Fallback to lsa named-pipe connection when tcp connection has failed twice (it
could be a trusted domain connection where we cannot setup a secure channel).
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899
Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Tested-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104
invalidate_cm_connection(&domain->conn);
status = cm_connect_lsa_tcp(domain, mem_ctx, cli);
}
- if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_IS_OK(status)) {
return status;
}
- return NT_STATUS_OK;
+ /*
+ * we tried twice to connect via ncan_ip_tcp and schannel and
+ * failed - maybe it is a trusted domain we can't connect to ?
+ * do not try tcp next time - gd
+ */
+ domain->can_do_ncacn_ip_tcp = false;
}
status = cm_connect_lsa(domain, mem_ctx, cli, lsa_policy);