--- samba-3.0.0/source/libads/ldap.c.old	2003-09-25 11:15:27.000000000 -0400
+++ samba-3.0.0/source/libads/ldap.c	2003-09-25 11:15:57.000000000 -0400
@@ -1823,6 +1823,10 @@
  * Find the servers name and realm - this can be done before authentication 
  *  The ldapServiceName field on w2k  looks like this:
  *    vnet3.home.samba.org:win2000-vnet3$@VNET3.HOME.SAMBA.ORG
+ *
+ * w2k sp4 does NOT return previous ldapServiceName any more
+ * it's returning principal/instance@REALM
+ *
  * @param ads connection to ads server
  * @return status of search
  **/
@@ -1865,22 +1869,45 @@
 	SAFE_FREE(ads->config.ldap_server_name);
 
 	ads->config.ldap_server_name = strdup(p+1);
-	p = strchr(ads->config.ldap_server_name, '$');
-	if (!p || p[1] != '@') {
+       	p = strchr(ads->config.ldap_server_name, '/');
+	if (!p) {
 		talloc_destroy(ctx);
-		DEBUG(1, ("ads_server_info: returned ldap server name (%s) does not contain '$@' so was deemed invalid\n", ads->config.ldap_server_name));
-		SAFE_FREE(ads->config.ldap_server_name);
-		return ADS_ERROR(LDAP_DECODING_ERROR);
+		DEBUG(1, ("ads_server_info: returned ldap server name (%s) does not contain '/'\n", ads->config.ldap_server_name));
+		/* no need to quit yet
+		   do old style */
+		p = strchr(ads->config.ldap_server_name, '$');
+		if (!p || p[1] != '@') {
+		  talloc_destroy(ctx);
+		  DEBUG(1, ("ads_server_info: returned ldap server name (%s) does not contain '$' so was deemed invalid\n", ads->config.ldap_server_name));
+		  SAFE_FREE(ads->config.ldap_server_name);
+		  return ADS_ERROR(LDAP_DECODING_ERROR);
+		}
+
+		SAFE_FREE(ads->config.realm);
+		SAFE_FREE(ads->config.bind_path);
+		
+		ads->config.realm = strdup(p+2);
+		ads->config.bind_path = ads_build_dn(ads->config.realm);
+	}
+	else{
+	  /* do new style */
+	  p = strchr(ads->config.ldap_server_name, '@');
+	  if (!p) {
+	    talloc_destroy(ctx);
+	    DEBUG(1, ("ads_server_info: returned ldap server name (%s) does not contain '@' so was deemed invalid\n", ads->config.ldap_server_name));
+	    SAFE_FREE(ads->config.ldap_server_name);
+	    return ADS_ERROR(LDAP_DECODING_ERROR);
+	  }
+
+	  SAFE_FREE(ads->config.realm);
+	  SAFE_FREE(ads->config.bind_path);
+	  
+	  ads->config.realm = strdup(p+1);
+	  ads->config.bind_path = ads_build_dn(ads->config.realm);
 	}
 
 	*p = 0;
 
-	SAFE_FREE(ads->config.realm);
-	SAFE_FREE(ads->config.bind_path);
-
-	ads->config.realm = strdup(p+2);
-	ads->config.bind_path = ads_build_dn(ads->config.realm);
-
 	DEBUG(3,("got ldap server name %s@%s, using bind path: %s\n", 
 		 ads->config.ldap_server_name, ads->config.realm,
 		 ads->config.bind_path));