struct idmap_ad_context *ctx = NULL;
NTSTATUS status;
+ if (IS_AD_DC) {
+ /*
+ * Make sure we never try to use LDAP against
+ * a trusted domain as AD_DC.
+ *
+ * This shouldn't be called currently,
+ * but you never know what happens in future.
+ */
+ return NT_STATUS_REQUEST_NOT_ACCEPTED;
+ }
+
if (dom->private_data != NULL) {
*pctx = talloc_get_type_abort(dom->private_data,
struct idmap_ad_context);
struct winbindd_domain *wb_dom;
ADS_STATUS status;
+ if (IS_AD_DC) {
+ /*
+ * Make sure we never try to use LDAP against
+ * a trusted domain as AD DC.
+ */
+ return ADS_ERROR_NT(NT_STATUS_REQUEST_NOT_ACCEPTED);
+ }
+
ads_cached_connection_reuse(adsp);
if (*adsp != NULL) {
return ADS_SUCCESS;
ADS_STATUS status;
char *password, *realm;
+ if (IS_AD_DC) {
+ /*
+ * Make sure we never try to use LDAP against
+ * a trusted domain as AD DC.
+ */
+ return NULL;
+ }
+
DEBUG(10,("ads_cached_connection\n"));
ads_cached_connection_reuse((ADS_STRUCT **)&domain->private_data);
return NT_STATUS_OK;
}
+ if (IS_AD_DC) {
+ DEBUG(10,("sequence: Avoid LDAP connection for domain %s\n",
+ domain->name));
+ *seq = time(NULL);
+ return NT_STATUS_OK;
+ }
+
*seq = DOM_SEQUENCE_NONE;
ads = ads_cached_connection(domain);