s3:winbindd: let winbind_samlogon_retry_loop() always start with authoritative = 1

Otherwise we could treat a local problem as non-authoritative.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 0cb6de4b1d5410f3699172952be81c6eb75c2c86)

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 9805d90fef0330e6b2c3fb7dc892d880e26255e9..d870188767e703a45958eba1b09b69c30e297f75 100644 (file)
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1649,6 +1649,15 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
                struct rpc_pipe_client *netlogon_pipe;
                struct netlogon_creds_cli_context *netlogon_creds_ctx = NULL;
 
+               /*
+                * We should always reset authoritative to 1
+                * before calling a server again.
+                *
+                * Otherwise we could treat a local problem as
+                * non-authoritative.
+                */
+               *authoritative = 1;
+
                retry = false;
 
                result = cm_connect_netlogon_secure(domain, &netlogon_pipe,