winbindd: explain that this check protects the AD DC machine account password (for...

author Andrew Bartlett <abartlet@samba.org>

Sun, 18 May 2014 23:08:00 +0000 (11:08 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Wed, 4 Jun 2014 01:22:26 +0000 (03:22 +0200)
author Andrew Bartlett <abartlet@samba.org>
Sun, 18 May 2014 23:08:00 +0000 (11:08 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Wed, 4 Jun 2014 01:22:26 +0000 (03:22 +0200)
diff --git a/source3/winbindd/winbindd_change_machine_acct.c b/source3/winbindd/winbindd_change_machine_acct.c

index a5514e22ebca5336129208eb327a83ddd66c6b6f..f335e345e54d45630f057a9c83be82e818f00d78 100644 (file)
--- a/source3/winbindd/winbindd_change_machine_acct.c
+++ b/source3/winbindd/winbindd_change_machine_acct.c
@@ -52,6 +52,10 @@ struct tevent_req *winbindd_change_machine_acct_send(TALLOC_CTX *mem_ctx,
                 /*
                  * Internal domains are passdb based, we can always
                  * contact them.
+                *
+                * This also protects us from changing the password on
+                * the AD DC without updating all the right databases.
+                * Do not remove this until that code is fixed.
                  */
                 tevent_req_done(req);
                 return tevent_req_post(req, ev);
author	Andrew Bartlett <abartlet@samba.org>
	Sun, 18 May 2014 23:08:00 +0000 (11:08 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 4 Jun 2014 01:22:26 +0000 (03:22 +0200)