diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-11-20 14:59:17 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2013-01-17 15:10:10 +0100 |
commit | 316fd085ad2b587b82d817358240f84ae054a543 (patch) | |
tree | d5a376e76b97ae299b90501a4c22e8523dfc4cee | |
parent | 6a1025551eb5b343ec996ae0c642d542162e8910 (diff) | |
download | samba-316fd085ad2b587b82d817358240f84ae054a543.tar.gz samba-316fd085ad2b587b82d817358240f84ae054a543.tar.bz2 samba-316fd085ad2b587b82d817358240f84ae054a543.zip |
drs-fsmo: Improve handling of FSMO role takeover.
This needs to be more async, and give less scary errors.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r-- | source4/dsdb/repl/drepl_fsmo.c | 5 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/rootdse.c | 11 | ||||
-rw-r--r-- | source4/rpc_server/drsuapi/getncchanges.c | 3 |
3 files changed, 14 insertions, 5 deletions
diff --git a/source4/dsdb/repl/drepl_fsmo.c b/source4/dsdb/repl/drepl_fsmo.c index 0e83982ab4..37fb684f47 100644 --- a/source4/dsdb/repl/drepl_fsmo.c +++ b/source4/dsdb/repl/drepl_fsmo.c @@ -108,9 +108,8 @@ NTSTATUS drepl_take_FSMO_role(struct irpc_message *msg, return NT_STATUS_OK; } - if (is_us || - (extended_op == DRSUAPI_EXOP_NONE)) { - DEBUG(0,("FSMO role check failed for DN %s and owner %s \n", + if (is_us) { + DEBUG(5,("FSMO role check failed, we already own DN %s with %s\n", ldb_dn_get_linearized(fsmo_role_dn), ldb_dn_get_linearized(role_owner_dn))); r->out.result = WERR_OK; diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index ba71b5f8ff..add83d293a 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -1377,9 +1377,18 @@ static int rootdse_become_master(struct ldb_module *module, fsmo->ldb = ldb; fsmo->req = req; - /* we send the call asynchronously, as the ldap client is + /* + * we send the call asynchronously, as the ldap client is * expecting to get an error back if the role transfer fails + * + * We need more than the default 10 seconds IRPC allows, so + * set a longer timeout (default ldb timeout is 300 seconds). + * We send an async reply when we are done. + * + * We are the first module, so don't bother working out how + * long we have spent so far. */ + dcerpc_binding_handle_set_timeout(irpc_handle, req->timeout); treq = dcerpc_drepl_takeFSMORole_send(req, ldb_get_event_context(ldb), irpc_handle, role); if (treq == NULL) { diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c index c3fd000e8a..575d037110 100644 --- a/source4/rpc_server/drsuapi/getncchanges.c +++ b/source4/rpc_server/drsuapi/getncchanges.c @@ -2022,7 +2022,8 @@ allowed: werr = drsuapi_UpdateRefs(b_state, mem_ctx, &ureq); if (!W_ERROR_IS_OK(werr)) { - DEBUG(0,(__location__ ": Failed UpdateRefs in DsGetNCChanges - %s\n", + DEBUG(0,(__location__ ": Failed UpdateRefs on %s for %s in DsGetNCChanges - %s\n", + drs_ObjectIdentifier_to_string(mem_ctx, ncRoot), ureq.dest_dsa_dns_name, win_errstr(werr))); } } |