On Fri, Apr 22, 2016 at 05:04:21PM +0200, Lukas Slebodnik wrote:
On (22/04/16 15:57), Jakub Hrozek wrote:
>On Mon, Apr 11, 2016 at 03:35:52PM +0200, Jakub Hrozek wrote:
>> On Mon, Apr 11, 2016 at 02:58:06PM +0200, Lukas Slebodnik wrote:
>> > On (11/04/16 13:39), Jakub Hrozek wrote:
>> > >On Mon, Apr 11, 2016 at 01:12:51PM +0200, Lukas Slebodnik wrote:
>> > >> ehlo,
>> > >>
>> > >> following patch help me to find out issues with GPO.
>> > >> I think it might be useful also in other cases.
>> > >>
>> > >> But ideal would be if fail-over code would print port as well.
>> > >> ATM "0" is logged as a port with AD.
>> > >
>> > >That's because 'port' has a special meaning in the failover
code.
>> > >It's not the networking port, but just an abstract object that
binds together
>> > >services. And we chose server 0 in the past for AD and IPA because we
>> > >wanted to make sure that identity lookups and authentication are
always
>> > >performed against the same server to make sure we don't hit
replication
>> > >issues. Otherwise we might be talking to one DC for LDAP lookups and
>> > >another for KDC..
>> > Thank you for explanation.
>> > It was very confusing to me that "server" has port but
"service"
>> > does not have a port. I would expect other way.
>> >
>> > And I would say ti might be confusing for users when they try to
troubleshoot
>> > something. We might use different name then "port"
>>
>> Yes, feel free to file a ticket to rename the internal terminology. I
>> already saw some users confused about using port 0, too.
>
>btw your patch works fine, so ACK, but I'll add your
redhat.com address
>before pushing and also wait for CI to satisfy the protocol :)
I noticed wrong email as well but I expected some comments and next version
of patch :-)
I didn't find anything else. I tested the patch against an AD DC and
made sure that for user lookups, port 389 was printed and for universal
group lookups that use a Global Catalog, port 3268 is printed.
If you'd like me to do some more testing, just ask, otherwise I'm going
to push:
https://github.com/jhrozek/sssd/commit/30d66da4485336442c3a4c09f95f15115f...
CI:
http://sssd-ci.duckdns.org/logs/job/42/64/summary.html
(I tested multiple patches together there, but yours was included as
well)