From: Stefan Metzmacher Date: Wed, 22 Oct 2008 09:14:10 +0000 (+0200) Subject: s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case X-Git-Tag: samba-4.0.0alpha6~479^2~3^2~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7f779450cb0b0d9f36665c56c4acd0950daaeab2;p=thirdparty%2Fsamba.git s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f) --- diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 932e42e0766..31feea50c73 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -310,11 +310,35 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) realm = c_realm; + /* + * In case of LDAP we use get_dc_name() as that + * creates the custom krb5.conf file + */ + if (!(ads->auth.flags & ADS_AUTH_NO_BIND)) { + fstring srv_name; + struct sockaddr_storage ip_out; + + DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n", + (got_realm ? "realm" : "domain"), realm)); + + if (get_dc_name(realm, realm, srv_name, &ip_out)) { + /* + * we call ads_try_connect() to fill in the + * ads->config details + */ + if (ads_try_connect(ads, srv_name, false)) { + return NT_STATUS_OK; + } + } + + return NT_STATUS_NO_LOGON_SERVERS; + } + sitename = sitename_fetch(realm); again: - DEBUG(6,("ads_find_dc: looking for %s '%s'\n", + DEBUG(6,("ads_find_dc: (cldap) looking for %s '%s'\n", (got_realm ? "realm" : "domain"), realm)); status = get_sorted_dc_list(realm, sitename, &ip_list, &count, got_realm);