From efb9a5b386518b050cda696bba4db37620650190 Mon Sep 17 00:00:00 2001 From: =?utf-8?q?G=C3=BCnther=20Deschner?= Date: Wed, 7 Oct 2009 14:34:05 +0200 Subject: [PATCH 1/2] s3:rpc_server: we need to make a copy of my_name in serverinfo_to_SamInfo3() This is important for the case the server_info already contains a logon_server. metze --- source/rpc_client/init_netlogon.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/source/rpc_client/init_netlogon.c b/source/rpc_client/init_netlogon.c index e4c39e7..3972d9b 100644 --- a/source/rpc_client/init_netlogon.c +++ b/source/rpc_client/init_netlogon.c @@ -296,7 +296,7 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info, groups, NETLOGON_EXTRA_SIDS, user_session_key, - my_name, + talloc_strdup(sam3, my_name), talloc_strdup(sam3, pdb_get_domain(sampw)), sid, lm_session_key, -- 1.6.2.5 From ae441e29816ee9966b77b8dc930e9896ee29aa2a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 24 Sep 2009 21:35:38 +0200 Subject: [PATCH 2/2] s3:winbindd_cm: don't invalidate the whole connection when just samr gave ACCCESS_DENIED metze --- source/winbindd/winbindd_cm.c | 13 ++++++++++++- 1 files changed, 12 insertions(+), 1 deletions(-) diff --git a/source/winbindd/winbindd_cm.c b/source/winbindd/winbindd_cm.c index bf8490e..bd502a5 100644 --- a/source/winbindd/winbindd_cm.c +++ b/source/winbindd/winbindd_cm.c @@ -2148,7 +2148,18 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, done: - if (!NT_STATUS_IS_OK(result)) { + if (NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)) { + /* + * if we got access denied, we might just have no access rights + * to talk to the remote samr server server (e.g. when we are a + * PDC and we are connecting a w2k8 pdc via an interdomain + * trust). In that case do not invalidate the whole connection + * stack + */ + TALLOC_FREE(conn->samr_pipe); + ZERO_STRUCT(conn->sam_domain_handle); + return result; + } else if (!NT_STATUS_IS_OK(result)) { invalidate_cm_connection(conn); return result; } -- 1.6.2.5