[PATCH] winbind: Fall back to msrpc for trusted_domains call
Christof Schmitt
cs at samba.org
Fri Oct 7 23:02:12 UTC 2016
From 7326d74677fde1903d5de489eeed3ecd1254daca Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Fri, 7 Oct 2016 15:39:00 -0700
Subject: [PATCH] winbind: Fall back to msrpc for trusted_domains call
The netlogon authentication requires a trust account that is not
available for domain members in another domain. Use the msrpc method
instead in this case.
Signed-off-by: Christof Schmitt <cs at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12368
---
source3/winbindd/winbindd_ads.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index dc92a4a..0ad4056 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -1556,6 +1556,16 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain,
DEBUG(3,("ads: trusted_domains\n"));
+ if (!IS_DC && !domain->primary) {
+ /*
+ * The netlogon authentication below requires a trust
+ * account that is not available to domain members,
+ * fall back to the RPC methods call.
+ */
+ return msrpc_methods.trusted_domains(domain, mem_ctx, trusts);
+ }
+
+
ZERO_STRUCTP(trusts);
/* If this is our primary domain or a root in our forest,
--
1.8.3.1
More information about the samba-technical
mailing list