From 8bbc4c5ff4b5a3c9bb99241a213bb52deb418212 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Feb 13 2013 12:05:16 +0000
Subject: Test NetBIOS name clash before creating a trust


Give a clear message about what is wrong with current Trust settings
before letting AD to return a confusing error message.

https://fedorahosted.org/freeipa/ticket/3193

---

diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index bff435f..3840444 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -593,6 +593,12 @@ class TrustDomainInstance(object):
         info.trust_type = lsa.LSA_TRUST_TYPE_UPLEVEL
         info.trust_attributes = lsa.LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
 
+        if self.info['name'] == info.netbios_name.string:
+            # Check that NetBIOS names do not clash
+            raise errors.ValidationError(name=u'AD Trust Setup',
+                    error=_('the IPA server and the remote domain cannot share the same '
+                            'NetBIOS name: %s') % self.info['name'])
+
         try:
             dname = lsa.String()
             dname.string = another_domain.info['dns_domain']