6895 – winbind choosing broken DCs to bind to

Bug 6895 - winbind choosing broken DCs to bind to

Summary: winbind choosing broken DCs to bind to

Status:	ASSIGNED

Alias:	None

Product:	Samba 3.4
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	3.4.2
Hardware:	Other Linux

Importance:	P3 normal
Target Milestone:	---
Assignee:	Michael Adam
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-11-15 14:55 UTC by Jason Haar
Modified:	2009-11-20 17:57 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jason Haar 2009-11-15 14:55:33 UTC

We see winbind continually falling foul of Murphy's Law and choosing broken domain controllers to send all its requests to, as such it gets into all kinds of "hung" or offline states when it shouldn't

Our Active Directory 2003 servers are primarily on Dell servers which come with 2 Ethernet cards. If the sysadmin installing them isn't careful, the 2nd unused Ethernet card can be left enabled but not plugged into anything - with the affect that Windows assigns a 169.254 address to it - and that is broadcast out to Windows-land as a valid IP address option (ie the DC tells the world it has 2 IP addresses - but only one works). End result is that sometimes winbind decides that broken address is the best IP to use - and of course it never responds - leading to hangs. Windows clients appear to sanity-check the DC addresses they learn from the network (I see ping packets a lot from clients) and so don't show any problem with this situation - but Samba does.

Jason

Comment 1 Michael Adam 2009-11-20 17:57:58 UTC

Thanks for your report.

Samba actually does some sort of keeping track of unreachable DCs,
but possibly your situation is not covered. I will have to investigate
this further. Stay tuned...

Michael