Print this page
NEX-15558 SMB logon fails during 1st second after service start
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-15558 SMB logon fails during 1st second after service start
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-2667 Wrong error when join domain with wrong password
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Bayard Bell <bayard.bell@nexenta.com>
NEX-2225 Unable to join NexentaStor to 2008 AD
NEX-1638 Updated DC Locator
Includes work by: matt.barden@nexenta.com, kevin.crowe@nexenta.com
re #12435 rb3958 r10 is added 2 times to panic info
re #12393 rb3935 Kerberos and smbd disagree about who is our AD server
*** 19,29 ****
* CDDL HEADER END
*/
/*
* Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
! * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
*/
#include <syslog.h>
#include <synch.h>
#include <pthread.h>
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
! * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
*/
#include <syslog.h>
#include <synch.h>
#include <pthread.h>
*** 88,97 ****
--- 88,105 ----
smb_dclocator_init(void)
{
pthread_attr_t tattr;
int rc;
+ /*
+ * We need the smb_ddiscover_service to run on startup,
+ * so it will enter smb_ddiscover_main() and put the
+ * SMB "domain cache" into "updating" state so clients
+ * trying to logon will wait while we're finding a DC.
+ */
+ smb_dclocator.sdl_locate = B_TRUE;
+
(void) pthread_attr_init(&tattr);
(void) pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED);
rc = pthread_create(&smb_dclocator_thr, &tattr,
smb_ddiscover_service, &smb_dclocator);
(void) pthread_attr_destroy(&tattr);
*** 239,248 ****
--- 247,257 ----
* Mark the current DC as "bad" and let the DC Locator
* run again if it's not already.
*/
syslog(LOG_INFO, "smb_ddiscover, bad DC: %s", bad_dc);
smb_dclocator.sdl_bad_dc = B_TRUE;
+ smb_domain_bad_dc();
/* In-line smb_ddiscover_kick */
if (!smb_dclocator.sdl_locate) {
smb_dclocator.sdl_locate = B_TRUE;
(void) cond_broadcast(&smb_dclocator.sdl_cv);
*** 250,283 ****
out:
(void) mutex_unlock(&smb_dclocator.sdl_mtx);
}
- /*
- * If domain discovery is running, wait for it to finish.
- */
- int
- smb_ddiscover_wait(void)
- {
- timestruc_t to;
- int rc = 0;
- (void) mutex_lock(&smb_dclocator.sdl_mtx);
-
- if (smb_dclocator.sdl_locate) {
- to.tv_sec = SMB_DCLOCATOR_TIMEOUT;
- to.tv_nsec = 0;
- rc = cond_reltimedwait(&smb_dclocator.sdl_cv,
- &smb_dclocator.sdl_mtx, &to);
- }
-
- (void) mutex_unlock(&smb_dclocator.sdl_mtx);
-
- return (rc);
- }
-
-
/*
* ==========================================================
* DC discovery functions
* ==========================================================
*/
--- 259,269 ----
*** 352,365 ****
*/
bzero(&dxi, sizeof (dxi));
status = smb_ddiscover_main(sdl->sdl_domain, &dxi);
if (status == 0)
smb_domain_save();
(void) mutex_lock(&sdl->sdl_mtx);
sdl->sdl_status = status;
! if (status == 0)
sdl->sdl_dci = dxi.d_dci;
/*
* Run again if either of cfg_chg or bad_dc
* was turned on during smb_ddiscover_main().
* Note: mutex held here.
--- 338,360 ----
*/
bzero(&dxi, sizeof (dxi));
status = smb_ddiscover_main(sdl->sdl_domain, &dxi);
if (status == 0)
smb_domain_save();
+
(void) mutex_lock(&sdl->sdl_mtx);
+
sdl->sdl_status = status;
! if (status == 0) {
sdl->sdl_dci = dxi.d_dci;
+ } else {
+ syslog(LOG_DEBUG, "smb_ddiscover_service "
+ "retry after STATUS_%s",
+ xlate_nt_status(status));
+ (void) sleep(5);
+ goto find_again;
+ }
/*
* Run again if either of cfg_chg or bad_dc
* was turned on during smb_ddiscover_main().
* Note: mutex held here.
*** 403,417 ****
if (domain[0] == '\0') {
syslog(LOG_DEBUG, "smb_ddiscover_main NULL domain");
return (NT_STATUS_INTERNAL_ERROR);
}
- if (smb_domain_start_update() != SMB_DOMAIN_SUCCESS) {
- syslog(LOG_DEBUG, "smb_ddiscover_main can't get lock");
- return (NT_STATUS_INTERNAL_ERROR);
- }
-
status = smb_ads_lookup_msdcs(domain, &dxi->d_dci);
if (status != 0) {
syslog(LOG_DEBUG, "smb_ddiscover_main can't find DC (%s)",
xlate_nt_status(status));
goto out;
--- 398,407 ----
*** 423,437 ****
"smb_ddiscover_main can't get domain info (%s)",
xlate_nt_status(status));
goto out;
}
smb_domain_update(dxi);
-
- out:
smb_domain_end_update();
/* Don't need the trusted domain list anymore. */
smb_domainex_free(dxi);
return (status);
}
--- 413,431 ----
"smb_ddiscover_main can't get domain info (%s)",
xlate_nt_status(status));
goto out;
}
+ if (smb_domain_start_update() != SMB_DOMAIN_SUCCESS) {
+ syslog(LOG_DEBUG, "smb_ddiscover_main can't get lock");
+ status = NT_STATUS_INTERNAL_ERROR;
+ } else {
smb_domain_update(dxi);
smb_domain_end_update();
+ }
+ out:
/* Don't need the trusted domain list anymore. */
smb_domainex_free(dxi);
return (status);
}