return;
}
+ winbindd_set_locator_kdc_envs(domain);
+
/* If we are waiting to get a krb5 ticket, trigger immediately. */
GetTimeOfDay(&now);
set_event_dispatch_time(winbind_event_context(),
add_failed_connection_entry(domain->alt_name, server, result);
saf_delete(domain->alt_name);
}
+ winbindd_unset_locator_kdc_env(domain);
}
/* Choose between anonymous or authenticated connections. We need to use
"[%s]\n", controller, global_myname(),
machine_krb5_principal));
+ winbindd_set_locator_kdc_envs(domain);
+
ads_status = cli_session_setup_spnego(*cli,
machine_krb5_principal,
machine_password,
saf_store( domain->alt_name, (*cli)->desthost );
}
+ winbindd_set_locator_kdc_envs(domain);
+
if (!cli_send_tconX(*cli, "IPC$", "IPC", "", 0)) {
result = cli_nt_error(*cli);
DEBUG(10,("dcip_to_name: flags = 0x%x\n", (unsigned int)ads->config.flags));
- if (domain->primary && (ads->config.flags & ADS_KDC) && ads_closest_dc(ads)) {
- char *sitename = sitename_fetch(ads->config.realm);
+ if (domain->primary && (ads->config.flags & ADS_KDC)) {
+ if (ads_closest_dc(ads)) {
+ char *sitename = sitename_fetch(ads->config.realm);
+
+ /* We're going to use this KDC for this realm/domain.
+ If we are using sites, then force the krb5 libs
+ to use this KDC. */
+
+ create_local_private_krb5_conf_for_domain(domain->alt_name,
+ domain->name,
+ sitename,
+ ip);
+
+ SAFE_FREE(sitename);
+ } else {
+ /* use an off site KDC */
+ create_local_private_krb5_conf_for_domain(domain->alt_name,
+ domain->name,
+ NULL,
+ ip);
+ }
+ winbindd_set_locator_kdc_envs(domain);
- /* We're going to use this KDC for this realm/domain.
- If we are using sites, then force the krb5 libs
- to use this KDC. */
-
- create_local_private_krb5_conf_for_domain(domain->alt_name,
- domain->name,
- sitename,
- ip);
-
- SAFE_FREE(sitename);
/* Ensure we contact this DC also. */
saf_store( domain->name, name);
saf_store( domain->alt_name, name);
}
if (NT_STATUS_IS_OK(result)) {
+
+ winbindd_set_locator_kdc_envs(domain);
+
if (domain->online == False) {
/* We're changing state from offline to online. */
set_global_winbindd_state_online();
DEBUG(5, ("set_dc_type_and_flags_connect: rpccli_ds_getprimarydominfo "
"on domain %s failed: (%s)\n",
domain->name, nt_errstr(result)));
+
+ /* older samba3 DCs will return DCERPC_FAULT_OP_RNG_ERROR for
+ * every opcode on the LSARPC_DS pipe, continue with
+ * no_lsarpc_ds mode here as well to get domain->initialized
+ * set - gd */
+
+ if (NT_STATUS_V(result) == DCERPC_FAULT_OP_RNG_ERROR) {
+ goto no_lsarpc_ds;
+ }
+
return;
}