c2872
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 21:08:43 2010 -0700
s4-dns: implemented RODC DNS update in dns update task
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit c4d2b6fbc21625dc5ed2063e5ad699309fa5a3e1
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 21:08:23 2010 -0700
s4-netlogon: added RODC DNS update call fwded to dnsupdate task
when we get a netlogon RODC DNS update, we send it to the dnsupdate
task
commit 6237d560275d7d19e46afe85cb9f19313359ea80
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 21:07:17 2010 -0700
s4-dns: added --update-list option to samba_dnsupdate
this allows us to use it for RODC netlogon updates
commit 7d380795b63c9b6e5196607960a35cfc90bdf1d9
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 21:03:45 2010 -0700
pidl: added ifdef guards around ndr headers
this prevents us parsing the leading headers needlessly
commit bc47af50eb0896c108b7acc5323a897e27120252
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 21:03:14 2010 -0700
s4-kdc: added ifdef guards in kdc.h
this prevents too much recursion in the compiler preprocessor
commit 1587b46fa0f403578f7198a4e7c7ef603aaa5598
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 19:47:14 2010 -0700
s4-ldb: removed an unused variable
commit 17aa2b329494bc82a89bc9bd8a7e6ba66406fc52
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 19:47:01 2010 -0700
s4-kcc: fixed a incorrect context to kcctpl_get_all_bridgehead_dcs
commit e313667983f5225d6f506d53fcd15011d54d5538
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 19:46:37 2010 -0700
s4-dsdb: added samdb_find_site_for_computer() and samdb_find_ntdsguid_for_computer()
these will be used by the new RODC dns update code
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit c9727902499b0cc84fef9a44b5252ac83376456e
Author: Andrew Tridgell <tridge at samba.org>
Date: Mon Sep 27 19:45:56 2010 -0700
s4-auth: removed unused variable dom_sid
-----------------------------------------------------------------------
Summary of changes:
pidl/lib/Parse/Pidl/Samba4/Header.pm | 17 ++-
source4/auth/session.c | 2 +-
source4/dsdb/common/util.c | 57 +++++++
source4/dsdb/dns/dns_update.c | 199 +++++++++++++++++++++++++
source4/dsdb/kcc/kcc_topology.c | 2 +-
source4/dsdb/samdb/ldb_modules/util.c | 1 -
source4/kdc/kdc.h | 5 +
source4/librpc/idl/irpc.idl | 12 ++-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 92 +++++++++++-
source4/scripting/bin/samba_dnsupdate | 22 ++-
source4/setup/provision.zone | 2 +-
11 files changed, 394 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Samba4/Header.pm b/pidl/lib/Parse/Pidl/Samba4/Header.pm
index be1df4b..9788b2c 100644
--- a/pidl/lib/Parse/Pidl/Samba4/Header.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/Header.pm
@@ -5,7 +5,6 @@
# released under the GNU GPL
package Parse::Pidl::Samba4::Header;
-
require Exporter;
@ISA = qw(Exporter);
@@ -412,6 +411,20 @@ sub Parse($)
$res = "";
%headerstructs = ();
pidl "/* header auto-generated by pidl */\n\n";
+
+ my $ifacename = "";
+
+ # work out a unique interface name
+ foreach (@{$ndr}) {
+ if ($_->{TYPE} eq "INTERFACE") {
+ $ifacename = $_->{NAME};
+ last;
+ }
+ }
+
+ pidl "#ifndef _PIDL_HEADER_$ifacename\n";
+ pidl "#define _PIDL_HEADER_$ifacename\n\n";
+
if (!is_intree()) {
pidl "#include <util/data_blob.h>\n";
}
@@ -428,6 +441,8 @@ sub Parse($)
($_->{TYPE} eq "INCLUDE") && HeaderInclude(@{$_->{PATHS}});
}
+ pidl "#endif /* _PIDL_HEADER_$ifacename */\n";
+
return $res;
}
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 68d03ae..ce7ea3b 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -59,7 +59,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
const char *filter;
struct dom_sid **groupSIDs = NULL;
- const struct dom_sid *dom_sid, *anonymous_sid, *system_sid;
+ const struct dom_sid *anonymous_sid, *system_sid;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 7bf2618..a8186e8 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1620,6 +1620,63 @@ struct ldb_dn *samdb_server_site_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx
}
/*
+ find the site name from a computers DN record
+ */
+int samdb_find_site_for_computer(struct ldb_context *ldb,
+ TALLOC_CTX *mem_ctx, struct ldb_dn *computer_dn,
+ const char **site_name)
+{
+ int ret;
+ struct ldb_dn *dn;
+ const struct ldb_val *rdn_val;
+
+ *site_name = NULL;
+
+ ret = samdb_reference_dn(ldb, mem_ctx, computer_dn, "serverReferenceBL", &dn);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+ if (!ldb_dn_remove_child_components(dn, 2)) {
+ talloc_free(dn);
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
+ rdn_val = ldb_dn_get_rdn_val(dn);
+ (*site_name) = talloc_strndup(mem_ctx, (const char *)rdn_val->data, rdn_val->length);
+ talloc_free(dn);
+ if (!*site_name) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ return LDB_SUCCESS;
+}
+
+/*
+ find the NTDS GUID from a computers DN record
+ */
+int samdb_find_ntdsguid_for_computer(struct ldb_context *ldb, struct ldb_dn *computer_dn,
+ struct GUID *ntds_guid)
+{
+ int ret;
+ struct ldb_dn *dn;
+
+ *ntds_guid = GUID_zero();
+
+ ret = samdb_reference_dn(ldb, ldb, computer_dn, "serverReferenceBL", &dn);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+ if (!ldb_dn_add_child_fmt(dn, "CN=NTDS Settings")) {
+ talloc_free(dn);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ ret = dsdb_find_guid_by_dn(ldb, dn, ntds_guid);
+ talloc_free(dn);
+ return ret;
+}
+
+/*
find a 'reference' DN that points at another object
(eg. serverReference, rIDManagerReference etc)
*/
diff --git a/source4/dsdb/dns/dns_update.c b/source4/dsdb/dns/dns_update.c
index e9f9303..fbfca19 100644
--- a/source4/dsdb/dns/dns_update.c
+++ b/source4/dsdb/dns/dns_update.c
@@ -36,6 +36,8 @@
#include "param/param.h"
#include "system/filesys.h"
#include "libcli/composite/composite.h"
+#include "libcli/security/dom_sid.h"
+#include "librpc/gen_ndr/ndr_irpc.h"
struct dnsupdate_service {
struct task_server *task;
@@ -347,6 +349,200 @@ static NTSTATUS dnsupdate_nameupdate_schedule(struct dnsupdate_service *service)
return NT_STATUS_OK;
}
+
+struct dnsupdate_RODC_state {
+ struct irpc_message *msg;
+ struct dnsupdate_RODC *r;
+ char *tmp_path;
+ int fd;
+};
+
+static int dnsupdate_RODC_destructor(struct dnsupdate_RODC_state *st)
+{
+ if (st->fd != -1) {
+ close(st->fd);
+ }
+ unlink(st->tmp_path);
+ return 0;
+}
+
+/*
+ called when the DNS update has completed
+ */
+static void dnsupdate_RODC_callback(struct tevent_req *req)
+{
+ struct dnsupdate_RODC_state *st =
+ tevent_req_callback_data(req,
+ struct dnsupdate_RODC_state);
+ int sys_errno;
+ int i, ret;
+
+ ret = samba_runcmd_recv(req, &sys_errno);
+ talloc_free(req);
+ if (ret != 0) {
+ st->r->out.result = map_nt_error_from_unix(sys_errno);
+ DEBUG(2,(__location__ ": RODC DNS Update failed: %s\n", nt_errstr(st->r->out.result)));
+ } else {
+ st->r->out.result = NT_STATUS_OK;
+ DEBUG(3,(__location__ ": RODC DNS Update OK\n"));
+ }
+
+ for (i=0; i<st->r->in.dns_names->count; i++) {
+ st->r->out.dns_names->names[i].status = NT_STATUS_V(st->r->out.result);
+ }
+
+ irpc_send_reply(st->msg, NT_STATUS_OK);
+}
+
+
+/**
+ * Called when we get a RODC DNS update request from the netlogon
+ * rpc server
+ */
+static NTSTATUS dnsupdate_dnsupdate_RODC(struct irpc_message *msg,
+ struct dnsupdate_RODC *r)
+{
+ struct dnsupdate_service *s = talloc_get_type(msg->private_data,
+ struct dnsupdate_service);
+ const char * const *dns_update_command = lpcfg_dns_update_command(s->task->lp_ctx);
+ struct dnsupdate_RODC_state *st;
+ struct tevent_req *req;
+ int i, ret;
+ struct GUID ntds_guid;
+ const char *site, *dnsdomain, *dnsforest, *ntdsguid, *hostname;
+ struct ldb_dn *sid_dn;
+ const char *attrs[] = { "dNSHostName", NULL };
+ struct ldb_result *res;
+
+ st = talloc_zero(msg, struct dnsupdate_RODC_state);
+ if (!st) {
+ r->out.result = NT_STATUS_NO_MEMORY;
+ return NT_STATUS_OK;
+ }
+
+ st->r = r;
+ st->msg = msg;
+
+ st->tmp_path = smbd_tmp_path(st, s->task->lp_ctx, "rodcdns.XXXXXX");
+ if (!st->tmp_path) {
+ talloc_free(st);
+ r->out.result = NT_STATUS_NO_MEMORY;
+ return NT_STATUS_OK;
+ }
+
+ st->fd = mkstemp(st->tmp_path);
+ if (st->fd == -1) {
+ DEBUG(0,("Unable to create a temporary file for RODC dnsupdate\n"));
+ talloc_free(st);
+ r->out.result = NT_STATUS_INTERNAL_DB_CORRUPTION;
+ return NT_STATUS_OK;
+ }
+
+ talloc_set_destructor(st, dnsupdate_RODC_destructor);
+
+ sid_dn = ldb_dn_new_fmt(st, s->samdb, "<SID=%s>", dom_sid_string(st, r->in.dom_sid));
+ if (!sid_dn) {
+ talloc_free(st);
+ r->out.result = NT_STATUS_NO_MEMORY;
+ return NT_STATUS_OK;
+ }
+
+ /* work out the site */
+ ret = samdb_find_site_for_computer(s->samdb, st, sid_dn, &site);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(2, (__location__ ": Unable to find site for computer %s\n",
+ ldb_dn_get_linearized(sid_dn)));
+ talloc_free(st);
+ r->out.result = NT_STATUS_NO_SUCH_USER;
+ return NT_STATUS_OK;
+ }
+
+ /* work out the ntdsguid */
+ ret = samdb_find_ntdsguid_for_computer(s->samdb, sid_dn, &ntds_guid);
+ ntdsguid = GUID_string(st, &ntds_guid);
+ if (ret != LDB_SUCCESS || !ntdsguid) {
+ DEBUG(2, (__location__ ": Unable to find NTDS GUID for computer %s\n",
+ ldb_dn_get_linearized(sid_dn)));
+ talloc_free(st);
+ r->out.result = NT_STATUS_NO_SUCH_USER;
+ return NT_STATUS_OK;
+ }
+
+
+ /* find dnsdomain and dnsforest */
+ dnsdomain = lpcfg_realm(s->task->lp_ctx);
+ dnsforest = dnsdomain;
+
+ /* find the hostname */
+ ret = dsdb_search_dn(s->samdb, st, &res, sid_dn, attrs, 0);
+ if (ret == LDB_SUCCESS) {
+ hostname = ldb_msg_find_attr_as_string(res->msgs[0], "dNSHostName", NULL);
+ }
+ if (ret != LDB_SUCCESS || !hostname) {
+ DEBUG(2, (__location__ ": Unable to find NTDS GUID for computer %s\n",
+ ldb_dn_get_linearized(sid_dn)));
+ talloc_free(st);
+ r->out.result = NT_STATUS_NO_SUCH_USER;
+ return NT_STATUS_OK;
+ }
+
+
+ for (i=0; i<st->r->in.dns_names->count; i++) {
+ struct NL_DNS_NAME_INFO *n = &r->in.dns_names->names[i];
+ switch (n->type) {
+ case NlDnsLdapAtSite:
+ dprintf(st->fd, "SRV _ldap._tcp.%s._sites.%s. %s %u\n",
+ site, dnsdomain, hostname, n->port);
+ break;
+ case NlDnsGcAtSite:
+ dprintf(st->fd, "SRV _ldap._tcp.%s._sites.gc._msdcs.%s. %s %u\n",
+ site, dnsdomain, hostname, n->port);
+ break;
+ case NlDnsDsaCname:
+ dprintf(st->fd, "CNAME %s._msdcs.%s. %s\n",
+ ntdsguid, dnsforest, hostname);
+ break;
+ case NlDnsKdcAtSite:
+ dprintf(st->fd, "SRV _kerberos._tcp.%s._sites.dc._msdcs.%s. %s %u\n",
+ site, dnsdomain, hostname, n->port);
+ break;
+ case NlDnsDcAtSite:
+ dprintf(st->fd, "SRV _ldap._tcp.%s._sites.dc._msdcs.%s. %s %u\n",
+ site, dnsdomain, hostname, n->port);
+ break;
+ case NlDnsRfc1510KdcAtSite:
+ dprintf(st->fd, "SRV _kerberos._tcp.%s._sites.%s. %s %u\n",
+ site, dnsdomain, hostname, n->port);
+ break;
+ case NlDnsGenericGcAtSite:
+ dprintf(st->fd, "SRV _gc._tcp.%s._sites.%s. %s %u\n",
+ site, dnsforest, hostname, n->port);
+ break;
+ }
+ }
+
+ close(st->fd);
+ st->fd = -1;
+
+ DEBUG(3,("Calling RODC DNS name update script %s\n", st->tmp_path));
+ req = samba_runcmd_send(st,
+ s->task->event_ctx,
+ timeval_current_ofs(20, 0),
+ 2, 0,
+ dns_update_command,
+ "--update-list",
+ st->tmp_path,
+ NULL);
+ NT_STATUS_HAVE_NO_MEMORY(req);
+
+ /* setup the callback */
+ tevent_req_set_callback(req, dnsupdate_RODC_callback, st);
+
+ msg->defer_reply = true;
+
+ return NT_STATUS_OK;
+}
+
/*
startup the dns update task
*/
@@ -412,6 +608,9 @@ static void dnsupdate_task_init(struct task_server *task)
irpc_add_name(task->msg_ctx, "dnsupdate");
+ IRPC_REGISTER(task->msg_ctx, irpc, DNSUPDATE_RODC,
+ dnsupdate_dnsupdate_RODC, service);
+
/* create the intial file */
dnsupdate_rebuild(service);
diff --git a/source4/dsdb/kcc/kcc_topology.c b/source4/dsdb/kcc/kcc_topology.c
index 9124fc7..eab7791 100644
--- a/source4/dsdb/kcc/kcc_topology.c
+++ b/source4/dsdb/kcc/kcc_topology.c
@@ -2782,7 +2782,7 @@ static NTSTATUS kcctpl_create_connection(struct kccsrv_service *service,
return status;
}
- status = kcctpl_get_all_bridgehead_dcs(service->samdb, tmp_ctx,
+ status = kcctpl_get_all_bridgehead_dcs(service, tmp_ctx,
r_site_guid, cross_ref,
transport, partial_replica_okay,
detect_failed_dcs,
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index e6a0aea..1dc466e 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -1214,7 +1214,6 @@ bool dsdb_block_anonymous_ops(struct ldb_module *module,
*/
void dsdb_req_chain_debug(struct ldb_request *req, int level)
{
- char *ret;
int i=0;
while (req && req->handle) {
diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h
index 0551063..6a2df1b 100644
--- a/source4/kdc/kdc.h
+++ b/source4/kdc/kdc.h
@@ -20,6 +20,9 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+#ifndef _KDC_KDC_H
+#define _KDC_KDC_H
+
#include "system/kerberos.h"
#include "auth/kerberos/kerberos.h"
#include <hdb.h>
@@ -50,3 +53,5 @@ bool kpasswdd_process(struct kdc_server *kdc,
/* from hdb-samba4.c */
NTSTATUS hdb_samba4_create_kdc(struct samba_kdc_base_context *base_ctx,
krb5_context context, struct HDB **db);
+
+#endif
diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl
index 6e2c73d..334c102 100644
--- a/source4/librpc/idl/irpc.idl
+++ b/source4/librpc/idl/irpc.idl
@@ -1,6 +1,6 @@
#include "idl_types.h"
-import "misc.idl", "security.idl", "nbt.idl";
+import "misc.idl", "security.idl", "nbt.idl", "netlogon.idl";
/*
definitions for irpc primitives
@@ -186,4 +186,14 @@ import "misc.idl", "security.idl", "nbt.idl";
void drepl_trigger_repl_secret(
[in] astring user_dn
);
+
+ /*
+ message to do RODC DNS updates via the dnsupdate task
+ */
+ NTSTATUS dnsupdate_RODC(
+ [in,unique] dom_sid *dom_sid,
+ [in,unique] [string,charset(UTF16)] uint16 *site_name,
+ [in] uint32 dns_ttl,
+ [in,out,ref] NL_DNS_NAME_INFO_ARRAY *dns_names
+ );
}
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 21dacd3..dee4dc4 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -36,6 +36,7 @@
#include "cldap_server/cldap_server.h"
#include "lib/tsocket/tsocket.h"
#include "librpc/gen_ndr/ndr_netlogon.h"
+#include "librpc/gen_ndr/ndr_irpc.h"
struct netlogon_server_pipe_state {
struct netr_Credential client_challenge;
@@ -2268,14 +2269,99 @@ static NTSTATUS dcesrv_netr_Unused47(struct dcesrv_call_state *dce_call, TALLOC_
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
+
+struct netr_dnsupdate_RODC_state {
+ struct dcesrv_call_state *dce_call;
+ struct netr_DsrUpdateReadOnlyServerDnsRecords *r;
+ struct dnsupdate_RODC *r2;
+};
+
+/*
+ called when the forwarded RODC dns update request is finished
+ */
+static void netr_dnsupdate_RODC_callback(struct tevent_req *req)
+{
+ struct netr_dnsupdate_RODC_state *st =
+ tevent_req_callback_data(req,
+ struct netr_dnsupdate_RODC_state);
+ NTSTATUS status;
+
+ status = dcerpc_binding_handle_call_recv(req);
+ talloc_free(req);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,(__location__ ": IRPC callback failed %s\n", nt_errstr(status)));
+ st->dce_call->fault_code = DCERPC_FAULT_CANT_PERFORM;
+ }
+
+ st->r->out.dns_names = talloc_steal(st->dce_call, st->r2->out.dns_names);
+
+ status = dcesrv_reply(st->dce_call);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,(__location__ ": dcesrv_reply() failed - %s\n", nt_errstr(status)));
+ }
+}
+
/*
netr_DsrUpdateReadOnlyServerDnsRecords
*/
-static NTSTATUS dcesrv_netr_DsrUpdateReadOnlyServerDnsRecords(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+static NTSTATUS dcesrv_netr_DsrUpdateReadOnlyServerDnsRecords(struct dcesrv_call_state *dce_call,
+ TALLOC_CTX *mem_ctx,
struct netr_DsrUpdateReadOnlyServerDnsRecords *r)
{
- NDR_PRINT_FUNCTION_DEBUG(netr_DsrUpdateReadOnlyServerDnsRecords, NDR_IN, r);
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ struct netlogon_creds_CredentialState *creds;
+ NTSTATUS nt_status;
+ struct dcerpc_binding_handle *binding_handle;
+ struct netr_dnsupdate_RODC_state *st;
+ struct tevent_req *req;
+
+ nt_status = dcesrv_netr_creds_server_step_check(dce_call,
+ mem_ctx,
+ r->in.computer_name,
+ r->in.credential,
+ r->out.return_authenticator,
+ &creds);
+ NT_STATUS_NOT_OK_RETURN(nt_status);
+
+ if (creds->secure_channel_type != SEC_CHAN_RODC) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ st = talloc_zero(mem_ctx, struct netr_dnsupdate_RODC_state);
+ NT_STATUS_HAVE_NO_MEMORY(st);
+
+ st->dce_call = dce_call;
+ st->r = r;
--
Samba Shared Repository
More information about the samba-cvs
mailing list