svn commit: samba r18015 - in branches/SAMBA_3_0/source: libads
nsswitch
jra at samba.org
jra at samba.org
Sun Sep 3 03:46:08 GMT 2006
Author: jra
Date: 2006-09-03 03:46:07 +0000 (Sun, 03 Sep 2006)
New Revision: 18015
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18015
Log:
Try and detect network failures immediately in
set_dc_type_and_flags().
Fix problem when DC is down in ads_connect, where
we fall back to NetBIOS and try exactly the same
IP addresses we just put in the negative connection
cache.... We can never succeed, so don't try lookups
a second time.
Jeremy.
Modified:
branches/SAMBA_3_0/source/libads/ldap.c
branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
Changeset:
Modified: branches/SAMBA_3_0/source/libads/ldap.c
===================================================================
--- branches/SAMBA_3_0/source/libads/ldap.c 2006-09-03 02:28:22 UTC (rev 18014)
+++ branches/SAMBA_3_0/source/libads/ldap.c 2006-09-03 03:46:07 UTC (rev 18015)
@@ -286,6 +286,26 @@
if ( !NT_STATUS_IS_OK(check_negative_conn_cache(realm, server)) )
continue;
+
+ if (!got_realm) {
+ /* realm in this case is a workgroup name. We need
+ to ignore any IP addresses in the negative connection
+ cache that match ip addresses returned in the ad realm
+ case. It sucks that I have to reproduce the logic above... */
+ c_realm = ads->server.realm;
+ if ( !c_realm || !*c_realm ) {
+ if ( !ads->server.workgroup || !*ads->server.workgroup ) {
+ c_realm = lp_realm();
+ }
+ }
+ if (c_realm && *c_realm &&
+ !NT_STATUS_IS_OK(check_negative_conn_cache(c_realm, server))) {
+ /* Ensure we add the workgroup name for this
+ IP address as negative too. */
+ add_failed_connection_entry( realm, server, NT_STATUS_UNSUCCESSFUL );
+ continue;
+ }
+ }
if ( ads_try_connect(ads, server) ) {
SAFE_FREE(ip_list);
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c 2006-09-03 02:28:22 UTC (rev 18014)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c 2006-09-03 03:46:07 UTC (rev 18015)
@@ -594,7 +594,7 @@
/* For active directory servers, try to get the ldap server name.
None of these failures should be considered critical for now */
- if ( lp_security() == SEC_ADS ) {
+ if (lp_security() == SEC_ADS) {
ADS_STRUCT *ads;
ads = ads_init(realm, domainname, NULL);
@@ -976,10 +976,11 @@
TALLOC_CTX *mem_ctx = NULL;
struct rpc_pipe_client *cli;
POLICY_HND pol;
-
+
char *domain_name = NULL;
char *dns_name = NULL;
DOM_SID *dom_sid = NULL;
+ int try_count = 0;
ZERO_STRUCT( ctr );
@@ -991,8 +992,10 @@
return;
}
+ try_again:
+
result = init_dc_connection(domain);
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(result) || try_count > 2) {
DEBUG(5, ("set_dc_type_and_flags: Could not open a connection "
"to %s: (%s)\n", domain->name, nt_errstr(result)));
domain->initialized = True;
@@ -1007,7 +1010,9 @@
"PI_LSARPC_DS on domain %s: (%s)\n",
domain->name, nt_errstr(result)));
domain->initialized = True;
- return;
+ /* We want to detect network failures asap to try another dc. */
+ try_count++;
+ goto try_again;
}
result = rpccli_ds_getprimarydominfo(cli, cli->cli->mem_ctx,
@@ -1028,7 +1033,9 @@
if (cli == NULL) {
domain->initialized = True;
- return;
+ /* We want to detect network failures asap to try another dc. */
+ try_count++;
+ goto try_again;
}
mem_ctx = talloc_init("set_dc_type_and_flags on domain %s\n",
More information about the samba-cvs
mailing list