smbpasswd not handling password server = * correctly

Romeril, Alan a.romeril at
Wed Feb 20 18:10:07 GMT 2002

Hello Everyone,
	We ran into a tricky problem earlier on today with attempting to join a
domain with password server = * set.
It seems that fetch_domain_sid in libsmb/cli_lsarpc.c does not expand
the wildcard * passed to it as remote_machine into the server list.
This ends up with name lookups for *#20 getting sent across the wire. 
This caused a bit of a problem as only the Samba boxes on the subnet
respond to that, and the fastest responder of those gave the wrong
answer.  So machines attempted to join a non-existent domain (the
netbios name of the fastest responder) and failed.
	This is very different behaviour to say the late 2.0.x smbpasswd that
correctly hunts for domain controllers, could one of the team take a
look at this bug?


I just knocked up a quick change to smbpasswd as a test (and to get us
out of the hole) and this joins the domain quite happily but of course
is not the solution that is really needed.
(Excuse any mangling that Netscape does on this...)

--- smbpasswd.c Thu Feb 21 01:32:16 2002
+++ smbpasswd.c Thu Feb 21 01:31:34 2002
@@ -386,7 +386,8 @@
        unsigned char orig_trust_passwd_hash[16];
        DOM_SID domain_sid;
        BOOL ret;
+       struct in_addr *ip;
        pstrcpy(remote_machine, remote ? remote : "");
        fstrcpy(trust_passwd, global_myname);
@@ -423,6 +424,12 @@
                fprintf(stderr, "No password server list given in
smb.conf - \
 unable to join domain.\n");
                return 1;
+       }
+       if(*remote_machine == '*') {
+       DEBUG(10, ("Wildcard password server given.  Finding PDC\n"));
+       ret = resolve_name(lp_workgroup(), ip, 0x1B); 
+       lookup_dc_name(global_myname, lp_workgroup(), ip,
        if (!fetch_domain_sid( domain, remote_machine, &domain_sid) ||

More information about the samba-technical mailing list