* set winbind cache time to 5 minutes

* quit obsessing over the sequence number so much
* share the updated sequence number between parent
  and child winbindd processes in dual mode
(This used to be commit 6fb5bdb30e2b1341ba600ce0dfd397394f7a831c)

diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c
index 27e168b6f996e7a72c15e360e34c4139dbf1173b..f3dc1263b9b4f3c130bfe2d1b5f4789ff1014022 100644 (file)
--- a/source3/nsswitch/winbindd_cache.c
+++ b/source3/nsswitch/winbindd_cache.c
@@ -221,15 +221,77 @@ static BOOL wcache_server_down(struct winbindd_domain *domain)
        return (domain->sequence_number == DOM_SEQUENCE_NONE);
 }
 
+static NTSTATUS fetch_cache_seqnum( struct winbindd_domain *domain, time_t now )
+{
+       TDB_DATA data;
+       fstring key;
+       uint32 time_diff;
+       
+       if (!wcache->tdb) 
+               return NT_STATUS_UNSUCCESSFUL;
+               
+       snprintf( key, sizeof(key), "SEQNUM/%s", domain->name );
+       
+       data = tdb_fetch_by_string( wcache->tdb, key );
+       if ( !data.dptr || data.dsize!=8 )
+               return NT_STATUS_UNSUCCESSFUL;
+       
+       domain->sequence_number = IVAL(data.dptr, 0);
+       domain->last_seq_check  = IVAL(data.dptr, 4);
+       
+       /* have we expired? */
+       
+       time_diff = now - domain->last_seq_check;
+       if ( time_diff > lp_winbind_cache_time() )
+               return NT_STATUS_UNSUCCESSFUL;
+
+       DEBUG(10,("fetch_cache_seqnum: success [%s][%u @ %u]\n", 
+               domain->name, domain->sequence_number, 
+               (uint32)domain->last_seq_check));
+
+       return NT_STATUS_OK;
+}
+
+static NTSTATUS store_cache_seqnum( struct winbindd_domain *domain )
+{
+       TDB_DATA data, key;
+       fstring key_str;
+       char buf[8];
+       
+       if (!wcache->tdb) 
+               return NT_STATUS_UNSUCCESSFUL;
+               
+       snprintf( key_str, sizeof(key_str), "SEQNUM/%s", domain->name );
+       key.dptr = key_str;
+       key.dsize = strlen(key_str)+1;
+       
+       SIVAL(buf, 0, domain->sequence_number);
+       SIVAL(buf, 4, domain->last_seq_check);
+       data.dptr = buf;
+       data.dsize = 8;
+       
+       if ( tdb_store( wcache->tdb, key, data, TDB_REPLACE) == -1 )
+               return NT_STATUS_UNSUCCESSFUL;
+
+       DEBUG(10,("store_cache_seqnum: success [%s][%u @ %u]\n", 
+               domain->name, domain->sequence_number, 
+               (uint32)domain->last_seq_check));
+       
+       return NT_STATUS_OK;
+}
+
+
 
 /*
   refresh the domain sequence number. If force is True
   then always refresh it, no matter how recently we fetched it
 */
+
 static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force)
 {
        NTSTATUS status;
        unsigned time_diff;
+       time_t t = time(NULL);
        unsigned cache_time = lp_winbind_cache_time();
 
        /* trying to reconnect is expensive, don't do it too often */
@@ -237,20 +299,36 @@ static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force)
                cache_time *= 8;
        }
 
-       time_diff = time(NULL) - domain->last_seq_check;
+       time_diff = t - domain->last_seq_check;
 
        /* see if we have to refetch the domain sequence number */
        if (!force && (time_diff < cache_time)) {
                return;
        }
+       
+       /* try to get the sequence number from the tdb cache first */
+       /* this will update the timestamp as well */
+       
+       status = fetch_cache_seqnum( domain, t );
+       if ( NT_STATUS_IS_OK(status) )
+               goto done;      
 
        status = wcache->backend->sequence_number(domain, &domain->sequence_number);
 
        if (!NT_STATUS_IS_OK(status)) {
                domain->sequence_number = DOM_SEQUENCE_NONE;
        }
-
+       
        domain->last_seq_check = time(NULL);
+       
+       /* save the new sequence number ni the cache */
+       store_cache_seqnum( domain );
+
+done:
+       DEBUG(10, ("refresh_sequence_number: seq number is now %d\n", 
+                  domain->sequence_number));
+
+       return;
 }
 
 /*
@@ -540,7 +618,7 @@ do_query:
        status = cache->backend->query_user_list(domain, mem_ctx, num_entries, info);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        centry = centry_start(domain, status);
        if (!centry) goto skip_save;
        centry_put_uint32(centry, *num_entries);
@@ -613,7 +691,7 @@ do_query:
        status = cache->backend->enum_dom_groups(domain, mem_ctx, num_entries, info);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        centry = centry_start(domain, status);
        if (!centry) goto skip_save;
        centry_put_uint32(centry, *num_entries);
@@ -684,7 +762,7 @@ do_query:
        status = cache->backend->enum_local_groups(domain, mem_ctx, num_entries, info);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        centry = centry_start(domain, status);
        if (!centry) goto skip_save;
        centry_put_uint32(centry, *num_entries);
@@ -782,7 +860,7 @@ do_query:
        status = cache->backend->sid_to_name(domain, mem_ctx, sid, name, type);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        wcache_save_sid_to_name(domain, status, sid, *name, *type);
        wcache_save_name_to_sid(domain, status, *name, sid, *type);
 
@@ -824,7 +902,7 @@ do_query:
        status = cache->backend->query_user(domain, mem_ctx, user_sid, info);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        wcache_save_user(domain, status, info);
 
        return status;
@@ -873,7 +951,7 @@ do_query:
        status = cache->backend->lookup_usergroups(domain, mem_ctx, user_sid, num_groups, user_gids);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        centry = centry_start(domain, status);
        if (!centry) goto skip_save;
        centry_put_uint32(centry, *num_groups);
@@ -942,7 +1020,7 @@ do_query:
                                                 sid_mem, names, name_types);
 
        /* and save it */
-       refresh_sequence_number(domain, True);
+       refresh_sequence_number(domain, False);
        centry = centry_start(domain, status);
        if (!centry) goto skip_save;
        centry_put_uint32(centry, *num_names);

diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index 14ebb7846682e2fbeca65c2a6a65f4ecf333bd5e..94b6326b90a86ec52c0dd9f2b271f2577277e991 100644 (file)
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -450,10 +450,11 @@ static BOOL get_sam_group_entries(struct getent_state *ent)
        
        ent->num_sam_entries = num_entries;
        
-       /* get the domain local groups if we are a member of 
-          a native win2k domain */
+       /* get the domain local groups if we are a member of a native win2k domain */
           
-       if ( domain->native_mode && domain->methods->enum_local_groups )
+       if ( domain->native_mode 
+               && domain->methods->enum_local_groups 
+               && strequal(lp_workgroup(), domain->name) )
        {
                DEBUG(4,("get_sam_group_entries: Native Mode 2k domain; enumerating local groups as well\n"));
                

diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index ac0b317b427a6ee633fb713fbe5bf61936b7b8b2..84f5d1956863699d216bd29c689e29c4f89ec2db 100644 (file)
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -124,13 +124,11 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
                sid_copy(&domain->sid, sid);
        }
        
-       /* see if this is a native mode win2k domain, but only for our own domain */
+       /* see if this is a native mode win2k domain */
           
-       if ( strequal( lp_workgroup(), domain_name) )   {
-               domain->native_mode = cm_check_for_native_mode_win2k( domain_name );
-               DEBUG(3,("add_trusted_domain: %s is a %s mode domain\n", domain_name,
-                                       domain->native_mode ? "native" : "mixed" ));
-       }       
+       domain->native_mode = cm_check_for_native_mode_win2k( domain_name );
+       DEBUG(3,("add_trusted_domain: %s is a %s mode domain\n", domain_name,
+               domain->native_mode ? "native" : "mixed (or NT4)" ));
 
        /* Link to domain list */
        DLIST_ADD(_domain_list, domain);

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 51a1b028a46bd344609e0f8a0dda818dfd73e412..3925a569ca5d734030411c4e158b702460d91559 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1459,7 +1459,7 @@ static void init_globals(void)
        string_set(&Globals.szWinbindSeparator, "\\");
        string_set(&Globals.szAclCompat, "");
 
-       Globals.winbind_cache_time = 15;
+       Globals.winbind_cache_time = 600;       /* 5 minutes */
        Globals.bWinbindEnumUsers = True;
        Globals.bWinbindEnumGroups = True;
        Globals.bWinbindUseDefaultDomain = False;

diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index fc9999dc4dc15e3f5028ed1617be12b2dc2753f5..7ff2aa7d01ddacdd7670ecc7a9d7c9224621fa5a 100644 (file)
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -922,7 +922,7 @@ void init_q_lookup_sids(TALLOC_CTX *mem_ctx, LSA_Q_LOOKUP_SIDS *q_l,
                        POLICY_HND *hnd, int num_sids, DOM_SID *sids,
                        uint16 level)
 {
-       DEBUG(5, ("init_r_enum_trust_dom\n"));
+       DEBUG(5, ("init_q_lookup_sids\n"));
 
        ZERO_STRUCTP(q_l);
 

diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 51cfacf86a06dc3acde46e4b89b0cff50769ea80..24459a26f09e6c1413f6fdee1c842942d8df671e 100644 (file)
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1778,6 +1778,7 @@ Can't find printer handle we created for printer %s\n", name ));
        if ( (printer_default->access_required == PRINTER_ACCESS_ADMINISTER) 
                && (RA_WIN2K == get_remote_arch()) )
        {
+               DEBUG(10,("_spoolss_open_printer_ex: Enabling LAN/WAN hack for Win2k clients.\n"));
                usleep( 500000 );
        }