--- /dev/null
+<samba:parameter name="lsa over netlogon"
+ context="G"
+ type="boolean"
+ deprecated="1"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>Setting this deprecated option will allow the RPC server
+ in the AD DC to answer the LSARPC interface on the
+ <command>\pipe\netlogon</command> IPC pipe.</para>
+
+ <para>When enabled, this matches the behaviour of Microsoft's
+ Windows, due to their internal implementation choices.</para>
+
+ <para>If it is disabled (the default), the AD DC can offer
+ improved performance, as the netlogon server is decoupled and
+ can run as multiple processes.</para>
+
+</description>
+
+<value type="default">no</value>
+</samba:parameter>
.name = \"$name\",
/* fill in all the operations */
+#ifdef DCESRV_INTERFACE_$uname\_INIT_SERVER
+ .init_server = DCESRV_INTERFACE_$uname\_INIT_SERVER,
+#else
.init_server = $name\__op_init_server,
-
+#endif
.interface_by_uuid = $name\__op_interface_by_uuid,
.interface_by_name = $name\__op_interface_by_name
};
return dcesrv_interface_bind_reject_connect(dce_call, iface);
}
+static NTSTATUS lsarpc__op_init_server(struct dcesrv_context *dce_ctx,
+ const struct dcesrv_endpoint_server *ep_server);
+static const struct dcesrv_interface dcesrv_lsarpc_interface;
+
+#define DCESRV_INTERFACE_LSARPC_INIT_SERVER \
+ dcesrv_interface_lsarpc_init_server
+static NTSTATUS dcesrv_interface_lsarpc_init_server(struct dcesrv_context *dce_ctx,
+ const struct dcesrv_endpoint_server *ep_server)
+{
+ if (lpcfg_lsa_over_netlogon(dce_ctx->lp_ctx)) {
+ NTSTATUS ret = dcesrv_interface_register(dce_ctx,
+ "ncacn_np:[\\pipe\\netlogon]",
+ &dcesrv_lsarpc_interface, NULL);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(1,("lsarpc_op_init_server: failed to register endpoint '\\pipe\\netlogon'\n"));
+ return ret;
+ }
+ }
+ return lsarpc__op_init_server(dce_ctx, ep_server);
+}
+
/*
this type allows us to distinguish handle types
*/