s3:winbindd: make use of winbindd_get_trust_credentials() in _winbind_LogonControl_TC...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index bbdaf6e58078ad959fb29a35c5936868c619d4f2..0c7e9dd54916a17f6b8c057deec33a964fe3167b 100644 (file)
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -1384,15 +1384,6 @@ static WERROR _winbind_LogonControl_TC_VERIFY(struct pipes_struct *p,
                goto check_return;
        }
 
-       status = pdb_get_trust_credentials(domain->name,
-                                          domain->alt_name,
-                                          frame,
-                                          &creds);
-       if (NT_STATUS_IS_OK(status)) {
-               cur_nt_hash = cli_credentials_get_nt_hash(creds, frame);
-               TALLOC_FREE(creds);
-       }
-
        if (!domain->primary) {
                union lsa_TrustedDomainInfo *tdi = NULL;
 
@@ -1489,6 +1480,15 @@ reconnect:
        check_result = WERR_OK;
        b = netlogon_pipe->binding_handle;
 
+       status = winbindd_get_trust_credentials(domain,
+                                               frame,
+                                               true, /* netlogon */
+                                               false, /* ipc_fallback */
+                                               &creds);
+       if (NT_STATUS_IS_OK(status)) {
+               cur_nt_hash = cli_credentials_get_nt_hash(creds, frame);
+               TALLOC_FREE(creds);
+       }
        if (cur_nt_hash == NULL) {
                verify_result = WERR_NO_TRUST_LSA_SECRET;
                goto verify_return;