-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 4 Dec 2002, Daniel Wittenberg wrote:
> I've been using winbind successfully for awhile now for user info
> (nothing in /etc/passwd), but today I tried to use it to pull group
> info, so I updated /etc/nsswitch.conf (RH 7.3) and then tried to add:
> valid users = @DOMAIN+group_name
>
> and now whenever I click on any folder (share) to open the cpu util goes
> up, and the connection hangs for awhile, and then eventually it
> times-out on the client side, and the server logs initgroup errors.
> Anyone seen this? It is connecting to a rather large AD forest, and
I'm
> told there are groups with 30+ users in them. When I do a winbind -g
> |wc -l I get about 63,210 entries before I geta 0c000233 error (I think
> that was it). I tried group enumeration on/off and that doesn't change
> anything.
>From include/nterr.h
#define NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND NT_STATUS \
(0xC0000000 | 0x0233)
This is probably from one of the trusted domains.
Just curious, if you have 63k groups, how many users ? Samba 3.0 will
deal with the better (using two processes...one to respond to queries and
one to update the cache).
cheers, jerry
----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 "SAMS Teach Yourself Samba in 24 Hours"
2ed
"You can never go home again, Oatman, but I guess you can shop
there."
--John Cusack - "Grosse Point Blank"
(1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE9710PIR7qMdg1EfYRAhrhAKCuvPxe/EOxAxpYjmQPbWrNR/U6WQCgu+Qx
pvytDzdYKNHS+Ox3ooduXUw=9GNH
-----END PGP SIGNATURE-----