summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/nsswitch/winbindd_cache.c96
-rw-r--r--source3/nsswitch/winbindd_group.c7
-rw-r--r--source3/nsswitch/winbindd_util.c10
-rw-r--r--source3/param/loadparm.c2
-rw-r--r--source3/rpc_parse/parse_lsa.c2
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c1
6 files changed, 98 insertions, 20 deletions
diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c
index 27e168b6f9..f3dc1263b9 100644
--- a/source3/nsswitch/winbindd_cache.c
+++ b/source3/nsswitch/winbindd_cache.c
@@ -221,15 +221,77 @@ static BOOL wcache_server_down(struct winbindd_domain *domain)
return (domain->sequence_number == DOM_SEQUENCE_NONE);
}
+static NTSTATUS fetch_cache_seqnum( struct winbindd_domain *domain, time_t now )
+{
+ TDB_DATA data;
+ fstring key;
+ uint32 time_diff;
+
+ if (!wcache->tdb)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ snprintf( key, sizeof(key), "SEQNUM/%s", domain->name );
+
+ data = tdb_fetch_by_string( wcache->tdb, key );
+ if ( !data.dptr || data.dsize!=8 )
+ return NT_STATUS_UNSUCCESSFUL;
+
+ domain->sequence_number = IVAL(data.dptr, 0);
+ domain->last_seq_check = IVAL(data.dptr, 4);
+
+ /* have we expired? */
+
+ time_diff = now - domain->last_seq_check;
+ if ( time_diff > lp_winbind_cache_time() )
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10,("fetch_cache_seqnum: success [%s][%u @ %u]\n",
+ domain->name, domain->sequence_number,
+ (uint32)domain->last_seq_check));
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS store_cache_seqnum( struct winbindd_domain *domain )
+{
+ TDB_DATA data, key;
+ fstring key_str;
+ char buf[8];
+
+ if (!wcache->tdb)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ snprintf( key_str, sizeof(key_str), "SEQNUM/%s", domain->name );
+ key.dptr = key_str;
+ key.dsize = strlen(key_str)+1;
+
+ SIVAL(buf, 0, domain->sequence_number);
+ SIVAL(buf, 4, domain->last_seq_check);
+ data.dptr = buf;
+ data.dsize = 8;
+
+ if ( tdb_store( wcache->tdb, key, data, TDB_REPLACE) == -1 )
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10,("store_cache_seqnum: success [%s][%u @ %u]\n",
+ domain->name, domain->sequence_number,
+ (uint32)domain->last_seq_check));
+
+ return NT_STATUS_OK;
+}
+
+
/*
refresh the domain sequence number. If force is True
then always refresh it, no matter how recently we fetched it
*/
+
static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force)
{
NTSTATUS status;
unsigned time_diff;
+ time_t t = time(NULL);
unsigned cache_time = lp_winbind_cache_time();
/* trying to reconnect is expensive, don't do it too often */
@@ -237,20 +299,36 @@ static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force)
cache_time *= 8;
}
- time_diff = time(NULL) - domain->last_seq_check;
+ time_diff = t - domain->last_seq_check;
/* see if we have to refetch the domain sequence number */
if (!force && (time_diff < cache_time)) {
return;
}
+
+ /* try to get the sequence number from the tdb cache first */
+ /* this will update the timestamp as well */
+
+ status = fetch_cache_seqnum( domain, t );
+ if ( NT_STATUS_IS_OK(status) )
+ goto done;
status = wcache->backend->sequence_number(domain, &domain->sequence_number);
if (!NT_STATUS_IS_OK(status)) {
domain->sequence_number = DOM_SEQUENCE_NONE;
}
-
+
domain->last_seq_check = time(NULL);
+
+ /* save the new sequence number ni the cache */
+ store_cache_seqnum( domain );
+
+done:
+ DEBUG(10, ("refresh_sequence_number: seq number is now %d\n",
+ domain->sequence_number));
+
+ return;
}
/*
@@ -540,7 +618,7 @@ do_query:
status = cache->backend->query_user_list(domain, mem_ctx, num_entries, info);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
centry = centry_start(domain, status);
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_entries);
@@ -613,7 +691,7 @@ do_query:
status = cache->backend->enum_dom_groups(domain, mem_ctx, num_entries, info);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
centry = centry_start(domain, status);
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_entries);
@@ -684,7 +762,7 @@ do_query:
status = cache->backend->enum_local_groups(domain, mem_ctx, num_entries, info);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
centry = centry_start(domain, status);
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_entries);
@@ -782,7 +860,7 @@ do_query:
status = cache->backend->sid_to_name(domain, mem_ctx, sid, name, type);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
wcache_save_sid_to_name(domain, status, sid, *name, *type);
wcache_save_name_to_sid(domain, status, *name, sid, *type);
@@ -824,7 +902,7 @@ do_query:
status = cache->backend->query_user(domain, mem_ctx, user_sid, info);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
wcache_save_user(domain, status, info);
return status;
@@ -873,7 +951,7 @@ do_query:
status = cache->backend->lookup_usergroups(domain, mem_ctx, user_sid, num_groups, user_gids);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
centry = centry_start(domain, status);
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_groups);
@@ -942,7 +1020,7 @@ do_query:
sid_mem, names, name_types);
/* and save it */
- refresh_sequence_number(domain, True);
+ refresh_sequence_number(domain, False);
centry = centry_start(domain, status);
if (!centry) goto skip_save;
centry_put_uint32(centry, *num_names);
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index 14ebb78466..94b6326b90 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -450,10 +450,11 @@ static BOOL get_sam_group_entries(struct getent_state *ent)
ent->num_sam_entries = num_entries;
- /* get the domain local groups if we are a member of
- a native win2k domain */
+ /* get the domain local groups if we are a member of a native win2k domain */
- if ( domain->native_mode && domain->methods->enum_local_groups )
+ if ( domain->native_mode
+ && domain->methods->enum_local_groups
+ && strequal(lp_workgroup(), domain->name) )
{
DEBUG(4,("get_sam_group_entries: Native Mode 2k domain; enumerating local groups as well\n"));
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index ac0b317b42..84f5d19568 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -124,13 +124,11 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
sid_copy(&domain->sid, sid);
}
- /* see if this is a native mode win2k domain, but only for our own domain */
+ /* see if this is a native mode win2k domain */
- if ( strequal( lp_workgroup(), domain_name) ) {
- domain->native_mode = cm_check_for_native_mode_win2k( domain_name );
- DEBUG(3,("add_trusted_domain: %s is a %s mode domain\n", domain_name,
- domain->native_mode ? "native" : "mixed" ));
- }
+ domain->native_mode = cm_check_for_native_mode_win2k( domain_name );
+ DEBUG(3,("add_trusted_domain: %s is a %s mode domain\n", domain_name,
+ domain->native_mode ? "native" : "mixed (or NT4)" ));
/* Link to domain list */
DLIST_ADD(_domain_list, domain);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 51a1b028a4..3925a569ca 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1459,7 +1459,7 @@ static void init_globals(void)
string_set(&Globals.szWinbindSeparator, "\\");
string_set(&Globals.szAclCompat, "");
- Globals.winbind_cache_time = 15;
+ Globals.winbind_cache_time = 600; /* 5 minutes */
Globals.bWinbindEnumUsers = True;
Globals.bWinbindEnumGroups = True;
Globals.bWinbindUseDefaultDomain = False;
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index fc9999dc4d..7ff2aa7d01 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -922,7 +922,7 @@ void init_q_lookup_sids(TALLOC_CTX *mem_ctx, LSA_Q_LOOKUP_SIDS *q_l,
POLICY_HND *hnd, int num_sids, DOM_SID *sids,
uint16 level)
{
- DEBUG(5, ("init_r_enum_trust_dom\n"));
+ DEBUG(5, ("init_q_lookup_sids\n"));
ZERO_STRUCTP(q_l);
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 51cfacf86a..24459a26f0 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1778,6 +1778,7 @@ Can't find printer handle we created for printer %s\n", name ));
if ( (printer_default->access_required == PRINTER_ACCESS_ADMINISTER)
&& (RA_WIN2K == get_remote_arch()) )
{
+ DEBUG(10,("_spoolss_open_printer_ex: Enabling LAN/WAN hack for Win2k clients.\n"));
usleep( 500000 );
}