diff options
| author | Günther Deschner <gd@samba.org> | 2004-12-22 16:58:43 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:44 -0500 |
| commit | 9aba116607c0b85a371c3556a6483bc662c769a3 (patch) | |
| tree | 1226aeb6a22916e841504272e172d7c410369301 /source3/nsswitch/winbindd_rpc.c | |
| parent | 3312191867e97a7cf3d485c050c1e689ea574f6d (diff) | |
| download | samba-9aba116607c0b85a371c3556a6483bc662c769a3.tar.gz samba-9aba116607c0b85a371c3556a6483bc662c769a3.tar.bz2 samba-9aba116607c0b85a371c3556a6483bc662c769a3.zip | |
r4331: Implement SAMR query_dom_info-call info-level 8 server- and client-side,
based on samba4-idl.
This saves us an enormous amount of totally unnecessary ldap-traffic
when several hundreds of winbind-daemons query a Samba3 DC just to get
the fake SAM-sequence-number (time(NULL)) by enumerating all users, all
groups and all aliases when query-dom-info level 2 is used.
Note that we apparently never get the sequence number right (we parse a
uint32, although it's a uint64, at least in samba4 idl). For the time
being, I would propose to stay with that behaviour.
Guenther
(This used to be commit f9ab15a986626581000d4b93961184c501f36b93)
Diffstat (limited to 'source3/nsswitch/winbindd_rpc.c')
| -rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index de7f2ff76f..e6edb70f07 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -807,10 +807,10 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) TALLOC_CTX *mem_ctx; CLI_POLICY_HND *hnd; SAM_UNK_CTR ctr; - uint16 switch_value = 2; NTSTATUS result; POLICY_HND dom_pol; BOOL got_dom_pol = False; + BOOL got_seq_num = False; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; int retry; @@ -856,10 +856,27 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) /* Query domain info */ result = cli_samr_query_dom_info(hnd->cli, mem_ctx, &dom_pol, - switch_value, &ctr); + 8, &ctr); if (NT_STATUS_IS_OK(result)) { - *seq = ctr.info.inf2.seq_num; + *seq = ctr.info.inf8.seq_num.low; + got_seq_num = True; + goto seq_num; + } + + /* retry with info-level 2 in case the dc does not support info-level 8 + * (like all older samba2 and samba3 dc's - Guenther */ + + result = cli_samr_query_dom_info(hnd->cli, mem_ctx, &dom_pol, + 2, &ctr); + + if (NT_STATUS_IS_OK(result)) { + *seq = ctr.info.inf2.seq_num.low; + got_seq_num = True; + } + + seq_num: + if (got_seq_num) { DEBUG(10,("domain_sequence_number: for domain %s is %u\n", domain->name, (unsigned)*seq)); } else { DEBUG(10,("domain_sequence_number: failed to get sequence number (%u) for domain %s\n", |