CVS update: samba/source/nsswitch
abartlet at samba.org
Sun Jun 22 03:02:08 GMT 2003
On Sat, 2003-06-21 at 23:26, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 21 Jun 2003, Andrew Bartlett wrote:
> > - I'm worried about removing the 'server disabled' checks - what stops
> > us beating on dead servers?
> I can put them back in, but the 3.0 code seemed to have drifted
> quite a bit. I spoke with Tim and Jeremy about it can came to
> the conclusion the APP_HEAD was in a better state wrt to this
> You also need to qualify what you mean by dead. We have name
> a negative connection cache as well for fdealing with dead
> connections. A lot of the code for dealing with RestrictAnonymous
> DC's neede to know what the last returned error was. Arbitrarly
> returned server disabled causes problems here. If the new code poses a
> problem, then we'll need to add in more checks rather than reverting this
Yes, but 3.0 does ADS connections - those servers won't be affected by a
negative netbios name cache. (And yes, I've seen that code improving
very nicely over the last little bit).
> This code has been running well for several months now through a barrage
> of failover test.
Including ADS failover?
> > - We need to use the parsed information in the PAC or else we are going
> > to get *very* inconsistent results with clients who 'sometimes' use
> > Kerberos.
> like I said, this was only for the rpc backend. The ads code
> will need more work. The uni_group code didn't use the PAC
> information either.
Just watch out, we can mix the RPC backend with kerberos logins under
some strange situations.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030622/1d2ad145/attachment.bin
More information about the samba-technical