diff options
| author | Jeremy Allison <jra@samba.org> | 2007-01-17 18:25:35 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:17:14 -0500 |
| commit | bfd099e148ed97394bc858e746a1a998a71ac43c (patch) | |
| tree | e93e1c1227f117c5c532605bec396b543844b103 /source3/nsswitch/winbindd_cm.c | |
| parent | 90f59d441223ba9b32b0d788901c9de5cf4b3bc7 (diff) | |
| download | samba-bfd099e148ed97394bc858e746a1a998a71ac43c.tar.gz samba-bfd099e148ed97394bc858e746a1a998a71ac43c.tar.bz2 samba-bfd099e148ed97394bc858e746a1a998a71ac43c.zip | |
r20857: Silence gives assent :-). Checking in the fix for
site support in a network where many DC's are down.
I heard via Volker there is still a bug w.r.t the
wrong site being chosen with trusted domains but
we'll have to layer that fix on top of this.
Gd - complain if this doesn't work for you.
Jeremy.
(This used to be commit 97e248f89ac6548274f03f2ae7583a255da5ddb3)
Diffstat (limited to 'source3/nsswitch/winbindd_cm.c')
| -rw-r--r-- | source3/nsswitch/winbindd_cm.c | 35 |
1 files changed, 31 insertions, 4 deletions
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index 19b60c1c17..70ab9b0582 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -1031,14 +1031,18 @@ static BOOL dcip_to_name(const struct winbindd_domain *domain, struct in_addr ip DEBUG(10,("dcip_to_name: flags = 0x%x\n", (unsigned int)ads->config.flags)); if (domain->primary && (ads->config.flags & ADS_KDC) && ads_closest_dc(ads)) { + char *sitename = sitename_fetch(); + /* We're going to use this KDC for this realm/domain. If we are using sites, then force the krb5 libs to use this KDC. */ create_local_private_krb5_conf_for_domain(domain->alt_name, domain->name, + sitename, ip); + SAFE_FREE(sitename); /* Ensure we contact this DC also. */ saf_store( domain->name, name); saf_store( domain->alt_name, name); @@ -1103,6 +1107,8 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain, } if (sec == SEC_ADS) { + char *sitename = NULL; + /* We need to make sure we know the local site before doing any DNS queries, as this will restrict the get_sorted_dc_list() call below to only fetching @@ -1111,16 +1117,37 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain, /* Find any DC to get the site record. We deliberately don't care about the return here. */ + get_dc_name(domain->name, lp_realm(), dcname, &ip); - /* Now do the site-specific AD dns lookup. */ - get_sorted_dc_list(domain->alt_name, &ip_list, &iplist_size, True); + sitename = sitename_fetch(); + + /* Do the site-specific AD dns lookup first. */ + get_sorted_dc_list(domain->alt_name, sitename, &ip_list, &iplist_size, True); + + for ( i=0; i<iplist_size; i++ ) { + add_one_dc_unique(mem_ctx, domain->name, inet_ntoa(ip_list[i].ip), + ip_list[i].ip, dcs, num_dcs); + } + + SAFE_FREE(ip_list); + SAFE_FREE(sitename); + iplist_size = 0; + + /* Now we add DCs from the main AD dns lookup. */ + get_sorted_dc_list(domain->alt_name, NULL, &ip_list, &iplist_size, True); + + for ( i=0; i<iplist_size; i++ ) { + add_one_dc_unique(mem_ctx, domain->name, inet_ntoa(ip_list[i].ip), + ip_list[i].ip, dcs, num_dcs); + } } /* try standard netbios queries if no ADS */ - if (iplist_size==0) - get_sorted_dc_list(domain->name, &ip_list, &iplist_size, False); + if (iplist_size==0) { + get_sorted_dc_list(domain->name, NULL, &ip_list, &iplist_size, False); + } /* FIXME!! this is where we should re-insert the GETDC requests --jerry */ |