auth: Allow domain join to itself when we are a PDC

author Andrew Bartlett <abartlet@samba.org>

Wed, 11 Dec 2013 02:39:38 +0000 (15:39 +1300)

committer Andreas Schneider <asn@cryptomilk.org>

Thu, 11 Dec 2014 18:14:06 +0000 (19:14 +0100)
author Andrew Bartlett <abartlet@samba.org>
Wed, 11 Dec 2013 02:39:38 +0000 (15:39 +1300)
committer Andreas Schneider <asn@cryptomilk.org>
Thu, 11 Dec 2014 18:14:06 +0000 (19:14 +0100)
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c

index 73c9a573879747a3ac787496e36b31f401bc06e1..dd87c6d4255062b9878d60204f29012ac91cb1d5 100644 (file)
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -2139,7 +2139,9 @@ static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx,
  
         switch (r->out.domain_is_ad) {
                 case false:
-                       valid_security = (lp_security() == SEC_DOMAIN);
+                       valid_security = (lp_security() == SEC_DOMAIN)
+                               || (lp_server_role() == ROLE_DOMAIN_PDC)
+                               || (lp_server_role() == ROLE_DOMAIN_BDC);
                         if (valid_workgroup && valid_security) {
                                 /* nothing to be done */
                                 return WERR_OK;
author	Andrew Bartlett <abartlet@samba.org>
	Wed, 11 Dec 2013 02:39:38 +0000 (15:39 +1300)
committer	Andreas Schneider <asn@cryptomilk.org>
	Thu, 11 Dec 2014 18:14:06 +0000 (19:14 +0100)