diff options
-rw-r--r-- | source3/nsswitch/winbindd_cache.c | 96 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 7 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 10 | ||||
-rw-r--r-- | source3/param/loadparm.c | 2 | ||||
-rw-r--r-- | source3/rpc_parse/parse_lsa.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 1 |
6 files changed, 98 insertions, 20 deletions
diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index 27e168b6f9..f3dc1263b9 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -221,15 +221,77 @@ static BOOL wcache_server_down(struct winbindd_domain *domain) return (domain->sequence_number == DOM_SEQUENCE_NONE); } +static NTSTATUS fetch_cache_seqnum( struct winbindd_domain *domain, time_t now ) +{ + TDB_DATA data; + fstring key; + uint32 time_diff; + + if (!wcache->tdb) + return NT_STATUS_UNSUCCESSFUL; + + snprintf( key, sizeof(key), "SEQNUM/%s", domain->name ); + + data = tdb_fetch_by_string( wcache->tdb, key ); + if ( !data.dptr || data.dsize!=8 ) + return NT_STATUS_UNSUCCESSFUL; + + domain->sequence_number = IVAL(data.dptr, 0); + domain->last_seq_check = IVAL(data.dptr, 4); + + /* have we expired? */ + + time_diff = now - domain->last_seq_check; + if ( time_diff > lp_winbind_cache_time() ) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10,("fetch_cache_seqnum: success [%s][%u @ %u]\n", + domain->name, domain->sequence_number, + (uint32)domain->last_seq_check)); + + return NT_STATUS_OK; +} + +static NTSTATUS store_cache_seqnum( struct winbindd_domain *domain ) +{ + TDB_DATA data, key; + fstring key_str; + char buf[8]; + + if (!wcache->tdb) + return NT_STATUS_UNSUCCESSFUL; + + snprintf( key_str, sizeof(key_str), "SEQNUM/%s", domain->name ); + key.dptr = key_str; + key.dsize = strlen(key_str)+1; + + SIVAL(buf, 0, domain->sequence_number); + SIVAL(buf, 4, domain->last_seq_check); + data.dptr = buf; + data.dsize = 8; + + if ( tdb_store( wcache->tdb, key, data, TDB_REPLACE) == -1 ) + return NT_STATUS_UNSUCCESSFUL; + + DEBUG(10,("store_cache_seqnum: success [%s][%u @ %u]\n", + domain->name, domain->sequence_number, + (uint32)domain->last_seq_check)); + + return NT_STATUS_OK; +} + + /* refresh the domain sequence number. If force is True then always refresh it, no matter how recently we fetched it */ + static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force) { NTSTATUS status; unsigned time_diff; + time_t t = time(NULL); unsigned cache_time = lp_winbind_cache_time(); /* trying to reconnect is expensive, don't do it too often */ @@ -237,20 +299,36 @@ static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force) cache_time *= 8; } - time_diff = time(NULL) - domain->last_seq_check; + time_diff = t - domain->last_seq_check; /* see if we have to refetch the domain sequence number */ if (!force && (time_diff < cache_time)) { return; } + + /* try to get the sequence number from the tdb cache first */ + /* this will update the timestamp as well */ + + status = fetch_cache_seqnum( domain, t ); + if ( NT_STATUS_IS_OK(status) ) + goto done; status = wcache->backend->sequence_number(domain, &domain->sequence_number); if (!NT_STATUS_IS_OK(status)) { domain->sequence_number = DOM_SEQUENCE_NONE; } - + domain->last_seq_check = time(NULL); + + /* save the new sequence number ni the cache */ + store_cache_seqnum( domain ); + +done: + DEBUG(10, ("refresh_sequence_number: seq number is now %d\n", + domain->sequence_number)); + + return; } /* @@ -540,7 +618,7 @@ do_query: status = cache->backend->query_user_list(domain, mem_ctx, num_entries, info); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); centry = centry_start(domain, status); if (!centry) goto skip_save; centry_put_uint32(centry, *num_entries); @@ -613,7 +691,7 @@ do_query: status = cache->backend->enum_dom_groups(domain, mem_ctx, num_entries, info); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); centry = centry_start(domain, status); if (!centry) goto skip_save; centry_put_uint32(centry, *num_entries); @@ -684,7 +762,7 @@ do_query: status = cache->backend->enum_local_groups(domain, mem_ctx, num_entries, info); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); centry = centry_start(domain, status); if (!centry) goto skip_save; centry_put_uint32(centry, *num_entries); @@ -782,7 +860,7 @@ do_query: status = cache->backend->sid_to_name(domain, mem_ctx, sid, name, type); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); wcache_save_sid_to_name(domain, status, sid, *name, *type); wcache_save_name_to_sid(domain, status, *name, sid, *type); @@ -824,7 +902,7 @@ do_query: status = cache->backend->query_user(domain, mem_ctx, user_sid, info); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); wcache_save_user(domain, status, info); return status; @@ -873,7 +951,7 @@ do_query: status = cache->backend->lookup_usergroups(domain, mem_ctx, user_sid, num_groups, user_gids); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); centry = centry_start(domain, status); if (!centry) goto skip_save; centry_put_uint32(centry, *num_groups); @@ -942,7 +1020,7 @@ do_query: sid_mem, names, name_types); /* and save it */ - refresh_sequence_number(domain, True); + refresh_sequence_number(domain, False); centry = centry_start(domain, status); if (!centry) goto skip_save; centry_put_uint32(centry, *num_names); diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index 14ebb78466..94b6326b90 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -450,10 +450,11 @@ static BOOL get_sam_group_entries(struct getent_state *ent) ent->num_sam_entries = num_entries; - /* get the domain local groups if we are a member of - a native win2k domain */ + /* get the domain local groups if we are a member of a native win2k domain */ - if ( domain->native_mode && domain->methods->enum_local_groups ) + if ( domain->native_mode + && domain->methods->enum_local_groups + && strequal(lp_workgroup(), domain->name) ) { DEBUG(4,("get_sam_group_entries: Native Mode 2k domain; enumerating local groups as well\n")); diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index ac0b317b42..84f5d19568 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -124,13 +124,11 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const sid_copy(&domain->sid, sid); } - /* see if this is a native mode win2k domain, but only for our own domain */ + /* see if this is a native mode win2k domain */ - if ( strequal( lp_workgroup(), domain_name) ) { - domain->native_mode = cm_check_for_native_mode_win2k( domain_name ); - DEBUG(3,("add_trusted_domain: %s is a %s mode domain\n", domain_name, - domain->native_mode ? "native" : "mixed" )); - } + domain->native_mode = cm_check_for_native_mode_win2k( domain_name ); + DEBUG(3,("add_trusted_domain: %s is a %s mode domain\n", domain_name, + domain->native_mode ? "native" : "mixed (or NT4)" )); /* Link to domain list */ DLIST_ADD(_domain_list, domain); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 51a1b028a4..3925a569ca 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -1459,7 +1459,7 @@ static void init_globals(void) string_set(&Globals.szWinbindSeparator, "\\"); string_set(&Globals.szAclCompat, ""); - Globals.winbind_cache_time = 15; + Globals.winbind_cache_time = 600; /* 5 minutes */ Globals.bWinbindEnumUsers = True; Globals.bWinbindEnumGroups = True; Globals.bWinbindUseDefaultDomain = False; diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index fc9999dc4d..7ff2aa7d01 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -922,7 +922,7 @@ void init_q_lookup_sids(TALLOC_CTX *mem_ctx, LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, int num_sids, DOM_SID *sids, uint16 level) { - DEBUG(5, ("init_r_enum_trust_dom\n")); + DEBUG(5, ("init_q_lookup_sids\n")); ZERO_STRUCTP(q_l); diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 51cfacf86a..24459a26f0 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1778,6 +1778,7 @@ Can't find printer handle we created for printer %s\n", name )); if ( (printer_default->access_required == PRINTER_ACCESS_ADMINISTER) && (RA_WIN2K == get_remote_arch()) ) { + DEBUG(10,("_spoolss_open_printer_ex: Enabling LAN/WAN hack for Win2k clients.\n")); usleep( 500000 ); } |