[PATCH] s3:winbindd: document "winbind:ignore domains"

[David Mulder]

The "winbind:ignore domains" smb.conf option is undocumented but used frequently.

Signed-off-by: David Mulder <dmulder at suse.com>
---
 docs-xml/smbdotconf/winbind/winbindignoredomains.xml | 14 ++++++++++++++
 source3/param/loadparm.c                             |  1 +
 source3/winbindd/winbindd_util.c                     |  2 +-
 3 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 docs-xml/smbdotconf/winbind/winbindignoredomains.xml

diff --git a/docs-xml/smbdotconf/winbind/winbindignoredomains.xml b/docs-xml/smbdotconf/winbind/winbindignoredomains.xml
new file mode 100644
index 0000000..401b6b4
--- /dev/null
+++ b/docs-xml/smbdotconf/winbind/winbindignoredomains.xml
@@ -0,0 +1,14 @@
+<samba:parameter name="winbind ignore domains"
+                 context="G"
+                 type="cmdlist"
+                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+	<para>Allows to enter a list of trusted domains winbind should
+	ignore (untrust). This can avoid the overhead of resources from
+	attempting to login to DCs that should not be communicated with.
+	</para>
+
+</description>
+<value type="default"></value>
+<value type="example">DOMAIN1, DOMAIN2</value>
+</samba:parameter>
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index ac9ba49..92638c3 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -813,6 +813,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 	Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
 	Globals.winbind_refresh_tickets = false;
 	Globals.winbind_offline_logon = false;
+	Globals.winbind_ignore_domains = NULL;
 
 	Globals.idmap_cache_time = 86400 * 7; /* a week by default */
 	Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index ffcb09d..e4de358 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -156,7 +156,7 @@ add_trusted_domain_from_tdc(const struct winbindd_tdc_domain *tdc)
 		sid = NULL;
 	}
 
-	ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL);
+	ignored_domains = lp_winbind_ignore_domains();
 	for (dom=ignored_domains; dom && *dom; dom++) {
 		if (gen_fnmatch(*dom, domain_name) == 0) {
 			DEBUG(2,("Ignoring domain '%s'\n", domain_name));
-- 
2.10.2