s4:schannel Open the schannel_store.tdb at startup

This will allow TDB_CLEAR_IF_FIRST behaviour in future

Signed-off-by: Jeremy Allison <jra@samba.org>

diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 88917c4f388b50a98fc138b2a8309ad14b2c9e1b..11415a1424b5f50ea8b90777ec755e787c0383d4 100644 (file)
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -31,6 +31,7 @@
 #include "ntvfs/ntvfs.h"
 #include "ntptr/ntptr.h"
 #include "auth/gensec/gensec.h"
+#include "libcli/auth/schannel.h"
 #include "smbd/process_model.h"
 #include "param/secrets.h"
 #include "smbd/pidfile.h"
@@ -400,6 +401,13 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[
                return 1;
        }
 
+       if (lp_server_role(cmdline_lp_ctx) == ROLE_DOMAIN_CONTROLLER) {
+               if (!open_schannel_session_store(talloc_autofree_context(), lp_private_dir(cmdline_lp_ctx))) {
+                       DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
+                       exit(1);
+               }
+       }
+
        gensec_init(cmdline_lp_ctx); /* FIXME: */
 
        ntptr_init(cmdline_lp_ctx);     /* FIXME: maybe run this in the initialization function