s4-netlogon: fixed getDcNameEx2 for blank inputs

w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.

CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.

diff --git a/source4/cldap_server/cldap_server.h b/source4/cldap_server/cldap_server.h
index 2eaf59401f50da47f59f36065c4c20b6b05eed20..e40a1bd4ba1186dafef59827c2b1ea87e20ff2ad 100644 (file)
--- a/source4/cldap_server/cldap_server.h
+++ b/source4/cldap_server/cldap_server.h
@@ -43,6 +43,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
                                          const char *src_address,
                                          uint32_t version,
                                          struct loadparm_context *lp_ctx,
-                                         struct netlogon_samlogon_response *netlogon);
+                                         struct netlogon_samlogon_response *netlogon,
+                                        bool fill_on_blank_request);
 
 #include "cldap_server/proto.h"

diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index e24f1b376e28b7de91bdd2fefe11741b7792a856..06c61aca24fe34c76960cc3e0ca444c6ed33f795 100644 (file)
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -51,7 +51,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
                                         const char *src_address,
                                         uint32_t version,
                                         struct loadparm_context *lp_ctx,
-                                        struct netlogon_samlogon_response *netlogon)
+                                        struct netlogon_samlogon_response *netlogon,
+                                        bool fill_on_blank_request)
 {
        const char *dom_attrs[] = {"objectGUID", NULL};
        const char *none_attrs[] = {NULL};
@@ -170,8 +171,24 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
                }
        }
 
-       if (dom_res == NULL) {
-               DEBUG(2,("Unable to get domain informations if no parameter of the list [long domainname, short domainname, GUID, SID] was specified!\n"));
+       if (dom_res == NULL && fill_on_blank_request) {
+               /* blank inputs gives our domain - tested against
+                  w2k8r2. Without this ADUC on Win7 won't start */
+               domain_dn = ldb_get_default_basedn(sam_ctx);
+               ret = ldb_search(sam_ctx, mem_ctx, &dom_res,
+                                domain_dn, LDB_SCOPE_BASE, dom_attrs,
+                                "objectClass=domain");
+               if (ret != LDB_SUCCESS) {
+                       DEBUG(2,("Error finding domain '%s'/'%s' in sam: %s\n",
+                                lp_dnsdomain(lp_ctx),
+                                ldb_dn_get_linearized(domain_dn),
+                                ldb_errstring(sam_ctx)));
+                       return NT_STATUS_NO_SUCH_DOMAIN;
+               }
+       }
+
+        if (dom_res == NULL) {
+               DEBUG(2,(__location__ ": Unable to get domain informations with no inputs\n"));
                return NT_STATUS_NO_SUCH_DOMAIN;
        }
 
@@ -437,7 +454,7 @@ void cldapd_netlogon_request(struct cldap_socket *cldap,
        status = fill_netlogon_samlogon_response(cldapd->samctx, tmp_ctx, domain, NULL, NULL, domain_guid,
                                                 user, acct_control,
                                                 tsocket_address_inet_addr_string(src, tmp_ctx),
-                                                version, cldapd->task->lp_ctx, &netlogon);
+                                                version, cldapd->task->lp_ctx, &netlogon, false);
        if (!NT_STATUS_IS_OK(status)) {
                goto failed;
        }

diff --git a/source4/nbt_server/dgram/netlogon.c b/source4/nbt_server/dgram/netlogon.c
index 8fec15a675cfec2a1b4adcf211aed5c0a1a69f50..c9d864c3c37da8893b2700c8757b2b0d35f8f934 100644 (file)
--- a/source4/nbt_server/dgram/netlogon.c
+++ b/source4/nbt_server/dgram/netlogon.c
@@ -124,7 +124,7 @@ static void nbtd_netlogon_samlogon(struct dgram_mailslot_handler *dgmslot,
 
        status = fill_netlogon_samlogon_response(samctx, packet, NULL, name->name, sid, NULL, 
                                                 netlogon->req.logon.user_name, netlogon->req.logon.acct_control, src->addr, 
-                                                netlogon->req.logon.nt_version, iface->nbtsrv->task->lp_ctx, &netlogon_response.data.samlogon);
+                                                netlogon->req.logon.nt_version, iface->nbtsrv->task->lp_ctx, &netlogon_response.data.samlogon, false);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(2,("NBT netlogon query failed domain=%s sid=%s version=%d - %s\n",
                         name->name, dom_sid_string(packet, sid), netlogon->req.logon.nt_version, nt_errstr(status)));

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 2650dc7e59b86db81cdb2cd33d701249d65bdfbd..b55ad57350096fae5eccc650bd630ed7c0735a30 100644 (file)
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1568,7 +1568,7 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call,
                                                 r->in.client_account,
                                                 r->in.mask, addr,
                                                 NETLOGON_NT_VERSION_5EX_WITH_IP,
-                                                lp_ctx, &response);
+                                                lp_ctx, &response, true);
        if (!NT_STATUS_IS_OK(status)) {
                return ntstatus_to_werror(status);
        }

diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 1fc902b59e28a62df7482b424cdbb60e6a366fef..d6bc013e8add384ed12d17276ddedce2a60f3082 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -2271,6 +2271,15 @@ static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
        struct netr_DsRGetDCNameInfo *info = NULL;
        struct dcerpc_binding_handle *b = p->binding_handle;
 
+       torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
+       ZERO_STRUCT(r.in);
+       r.in.flags              = DS_RETURN_DNS_NAME;
+       r.out.info              = &info;
+
+       status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
+       torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
+
        r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
        r.in.client_account     = NULL;
        r.in.mask               = 0x00000000;