dsdb/netlogon: Indicate DC functional level support in samlogon response

The DS_SERVER_DS_8 flag is necessary for Windows to detect FAST support.

Note for know we only ever have DS_DOMAIN_FUNCTION_2008_R2 (4) in the
msDS-Behavior-Version attribute of our own NTDSA object. So
for now this is only for manual testing. In future we most likely
want to extend 'samba-tool domain level' to raise the dc level
manually or let 'samba' autoupgrade the value.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/netlogon.c b/source4/dsdb/samdb/ldb_modules/netlogon.c
index 332f9c0b409acc9deaf930f66367055bacdc4830..4864ae4740e012a96598c7f77bb7d6e4879c3ac8 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/netlogon.c
+++ b/source4/dsdb/samdb/ldb_modules/netlogon.c
@@ -297,6 +297,18 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
                }
        }
 
+       if (dc_level >= DS_DOMAIN_FUNCTION_2012) {
+               server_type |= DS_SERVER_DS_8;
+       }
+
+       if (dc_level >= DS_DOMAIN_FUNCTION_2012_R2) {
+               server_type |= DS_SERVER_DS_9;
+       }
+
+       if (dc_level >= DS_DOMAIN_FUNCTION_2016) {
+               server_type |= DS_SERVER_DS_10;
+       }
+
        if (version & (NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_5EX_WITH_IP)) {
                pdc_name = lpcfg_netbios_name(lp_ctx);
        } else {