From 16f881c37260861957fe10f1a485f45bcb7e912e Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Fri, 19 Dec 2014 12:24:53 -0700 Subject: [PATCH] winbind: Retry after SESSION_EXPIRED error in ping-dc Trying to establish a netlogon connection when the service ticket expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The underlying client code already marks the session as invalid, so retry the netlogon connect in this case. Signed-off-by: Christof Schmit Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104 (cherry picked from commit a2670f15dea27c10e3827216adf572f9c3894f85) BUG: https://bugzilla.samba.org/show_bug.cgi?id=11034 --- source3/winbindd/winbindd_dual_srv.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 31ed2cf651b..911fd7565b6 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -696,6 +696,14 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r) reconnect: status = cm_connect_netlogon(domain, &netlogon_pipe); + if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED)) { + /* + * Retry to open new connection with new kerberos ticket. + */ + invalidate_cm_connection(&domain->conn); + status = cm_connect_netlogon(domain, &netlogon_pipe); + } + reset_cm_connection_on_error(domain, status); if (!NT_STATUS_IS_OK(status)) { DEBUG(3, ("could not open handle to NETLOGON pipe: %s\n", -- 2.11.4.GIT