cm_prepare_connection() & SMBSERVER Netbios query

Tue Dec 21 11:53:46 MST 2010

On Tue, Dec 14, 2010 at 07:37:51AM +0000, Dina_Fine at Dell.com wrote:
> 
> Hi Volker,
> 
> > > Sure, sounds perfectly reasonable. The simplest way would be to just
> > > skip 139 if winbind knows that a domain is AD. 
> 
> What do you mean if winbind knows that a domain is AD - what else can it be?
> Why winbind needs 139 at all? Is it used for some real netbios purpose? Can it try to open only port 445?
> 
> I ask those questions because we also have a product with samba 3.0.37 and I want to make a very small change there. Your patch is relevant to 3.5.x which I will test later on our other product branch.

Ok, until Volker finishes his patch (which I agree is the "right"
way to do this) - the simplest fix would seem to be only use port
445 when talking to a domain supporting AD.

Volker, what do you think of the following patch for 3.5.7 (and
I'll add it to 3.6.0 until you finish your patch) ?

It's pretty simple and will work around the issue with Win2k8.

Jeremy.
-------------- next part --------------

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index f466a94..ebc8c9c 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1373,6 +1373,12 @@ static bool find_new_dc(TALLOC_CTX *mem_ctx,
 			return False;
 		}
 
+		if (domain->active_directory) {
+			/* Only use port 445 for AD domains. */
+			continue;
+		}
+
+		/* If not AD, add port 139 as well. */
 		if (!add_string_to_array(mem_ctx, dcs[i].name,
 				    &dcnames, &num_dcnames)) {
 			return False;
