From e6ba224432bfcd64802222a3544bc38c179727cd Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 18 Sep 2012 14:24:38 -0400 Subject: AD: Detect domain controller compatibility version --- src/providers/ldap/sdap.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'src/providers/ldap/sdap.c') diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index 11ba9cf34..5c4a00557 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -903,6 +903,7 @@ int sdap_get_server_opts_from_rootdse(TALLOC_CTX *memctx, char *endptr = NULL; int ret; int i; + uint32_t dc_level; so = talloc_zero(memctx, struct sdap_server_opts); if (!so) { @@ -974,6 +975,35 @@ int sdap_get_server_opts_from_rootdse(TALLOC_CTX *memctx, } } } + + /* Detect Active Directory version if available */ + ret = sysdb_attrs_get_uint32_t(rootdse, + SDAP_ROOTDSE_ATTR_AD_VERSION, + &dc_level); + if (ret == EOK) { + /* Validate that the DC level matches an expected value */ + switch(dc_level) { + case DS_BEHAVIOR_WIN2000: + case DS_BEHAVIOR_WIN2003: + case DS_BEHAVIOR_WIN2008: + case DS_BEHAVIOR_WIN2008R2: + case DS_BEHAVIOR_WIN2012: + opts->dc_functional_level = dc_level; + DEBUG(SSSDBG_CONF_SETTINGS, + ("Setting AD compatibility level to [%d]\n", + opts->dc_functional_level)); + break; + default: + DEBUG(SSSDBG_MINOR_FAILURE, + ("Received invalid value for AD compatibility level. " + "Continuing without AD performance enhancements\n")); + } + } else if (ret != ENOENT) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Error detecting Active Directory compatibility level " + "(%s). Continuing without AD performance enhancements\n", + strerror(ret))); + } } if (!last_usn_name) { -- cgit