int ret;
struct auth_session_info *auth_info;
WERROR werr;
+ bool connected_as_system = false;
r->out.bind_info = NULL;
ZERO_STRUCTP(r->out.bind_handle);
if (W_ERROR_IS_OK(werr)) {
DEBUG(3,(__location__ ": doing DsBind with system_session\n"));
auth_info = system_session(dce_call->conn->dce_ctx->lp_ctx);
+ connected_as_system = true;
} else {
auth_info = dce_call->conn->auth_state.session_info;
}
return WERR_FOOBAR;
}
+ if (connected_as_system) {
+ b_state->sam_ctx_system = b_state->sam_ctx;
+ } else {
+ /* an RODC also needs system samdb access for secret
+ attribute replication */
+ werr = drs_security_level_check(dce_call, NULL, SECURITY_RO_DOMAIN_CONTROLLER,
+ samdb_domain_sid(b_state->sam_ctx));
+ if (W_ERROR_IS_OK(werr)) {
+ b_state->sam_ctx_system = samdb_connect(b_state, dce_call->event_ctx,
+ dce_call->conn->dce_ctx->lp_ctx,
+ system_session(dce_call->conn->dce_ctx->lp_ctx));
+ if (!b_state->sam_ctx_system) {
+ return WERR_FOOBAR;
+ }
+ }
+ }
+
/*
* find out the guid of our own site
*/
*/
struct drsuapi_bind_state {
struct ldb_context *sam_ctx;
+ struct ldb_context *sam_ctx_system;
struct GUID remote_bind_guid;
struct drsuapi_DsBindInfo28 remote_info28;
struct drsuapi_DsBindInfo28 local_info28;