[PATCH] Fix Bug 5917 - Samba does not work on site with Read Only Domain Controller

Jeremy Allison jra at samba.org
Tue Sep 3 23:10:09 CEST 2013 

On Wed, Sep 04, 2013 at 08:57:51AM +1200, Andrew Bartlett wrote:
> On Tue, 2013-09-03 at 12:50 -0700, Richard Sharpe wrote:
> > On Tue, Sep 3, 2013 at 12:37 PM, Jeremy Allison <jra at samba.org> wrote:
> > > Fix inspired by a patch created by hemanth.thummala at gmail.com
> > > on the bug.
> > >
> > > From his comment on the bug:
> > >
> > > "I am able to figure out the root cause. Looks like we are not doing domain
> > > level DC discovery if we find few DCs at site level.
> > >
> > > In the code , initially discover_dc_dns() will find DCs at site level first.
> > > And if the number of DCs returned from site is zero then it will try to fetch
> > > the DCs at domain level(by setting site_name to NULL).
> > >
> > > DC validation is actually done later in process_dc_dns(). There we realize that
> > > the list of DCs are not valid for domain join as in this case they are not
> > > writable."
> > >
> > > This patchset fixes the problem in a cleaner
> > > way by creating a wrapper function for
> > > dsgetdcname() that does the sitename
> > > manipulation that callers expect when
> > > the pass in NULL or "" as the sitename,
> > > yet still allows callers who want an
> > > explicit site to pass in a non-NULL
> > > sitename to get returns only from
> > > that site.
> > >
> > > Hemanth has confirmed this fixes
> > > the problem for him. Please review
> > > and push. Patchset cleanly applies
> > > to master, 4.1.0, 4.0.next and 3.6.next.
> > 
> > Reviewed-by: Richard Sharpe <rsharpe at samba.org>
> > 
> > If someone else does not push this I will do so tonight, CA time.
> 
> I've also reviewed it, and pushed it to autouild.

Thanks a *lot* Andrew ! There is one additional patch
I think is needed on top as an optimization, which I
realized after I'd sent the original mail. Here it is:

In the case where the requested site_name parameter
to dsgetdcname() was null, but sitename_fetch() returned NULL
(which I checked in the code and it can do so) we already
did the dsgetdcname() with a NULL site name, so we shouldn't
do the retry logic in that case.

Cheers,

	Jeremy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Optimization.-Don-t-do-the-retry-logic-if-sitename_f.patch
Type: text/x-diff
Size: 1372 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130903/ec8f440f/attachment.patch>

More information about the samba-technical mailing list