2 Unix SMB/CIFS implementation.
6 Copyright (C) Gerald Carter 2006
7 Copyright (C) Guenther Deschner 2007-2008
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "libsmb/namequery.h"
25 #include "libads/sitename_cache.h"
26 #include "../librpc/gen_ndr/ndr_netlogon.h"
27 #include "libads/cldap.h"
28 #include "../lib/addns/dnsquery.h"
29 #include "libsmb/clidgram.h"
32 #define DSGETDCNAME_CACHE_TTL 60*15
34 struct ip_service_name {
35 struct sockaddr_storage ss;
39 static NTSTATUS make_dc_info_from_cldap_reply(
42 const struct sockaddr_storage *ss,
43 struct NETLOGON_SAM_LOGON_RESPONSE_EX *r,
44 struct netr_DsRGetDCNameInfo **info);
46 /****************************************************************
47 ****************************************************************/
49 static void debug_dsdcinfo_flags(int lvl, uint32_t flags)
51 DEBUG(lvl,("debug_dsdcinfo_flags: 0x%08x\n\t", flags));
53 if (flags & DS_FORCE_REDISCOVERY)
54 DEBUGADD(lvl,("DS_FORCE_REDISCOVERY "));
55 if (flags & 0x000000002)
56 DEBUGADD(lvl,("0x00000002 "));
57 if (flags & 0x000000004)
58 DEBUGADD(lvl,("0x00000004 "));
59 if (flags & 0x000000008)
60 DEBUGADD(lvl,("0x00000008 "));
61 if (flags & DS_DIRECTORY_SERVICE_REQUIRED)
62 DEBUGADD(lvl,("DS_DIRECTORY_SERVICE_REQUIRED "));
63 if (flags & DS_DIRECTORY_SERVICE_PREFERRED)
64 DEBUGADD(lvl,("DS_DIRECTORY_SERVICE_PREFERRED "));
65 if (flags & DS_GC_SERVER_REQUIRED)
66 DEBUGADD(lvl,("DS_GC_SERVER_REQUIRED "));
67 if (flags & DS_PDC_REQUIRED)
68 DEBUGADD(lvl,("DS_PDC_REQUIRED "));
69 if (flags & DS_BACKGROUND_ONLY)
70 DEBUGADD(lvl,("DS_BACKGROUND_ONLY "));
71 if (flags & DS_IP_REQUIRED)
72 DEBUGADD(lvl,("DS_IP_REQUIRED "));
73 if (flags & DS_KDC_REQUIRED)
74 DEBUGADD(lvl,("DS_KDC_REQUIRED "));
75 if (flags & DS_TIMESERV_REQUIRED)
76 DEBUGADD(lvl,("DS_TIMESERV_REQUIRED "));
77 if (flags & DS_WRITABLE_REQUIRED)
78 DEBUGADD(lvl,("DS_WRITABLE_REQUIRED "));
79 if (flags & DS_GOOD_TIMESERV_PREFERRED)
80 DEBUGADD(lvl,("DS_GOOD_TIMESERV_PREFERRED "));
81 if (flags & DS_AVOID_SELF)
82 DEBUGADD(lvl,("DS_AVOID_SELF "));
83 if (flags & DS_ONLY_LDAP_NEEDED)
84 DEBUGADD(lvl,("DS_ONLY_LDAP_NEEDED "));
85 if (flags & DS_IS_FLAT_NAME)
86 DEBUGADD(lvl,("DS_IS_FLAT_NAME "));
87 if (flags & DS_IS_DNS_NAME)
88 DEBUGADD(lvl,("DS_IS_DNS_NAME "));
89 if (flags & 0x00040000)
90 DEBUGADD(lvl,("0x00040000 "));
91 if (flags & 0x00080000)
92 DEBUGADD(lvl,("0x00080000 "));
93 if (flags & 0x00100000)
94 DEBUGADD(lvl,("0x00100000 "));
95 if (flags & 0x00200000)
96 DEBUGADD(lvl,("0x00200000 "));
97 if (flags & 0x00400000)
98 DEBUGADD(lvl,("0x00400000 "));
99 if (flags & 0x00800000)
100 DEBUGADD(lvl,("0x00800000 "));
101 if (flags & 0x01000000)
102 DEBUGADD(lvl,("0x01000000 "));
103 if (flags & 0x02000000)
104 DEBUGADD(lvl,("0x02000000 "));
105 if (flags & 0x04000000)
106 DEBUGADD(lvl,("0x04000000 "));
107 if (flags & 0x08000000)
108 DEBUGADD(lvl,("0x08000000 "));
109 if (flags & 0x10000000)
110 DEBUGADD(lvl,("0x10000000 "));
111 if (flags & 0x20000000)
112 DEBUGADD(lvl,("0x20000000 "));
113 if (flags & DS_RETURN_DNS_NAME)
114 DEBUGADD(lvl,("DS_RETURN_DNS_NAME "));
115 if (flags & DS_RETURN_FLAT_NAME)
116 DEBUGADD(lvl,("DS_RETURN_FLAT_NAME "));
118 DEBUGADD(lvl,("\n"));
121 /****************************************************************
122 ****************************************************************/
124 static char *dsgetdcname_cache_key(TALLOC_CTX *mem_ctx, const char *domain)
130 return talloc_asprintf_strupper_m(mem_ctx, "DSGETDCNAME/DOMAIN/%s",
134 /****************************************************************
135 ****************************************************************/
137 static NTSTATUS dsgetdcname_cache_delete(TALLOC_CTX *mem_ctx,
138 const char *domain_name)
142 key = dsgetdcname_cache_key(mem_ctx, domain_name);
144 return NT_STATUS_NO_MEMORY;
147 if (!gencache_del(key)) {
148 return NT_STATUS_UNSUCCESSFUL;
154 /****************************************************************
155 ****************************************************************/
157 static NTSTATUS dsgetdcname_cache_store(TALLOC_CTX *mem_ctx,
158 const char *domain_name,
165 key = dsgetdcname_cache_key(mem_ctx, domain_name);
167 return NT_STATUS_NO_MEMORY;
170 expire_time = time(NULL) + DSGETDCNAME_CACHE_TTL;
172 ret = gencache_set_data_blob(key, blob, expire_time);
174 return ret ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
177 /****************************************************************
178 ****************************************************************/
180 static NTSTATUS store_cldap_reply(TALLOC_CTX *mem_ctx,
182 struct sockaddr_storage *ss,
184 struct NETLOGON_SAM_LOGON_RESPONSE_EX *r)
187 enum ndr_err_code ndr_err;
189 char addr[INET6_ADDRSTRLEN];
191 print_sockaddr(addr, sizeof(addr), ss);
194 r->sockaddr_size = 0x10; /* the w32 winsock addr size */
195 r->sockaddr.sockaddr_family = 2; /* AF_INET */
196 r->sockaddr.pdc_ip = talloc_strdup(mem_ctx, addr);
198 ndr_err = ndr_push_struct_blob(&blob, mem_ctx, r,
199 (ndr_push_flags_fn_t)ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX);
200 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
201 return ndr_map_error2ntstatus(ndr_err);
204 if (r->domain_name) {
205 status = dsgetdcname_cache_store(mem_ctx, r->domain_name,
207 if (!NT_STATUS_IS_OK(status)) {
210 if (r->client_site) {
211 sitename_store(r->domain_name, r->client_site);
215 status = dsgetdcname_cache_store(mem_ctx, r->dns_domain, blob);
216 if (!NT_STATUS_IS_OK(status)) {
219 if (r->client_site) {
220 sitename_store(r->dns_domain, r->client_site);
224 status = NT_STATUS_OK;
227 data_blob_free(&blob);
232 /****************************************************************
233 ****************************************************************/
235 static uint32_t get_cldap_reply_server_flags(struct netlogon_samlogon_response *r,
238 switch (nt_version & 0x0000001f) {
248 return r->data.nt5.server_type;
253 return r->data.nt5_ex.server_type;
262 return r->data.nt5_ex.server_type;
272 return r->data.nt5_ex.server_type;
276 return r->data.nt5_ex.server_type;
282 /****************************************************************
283 ****************************************************************/
285 static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx,
286 const char *domain_name,
287 const struct GUID *domain_guid,
289 struct netr_DsRGetDCNameInfo **info_p)
293 enum ndr_err_code ndr_err;
294 struct netr_DsRGetDCNameInfo *info;
295 struct NETLOGON_SAM_LOGON_RESPONSE_EX r;
298 key = dsgetdcname_cache_key(mem_ctx, domain_name);
300 return NT_STATUS_NO_MEMORY;
303 if (!gencache_get_data_blob(key, NULL, &blob, NULL, NULL)) {
304 return NT_STATUS_NOT_FOUND;
307 info = talloc_zero(mem_ctx, struct netr_DsRGetDCNameInfo);
309 data_blob_free(&blob);
310 return NT_STATUS_NO_MEMORY;
313 ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r,
314 (ndr_pull_flags_fn_t)ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX);
316 data_blob_free(&blob);
317 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
318 dsgetdcname_cache_delete(mem_ctx, domain_name);
319 return ndr_map_error2ntstatus(ndr_err);
322 status = make_dc_info_from_cldap_reply(mem_ctx, flags, NULL,
324 if (!NT_STATUS_IS_OK(status)) {
328 if (DEBUGLEVEL >= 10) {
329 NDR_PRINT_DEBUG(netr_DsRGetDCNameInfo, info);
333 if (!check_cldap_reply_required_flags(info->dc_flags, flags)) {
334 DEBUG(10,("invalid flags\n"));
335 return NT_STATUS_INVALID_PARAMETER;
338 if ((flags & DS_IP_REQUIRED) &&
339 (info->dc_address_type != DS_ADDRESS_TYPE_INET)) {
340 return NT_STATUS_INVALID_PARAMETER_MIX;
348 /****************************************************************
349 ****************************************************************/
351 static NTSTATUS dsgetdcname_cached(TALLOC_CTX *mem_ctx,
352 struct messaging_context *msg_ctx,
353 const char *domain_name,
354 const struct GUID *domain_guid,
356 const char *site_name,
357 struct netr_DsRGetDCNameInfo **info)
361 status = dsgetdcname_cache_fetch(mem_ctx, domain_name, domain_guid,
363 if (!NT_STATUS_IS_OK(status)
364 && !NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
365 DEBUG(10,("dsgetdcname_cached: cache fetch failed with: %s\n",
367 return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
370 if (flags & DS_BACKGROUND_ONLY) {
374 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
375 struct netr_DsRGetDCNameInfo *dc_info;
377 status = dsgetdcname(mem_ctx, msg_ctx, domain_name,
378 domain_guid, site_name,
379 flags | DS_FORCE_REDISCOVERY,
382 if (!NT_STATUS_IS_OK(status)) {
392 /****************************************************************
393 ****************************************************************/
395 static bool check_allowed_required_flags(uint32_t flags,
396 const char *site_name)
398 uint32_t return_type = flags & (DS_RETURN_FLAT_NAME|DS_RETURN_DNS_NAME);
399 uint32_t offered_type = flags & (DS_IS_FLAT_NAME|DS_IS_DNS_NAME);
400 uint32_t query_type = flags & (DS_BACKGROUND_ONLY|DS_FORCE_REDISCOVERY);
402 /* FIXME: check for DSGETDC_VALID_FLAGS and check for excluse bits
403 * (DS_PDC_REQUIRED, DS_KDC_REQUIRED, DS_GC_SERVER_REQUIRED) */
405 debug_dsdcinfo_flags(10, flags);
407 if ((flags & DS_TRY_NEXTCLOSEST_SITE) && site_name) {
411 if (return_type == (DS_RETURN_FLAT_NAME|DS_RETURN_DNS_NAME)) {
415 if (offered_type == (DS_IS_DNS_NAME|DS_IS_FLAT_NAME)) {
419 if (query_type == (DS_BACKGROUND_ONLY|DS_FORCE_REDISCOVERY)) {
424 if ((flags & DS_RETURN_DNS_NAME) && (!(flags & DS_IP_REQUIRED))) {
425 printf("gd: here5 \n");
432 /****************************************************************
433 ****************************************************************/
435 static NTSTATUS discover_dc_netbios(TALLOC_CTX *mem_ctx,
436 const char *domain_name,
438 struct ip_service_name **returned_dclist,
442 enum nbt_name_type name_type = NBT_NAME_LOGON;
443 struct ip_service *iplist;
445 struct ip_service_name *dclist = NULL;
447 static const char *resolve_order[] = { "lmhosts", "wins", "bcast", NULL };
449 *returned_dclist = NULL;
452 if (flags & DS_PDC_REQUIRED) {
453 name_type = NBT_NAME_PDC;
456 status = internal_resolve_name(domain_name, name_type, NULL,
459 if (!NT_STATUS_IS_OK(status)) {
460 DEBUG(10,("discover_dc_netbios: failed to find DC\n"));
464 dclist = talloc_zero_array(mem_ctx, struct ip_service_name, count);
467 return NT_STATUS_NO_MEMORY;
470 for (i=0; i<count; i++) {
472 char addr[INET6_ADDRSTRLEN];
473 struct ip_service_name *r = &dclist[i];
475 print_sockaddr(addr, sizeof(addr),
478 r->ss = iplist[i].ss;
479 r->hostname = talloc_strdup(mem_ctx, addr);
482 return NT_STATUS_NO_MEMORY;
487 *returned_dclist = dclist;
488 *returned_count = count;
494 /****************************************************************
495 ****************************************************************/
497 static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
498 const char *domain_name,
499 const struct GUID *domain_guid,
501 const char *site_name,
502 struct ip_service_name **returned_dclist,
508 struct dns_rr_srv *dcs = NULL;
511 struct ip_service_name *dclist = NULL;
514 if (flags & DS_PDC_REQUIRED) {
515 status = ads_dns_query_pdc(mem_ctx,
519 } else if (flags & DS_GC_SERVER_REQUIRED) {
520 status = ads_dns_query_gcs(mem_ctx,
525 } else if (flags & DS_KDC_REQUIRED) {
526 status = ads_dns_query_kdcs(mem_ctx,
531 } else if (flags & DS_DIRECTORY_SERVICE_REQUIRED) {
532 status = ads_dns_query_dcs(mem_ctx,
537 } else if (domain_guid) {
538 struct GUID_txt_buf buf;
539 GUID_buf_string(domain_guid, &buf);
541 status = ads_dns_query_dcs_guid(mem_ctx,
547 status = ads_dns_query_dcs(mem_ctx,
554 if (!NT_STATUS_IS_OK(status)) {
559 return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
562 for (i=0;i<numdcs;i++) {
563 numaddrs += MAX(dcs[i].num_ips,1);
566 dclist = talloc_zero_array(mem_ctx,
567 struct ip_service_name,
570 return NT_STATUS_NO_MEMORY;
573 /* now unroll the list of IP addresses */
579 while ((i < numdcs) && (count < numaddrs)) {
581 struct ip_service_name *r = &dclist[count];
583 r->hostname = dcs[i].hostname;
585 /* If we don't have an IP list for a name, lookup it up */
588 interpret_string_addr_prefer_ipv4(&r->ss,
593 /* use the IP addresses from the SRV response */
595 if (j >= dcs[i].num_ips) {
601 r->ss = dcs[i].ss_s[j];
605 /* make sure it is a valid IP. I considered checking the
606 * negative connection cache, but this is the wrong place for
607 * it. Maybe only as a hack. After think about it, if all of
608 * the IP addresses returned from DNS are dead, what hope does a
609 * netbios name lookup have? The standard reason for falling
610 * back to netbios lookups is that our DNS server doesn't know
611 * anything about the DC's -- jerry */
613 if (!is_zero_addr(&r->ss)) {
619 *returned_dclist = dclist;
620 *return_count = count;
626 return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
629 /****************************************************************
630 ****************************************************************/
632 static NTSTATUS make_domain_controller_info(TALLOC_CTX *mem_ctx,
634 const char *dc_address,
635 uint32_t dc_address_type,
636 const struct GUID *domain_guid,
637 const char *domain_name,
638 const char *forest_name,
640 const char *dc_site_name,
641 const char *client_site_name,
642 struct netr_DsRGetDCNameInfo **info_out)
644 struct netr_DsRGetDCNameInfo *info;
646 info = talloc_zero(mem_ctx, struct netr_DsRGetDCNameInfo);
647 NT_STATUS_HAVE_NO_MEMORY(info);
650 info->dc_unc = talloc_strdup(mem_ctx, dc_unc);
651 NT_STATUS_HAVE_NO_MEMORY(info->dc_unc);
655 if (!(dc_address[0] == '\\' && dc_address[1] == '\\')) {
656 info->dc_address = talloc_asprintf(mem_ctx, "\\\\%s",
659 info->dc_address = talloc_strdup(mem_ctx, dc_address);
661 NT_STATUS_HAVE_NO_MEMORY(info->dc_address);
664 info->dc_address_type = dc_address_type;
667 info->domain_guid = *domain_guid;
671 info->domain_name = talloc_strdup(mem_ctx, domain_name);
672 NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
675 if (forest_name && *forest_name) {
676 info->forest_name = talloc_strdup(mem_ctx, forest_name);
677 NT_STATUS_HAVE_NO_MEMORY(info->forest_name);
678 flags |= DS_DNS_FOREST_ROOT;
681 info->dc_flags = flags;
684 info->dc_site_name = talloc_strdup(mem_ctx, dc_site_name);
685 NT_STATUS_HAVE_NO_MEMORY(info->dc_site_name);
688 if (client_site_name) {
689 info->client_site_name = talloc_strdup(mem_ctx,
691 NT_STATUS_HAVE_NO_MEMORY(info->client_site_name);
699 /****************************************************************
700 ****************************************************************/
702 static void map_dc_and_domain_names(uint32_t flags,
704 const char *domain_name,
705 const char *dns_dc_name,
706 const char *dns_domain_name,
708 const char **hostname_p,
709 const char **domain_p)
711 switch (flags & 0xf0000000) {
712 case DS_RETURN_FLAT_NAME:
713 if (dc_name && domain_name &&
714 *dc_name && *domain_name) {
715 *hostname_p = dc_name;
716 *domain_p = domain_name;
721 case DS_RETURN_DNS_NAME:
723 if (dns_dc_name && dns_domain_name &&
724 *dns_dc_name && *dns_domain_name) {
725 *hostname_p = dns_dc_name;
726 *domain_p = dns_domain_name;
727 *dc_flags |= DS_DNS_DOMAIN | DS_DNS_CONTROLLER;
730 if (dc_name && domain_name &&
731 *dc_name && *domain_name) {
732 *hostname_p = dc_name;
733 *domain_p = domain_name;
739 /****************************************************************
740 ****************************************************************/
742 static NTSTATUS make_dc_info_from_cldap_reply(
745 const struct sockaddr_storage *ss,
746 struct NETLOGON_SAM_LOGON_RESPONSE_EX *r,
747 struct netr_DsRGetDCNameInfo **info)
749 const char *dc_hostname = NULL;
750 const char *dc_domain_name = NULL;
751 const char *dc_address = NULL;
752 const char *dc_forest = NULL;
753 uint32_t dc_address_type = 0;
754 uint32_t dc_flags = 0;
755 struct GUID *dc_domain_guid = NULL;
756 const char *dc_server_site = NULL;
757 const char *dc_client_site = NULL;
759 char addr[INET6_ADDRSTRLEN];
762 print_sockaddr(addr, sizeof(addr), ss);
764 dc_address_type = DS_ADDRESS_TYPE_INET;
766 if (r->sockaddr.pdc_ip) {
767 dc_address = r->sockaddr.pdc_ip;
768 dc_address_type = DS_ADDRESS_TYPE_INET;
770 dc_address = r->pdc_name;
771 dc_address_type = DS_ADDRESS_TYPE_NETBIOS;
775 map_dc_and_domain_names(flags,
784 dc_flags |= r->server_type;
785 dc_forest = r->forest;
786 dc_domain_guid = &r->domain_uuid;
787 dc_server_site = r->server_site;
788 dc_client_site = r->client_site;
790 return make_domain_controller_info(mem_ctx,
803 /****************************************************************
804 ****************************************************************/
806 static uint32_t map_ds_flags_to_nt_version(uint32_t flags)
808 uint32_t nt_version = 0;
810 if (flags & DS_PDC_REQUIRED) {
811 nt_version |= NETLOGON_NT_VERSION_PDC;
814 if (flags & DS_GC_SERVER_REQUIRED) {
815 nt_version |= NETLOGON_NT_VERSION_GC;
818 if (flags & DS_TRY_NEXTCLOSEST_SITE) {
819 nt_version |= NETLOGON_NT_VERSION_WITH_CLOSEST_SITE;
822 if (flags & DS_IP_REQUIRED) {
823 nt_version |= NETLOGON_NT_VERSION_IP;
829 /****************************************************************
830 ****************************************************************/
832 static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx,
833 const char *domain_name,
835 struct ip_service_name *dclist,
837 struct netr_DsRGetDCNameInfo **info)
840 bool valid_dc = false;
841 struct netlogon_samlogon_response *r = NULL;
842 uint32_t nt_version = NETLOGON_NT_VERSION_5 |
843 NETLOGON_NT_VERSION_5EX;
844 uint32_t ret_flags = 0;
847 nt_version |= map_ds_flags_to_nt_version(flags);
849 for (i=0; i<num_dcs; i++) {
851 char addr[INET6_ADDRSTRLEN];
852 print_sockaddr(addr, sizeof(addr), &dclist[i].ss);
854 DEBUG(10,("LDAP ping to %s (%s)\n", dclist[i].hostname, addr));
856 if (ads_cldap_netlogon(mem_ctx, &dclist[i].ss,
861 nt_version = r->ntver;
862 ret_flags = get_cldap_reply_server_flags(r, nt_version);
864 if (check_cldap_reply_required_flags(ret_flags, flags)) {
874 return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
877 status = make_dc_info_from_cldap_reply(mem_ctx, flags, &dclist[i].ss,
878 &r->data.nt5_ex, info);
879 if (NT_STATUS_IS_OK(status)) {
880 return store_cldap_reply(mem_ctx, flags, &dclist[i].ss,
881 nt_version, &r->data.nt5_ex);
887 /****************************************************************
888 ****************************************************************/
890 /****************************************************************
891 ****************************************************************/
893 static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx,
894 struct messaging_context *msg_ctx,
895 const char *domain_name,
897 struct ip_service_name *dclist,
899 struct netr_DsRGetDCNameInfo **info)
901 struct sockaddr_storage ss;
902 struct ip_service ip_list;
903 enum nbt_name_type name_type = NBT_NAME_LOGON;
906 const char *dc_name = NULL;
908 struct netlogon_samlogon_response *r = NULL;
909 bool store_cache = false;
910 uint32_t nt_version = NETLOGON_NT_VERSION_1 |
911 NETLOGON_NT_VERSION_5 |
912 NETLOGON_NT_VERSION_5EX_WITH_IP;
914 if (msg_ctx == NULL) {
915 return NT_STATUS_INVALID_PARAMETER;
918 if (flags & DS_PDC_REQUIRED) {
919 name_type = NBT_NAME_PDC;
922 nt_version |= map_ds_flags_to_nt_version(flags);
924 DEBUG(10,("process_dc_netbios\n"));
926 for (i=0; i<num_dcs; i++) {
929 generate_random_buffer((uint8_t *)&val, 2);
931 ip_list.ss = dclist[i].ss;
934 if (!interpret_string_addr_prefer_ipv4(&ss, dclist[i].hostname, AI_NUMERICHOST)) {
935 return NT_STATUS_UNSUCCESSFUL;
938 status = nbt_getdc(msg_ctx, 10, &dclist[i].ss, domain_name,
940 mem_ctx, &nt_version, &dc_name, &r);
941 if (NT_STATUS_IS_OK(status)) {
943 namecache_store(dc_name, NBT_NAME_SERVER, 1, &ip_list);
947 if (name_status_find(domain_name,
953 struct NETLOGON_SAM_LOGON_RESPONSE_NT40 logon1;
955 r = talloc_zero(mem_ctx, struct netlogon_samlogon_response);
956 NT_STATUS_HAVE_NO_MEMORY(r);
960 nt_version = NETLOGON_NT_VERSION_1;
962 logon1.nt_version = nt_version;
963 logon1.pdc_name = tmp_dc_name;
964 logon1.domain_name = talloc_strdup_upper(mem_ctx, domain_name);
965 NT_STATUS_HAVE_NO_MEMORY(logon1.domain_name);
967 r->data.nt4 = logon1;
968 r->ntver = nt_version;
970 map_netlogon_samlogon_response(r);
972 namecache_store(tmp_dc_name, NBT_NAME_SERVER, 1, &ip_list);
978 return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
982 status = make_dc_info_from_cldap_reply(mem_ctx, flags, &dclist[i].ss,
983 &r->data.nt5_ex, info);
984 if (NT_STATUS_IS_OK(status) && store_cache) {
985 return store_cldap_reply(mem_ctx, flags, &dclist[i].ss,
986 nt_version, &r->data.nt5_ex);
992 /****************************************************************
993 ****************************************************************/
995 static NTSTATUS dsgetdcname_rediscover(TALLOC_CTX *mem_ctx,
996 struct messaging_context *msg_ctx,
997 const char *domain_name,
998 const struct GUID *domain_guid,
1000 const char *site_name,
1001 struct netr_DsRGetDCNameInfo **info)
1003 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1004 struct ip_service_name *dclist = NULL;
1007 DEBUG(10,("dsgetdcname_rediscover\n"));
1009 if (flags & DS_IS_FLAT_NAME) {
1011 if (lp_disable_netbios()) {
1012 return NT_STATUS_NOT_SUPPORTED;
1015 status = discover_dc_netbios(mem_ctx, domain_name, flags,
1017 NT_STATUS_NOT_OK_RETURN(status);
1019 return process_dc_netbios(mem_ctx, msg_ctx, domain_name, flags,
1020 dclist, num_dcs, info);
1023 if (flags & DS_IS_DNS_NAME) {
1025 status = discover_dc_dns(mem_ctx, domain_name, domain_guid,
1026 flags, site_name, &dclist, &num_dcs);
1027 NT_STATUS_NOT_OK_RETURN(status);
1029 return process_dc_dns(mem_ctx, domain_name, flags,
1030 dclist, num_dcs, info);
1033 status = discover_dc_dns(mem_ctx, domain_name, domain_guid, flags,
1034 site_name, &dclist, &num_dcs);
1036 if (NT_STATUS_IS_OK(status) && num_dcs != 0) {
1038 status = process_dc_dns(mem_ctx, domain_name, flags, dclist,
1040 if (NT_STATUS_IS_OK(status)) {
1045 if (lp_disable_netbios()) {
1046 return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1049 status = discover_dc_netbios(mem_ctx, domain_name, flags, &dclist,
1051 NT_STATUS_NOT_OK_RETURN(status);
1053 return process_dc_netbios(mem_ctx, msg_ctx, domain_name, flags, dclist,
1057 static bool is_closest_site(struct netr_DsRGetDCNameInfo *info)
1059 if (info->dc_flags & DS_SERVER_CLOSEST) {
1063 if (!info->client_site_name) {
1067 if (!info->dc_site_name) {
1071 if (strcmp(info->client_site_name, info->dc_site_name) == 0) {
1078 /********************************************************************
1079 Internal dsgetdcname.
1080 ********************************************************************/
1082 static NTSTATUS dsgetdcname_internal(TALLOC_CTX *mem_ctx,
1083 struct messaging_context *msg_ctx,
1084 const char *domain_name,
1085 const struct GUID *domain_guid,
1086 const char *site_name,
1088 struct netr_DsRGetDCNameInfo **info)
1090 NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
1091 struct netr_DsRGetDCNameInfo *myinfo = NULL;
1093 struct netr_DsRGetDCNameInfo *first_info = NULL;
1095 DEBUG(10,("dsgetdcname_internal: domain_name: %s, "
1096 "domain_guid: %s, site_name: %s, flags: 0x%08x\n",
1098 domain_guid ? GUID_string(mem_ctx, domain_guid) : "(null)",
1099 site_name ? site_name : "(null)", flags));
1103 if (!check_allowed_required_flags(flags, site_name)) {
1104 DEBUG(0,("invalid flags specified\n"));
1105 return NT_STATUS_INVALID_PARAMETER;
1108 if (flags & DS_FORCE_REDISCOVERY) {
1112 status = dsgetdcname_cached(mem_ctx, msg_ctx, domain_name, domain_guid,
1113 flags, site_name, &myinfo);
1114 if (NT_STATUS_IS_OK(status)) {
1118 if (flags & DS_BACKGROUND_ONLY) {
1123 status = dsgetdcname_rediscover(mem_ctx, msg_ctx, domain_name,
1124 domain_guid, flags, site_name,
1128 if (!NT_STATUS_IS_OK(status)) {
1131 return NT_STATUS_OK;
1137 TALLOC_FREE(first_info);
1138 } else if (!is_closest_site(myinfo)) {
1140 first_info = myinfo;
1141 /* TODO: may use the next_closest_site here */
1142 site_name = myinfo->client_site_name;
1147 return NT_STATUS_OK;
1150 /********************************************************************
1153 This will be the only public function here.
1154 ********************************************************************/
1156 NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx,
1157 struct messaging_context *msg_ctx,
1158 const char *domain_name,
1159 const struct GUID *domain_guid,
1160 const char *site_name,
1162 struct netr_DsRGetDCNameInfo **info)
1165 const char *query_site = NULL;
1166 char *ptr_to_free = NULL;
1167 bool retry_query_with_null = false;
1169 if ((site_name == NULL) || (site_name[0] == '\0')) {
1170 ptr_to_free = sitename_fetch(mem_ctx, domain_name);
1171 if (ptr_to_free != NULL) {
1172 retry_query_with_null = true;
1174 query_site = ptr_to_free;
1176 query_site = site_name;
1179 status = dsgetdcname_internal(mem_ctx,
1187 TALLOC_FREE(ptr_to_free);
1189 if (!NT_STATUS_EQUAL(status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) {
1193 /* Should we try again with site_name == NULL ? */
1194 if (retry_query_with_null) {
1195 status = dsgetdcname_internal(mem_ctx,