DC's name / server mutex ??

Volker.Lendecke at SerNet.DE Volker.Lendecke at SerNet.DE
Fri Jul 16 16:40:45 GMT 2004


During attempts to optimize our connection attempts to domain controllers I
wondered why we take such a huge effort to find the DC's name.  My impression
is that this is only to be able to grab the server mutex by name. This
implementation can be called a bug itself. Even when connecting to the DC via
Kerberos we get the server's principal name in the negprot reply.

We do need the mutex, but why on the name? Isn't the IP address enough? Then a
much simpler implementation would be possible: Simply fcntl lock one byte in
the 2^32 space of IP addresses. Even on systems with only 2^31 fcntl lock space
we could do it with two lock files.

Given that it should be a lot simpler to find a DC to connect to. For our own
domain do either dns svr record lookup, or lookup on #1C. On port 139 all DC's
should be able to listen on *smbserver, so even there I don't see a reason to
risk a timeout.

Where am I wrong???

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040716/07d99170/attachment.bin

More information about the samba-technical mailing list