The check for inbound trusts is invalid when samba is a DC
and has a trust with an active directory domain.
This effectively prevented tusts with an AD domain on a
samba DC from working (unless using "winbindd rpc only"),
because an ads_connect() was never performed. Only the
rpc-based winbindd methods were working properly.
Jerry: Please check!
Michael
(This used to be commit
dcd42a1e0642c69348adfaeecef7f7f2f074ac30)
if ( domain->domain_flags & DS_DOMAIN_IN_FOREST )
return True;
- /* We cannot contact the domain if it is running AD and
- we have no inbound trust */
+ /*
+ * On a _member_ server, we cannot contact the domain if it
+ * is running AD and we have no inbound trust.
+ */
- if ( domain->active_directory &&
+ if ( !IS_DC &&
+ domain->active_directory &&
((domain->domain_flags&DS_DOMAIN_DIRECT_INBOUND) != DS_DOMAIN_DIRECT_INBOUND) )
{
DEBUG(10, ("Domain is an AD domain and we have no inbound "