svn commit: samba r19105 - in branches/SAMBA_3_0/source/nsswitch: .

Fri Oct 6 02:04:58 GMT 2006

Author: jra
Date: 2006-10-06 02:04:57 +0000 (Fri, 06 Oct 2006)
New Revision: 19105

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19105

Log:
Ok - this is currently untested (but I'm testing it at
the moment) but winbindd isn't run in the build farm
so hopefully won't break anything too badly - I don't
want to lose this.

If winbindd starts offline then it falls back to using
MS-RPC backend. On going online it needs to reset the
backend and try and go to using the AD backend code if
possible, as the MS-RPC sequence number fetch just returns
1 as the sequence number if run against an AD DC.

In addition, the winbindd async child may end up
with the AD backend whilst the main winbindd - which
still contacts the DC for some non-async calls, is
left using MS-RPC. This can cause some trouble (as
you can imagine :-).

Attempt to ensure both main winbindd and async children
us AD backends on going online.

Jeremy.

Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_dual.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_rpc.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
===================================================================

--- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c	2006-10-05 21:30:31 UTC (rev 19104)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c	2006-10-06 02:04:57 UTC (rev 19105)
@@ -160,6 +160,7 @@
 
 static void set_domain_online(struct winbindd_domain *domain)
 {
+	extern struct winbindd_methods reconnect_methods;
 	struct timeval now;
 
 	DEBUG(10,("set_domain_online: called for domain %s\n",
@@ -178,6 +179,20 @@
 
 	/* Ok, we're out of any startup mode now... */
 	domain->startup = False;
+
+	/* We were offline - now we're online. We default to
+	   using the MS-RPC backend if we started offline,
+	   and if we're going online for the first time we
+	   should really re-initialize the backends and the
+	   checks to see if we're talking to an AD or NT domain.
+	*/
+
+	domain->initialized = False;
+
+	/* 'reconnect_methods' is the MS-RPC backend. */
+	if (domain->backend == &reconnect_methods) {
+		domain->backend = NULL;
+	}
 }
 
 /****************************************************************

Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_dual.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_dual.c	2006-10-05 21:30:31 UTC (rev 19104)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_dual.c	2006-10-06 02:04:57 UTC (rev 19105)
@@ -494,6 +494,9 @@
 	/* Set our global state as online. */
 	set_global_winbindd_state_online();
 
+	smb_nscd_flush_user_cache();
+	smb_nscd_flush_group_cache();
+
 	for (child = children; child != NULL; child = child->next) {
 		DEBUG(10,("winbind_msg_online: sending message to pid %u.\n",
 			(unsigned int)child->pid ));
@@ -606,9 +609,6 @@
 	/* Set our global state as online. */
 	set_global_winbindd_state_online();
 
-	smb_nscd_flush_user_cache();
-	smb_nscd_flush_group_cache();
-
 	/* Try and mark everything online - delete any negative cache entries
 	   to force a reconnect now. */
 

Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_rpc.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_rpc.c	2006-10-05 21:30:31 UTC (rev 19104)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_rpc.c	2006-10-06 02:04:57 UTC (rev 19105)
@@ -770,48 +770,14 @@
 static int get_ldap_sequence_number(struct winbindd_domain *domain, uint32 *seq)
 {
 	int ret = -1;
-	int i, port = LDAP_PORT;
-	struct ip_service *ip_list = NULL;
-	int count;
-	
-	if ( !NT_STATUS_IS_OK(get_sorted_dc_list(domain->name, &ip_list, &count,
-						 False)) ) {
-		DEBUG(3, ("Could not look up dc's for domain %s\n", domain->name));
-		return False;
-	}
+	fstring ipstr;
 
-	/* Finally return first DC that we can contact */
-
-	for (i = 0; i < count; i++) {
-		fstring ipstr;
-
-		/* since the is an LDAP lookup, default to the LDAP_PORT is
-		 * not set */
-		port = (ip_list[i].port!= PORT_NONE) ?
-			ip_list[i].port : LDAP_PORT;
-
-		fstrcpy( ipstr, inet_ntoa(ip_list[i].ip) );
-		
-		if (is_zero_ip(ip_list[i].ip))
-			continue;
-
-		if ( (ret = get_ldap_seq( ipstr, port,  seq)) == 0 )
-			goto done;
-
-		/* add to failed connection cache */
-		winbind_add_failed_connection_entry( domain, ipstr,
-					     NT_STATUS_UNSUCCESSFUL );
-	}
-
-done:
-	if ( ret == 0 ) {
+	fstrcpy( ipstr, inet_ntoa(domain->dcaddr.sin_addr));
+	if ((ret = get_ldap_seq( ipstr, LDAP_PORT, seq)) == 0) {
 		DEBUG(3, ("get_ldap_sequence_number: Retrieved sequence "
-			  "number for Domain (%s) from DC (%s:%d)\n", 
-			domain->name, inet_ntoa(ip_list[i].ip), port));
-	}
-
-	SAFE_FREE(ip_list);
-
+			  "number for Domain (%s) from DC (%s)\n", 
+			domain->name, ipstr));
+	} 
 	return ret;
 }
 

