sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-11 08:23:49 +03:00
Code Activity

r18015: Try and detect network failures immediately in

Browse Source 
set_dc_type_and_flags().
Fix problem when DC is down in ads_connect, where
we fall back to NetBIOS and try exactly the same
IP addresses we just put in the negative connection
cache.... We can never succeed, so don't try lookups
a second time.
Jeremy.
This commit is contained in:
Jeremy Allison
2006-09-03 03:46:07 +00:00
committed by Gerald (Jerry) Carter
parent 9c93abf25e
commit 2d28f3e94a
2 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
source/libads/ldap.c
View File

@@ -287,6 +287,26 @@ again:
if ( !NT_STATUS_IS_OK(check_negative_conn_cache(realm, server)) ) if ( !NT_STATUS_IS_OK(check_negative_conn_cache(realm, server)) )
continue; continue;
if (!got_realm) {
/* realm in this case is a workgroup name. We need
to ignore any IP addresses in the negative connection
cache that match ip addresses returned in the ad realm
case. It sucks that I have to reproduce the logic above... */
c_realm = ads->server.realm;
if ( !c_realm || !*c_realm ) {
if ( !ads->server.workgroup || !*ads->server.workgroup ) {
c_realm = lp_realm();
}
}
if (c_realm && *c_realm &&
!NT_STATUS_IS_OK(check_negative_conn_cache(c_realm, server))) {
/* Ensure we add the workgroup name for this
IP address as negative too. */
add_failed_connection_entry( realm, server, NT_STATUS_UNSUCCESSFUL );
continue;
}
}
if ( ads_try_connect(ads, server) ) { if ( ads_try_connect(ads, server) ) {
SAFE_FREE(ip_list); SAFE_FREE(ip_list);
return NT_STATUS_OK; return NT_STATUS_OK;

15
source/nsswitch/winbindd_cm.c
View File

@@ -594,7 +594,7 @@ static BOOL dcip_to_name( const char *domainname, const char *realm,
/* For active directory servers, try to get the ldap server name. /* For active directory servers, try to get the ldap server name.
None of these failures should be considered critical for now */ None of these failures should be considered critical for now */
if ( lp_security() == SEC_ADS ) { if (lp_security() == SEC_ADS) {
ADS_STRUCT *ads; ADS_STRUCT *ads;
ads = ads_init(realm, domainname, NULL); ads = ads_init(realm, domainname, NULL);
@@ -980,6 +980,7 @@ void set_dc_type_and_flags( struct winbindd_domain *domain )
char *domain_name = NULL; char *domain_name = NULL;
char *dns_name = NULL; char *dns_name = NULL;
DOM_SID *dom_sid = NULL; DOM_SID *dom_sid = NULL;
int try_count = 0;
ZERO_STRUCT( ctr ); ZERO_STRUCT( ctr );
@@ -991,8 +992,10 @@ void set_dc_type_and_flags( struct winbindd_domain *domain )
return; return;
} }
try_again:
result = init_dc_connection(domain); result = init_dc_connection(domain);
if (!NT_STATUS_IS_OK(result)) { if (!NT_STATUS_IS_OK(result) || try_count > 2) {
DEBUG(5, ("set_dc_type_and_flags: Could not open a connection " DEBUG(5, ("set_dc_type_and_flags: Could not open a connection "
"to %s: (%s)\n", domain->name, nt_errstr(result))); "to %s: (%s)\n", domain->name, nt_errstr(result)));
domain->initialized = True; domain->initialized = True;
@@ -1007,7 +1010,9 @@ void set_dc_type_and_flags( struct winbindd_domain *domain )
"PI_LSARPC_DS on domain %s: (%s)\n", "PI_LSARPC_DS on domain %s: (%s)\n",
domain->name, nt_errstr(result))); domain->name, nt_errstr(result)));
domain->initialized = True; domain->initialized = True;
return; /* We want to detect network failures asap to try another dc. */
try_count++;
goto try_again;
} }
result = rpccli_ds_getprimarydominfo(cli, cli->cli->mem_ctx, result = rpccli_ds_getprimarydominfo(cli, cli->cli->mem_ctx,
@@ -1028,7 +1033,9 @@ void set_dc_type_and_flags( struct winbindd_domain *domain )
if (cli == NULL) { if (cli == NULL) {
domain->initialized = True; domain->initialized = True;
return; /* We want to detect network failures asap to try another dc. */
try_count++;
goto try_again;
} }
mem_ctx = talloc_init("set_dc_type_and_flags on domain %s\n", mem_ctx = talloc_init("set_dc_type_and_flags on domain %s\n",