[PATCH] Allow GetDCNameEx to be called for arbitrary sites and trusted domains

Garming Sam garming at catalyst.net.nz
Thu Apr 5 21:40:28 UTC 2018

On 05/04/18 18:23, Volker Lendecke wrote:
> On Thu, Apr 05, 2018 at 11:29:41AM +1200, Garming Sam via samba-technical wrote:
>> source3/libsmb/clidgram.c: nbt_getdc_send
>>         state->nmbd_pid = pidfile_pid(lp_pid_directory(), "nmbd");
>>         if (state->nmbd_pid == 0) {
>>                 DEBUG(3, ("No nmbd found\n"));
>>                 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
>>                 return tevent_req_post(req, ev);
>>         }
>> So it seems that it relies on nmbd running in order to make any further
>> identification. This seems to be the expected code path, so selftest
>> must have some additional records or some other method that circumvents
>> this. I'm also not confident about the site-awareness of the above calls
>> that are being triggered. It is possible that someone actually has to do
>> the NETBIOS name to DNS name conversion at some layer to get this right.
>> The goal for me was to mostly just plumb the call and ensure the single
>> domain case works as expected.
> Well, this code path could go away very, pending review and
> discussion. See my patchset with the unexpected pipe in
> source4/nbt_server. Can you take a look there?
> Thanks, Volker

I will try my patchset on top and see if that's enough to return the
right answer. I suspect the site might still be wrong, but at least that
should be one less issue.



More information about the samba-technical mailing list