The branch, master has been updated
via 14600a3128c s3:libads: Improve logging for failover scenarios
via 5f7a834effe s3:libsmb: Improve logging for failover scenarios
via 6063f3ee733 s3:winbindd: Improve logging for failover scenarios in
winbindd_pam.c
via 21bb84ed1c3 s3:winbindd: Improve logging for failover scenarios in
winbindd_cm.c
from f392fdfd47f shadow_copy2: Add missing TALLOC_FREE
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 14600a3128c6b66de4f9291eeec52e34725030c5
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Oct 18 11:32:57 2023 +0200
s3:libads: Improve logging for failover scenarios
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipen...@samba.org>
Autobuild-Date(master): Wed Oct 18 15:47:09 UTC 2023 on atb-devel-224
commit 5f7a834effea56d683f76a801924c7125385e534
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Oct 18 11:32:57 2023 +0200
s3:libsmb: Improve logging for failover scenarios
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 6063f3ee733348855d6b144091bbdbbe6862494c
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Oct 18 11:32:57 2023 +0200
s3:winbindd: Improve logging for failover scenarios in winbindd_pam.c
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 21bb84ed1c30b863b4ef17fcebdd79f147142b9f
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Oct 18 11:32:57 2023 +0200
s3:winbindd: Improve logging for failover scenarios in winbindd_cm.c
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/libads/ldap.c | 10 ++++++++++
source3/libsmb/clientgen.c | 5 +++++
source3/winbindd/winbindd_cm.c | 31 +++++++++++++++++++++++++++++--
source3/winbindd/winbindd_pam.c | 4 ++++
4 files changed, 48 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 509196834ae..acf558a7ab3 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -478,6 +478,12 @@ again:
num_requests += 1;
}
+ DBG_DEBUG("Try to create %zu netlogon connections for domain '%s' "
+ "(provided count of addresses was %zu).\n",
+ num_requests,
+ domain,
+ count);
+
if (num_requests == 0) {
status = NT_STATUS_NO_LOGON_SERVERS;
DBG_WARNING("domain[%s] num_requests[%zu] for count[%zu] -
%s\n",
@@ -855,6 +861,8 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads)
bool ok = false;
struct sockaddr_storage ss;
+ DBG_DEBUG("Resolving name of LDAP server '%s'.\n",
+ ads->server.ldap_server);
ok = resolve_name(ads->server.ldap_server, &ss, 0x20, true);
if (!ok) {
DEBUG(5,("ads_connect: unable to resolve name %s\n",
@@ -900,6 +908,8 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads)
* Keep trying to find a server and fall through
* into ads_find_dc() again.
*/
+ DBG_DEBUG("Failed to connect to DC via LDAP server IP address, "
+ "trying to find another DC.\n");
}
ntstatus = ads_find_dc(ads);
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index e52e6c2256d..bec1184d53f 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -36,6 +36,11 @@
unsigned int cli_set_timeout(struct cli_state *cli, unsigned int timeout)
{
unsigned int old_timeout = cli->timeout;
+ DBG_DEBUG("Changing connection timeout for server '%s' from %d (ms) to "
+ "%d (ms).\n",
+ smbXcli_conn_remote_name(cli->conn),
+ cli->timeout,
+ timeout);
cli->timeout = timeout;
return old_timeout;
}
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 014392fdb5d..ee6b1b91bd1 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1105,6 +1105,9 @@ static bool dcip_check_name_ads(const struct
winbindd_domain *domain,
char addr[INET6_ADDRSTRLEN];
print_sockaddr(addr, sizeof(addr), &sa->u.ss);
+ D_DEBUG("Trying to figure out the DC name for domain '%s' at IP
'%s'.\n",
+ domain->name,
+ addr);
ads = ads_init(tmp_ctx,
domain->alt_name,
@@ -1163,6 +1166,10 @@ static bool dcip_check_name_ads(const struct
winbindd_domain *domain,
saf_store(domain->alt_name, name);
}
+ D_DEBUG("DC name for domain '%s' at IP '%s' is '%s'\n",
+ domain->name,
+ addr,
+ name);
*namep = talloc_move(mem_ctx, &name);
out:
@@ -1526,6 +1533,9 @@ static bool find_dc(TALLOC_CTX *mem_ctx,
*fd = -1;
+ D_NOTICE("First try to connect to the closest DC (using server "
+ "affinity cache). If this fails, try to lookup the DC using "
+ "DNS afterwards.\n");
ok = connect_preferred_dc(mem_ctx, domain, request_flags, fd);
if (ok) {
return true;
@@ -1536,9 +1546,11 @@ static bool find_dc(TALLOC_CTX *mem_ctx,
}
again:
+ D_DEBUG("Retrieving a list of IP addresses for DCs.\n");
if (!get_dcs(mem_ctx, domain, &dcs, &num_dcs, request_flags) ||
(num_dcs == 0))
return False;
+ D_DEBUG("Retrieved IP addresses for %d DCs.\n", num_dcs);
for (i=0; i<num_dcs; i++) {
if (!add_string_to_array(mem_ctx, dcs[i].name,
@@ -1557,6 +1569,9 @@ static bool find_dc(TALLOC_CTX *mem_ctx,
if ((addrs == NULL) || (dcnames == NULL))
return False;
+ D_DEBUG("Trying to establish a connection to one of the %d DCs "
+ "(timeout of 10 sec for each DC).\n",
+ num_dcs);
status = smbsock_any_connect(addrs, dcnames, NULL, NULL, NULL,
num_addrs, 0, 10, fd, &fd_index, NULL);
if (!NT_STATUS_IS_OK(status)) {
@@ -1571,6 +1586,7 @@ static bool find_dc(TALLOC_CTX *mem_ctx,
}
return False;
}
+ D_NOTICE("Successfully connected to DC '%s'.\n", dcs[fd_index].name);
domain->dcaddr = addrs[fd_index];
@@ -1614,6 +1630,11 @@ static bool find_dc(TALLOC_CTX *mem_ctx,
*fd = -1;
}
+ /*
+ * This should not be an infinite loop, since get_dcs() will not return
+ * the DC added to the negative connection cache in the above
+ * winbind_add_failed_connection_entry() call.
+ */
goto again;
}
@@ -1743,11 +1764,17 @@ static NTSTATUS cm_open_connection(struct
winbindd_domain *domain,
return NT_STATUS_NO_MEMORY;
}
+ D_NOTICE("Creating connection to domain controller. This is a start of "
+ "a new connection or a DC failover. The failover only happens "
+ "if the domain has more than one DC. We will try to connect 3 "
+ "times at most.\n");
for (retries = 0; retries < 3; retries++) {
bool found_dc;
- DEBUG(10, ("cm_open_connection: dcname is '%s' for domain %s\n",
- domain->dcname ? domain->dcname : "", domain->name));
+ D_DEBUG("Attempt %d/3: DC '%s' of domain '%s'.\n",
+ retries,
+ domain->dcname ? domain->dcname : "",
+ domain->name);
found_dc = find_dc(mem_ctx, domain, request_flags, &fd);
if (!found_dc) {
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index c523425b247..5f06465bc3e 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1667,6 +1667,10 @@ static NTSTATUS winbind_samlogon_retry_loop(struct
winbindd_domain *domain,
retry = false;
+ D_DEBUG("Creating a DCERPC netlogon connection for SAM logon. "
+ "netlogon attempt: %d, samlogon attempt: %d.\n",
+ netr_attempts,
+ attempts);
result = cm_connect_netlogon_secure(domain, &netlogon_pipe,
&netlogon_creds_ctx);
--
Samba Shared Repository
