get_cache( domain );
-#if 0 /* JERRY -- disable as the default cache time is now 5 minutes */
- /* trying to reconnect is expensive, don't do it too often */
- if (domain->sequence_number == DOM_SEQUENCE_NONE) {
- cache_time *= 8;
- }
-#endif
-
time_diff = t - domain->last_seq_check;
/* see if we have to refetch the domain sequence number */
goto done;
}
- /* important! make sure that we know if this is a native
- mode domain or not. And that we can contact it. */
-
- if ( winbindd_can_contact_domain( domain ) ) {
- status = domain->backend->sequence_number(domain,
- &domain->sequence_number);
- } else {
- /* just use the current time */
- status = NT_STATUS_OK;
- domain->sequence_number = time(NULL);
- }
-
-
- /* the above call could have set our domain->backend to NULL when
- * coming from offline to online mode, make sure to reinitialize the
- * backend - Guenther */
- get_cache( domain );
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10,("refresh_sequence_number: failed with %s\n", nt_errstr(status)));
- domain->sequence_number = DOM_SEQUENCE_NONE;
- }
-
- domain->last_status = status;
+ /* just use the current time */
+ domain->last_status = NT_STATUS_OK;
+ domain->sequence_number = time(NULL);
domain->last_seq_check = time(NULL);
/* save the new sequence number in the cache */
do_query:
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
/* Put the query_user_list() in a retry loop. There appears to be
* some bug either with Windows 2000 or Samba's handling of large
* rpc replies. This manifests itself as sudden disconnection
*num_entries = 0;
*info = NULL;
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("enum_dom_groups: [Cached] - doing backend query for list for domain %s\n",
domain->name ));
*num_entries = 0;
*info = NULL;
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("enum_local_groups: [Cached] - doing backend query for list for domain %s\n",
domain->name ));
ZERO_STRUCTP(sid);
- /* If the seq number check indicated that there is a problem
- * with this DC, then return that status... except for
- * access_denied. This is special because the dc may be in
- * "restrict anonymous = 1" mode, in which case it will deny
- * most unauthenticated operations, but *will* allow the LSA
- * name-to-sid that we try as a fallback. */
-
- if (!(NT_STATUS_IS_OK(domain->last_status)
- || NT_STATUS_EQUAL(domain->last_status, NT_STATUS_ACCESS_DENIED)))
- return domain->last_status;
-
DEBUG(10,("name_to_sid: [Cached] - doing backend query for name for domain %s\n",
domain->name ));
*name = NULL;
*domain_name = NULL;
- /* If the seq number check indicated that there is a problem
- * with this DC, then return that status... except for
- * access_denied. This is special because the dc may be in
- * "restrict anonymous = 1" mode, in which case it will deny
- * most unauthenticated operations, but *will* allow the LSA
- * sid-to-name that we try as a fallback. */
-
- if (!(NT_STATUS_IS_OK(domain->last_status)
- || NT_STATUS_EQUAL(domain->last_status, NT_STATUS_ACCESS_DENIED)))
- return domain->last_status;
-
DEBUG(10,("sid_to_name: [Cached] - doing backend query for name for domain %s\n",
domain->name ));
return NT_STATUS_NOT_FOUND;
}
- /*
- * If we have an access denied cache entry and a cached info3
- * in the samlogon cache then do a query. This will force the
- * rpc back end to return the info3 data.
- */
-
- if (NT_STATUS_EQUAL(domain->last_status, NT_STATUS_ACCESS_DENIED) &&
- netsamlogon_cache_have(user_sid)) {
- DEBUG(10, ("query_user: cached access denied and have cached "
- "info3\n"));
- domain->last_status = NT_STATUS_OK;
- centry_free(centry);
- return NT_STATUS_NOT_FOUND;
- }
-
/* if status is not ok then this is a negative hit
and the rest of the data doesn't matter */
status = centry->status;
return NT_STATUS_NOT_FOUND;
}
- /* If we have an access denied cache entry and a cached info3 in the
- samlogon cache then do a query. This will force the rpc back end
- to return the info3 data. */
-
- if (NT_STATUS_EQUAL(domain->last_status, NT_STATUS_ACCESS_DENIED)
- && netsamlogon_cache_have(user_sid)) {
- DEBUG(10, ("lookup_usergroups: cached access denied and have "
- "cached info3\n"));
- domain->last_status = NT_STATUS_OK;
- centry_free(centry);
- return NT_STATUS_NOT_FOUND;
- }
-
num_sids = centry_uint32(centry);
sids = talloc_array(mem_ctx, struct dom_sid, num_sids);
if (sids == NULL) {
(*num_groups) = 0;
(*user_gids) = NULL;
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("lookup_usergroups: [Cached] - doing backend query for info for domain %s\n",
domain->name ));
(*num_aliases) = 0;
(*alias_rids) = NULL;
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("lookup_usergroups: [Cached] - doing backend query for info "
"for domain %s\n", domain->name ));
(*names) = NULL;
(*name_types) = NULL;
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("lookup_groupmem: [Cached] - doing backend query for info for domain %s\n",
domain->name ));
return NT_STATUS_OK;
do_query:
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("trusted_domains: [Cached] - doing backend query for info for domain %s\n",
domain->name ));
do_query:
ZERO_STRUCTP(policy);
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("lockout_policy: [Cached] - doing backend query for info for domain %s\n",
domain->name ));
do_query:
ZERO_STRUCTP(policy);
- /* Return status value returned by seq number check */
-
- if (!NT_STATUS_IS_OK(domain->last_status))
- return domain->last_status;
-
DEBUG(10,("password_policy: [Cached] - doing backend query for info for domain %s\n",
domain->name ));