summaryrefslogtreecommitdiffstats
path: root/source4/winbind/wb_init_domain.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/winbind/wb_init_domain.c')
-rw-r--r--source4/winbind/wb_init_domain.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index 6b8606bb0c..69ea9c7533 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -161,9 +161,10 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx,
state->domain->netlogon_pipe = NULL;
if ((!cli_credentials_is_anonymous(state->domain->schannel_creds)) &&
- ((lp_server_role() == ROLE_DOMAIN_MEMBER) &&
- (dom_sid_equal(state->domain->info->sid,
- state->service->primary_sid)))) {
+ ((lp_server_role() == ROLE_DOMAIN_MEMBER) ||
+ (lp_server_role() == ROLE_DOMAIN_CONTROLLER)) &&
+ (dom_sid_equal(state->domain->info->sid,
+ state->service->primary_sid))) {
state->domain->netlogon_binding->flags |= DCERPC_SCHANNEL;
/* For debugging, it can be a real pain if all the traffic is encrypted */
@@ -233,6 +234,7 @@ static bool retry_with_schannel(struct init_domain_state *state,
void (*continuation)(struct composite_context *))
{
struct composite_context *ctx;
+ state->ctx->status = NT_STATUS_OK;
if (state->domain->netlogon_binding->flags & DCERPC_SCHANNEL
&& !(binding->flags & DCERPC_SCHANNEL)) {
/* Opening a policy handle failed, perhaps it was
generated by cgit (git 2.34.1) at 2024-11-08 17:36:11 +0000