s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case

We use get_dc_name() for LDAP because it generates the selfwritten
krb5.conf with the correct kdc addresses and sets KRB5_CONFIG.

For CLDAP we need to use get_sorted_dc_list() to avoid recursion.

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f)

diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 67c547011bb19571591eb216190dc2d3c897b755..a57a0d180a8ff7a505d93d7598eee7f2f97de4de 100644 (file)
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -286,11 +286,35 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
        
        pstrcpy( realm, c_realm );
 
+       /*
+        * In case of LDAP we use get_dc_name() as that
+        * creates the custom krb5.conf file
+        */
+       if (!(ads->auth.flags & ADS_AUTH_NO_BIND)) {
+               fstring srv_name;
+               struct in_addr ip_out;
+
+               DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n",
+                       (got_realm ? "realm" : "domain"), realm));
+
+               if (get_dc_name(realm, realm, srv_name, &ip_out)) {
+                       /*
+                        * we call ads_try_connect() to fill in the
+                        * ads->config details
+                        */
+                       if (ads_try_connect(ads, srv_name)) {
+                               return NT_STATUS_OK;
+                       }
+               }
+
+               return NT_STATUS_NO_LOGON_SERVERS;
+       }
+
        sitename = sitename_fetch(realm);
 
  again:
 
-       DEBUG(6,("ads_find_dc: looking for %s '%s'\n", 
+       DEBUG(6,("ads_find_dc: (cldap) looking for %s '%s'\n",
                (got_realm ? "realm" : "domain"), realm));
 
        status = get_sorted_dc_list(realm, sitename, &ip_list, &count, got_realm);