diff --git a/source/libads/ldap.c b/source/libads/ldap.c index 48401cc3d80..8c3185ea5e3 100644 --- a/source/libads/ldap.c +++ b/source/libads/ldap.c @@ -1787,7 +1787,8 @@ ADS_STATUS ads_USN(ADS_STRUCT *ads, uint32 *usn) void *res; status = ads_do_search_retry(ads, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res); - if (!ADS_ERR_OK(status)) return status; + if (!ADS_ERR_OK(status)) + return status; if (ads_count_replies(ads, res) != 1) { return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); diff --git a/source/libads/ldap_utils.c b/source/libads/ldap_utils.c index 1fa9ebfc975..4142bceabca 100644 --- a/source/libads/ldap_utils.c +++ b/source/libads/ldap_utils.c @@ -54,15 +54,20 @@ ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, int scope return status; } - if (*res) ads_msgfree(ads, *res); + if (*res) + ads_msgfree(ads, *res); *res = NULL; + DEBUG(3,("Reopening ads connection to realm '%s' after error %s\n", ads->config.realm, ads_errstr(status))); + if (ads->ld) { ldap_unbind(ads->ld); } + ads->ld = NULL; status = ads_connect(ads); + if (!ADS_ERR_OK(status)) { DEBUG(1,("ads_search_retry: failed to reconnect (%s)\n", ads_errstr(status))); diff --git a/source/nsswitch/winbindd_ads.c b/source/nsswitch/winbindd_ads.c index c64359a2241..ef3f0f8fc20 100644 --- a/source/nsswitch/winbindd_ads.c +++ b/source/nsswitch/winbindd_ads.c @@ -787,9 +787,13 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) } rc = ads_USN(ads, seq); + if (!ADS_ERR_OK(rc)) { - /* its a dead connection */ - ads_destroy(&ads); + + /* its a dead connection ; don't destroy it + through since ads_USN() has already done + that indirectly */ + domain->private = NULL; } return ads_ntstatus(rc); @@ -910,8 +914,11 @@ static NTSTATUS domain_sid(struct winbindd_domain *domain, DOM_SID *sid) rc = ads_domain_sid(ads, sid); if (!ADS_ERR_OK(rc)) { - /* its a dead connection */ - ads_destroy(&ads); + + /* its a dead connection; don't destroy it though + since that has already been done indirectly + by ads_domain_sid() */ + domain->private = NULL; }