From: Stefan Metzmacher Date: Wed, 25 Sep 2024 17:04:41 +0000 (+0200) Subject: s3:winbindd: it's 2024 and all AD domains should be native now X-Git-Tag: tdb-1.4.13~1030 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=749c515bab5e9c3dd1c615bdeb28c8ef5afd6aca;p=thirdparty%2Fsamba.git s3:winbindd: it's 2024 and all AD domains should be native now No need to use dssetup_DsRoleGetPrimaryDomainInformation that only adds latency... Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider --- diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h index 53430a694bb..24139b46ce9 100644 --- a/source3/winbindd/winbindd.h +++ b/source3/winbindd/winbindd.h @@ -130,7 +130,6 @@ struct winbindd_domain { uint32_t domain_trust_attribs; /* Trust attribs from netlogon.h */ struct winbindd_domain *routing_domain; bool initialized; /* Did we already ask for the domain mode? */ - bool native_mode; /* is this a win2k domain in native mode ? */ bool active_directory; /* is this a win2k active directory ? */ bool primary; /* is this our primary domain ? */ bool internal; /* BUILTIN and member SAM */ diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index fe634feb4c4..d10f0ffcf6f 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2157,16 +2157,6 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain ) if ( domain->domain_type == LSA_TRUST_TYPE_UPLEVEL ) domain->active_directory = True; - /* This flag is only set if the domain is *our* - primary domain and the primary domain is in - native mode */ - - domain->native_mode = (domain->domain_flags & NETR_TRUST_FLAG_NATIVE); - - DEBUG(5, ("set_dc_type_and_flags_trustinfo: domain %s is %sin " - "native mode.\n", domain->name, - domain->native_mode ? "" : "NOT ")); - DEBUG(5,("set_dc_type_and_flags_trustinfo: domain %s is %s" "running active directory.\n", domain->name, domain->active_directory ? "" : "NOT ")); @@ -2196,11 +2186,9 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) { NTSTATUS status, result; NTSTATUS close_status = NT_STATUS_UNSUCCESSFUL; - WERROR werr; TALLOC_CTX *mem_ctx = NULL; struct rpc_pipe_client *cli = NULL; struct policy_handle pol = { .handle_type = 0 }; - union dssetup_DsRoleInfo info; union lsa_PolicyInformation *lsa_info = NULL; union lsa_revision_info out_revision_info = { .info1 = { @@ -2222,63 +2210,6 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) DEBUG(5, ("set_dc_type_and_flags_connect: domain %s\n", domain->name )); - if (domain->internal) { - status = wb_open_internal_pipe(mem_ctx, - &ndr_table_dssetup, - &cli); - } else { - status = cli_rpc_pipe_open_noauth(domain->conn.cli, - &ndr_table_dssetup, - &cli); - } - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("set_dc_type_and_flags_connect: Could not bind to " - "PI_DSSETUP on domain %s: (%s)\n", - domain->name, nt_errstr(status))); - - /* if this is just a non-AD domain we need to continue - * identifying so that we can in the end return with - * domain->initialized = True - gd */ - - goto no_dssetup; - } - - status = dcerpc_dssetup_DsRoleGetPrimaryDomainInformation(cli->binding_handle, mem_ctx, - DS_ROLE_BASIC_INFORMATION, - &info, - &werr); - TALLOC_FREE(cli); - - if (NT_STATUS_IS_OK(status)) { - result = werror_to_ntstatus(werr); - } - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("set_dc_type_and_flags_connect: rpccli_ds_getprimarydominfo " - "on domain %s failed: (%s)\n", - domain->name, nt_errstr(status))); - - /* older samba3 DCs will return DCERPC_FAULT_OP_RNG_ERROR for - * every opcode on the DSSETUP pipe, continue with - * no_dssetup mode here as well to get domain->initialized - * set - gd */ - - if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE)) { - goto no_dssetup; - } - - TALLOC_FREE(mem_ctx); - return; - } - - if ((info.basic.flags & DS_ROLE_PRIMARY_DS_RUNNING) && - !(info.basic.flags & DS_ROLE_PRIMARY_DS_MIXED_MODE)) { - domain->native_mode = True; - } else { - domain->native_mode = False; - } - -no_dssetup: if (domain->internal) { status = wb_open_internal_pipe(mem_ctx, &ndr_table_lsarpc, @@ -2477,9 +2408,6 @@ done: &close_status); } - DEBUG(5, ("set_dc_type_and_flags_connect: domain %s is %sin native mode.\n", - domain->name, domain->native_mode ? "" : "NOT ")); - DEBUG(5,("set_dc_type_and_flags_connect: domain %s is %srunning active directory.\n", domain->name, domain->active_directory ? "" : "NOT ")); diff --git a/source3/winbindd/winbindd_domain_info.c b/source3/winbindd/winbindd_domain_info.c index c4364d99ad3..5b3c46a9de5 100644 --- a/source3/winbindd/winbindd_domain_info.c +++ b/source3/winbindd/winbindd_domain_info.c @@ -133,7 +133,7 @@ NTSTATUS winbindd_domain_info_recv(struct tevent_req *req, fstrcpy(response->data.domain_info.alt_name, domain->alt_name); sid_to_fstring(response->data.domain_info.sid, &domain->sid); - response->data.domain_info.native_mode = domain->native_mode; + response->data.domain_info.native_mode = domain->active_directory; response->data.domain_info.active_directory = domain->active_directory; response->data.domain_info.primary = domain->primary; diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index d4e1995f928..7582c0606e4 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -701,8 +701,6 @@ static void wb_domain_request_initialized(struct tevent_req *subreq) } } - state->domain->native_mode = - (*state->r.out.flags & WB_DOMINFO_DOMAIN_NATIVE); state->domain->active_directory = (*state->r.out.flags & WB_DOMINFO_DOMAIN_AD); state->domain->initialized = true; diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 0c7e9dd5491..2572588f6d1 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -91,11 +91,9 @@ NTSTATUS _wbint_InitConnection(struct pipes_struct *p, } *r->out.flags = 0; - if (domain->native_mode) { - *r->out.flags |= WB_DOMINFO_DOMAIN_NATIVE; - } if (domain->active_directory) { *r->out.flags |= WB_DOMINFO_DOMAIN_AD; + *r->out.flags |= WB_DOMINFO_DOMAIN_NATIVE; } if (domain->primary) { *r->out.flags |= WB_DOMINFO_DOMAIN_PRIMARY; diff --git a/source3/winbindd/winbindd_ndr.c b/source3/winbindd/winbindd_ndr.c index a52a704c024..058bf08ce8b 100644 --- a/source3/winbindd/winbindd_ndr.c +++ b/source3/winbindd/winbindd_ndr.c @@ -134,7 +134,6 @@ void ndr_print_winbindd_domain(struct ndr_print *ndr, ndr_print_lsa_TrustType(ndr, "domain_type", r->domain_type); ndr_print_lsa_TrustAttributes(ndr, "domain_trust_attribs", r->domain_trust_attribs); ndr_print_bool(ndr, "initialized", r->initialized); - ndr_print_bool(ndr, "native_mode", r->native_mode); ndr_print_bool(ndr, "active_directory", r->active_directory); ndr_print_bool(ndr, "primary", r->primary); ndr_print_bool(ndr, "internal", r->internal);