Bug 34370

Summary: Samba4 DFS: Randomize DC redirects
Product: UCS Reporter: Arvid Requate <requate>
Component: Samba4Assignee: Arvid Requate <requate>
Status: CLOSED FIXED QA Contact: Felix Botner <botner>
Severity: normal    
Priority: P5 CC: gohmann, jmm
Version: UCS 3.2   
Target Milestone: UCS 3.2-1-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Large environments, UCS Performance
Max CVSS v3 score:

Description Arvid Requate univentionstaff 2014-03-19 16:40:33 CET 
Samba needs to be rebuilt with the patch attached to Bug #34326 Comment 1.


+++ This bug was initially created as a clone of Bug #34326 +++

After enabling the Samba4 DFS referral generator for the sysvol, it currently returns a referal list which is ordered statically (as retrived from the samdb backend). This would direct all clients in a certain site to the first DC on that list (which is in that site, if any DC is present there).

The attached patch based on the samba 4.1.0 source randomizes this list.
Comment 1 Arvid Requate univentionstaff 2014-03-31 19:37:18 CEST 
The patch has been accepted upstream and samba has been rebuilt with it in errata3.2-1.

Advisory: 2014-01-08-samba.yaml
Comment 2 Felix Botner univentionstaff 2014-04-02 09:12:39 CEST 
OK

-> smbclient //perf.test/sysvol -UAdministrator%univention
-> tail -f /var/log/samba/log.smbd | grep "Doing a"
  Doing a dfs referral for pmaster.perf.test with this value 
     \pmaster.perf.test\sysvol requested \perf.test\sysvol
  Doing a dfs referral for PBACKUP.perf.test with this value 
     \PBACKUP.perf.test\sysvol requested \perf.test\sysvol

-> smbclient //perf.test/sysvol -UAdministrator%univention
-> tail -f /var/log/samba/log.smbd | grep "Doing a"
  Doing a dfs referral for PBACKUP.perf.test with this value 
     \PBACKUP.perf.test\sysvol requested \perf.test\sysvol
  Doing a dfs referral for pmaster.perf.test with this value 
     \pmaster.perf.test\sysvol requested \perf.test\sysvol

-> smbclient //perf.test/sysvol -UAdministrator%univention
-> tail -f /var/log/samba/log.smbd | grep "Doing a"
  Doing a dfs referral for pmaster.perf.test with this value 
     \pmaster.perf.test\sysvol requested \perf.test\sysvol
  Doing a dfs referral for PBACKUP.perf.test with this value 
     \PBACKUP.perf.test\sysvol requested \perf.test\sysvol

OK - YAML
Comment 3 Moritz Muehlenhoff univentionstaff 2014-04-09 08:24:53 CEST 
http://errata.univention.de/ucs/3.2/81.html