From 5a71f46f46fc3d4cbc2fe6c06e0d1661ccead488 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 28 Apr 2014 21:07:59 +1200
Subject: winbindd: Use rpc_pipe_open_interface() so that winbindd uses the
 correct rpc servers

This means that in the AD DC, we use the AD DC servers, while in the classic DC or file server we continue
to use the built-in SAMR and LSA servers.

Andrew Bartlett

Change-Id: I63b1443f5665016f7fcbed35907ec29d4424ab18
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 source3/param/loadparm.c         |  2 ++
 source3/winbindd/winbindd_samr.c | 43 +++++++++++++++++++++++++++++-----------
 2 files changed, 33 insertions(+), 12 deletions(-)

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 2ba2037a629..74be8859232 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4105,6 +4105,8 @@ static bool lp_load_ex(const char *pszFname,
 	if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
 		lp_do_parameter(-1, "passdb backend", "samba_dsdb");
 
+		lp_do_parameter(-1, "winbindd:use external pipes", "true");
+
 		lp_do_parameter(-1, "rpc_server:default", "external");
 		lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
 		lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index 78843d62a46..8a717008086 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -54,12 +54,22 @@ static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx,
 	}
 
 	/* create a samr connection */
-	status = rpc_pipe_open_internal(mem_ctx,
-					&ndr_table_samr.syntax_id,
-					session_info,
-					NULL,
-					winbind_messaging_context(),
-					&cli);
+	if (lp_parm_bool(-1, "winbindd", "use external pipes", false)) {
+		status = rpc_pipe_open_interface(mem_ctx,
+						 &ndr_table_samr,
+						 session_info,
+						 NULL,
+						 winbind_messaging_context(),
+						 &cli);
+	} else {
+		status = rpc_pipe_open_internal(mem_ctx,
+						&ndr_table_samr.syntax_id,
+						session_info,
+						NULL,
+						winbind_messaging_context(),
+						&cli);
+	}
+
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
 			  nt_errstr(status)));
@@ -129,12 +139,21 @@ static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx,
 	}
 
 	/* create a lsa connection */
-	status = rpc_pipe_open_internal(mem_ctx,
-					&ndr_table_lsarpc.syntax_id,
-					session_info,
-					NULL,
-					winbind_messaging_context(),
-					&cli);
+	if (lp_parm_bool(-1, "winbindd", "use external pipes", false)) {
+		status = rpc_pipe_open_interface(mem_ctx,
+						 &ndr_table_lsarpc,
+						 session_info,
+						 NULL,
+						 winbind_messaging_context(),
+						 &cli);
+	} else {
+		status = rpc_pipe_open_internal(mem_ctx,
+						&ndr_table_lsarpc.syntax_id,
+						session_info,
+						NULL,
+						winbind_messaging_context(),
+						&cli);
+	}
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("open_lsa_pipe: Could not connect to lsa_pipe: %s\n",
 			  nt_errstr(status)));
-- 
cgit