diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2016-12-13 09:06:25 +1300 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2016-12-15 08:21:12 +0100 |
| commit | 31d625bcd2b0cb33dd98a37c202f5b371b871362 (patch) | |
| tree | 7627cb9b87cf55d2a313e85d05c51ae72cf3831a | |
| parent | fee6bb7ca656748cab71998fd60755a0882d0afc (diff) | |
| download | samba-31d625bcd2b0cb33dd98a37c202f5b371b871362.tar.gz | |
s4-rpc_server: Add back support for lsa over \\pipe\\netlogon optionally
The idea here is that perhaps some real client relies on this (and not just Samba torture
commands), so we need a way to support it for the 4.6 release.
If no such client emerges, it can be deprecated and removed in the normal way.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | docs-xml/smbdotconf/protocol/lsaovernetlogon.xml | 21 | ||||
| -rw-r--r-- | pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm | 5 | ||||
| -rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 21 |
3 files changed, 46 insertions, 1 deletions
diff --git a/docs-xml/smbdotconf/protocol/lsaovernetlogon.xml b/docs-xml/smbdotconf/protocol/lsaovernetlogon.xml new file mode 100644 index 00000000000..d67be29ae30 --- /dev/null +++ b/docs-xml/smbdotconf/protocol/lsaovernetlogon.xml @@ -0,0 +1,21 @@ +<samba:parameter name="lsa over netlogon" + context="G" + type="boolean" + deprecated="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>Setting this deprecated option will allow the RPC server + in the AD DC to answer the LSARPC interface on the + <command>\pipe\netlogon</command> IPC pipe.</para> + + <para>When enabled, this matches the behaviour of Microsoft's + Windows, due to their internal implementation choices.</para> + + <para>If it is disabled (the default), the AD DC can offer + improved performance, as the netlogon server is decoupled and + can run as multiple processes.</para> + +</description> + +<value type="default">no</value> +</samba:parameter> diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm index 7ca18a8483c..fe5ca0bc5e9 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm @@ -262,8 +262,11 @@ NTSTATUS dcerpc_server_$name\_init(void) .name = \"$name\", /* fill in all the operations */ +#ifdef DCESRV_INTERFACE_$uname\_INIT_SERVER + .init_server = DCESRV_INTERFACE_$uname\_INIT_SERVER, +#else .init_server = $name\__op_init_server, - +#endif .interface_by_uuid = $name\__op_interface_by_uuid, .interface_by_name = $name\__op_interface_by_name }; diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index c7a2c407a58..2aa700619d6 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -43,6 +43,27 @@ static NTSTATUS dcesrv_interface_lsarpc_bind(struct dcesrv_call_state *dce_call, return dcesrv_interface_bind_reject_connect(dce_call, iface); } +static NTSTATUS lsarpc__op_init_server(struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server *ep_server); +static const struct dcesrv_interface dcesrv_lsarpc_interface; + +#define DCESRV_INTERFACE_LSARPC_INIT_SERVER \ + dcesrv_interface_lsarpc_init_server +static NTSTATUS dcesrv_interface_lsarpc_init_server(struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server *ep_server) +{ + if (lpcfg_lsa_over_netlogon(dce_ctx->lp_ctx)) { + NTSTATUS ret = dcesrv_interface_register(dce_ctx, + "ncacn_np:[\\pipe\\netlogon]", + &dcesrv_lsarpc_interface, NULL); + if (!NT_STATUS_IS_OK(ret)) { + DEBUG(1,("lsarpc_op_init_server: failed to register endpoint '\\pipe\\netlogon'\n")); + return ret; + } + } + return lsarpc__op_init_server(dce_ctx, ep_server); +} + /* this type allows us to distinguish handle types */ |