FW: Winbindd timeout on unreacheable domains
Andrew Bartlett
abartlet at samba.org
Thu Feb 19 21:24:44 GMT 2004
On Fri, 2004-02-20 at 02:01, Lin Li wrote:
> Lin Li wrote:
>
> > In fact I have logged a bug (#704) for this. It's doing
> > ads_try_connect(). My solution is to use ldap_init() instead of
> > ldap_open() and set a small timeout using ldap_set_option(). Here is
> > my patch (I'm using 3.0.0) and it works in my test.
> > -------------------------------------
> > + struct timeval timeout;
> >
> > if (!server || !*server) {
> > return False;
> > @@ -58,11 +59,15 @@
> > /* this copes with inet_ntoa brokenness */
> > srv = strdup(server);
> >
> > - ads->ld = ldap_open(srv, port);
> > + ads->ld = ldap_init(srv, port);
> > if (!ads->ld) {
> > free(srv);
> > return False;
> > }
> > +
> > + timeout.tv_sec = 15;
> > + timeout.tv_usec = 0;
> > + ldap_set_option(ads->ld, LDAP_OPT_NETWORK_TIMEOUT, &timeout);
> > ads->ldap_port = port;
> > ads->ldap_ip = *interpret_addr2(srv);
> > free(srv);
> > -------------------------------------
> >
> > Thanks,
> > Lin
> >
> Sorry, the patch is for source/libads/ldap.c
Unfortunetly, there is a problem with that patch.
The issue is that making the connect() to the remote LDAP server is put
off until the first LDAP operation. The current code paths assume that
if ldap_open() suceeds, then at least the remote sever is there...
So, we need to at least 'ping' the remote server in some way, before we
can say 'we connected'. I would suggest this means calling
ads_server_info() inside ads_try_connect() and ads_try_connect_uri().
These functions should also return ADS_STATUS, and be correctly modified
to return something useful (that ads_find_dc() can use) when the remote
server just isn't there.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040220/8874ad62/attachment.bin
More information about the samba-technical
mailing list