s3:winbindd: Improve logic so it is easier to understand

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index de3e3f5cc8154c5e0f1f1e39d6a8793fd4d6b6b9..f60a90ceb18d8e4c07a9083461ef3584eba96603 100644 (file)
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1683,22 +1683,24 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(
                        true, /* interactive */
                        &authoritative,
                        &info3);
-               if (NT_STATUS_IS_OK(result)) {
-                       result = map_info3_to_validation(mem_ctx,
-                                                        info3,
-                                                        &validation_level,
-                                                        &validation);
-                       TALLOC_FREE(info3);
-                       if (!NT_STATUS_IS_OK(result)) {
-                               goto done;
-                       }
-               }
 
                /*
                 * We need to try the remote NETLOGON server if this is
                 * not authoritative (for example on the RODC).
                 */
                if (authoritative != 0) {
+                       if (NT_STATUS_IS_OK(result)) {
+                               result = map_info3_to_validation(
+                                               mem_ctx,
+                                               info3,
+                                               &validation_level,
+                                               &validation);
+                               TALLOC_FREE(info3);
+                               if (!NT_STATUS_IS_OK(result)) {
+                                       goto done;
+                               }
+                       }
+
                        goto done;
                }
        }