From 2322fe5cd76c5b7214c66f8a403debe1e36a82d6 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 11 Sep 2007 16:15:36 +0000 Subject: [PATCH] r25086: Fix interdomain trusts (this povides the fix expected in r22709): Fix winbindd on a Samba DC talking to a trusted domain DC by making it use the trusted domain password... Michael I hope this does not brake any other setup. --- source/nsswitch/winbindd_cm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/nsswitch/winbindd_cm.c b/source/nsswitch/winbindd_cm.c index 1a9d2bbeff3..9ffb3dfb239 100644 --- a/source/nsswitch/winbindd_cm.c +++ b/source/nsswitch/winbindd_cm.c @@ -2161,7 +2161,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, return NT_STATUS_OK; } - if (domain->primary && !get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) { + if ((IS_DC || domain->primary) && !get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) { return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -2171,7 +2171,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, return result; } - if ( !domain->primary ) { + if ((!IS_DC) && (!domain->primary)) { /* Clear the schannel request bit and drop down */ neg_flags &= ~NETLOGON_NEG_SCHANNEL; goto no_schannel; -- 2.34.1