mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
Fix "net rpc trustdom establish" for win2k8 trusts.
When establishing trusts to a windows 2008 dc, the NetServerEnum2 RAP call fails
with some exotic RAP failure. Let's just try a netlogon getdcname call in
that case to convince ourselve we're talking to a proper machine.
Rafael, looks ok?
Guenther
(This used to be commit b12edbeffe
)
This commit is contained in:
parent
da7863c4c9
commit
832adaa5ab
@ -5841,7 +5841,49 @@ static int rpc_trustdom_del(int argc, const char **argv)
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static NTSTATUS rpc_trustdom_get_pdc(struct cli_state *cli,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *domain_name)
|
||||
{
|
||||
char *dc_name = NULL;
|
||||
const char *buffer = NULL;
|
||||
struct rpc_pipe_client *netr;
|
||||
NTSTATUS status;
|
||||
|
||||
/* Use NetServerEnum2 */
|
||||
|
||||
if (cli_get_pdc_name(cli, domain_name, &dc_name)) {
|
||||
SAFE_FREE(dc_name);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
DEBUG(1,("NetServerEnum2 error: Couldn't find primary domain controller\
|
||||
for domain %s\n", domain_name));
|
||||
|
||||
/* Try netr_GetDcName */
|
||||
|
||||
netr = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, &status);
|
||||
if (!netr) {
|
||||
return status;
|
||||
}
|
||||
|
||||
status = rpccli_netr_GetDcName(netr, mem_ctx,
|
||||
cli->desthost,
|
||||
domain_name,
|
||||
&buffer,
|
||||
NULL);
|
||||
cli_rpc_pipe_close(netr);
|
||||
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
|
||||
DEBUG(1,("netr_GetDcName error: Couldn't find primary domain controller\
|
||||
for domain %s\n", domain_name));
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
/**
|
||||
* Establish trust relationship to a trusting domain.
|
||||
@ -5866,7 +5908,6 @@ static int rpc_trustdom_establish(int argc, const char **argv)
|
||||
char* domain_name;
|
||||
char* acct_name;
|
||||
fstring pdc_name;
|
||||
char *dc_name;
|
||||
union lsa_PolicyInformation *info = NULL;
|
||||
|
||||
/*
|
||||
@ -5927,18 +5968,6 @@ static int rpc_trustdom_establish(int argc, const char **argv)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Use NetServerEnum2 to make sure we're talking to a proper server
|
||||
*/
|
||||
|
||||
if (!cli_get_pdc_name(cli, domain_name, &dc_name)) {
|
||||
DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
|
||||
for domain %s\n", domain_name));
|
||||
cli_shutdown(cli);
|
||||
return -1;
|
||||
}
|
||||
SAFE_FREE(dc_name);
|
||||
|
||||
if (!(mem_ctx = talloc_init("establishing trust relationship to "
|
||||
"domain %s", domain_name))) {
|
||||
DEBUG(0, ("talloc_init() failed\n"));
|
||||
@ -5946,6 +5975,15 @@ static int rpc_trustdom_establish(int argc, const char **argv)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Make sure we're talking to a proper server */
|
||||
|
||||
nt_status = rpc_trustdom_get_pdc(cli, mem_ctx, domain_name);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
cli_shutdown(cli);
|
||||
talloc_destroy(mem_ctx);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Call LsaOpenPolicy and LsaQueryInfo
|
||||
*/
|
||||
|
Loading…
Reference in New Issue
Block a user