r10852: Continuation-based programming can become a bit spaghetti...

Initialize a domain structure properly. Excerpt from wb_init_domain.c:

/*
 * Initialize a domain:
 *
 * - With schannel credentials, try to open the SMB connection with the machine
 *   creds. Fall back to anonymous.
 *
 * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
 *   pipe.
 *
 * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
 *   to schannel and then to anon bind.
 *
 * - With queryinfopolicy, verify that we're talking to the right domain
 *
 * A bit complex, but with all the combinations I think it's the best we can
 * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
 * have a signed&sealed lsa connection on all of them.
 *
 * Is this overkill? In particular the authenticated SMB connection seems a
 * bit overkill, given that we do schannel for netlogon and ntlmssp for
 * lsa later on w2k3, the others don't do this anyway.
 */

Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.

Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.

Volker

source/winbind/wb_server.h

@@ -36,16 +36,28 @@ struct wbsrv_service {
 	struct wbsrv_domain *domains;
 };
 
+struct wbsrv_samconn {
+	struct wbsrv_domain *domain;
+	void *private_data;
+
+	struct composite_context (*seqnum_send)(struct wbsrv_samconn *);
+	NTSTATUS (*seqnum_recv)(struct composite_context *, uint64_t *);
+};
+
 struct wbsrv_domain {
 	struct wbsrv_domain *next, *prev;
 
+	BOOL initialized;
+
 	const char *name;
 	const struct dom_sid *sid;
 
 	struct dcerpc_pipe *lsa_pipe;
+	struct policy_handle *lsa_policy;
+
 	struct dcerpc_pipe *netlogon_auth2_pipe;
-	struct cli_credentials *schannel_creds;
 	struct dcerpc_pipe *netlogon_pipe;
+	struct cli_credentials *schannel_creds;
 };
 
 /*