From 2585d6d6455d7c9257a8bbc65cc489d4a424a08e Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Wed, 5 Aug 2015 21:33:45 +0300
Subject: [PATCH] Fix selector of protocol for LSA RPC binding string
For Windows Server 2012R2 and others which force SMB2 protocol use
we have to specify right DCE RPC binding options.
For using SMB1 protocol we have to omit specifying SMB2 protocol and
anything else or otherwise SMB1 would be considered a pipe to connect
to. This is by design of a binding string format.
https://fedorahosted.org/freeipa/ticket/5183
Reviewed-By: Tomas Babej <tbabej@redhat.com>
---
ipaserver/dcerpc.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index c604fa3eae4cf94d719190a5a3e3de15d3841d24..74b4743d4bfb9c4950f441f1aa3561fc7a81391c 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -854,8 +854,8 @@ class TrustDomainInstance(object):
We try NCACN_NP before NCACN_IP_TCP and use SMB2 before SMB1 or defaults.
"""
transports = (u'ncacn_np', u'ncacn_ip_tcp')
- options = ( u'smb2', u'smb1', u'')
- binding_template=lambda x,y,z: u'%s:%s[%s,print]' % (x, y, z)
+ options = ( u'smb2,print', u'print')
+ binding_template=lambda x,y,z: u'%s:%s[%s]' % (x, y, z)
return [binding_template(t, remote_host, o) for t in transports for o in options]
def retrieve_anonymously(self, remote_host, discover_srv=False, search_pdc=False):
--
2.4.3