winbindd: Use rpc_pipe_open_interface() so that winbindd uses the correct rpc servers

This means that in the AD DC, we use the AD DC servers, while in the classic DC or file server we continue
to use the built-in SAMR and LSA servers.

Andrew Bartlett

Change-Id: I63b1443f5665016f7fcbed35907ec29d4424ab18
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 2ba2037a62926bbb3d1f792d7ebe75764418f769..74be885923293dc5a7645fddc08dce4badc0278c 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4105,6 +4105,8 @@ static bool lp_load_ex(const char *pszFname,
        if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
                lp_do_parameter(-1, "passdb backend", "samba_dsdb");
 
+               lp_do_parameter(-1, "winbindd:use external pipes", "true");
+
                lp_do_parameter(-1, "rpc_server:default", "external");
                lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
                lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");

diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index 78843d62a464ecc8e9954a90e96a9c46c951dea0..8a717008086574b5772834da60de4170ef1bb2f1 100644 (file)
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -54,12 +54,22 @@ static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx,
        }
 
        /* create a samr connection */
-       status = rpc_pipe_open_internal(mem_ctx,
-                                       &ndr_table_samr.syntax_id,
-                                       session_info,
-                                       NULL,
-                                       winbind_messaging_context(),
-                                       &cli);
+       if (lp_parm_bool(-1, "winbindd", "use external pipes", false)) {
+               status = rpc_pipe_open_interface(mem_ctx,
+                                                &ndr_table_samr,
+                                                session_info,
+                                                NULL,
+                                                winbind_messaging_context(),
+                                                &cli);
+       } else {
+               status = rpc_pipe_open_internal(mem_ctx,
+                                               &ndr_table_samr.syntax_id,
+                                               session_info,
+                                               NULL,
+                                               winbind_messaging_context(),
+                                               &cli);
+       }
+
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
                          nt_errstr(status)));
@@ -129,12 +139,21 @@ static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx,
        }
 
        /* create a lsa connection */
-       status = rpc_pipe_open_internal(mem_ctx,
-                                       &ndr_table_lsarpc.syntax_id,
-                                       session_info,
-                                       NULL,
-                                       winbind_messaging_context(),
-                                       &cli);
+       if (lp_parm_bool(-1, "winbindd", "use external pipes", false)) {
+               status = rpc_pipe_open_interface(mem_ctx,
+                                                &ndr_table_lsarpc,
+                                                session_info,
+                                                NULL,
+                                                winbind_messaging_context(),
+                                                &cli);
+       } else {
+               status = rpc_pipe_open_internal(mem_ctx,
+                                               &ndr_table_lsarpc.syntax_id,
+                                               session_info,
+                                               NULL,
+                                               winbind_messaging_context(),
+                                               &cli);
+       }
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(0, ("open_lsa_pipe: Could not connect to lsa_pipe: %s\n",
                          nt_errstr(status)));