diff options
author | Jeremy Allison <jra@samba.org> | 2006-10-06 02:04:57 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:15:13 -0500 |
commit | 4be3f7665c6fe17b782098d74a4b02c4555269b8 (patch) | |
tree | 8f930024ac1cd6ac422a60d98574220943bf7d15 | |
parent | 06e36b4e1860927eb76a2e756d86ef9b525ac743 (diff) | |
download | samba-4be3f7665c6fe17b782098d74a4b02c4555269b8.tar.gz samba-4be3f7665c6fe17b782098d74a4b02c4555269b8.tar.bz2 samba-4be3f7665c6fe17b782098d74a4b02c4555269b8.zip |
r19105: Ok - this is currently untested (but I'm testing it at
the moment) but winbindd isn't run in the build farm
so hopefully won't break anything too badly - I don't
want to lose this.
If winbindd starts offline then it falls back to using
MS-RPC backend. On going online it needs to reset the
backend and try and go to using the AD backend code if
possible, as the MS-RPC sequence number fetch just returns
1 as the sequence number if run against an AD DC.
In addition, the winbindd async child may end up
with the AD backend whilst the main winbindd - which
still contacts the DC for some non-async calls, is
left using MS-RPC. This can cause some trouble (as
you can imagine :-).
Attempt to ensure both main winbindd and async children
us AD backends on going online.
Jeremy.
(This used to be commit 5efd4b04b89ace4b264e9ac37a90e202749792be)
-rw-r--r-- | source3/nsswitch/winbindd_cm.c | 15 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_dual.c | 6 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 46 |
3 files changed, 24 insertions, 43 deletions
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index a9f6ea3000..17663a7cfc 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -160,6 +160,7 @@ void set_domain_offline(struct winbindd_domain *domain) static void set_domain_online(struct winbindd_domain *domain) { + extern struct winbindd_methods reconnect_methods; struct timeval now; DEBUG(10,("set_domain_online: called for domain %s\n", @@ -178,6 +179,20 @@ static void set_domain_online(struct winbindd_domain *domain) /* Ok, we're out of any startup mode now... */ domain->startup = False; + + /* We were offline - now we're online. We default to + using the MS-RPC backend if we started offline, + and if we're going online for the first time we + should really re-initialize the backends and the + checks to see if we're talking to an AD or NT domain. + */ + + domain->initialized = False; + + /* 'reconnect_methods' is the MS-RPC backend. */ + if (domain->backend == &reconnect_methods) { + domain->backend = NULL; + } } /**************************************************************** diff --git a/source3/nsswitch/winbindd_dual.c b/source3/nsswitch/winbindd_dual.c index 976fff8ebe..72c720c985 100644 --- a/source3/nsswitch/winbindd_dual.c +++ b/source3/nsswitch/winbindd_dual.c @@ -494,6 +494,9 @@ void winbind_msg_online(int msg_type, struct process_id src, void *buf, size_t l /* Set our global state as online. */ set_global_winbindd_state_online(); + smb_nscd_flush_user_cache(); + smb_nscd_flush_group_cache(); + for (child = children; child != NULL; child = child->next) { DEBUG(10,("winbind_msg_online: sending message to pid %u.\n", (unsigned int)child->pid )); @@ -606,9 +609,6 @@ static void child_msg_online(int msg_type, struct process_id src, void *buf, siz /* Set our global state as online. */ set_global_winbindd_state_online(); - smb_nscd_flush_user_cache(); - smb_nscd_flush_group_cache(); - /* Try and mark everything online - delete any negative cache entries to force a reconnect now. */ diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index dcf9b9b26e..06f0d2cb60 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -770,48 +770,14 @@ static int get_ldap_seq(const char *server, int port, uint32 *seq) static int get_ldap_sequence_number(struct winbindd_domain *domain, uint32 *seq) { int ret = -1; - int i, port = LDAP_PORT; - struct ip_service *ip_list = NULL; - int count; - - if ( !NT_STATUS_IS_OK(get_sorted_dc_list(domain->name, &ip_list, &count, - False)) ) { - DEBUG(3, ("Could not look up dc's for domain %s\n", domain->name)); - return False; - } - - /* Finally return first DC that we can contact */ - - for (i = 0; i < count; i++) { - fstring ipstr; - - /* since the is an LDAP lookup, default to the LDAP_PORT is - * not set */ - port = (ip_list[i].port!= PORT_NONE) ? - ip_list[i].port : LDAP_PORT; - - fstrcpy( ipstr, inet_ntoa(ip_list[i].ip) ); - - if (is_zero_ip(ip_list[i].ip)) - continue; + fstring ipstr; - if ( (ret = get_ldap_seq( ipstr, port, seq)) == 0 ) - goto done; - - /* add to failed connection cache */ - winbind_add_failed_connection_entry( domain, ipstr, - NT_STATUS_UNSUCCESSFUL ); - } - -done: - if ( ret == 0 ) { + fstrcpy( ipstr, inet_ntoa(domain->dcaddr.sin_addr)); + if ((ret = get_ldap_seq( ipstr, LDAP_PORT, seq)) == 0) { DEBUG(3, ("get_ldap_sequence_number: Retrieved sequence " - "number for Domain (%s) from DC (%s:%d)\n", - domain->name, inet_ntoa(ip_list[i].ip), port)); - } - - SAFE_FREE(ip_list); - + "number for Domain (%s) from DC (%s)\n", + domain->name, ipstr)); + } return ret; } |