IPA DC: add missing checks

When introducing FreeIPA support, two places were forgotten:

 - schannel gensec module needs to be aware of IPA DC
 - _lsa_QueryInfoPolicy should treat IPA DC as PDC

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14903

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Sat Nov 13 07:01:26 UTC 2021 on sn-devel-184

(cherry picked from commit c69b66f649c1d47a7367f7efe25b8df32369a3a5)

Autobuild-User(v4-13-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-13-test): Mon Nov 15 15:33:17 UTC 2021 on sn-devel-184

diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c
index 0cdae141ead1767b9cbeee41c4e8da83315f8652..6ebbe8f3179d17a919dadf17e332ff1ed9f7b723 100644 (file)
--- a/auth/gensec/schannel.c
+++ b/auth/gensec/schannel.c
@@ -1080,6 +1080,7 @@ static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
        case ROLE_DOMAIN_BDC:
        case ROLE_DOMAIN_PDC:
        case ROLE_ACTIVE_DIRECTORY_DC:
+       case ROLE_IPA_DC:
                return NT_STATUS_OK;
        default:
                return NT_STATUS_NOT_IMPLEMENTED;

diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index 198387424e671900d5ce26de52455fe7f136dd18..08a77c80017927b7681589a7128a51d174473d24 100644 (file)
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -681,6 +681,7 @@ NTSTATUS _lsa_QueryInfoPolicy(struct pipes_struct *p,
                switch (lp_server_role()) {
                        case ROLE_DOMAIN_PDC:
                        case ROLE_DOMAIN_BDC:
+                       case ROLE_IPA_DC:
                                name = get_global_sam_name();
                                sid = dom_sid_dup(p->mem_ctx, get_global_sam_sid());
                                if (!sid) {