IPA DC: add missing checks

When introducing FreeIPA support, two places were forgotten: - schannel gensec module needs to be aware of IPA DC - _lsa_QueryInfoPolicy should treat IPA DC as PDC BUG: https://bugzilla.samba.org/show_bug.cgi?id=14903 Signed-off-by: Alexander Bokovoy <[email protected]> Reviewed-by: Guenther Deschner <[email protected]> Autobuild-User(master): Alexander Bokovoy <[email protected]> Autobuild-Date(master): Sat Nov 13 07:01:26 UTC 2021 on sn-devel-184
thoke · Nov 13, 2021 · c69b66f · c69b66f
1 parent 240adda
commit c69b66f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c
@@ -1080,6 +1080,7 @@ static NTSTATUS schannel_server_start(struct gensec_security *gensec_security)
 	case ROLE_DOMAIN_BDC:
 	case ROLE_DOMAIN_PDC:
 	case ROLE_ACTIVE_DIRECTORY_DC:
+	case ROLE_IPA_DC:
 		return NT_STATUS_OK;
 	default:
 		return NT_STATUS_NOT_IMPLEMENTED;

diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -683,6 +683,7 @@ NTSTATUS _lsa_QueryInfoPolicy(struct pipes_struct *p,
 		switch (lp_server_role()) {
 			case ROLE_DOMAIN_PDC:
 			case ROLE_DOMAIN_BDC:
+			case ROLE_IPA_DC:
 				name = get_global_sam_name();
 				sid = dom_sid_dup(p->mem_ctx, get_global_sam_sid());
 				if (!sid) {