Bug 14807 - samdb for LookupSids3 should be attached to long-term state
Summary: samdb for LookupSids3 should be attached to long-term state
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.15.0rc2
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
Depends on: 14821
  Show dependency treegraph
Reported: 2021-08-23 02:26 UTC by Andrew Bartlett
Modified: 2021-09-13 09:25 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2021-08-23 02:26:24 UTC
The change to record the remote LDB address means that the implicit cache of the sam.ldb ldb context is not used.

This is because otherwise the wrong address would be stored.

During the LSA LookupSids3 call (which is for SCHANNEL only and has no handles or long-term context) a new sam.ldb handle is created, and then lost at the end of the call.  The SAMDB connection cost is high, and we should cache this if possible.

We should find a long-term implicit context for the authenticated session to put the sam.ldb on, and save that connection cost, as well as making the caching explicit.

Inadvertently introduced in:

commit 5c0345ea9bb34695dcd7be6c913748323bebe937
Author: Gary Lockyer <gary@catalyst.net.nz>
Date:   Thu Apr 12 06:41:30 2018 +1200

    samdb: Add remote address to connect
    Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
    Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Made more noticeable by bug 14806
Comment 1 Samba QA Contact 2021-09-05 03:25:22 UTC
This bug was referenced in samba master:

Comment 2 Samba QA Contact 2021-09-08 13:55:32 UTC
This bug was referenced in samba v4-15-test:

Comment 3 Samba QA Contact 2021-09-09 06:38:41 UTC
This bug was referenced in samba v4-15-stable (Release samba-4.15.0rc6):

Comment 4 Samba QA Contact 2021-09-10 15:10:04 UTC
This bug was referenced in samba v4-13-test:

Comment 5 Samba QA Contact 2021-09-13 09:25:37 UTC
This bug was referenced in samba v4-14-test: