s3-rpc_server: Do not register embedded ncacn_np endpoints by default

The end point mapper is primarily in support of lsasd, and the key
SAMR, LSA and NETLOGON services being accessed over TCP/IP.  The end
point mapper does not appear to be used for the well-known mappings to
named pipes, and we have a problem with how to safely register the
embedded pipes.  For now, disable this to avoid re-registration storms
in production, until we sort out a better way.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar  7 14:27:38 CET 2012 on sn-devel-104

selftest/target/Samba3.pm

@@ -194,6 +194,7 @@ sub setup_s3dc($$)
 	rpc_server:lsarpc = external
 	rpc_server:samr = external
 	rpc_server:netlogon = external
+	rpc_server:register_embedded_np = yes
 
 	rpc_daemon:epmd = fork
 	rpc_daemon:spoolssd = fork

source3/rpc_server/rpc_service_setup.c

@@ -63,7 +63,14 @@ static bool rpc_setup_embedded(struct tevent_context *ev_ctx,
 	enum rpc_service_mode_e epm_mode = rpc_epmapper_mode();
 	NTSTATUS status;
 
-	if (epm_mode != RPC_SERVICE_MODE_DISABLED) {
+	/* Registration of ncacn_np services is problematic.  The
+	 * ev_ctx passed in here is passed down to all children of the
+	 * smbd process, and if the end point mapper ever goes away,
+	 * they will all attempt to re-register.  But we want to test
+	 * the code for now, so it is enabled in on environment in
+	 * make test */
+	if (epm_mode != RPC_SERVICE_MODE_DISABLED && 
+	    (lp_parm_bool(-1, "rpc_server", "register_embedded_np", false))) {
 		status = dcerpc_binding_vector_new(talloc_tos(), &v);
 		if (!NT_STATUS_IS_OK(status)) {
 			return false;