[PATCH] idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN

Andrew Bartlett abartlet at samba.org
Mon Jul 10 11:07:16 UTC 2017


On Mon, 2017-07-10 at 13:02 +0200, Ralph Böhme via samba-technical
wrote:
> On Fri, Jun 30, 2017 at 04:10:01PM -0700, Dustin L. Howett via samba-technical wrote:
> > All other ldap-querying methods in idmap_ad make a single retry attempt if they get
> > TLDAP_SERVER_DOWN. This patch brings idmap_ad_query_user in line with that design.
> > 
> > This fixes the symptom described in 12720 at the cost of an additional reconnect per
> > failed lookup.
> 
> lgtm. Can I get a second reviewer?

Can we get a selftest for idmap_ad, like but not re-using the totally
different idmap_rfc2307 tests, perhaps as simple as running
nsswitch/tests/test_rfc2307_mapping.sh against an appropriate member
(rather than DC) environment?

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba




More information about the samba-technical mailing list