problem was that the return string was declared as:
[out] astring dcname
which means "this is a non-NULL string". The server code sometimes
returned NULL however (on getdc lookup failure), which caused the NDR
marshalling code to crash. When you declare a non-pointer return value
you are promising that the value can never be NULL.
The trivial fix is to use:
[out] astring *dcname
which leaves the API alone, but includes a pointer in the wire format,
which in turn means it is valid to send a NULL string as a response.
(This used to be commit
e39bac61960f6ce8957f148a482e39499a8e9096)
[in] astring my_accountname,
[in] uint32 account_control,
[in,ref] dom_sid *domain_sid,
- [out] astring dcname
+ [out] astring *dcname
);
/******************************************************