15881 – Unresponsive second DC can cause idmapping failure when using idmap_ad

Bug 15881 - Unresponsive second DC can cause idmapping failure when using idmap_ad

Summary: Unresponsive second DC can cause idmapping failure when using idmap_ad

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Jule Anger
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-07-07 08:19 UTC by Ralph Böhme
Modified:	2025-08-21 15:25 UTC (History)
CC List:	8 users (show)

See Also:	https://gitlab.com/samba-team/samba/-/merge_requests/4099

Attachments
WIP patch for master (736 bytes, patch) 2025-07-07 08:20 UTC, Ralph Böhme	no flags	Details
patch for 4.22 (1.09 KB, patch) 2025-07-17 14:12 UTC, Andreas Schneider	gd: review+	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ralph Böhme 2025-07-07 08:19:47 UTC

The problem is we're calling get_kdc_ip_string() which calls netlogon_pings() to contact the secondary DC (we already have a working connection to a "first" DC) and netlogon_pings() returns an error if all DCs it was supposed to ping fail to respond. This causes get_kdc_ip_string() to return an error causing complete idmapping failure.

Have patch, need bugnumber.

Comment 1 Ralph Böhme 2025-07-07 08:20:37 UTC

Created attachment 18659 [details]
WIP patch for master

Comment 2 Samba QA Contact 2025-07-07 16:47:02 UTC

This bug was referenced in samba master:

88572cc8f629a737a1d5b33d5800f3692895233f

Comment 3 Andreas Schneider 2025-07-17 14:12:46 UTC

Created attachment 18672 [details]
patch for 4.22

Comment 4 Guenther Deschner 2025-07-18 14:15:44 UTC

Comment on attachment 18672 [details]
patch for 4.22

LGTM, RB+

Comment 5 Guenther Deschner 2025-07-18 14:16:32 UTC

Jule, please add to 4.22.x, thanks!

Comment 6 Jule Anger 2025-07-21 08:27:53 UTC

Pushed to autobuild-v4-22-test.

Comment 7 Samba QA Contact 2025-07-21 09:31:03 UTC

This bug was referenced in samba v4-22-test:

e119cb0b4840429ac763d1899a8bec1f1fbb0f4b

Comment 8 Jule Anger 2025-07-21 14:05:24 UTC

Closing out bug report.

Thanks!

Comment 9 Samba QA Contact 2025-08-21 15:25:08 UTC

This bug was referenced in samba v4-22-stable (Release samba-4.22.4):

e119cb0b4840429ac763d1899a8bec1f1fbb0f4b