From 95c9a0272a72c029d75c3ffd1b5fad360b30f139 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 22 Oct 2008 11:14:10 +0200 Subject: [PATCH] s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f) (cherry picked from commit 7f779450cb0b0d9f36665c56c4acd0950daaeab2) --- source/libads/ldap.c | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/source/libads/ldap.c b/source/libads/ldap.c index 38f3ab9ea34..92436070713 100644 --- a/source/libads/ldap.c +++ b/source/libads/ldap.c @@ -310,11 +310,35 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) realm = c_realm; + /* + * In case of LDAP we use get_dc_name() as that + * creates the custom krb5.conf file + */ + if (!(ads->auth.flags & ADS_AUTH_NO_BIND)) { + fstring srv_name; + struct sockaddr_storage ip_out; + + DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n", + (got_realm ? "realm" : "domain"), realm)); + + if (get_dc_name(realm, realm, srv_name, &ip_out)) { + /* + * we call ads_try_connect() to fill in the + * ads->config details + */ + if (ads_try_connect(ads, srv_name, false)) { + return NT_STATUS_OK; + } + } + + return NT_STATUS_NO_LOGON_SERVERS; + } + sitename = sitename_fetch(realm); again: - DEBUG(6,("ads_find_dc: looking for %s '%s'\n", + DEBUG(6,("ads_find_dc: (cldap) looking for %s '%s'\n", (got_realm ? "realm" : "domain"), realm)); status = get_sorted_dc_list(realm, sitename, &ip_list, &count, got_realm); -- 2.11.4.GIT