The Samba-Bugzilla – Bug 6098
When the DNS server is invalid, the ads_find_dc() does not work correctly with "security = domain".
Last modified: 2017-08-24 16:31:05 UTC
I confirmed this problem on samba 3.0.30. But I think this problem happens also on other versions.
This problem happens only on "security=domain".
If DNS server is invalid, the ads_find_dc() fails.
1. If DNS server is invalid, the get_sorted_dc_list() is called with realm(FQDN) and it fails.
2. On the next step, the get_sorted_dc_list() is called with realm(FQDN) again.
I think "again" is wrong place.
On the 2nd step, get_sorted_dc_list() should be called with realm(WORKGROUP).
I will attach a patch. More modifications may be needed for samba 3.2.8.
Created attachment 3931 [details]
call get_sorted_dc_list with FQDN and DOMAIN
Looks correct to me. I'll apply to the 3.0.x git tree and look into the problem on 3.2.x and above.
Jeremy: did you solve that case for later version also. I'm not sure if the issue in this szenario is solved or still an issue.