r22719: Missed change for one-way trust support. Ignore password policy

settings from one trusted domain with no incoming trust path.

Guenther, I think this is ok as we only need the pw policy
to give feedback on upcoming expiration times.
(This used to be commit c79ae57388d087496777129d6936cd51aab38d5b)

diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 66ac61e5c9db96a54290681830b819a09f45d82b..6eb587f0ee4785e4c298a53ec0c9592a8c42f7f8 100644 (file)
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -1534,11 +1534,15 @@ process_result:
 
                result = fillup_password_policy(domain, state);
 
-               if (!NT_STATUS_IS_OK(result)) {
+               if (!NT_STATUS_IS_OK(result) 
+                   && !NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED) ) 
+               {
                        DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
                        goto done;
                }
 
+               result = NT_STATUS_OK;          
+
                if (state->request.flags & WBFLAG_PAM_UNIX_NAME) {
                        /* We've been asked to return the unix username, per 
                           'winbind use default domain' settings and the like */