Created attachment 7365 [details]
Patch for dsgetdcname errors
The dsgetdcname command in wbinfo calls winbindd to obtain the DC for a domain. Winbind does a SRV lookup to find the DC and then does a CLDAP request the validate the DC.
I ran into a couple of issues when using v3.3.9. From the code it appears that these are also present in the latest v3.6.3. A possible fix is attached.
1) The CLDAP requests are done using hostname instead of the IP-address discovered from the SRV lookup. This means that for a multihomed host the CLDAP request may succeed if it gets sent to a working interface while the interface from SRV response is down. In this case, winbind will incorrectly mark the IP in the SRV response as valid and cache that for 15 minutes.
2) The first dsgetdcname requests returns a KDC hostname instead of an ip address. This does not occur when a cached entry is returned.
Steps to repro:
Output of wbinfo command returns
\\GEN1-VCS132 <======= Using hostname
2 <======= Type is for netbios
Running the wbinfo command again returns:
\\10.11.3.76 <======= Returns IP
1 <======= Type is for ip