return status;
}
+static enum lsa_LookupNamesLevel winbindd_lookup_level(
+ struct winbindd_domain *domain)
+{
+ enum lsa_LookupNamesLevel level = LSA_LOOKUP_NAMES_ALL;
+
+ if (domain->secure_channel_type == SEC_CHAN_DNS_DOMAIN) {
+ /* TODO: is there more logic required? */
+ level = LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2;
+ } else if (domain->secure_channel_type == SEC_CHAN_DOMAIN) {
+ /* TODO: is this correct? */
+ level = LSA_LOOKUP_NAMES_DOMAINS_ONLY;
+ } else if (domain->rodc) {
+ level = LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC;
+ }
+
+ return level;
+}
+
NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx,
struct winbindd_domain *domain,
uint32_t num_sids,
use_lookupsids3 = true;
}
+ level = winbindd_lookup_level(domain);
+
/*
* This call can take a long time
* allow the server to time out.
unsigned int orig_timeout = 0;
bool use_lookupnames4 = false;
bool retried = false;
+ enum lsa_LookupNamesLevel level = LSA_LOOKUP_NAMES_ALL;
connect:
status = cm_connect_lsat(domain, mem_ctx, &cli, &lsa_policy);
use_lookupnames4 = true;
}
+ level = winbindd_lookup_level(domain);
+
/*
* This call can take a long time
* allow the server to time out.
num_names,
(const char **) names,
domains,
- 1,
+ level,
sids,
types,
use_lookupnames4,