summaryrefslogtreecommitdiff
path: root/source3/nsswitch
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-01-17 18:25:35 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:17:14 -0500
commitbfd099e148ed97394bc858e746a1a998a71ac43c (patch)
treee93e1c1227f117c5c532605bec396b543844b103 /source3/nsswitch
parent90f59d441223ba9b32b0d788901c9de5cf4b3bc7 (diff)
downloadsamba-bfd099e148ed97394bc858e746a1a998a71ac43c.tar.gz
samba-bfd099e148ed97394bc858e746a1a998a71ac43c.tar.bz2
samba-bfd099e148ed97394bc858e746a1a998a71ac43c.zip
r20857: Silence gives assent :-). Checking in the fix for
site support in a network where many DC's are down. I heard via Volker there is still a bug w.r.t the wrong site being chosen with trusted domains but we'll have to layer that fix on top of this. Gd - complain if this doesn't work for you. Jeremy. (This used to be commit 97e248f89ac6548274f03f2ae7583a255da5ddb3)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r--source3/nsswitch/winbindd_cm.c35
1 files changed, 31 insertions, 4 deletions
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index 19b60c1c17..70ab9b0582 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -1031,14 +1031,18 @@ static BOOL dcip_to_name(const struct winbindd_domain *domain, struct in_addr ip
DEBUG(10,("dcip_to_name: flags = 0x%x\n", (unsigned int)ads->config.flags));
if (domain->primary && (ads->config.flags & ADS_KDC) && ads_closest_dc(ads)) {
+ char *sitename = sitename_fetch();
+
/* We're going to use this KDC for this realm/domain.
If we are using sites, then force the krb5 libs
to use this KDC. */
create_local_private_krb5_conf_for_domain(domain->alt_name,
domain->name,
+ sitename,
ip);
+ SAFE_FREE(sitename);
/* Ensure we contact this DC also. */
saf_store( domain->name, name);
saf_store( domain->alt_name, name);
@@ -1103,6 +1107,8 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain,
}
if (sec == SEC_ADS) {
+ char *sitename = NULL;
+
/* We need to make sure we know the local site before
doing any DNS queries, as this will restrict the
get_sorted_dc_list() call below to only fetching
@@ -1111,16 +1117,37 @@ static BOOL get_dcs(TALLOC_CTX *mem_ctx, const struct winbindd_domain *domain,
/* Find any DC to get the site record.
We deliberately don't care about the
return here. */
+
get_dc_name(domain->name, lp_realm(), dcname, &ip);
- /* Now do the site-specific AD dns lookup. */
- get_sorted_dc_list(domain->alt_name, &ip_list, &iplist_size, True);
+ sitename = sitename_fetch();
+
+ /* Do the site-specific AD dns lookup first. */
+ get_sorted_dc_list(domain->alt_name, sitename, &ip_list, &iplist_size, True);
+
+ for ( i=0; i<iplist_size; i++ ) {
+ add_one_dc_unique(mem_ctx, domain->name, inet_ntoa(ip_list[i].ip),
+ ip_list[i].ip, dcs, num_dcs);
+ }
+
+ SAFE_FREE(ip_list);
+ SAFE_FREE(sitename);
+ iplist_size = 0;
+
+ /* Now we add DCs from the main AD dns lookup. */
+ get_sorted_dc_list(domain->alt_name, NULL, &ip_list, &iplist_size, True);
+
+ for ( i=0; i<iplist_size; i++ ) {
+ add_one_dc_unique(mem_ctx, domain->name, inet_ntoa(ip_list[i].ip),
+ ip_list[i].ip, dcs, num_dcs);
+ }
}
/* try standard netbios queries if no ADS */
- if (iplist_size==0)
- get_sorted_dc_list(domain->name, &ip_list, &iplist_size, False);
+ if (iplist_size==0) {
+ get_sorted_dc_list(domain->name, NULL, &ip_list, &iplist_size, False);
+ }
/* FIXME!! this is where we should re-insert the GETDC requests --jerry */