14807 – samdb for LookupSids3 should be attached to long-term state

Bug 14807 - samdb for LookupSids3 should be attached to long-term state

Summary: samdb for LookupSids3 should be attached to long-term state

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.15.0rc2
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:	14821
Blocks:
	Show dependency tree / graph

Reported:	2021-08-23 02:26 UTC by Andrew Bartlett
Modified:	2021-10-06 03:51 UTC (History)
CC List:	1 user (show)

See Also:	14806 https://gitlab.com/samba-team/samba/-/merge_requests/2130

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andrew Bartlett 2021-08-23 02:26:24 UTC

The change to record the remote LDB address means that the implicit cache of the sam.ldb ldb context is not used.

This is because otherwise the wrong address would be stored.

During the LSA LookupSids3 call (which is for SCHANNEL only and has no handles or long-term context) a new sam.ldb handle is created, and then lost at the end of the call.  The SAMDB connection cost is high, and we should cache this if possible.

We should find a long-term implicit context for the authenticated session to put the sam.ldb on, and save that connection cost, as well as making the caching explicit.

Inadvertently introduced in:

commit 5c0345ea9bb34695dcd7be6c913748323bebe937
Author: Gary Lockyer <gary@catalyst.net.nz>
Date:   Thu Apr 12 06:41:30 2018 +1200

    samdb: Add remote address to connect
    
    Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
    Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Made more noticeable by bug 14806

Comment 1 Samba QA Contact 2021-09-05 03:25:22 UTC

This bug was referenced in samba master:

b40761b42e889369599c5eb355028ba377c43b49
ae57d22e45b33537e9fca5969e9b68abd1ad633f

Comment 2 Samba QA Contact 2021-09-08 13:55:32 UTC

This bug was referenced in samba v4-15-test:

bb825a909e91c1ba138490691258702744c60f6f
1252f2c170cd273d944f70b27584518b3bc8218d

Comment 3 Samba QA Contact 2021-09-09 06:38:41 UTC

This bug was referenced in samba v4-15-stable (Release samba-4.15.0rc6):

bb825a909e91c1ba138490691258702744c60f6f
1252f2c170cd273d944f70b27584518b3bc8218d

Comment 4 Samba QA Contact 2021-09-10 15:10:04 UTC

This bug was referenced in samba v4-13-test:

be4f4f4f5942ee1f762e6645e42916f3f6fc7ad6
33ef89475b09dcdbbad2048c47961a95eb2f1558

Comment 5 Samba QA Contact 2021-09-13 09:25:37 UTC

This bug was referenced in samba v4-14-test:

105014ed48bbdab7723fa15e5f9e81b332f34478
207f232abacc872600b4c91847a70bd53618f12b

Comment 6 Samba QA Contact 2021-09-22 07:25:32 UTC

This bug was referenced in samba v4-13-stable (Release samba-4.13.12):

be4f4f4f5942ee1f762e6645e42916f3f6fc7ad6
33ef89475b09dcdbbad2048c47961a95eb2f1558

Comment 7 Samba QA Contact 2021-10-05 13:26:02 UTC

This bug was referenced in samba v4-14-stable (Release samba-4.14.8):

105014ed48bbdab7723fa15e5f9e81b332f34478
207f232abacc872600b4c91847a70bd53618f12b