Hi,
I am having a weird issue with samba where once a week approximately at the
same time users will lose connectivity,
if i run
wbinfo -u all users are displayed
wbinfo -g all groups are displayed
However running getent passwd only shows local-users, no remote users are
shown..
To fix the issue I have to change the name of my idmap config and restart
samba and winbind and everything works fine for a week...
Am I missing something obvious here ? I have attached my config below :
[global]
security = ads
max mux = 16384
log file = /home/sites/samba-log/log.%m
ldap timeout = 45
ldap connection timeout = 30
max open files = 100000
realm = merlin.internaloffice.co.uk
password server = 10.0.9.0
workgroup = WEBHOSTING
idmap backend = tdb
idmap uid = 500-2000000
idmap gid = 500-2000000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/sites/%U
template shell = /bin/bash
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
winbind use default domain = yes
winbind nss info = template rfc2307
restrict anonymous = 2
idmap config WEBHOSTING : schema_mode = rfc2307
idmap config WEBHOSTING : backend = ad
idmap config WEBHOSTING : range = 500 - 300000000
[home]
hide dot files = no
path = /home/sites
read only = no
dos filetime resolution = yes
I am using samba 3.3.9, do we know whether this issue has been fixed in
samba 3.4.x ?
Any help greatly appreciated.
Thanks,
Wasim
Hi, I have replicated this on a test box, if you do a net cache flush, then restart samba and winbind, run getent passwd (only displays local users) then net cache list (will display all cache of remote users) The only way i know to fix this is to rename idmap config <name> and restart samba/winbind... but a week later the problem will be back.. seems strange to me, is this a bug with 3.3.9 or am i missing something here ? Thanks, Wasim 2009/12/22 Gaiseric Vandal <gaiseric.vandal at gmail.com>> I have similar issues with samba 3.0.37 on Solaris 10. I use winbind and > ldap for domain trusts (not for the users with in the domain.) Increasing > "idmap cache time" may reduce how often you need to reset things. When the > cache time expires I have to zap idmap entries from ldap and zap the idmap > cache tbd files. It appears samba can create the cache info but not > properly update or reread it once the cache has expired. > > I have been testing 3.4.3 and it seems better but I can't say for sure yet. > (Getting samba compiled with ldap and zfs support for Solaris is tricky.) > > > > > > > On 12/22/09 10:44, Wasim Bashir wrote: > >> Hi, >> >> I am having a weird issue with samba where once a week approximately at >> the >> same time users will lose connectivity, >> >> if i run >> >> wbinfo -u all users are displayed >> wbinfo -g all groups are displayed >> >> However running getent passwd only shows local-users, no remote users are >> shown.. >> >> To fix the issue I have to change the name of my idmap config and restart >> samba and winbind and everything works fine for a week... >> >> Am I missing something obvious here ? I have attached my config below : >> >> >> >> [global] >> security = ads >> max mux = 16384 >> log file = /home/sites/samba-log/log.%m >> >> ldap timeout = 45 >> ldap connection timeout = 30 >> max open files = 100000 >> realm = merlin.internaloffice.co.uk >> password server = 10.0.9.0 >> workgroup = WEBHOSTING >> idmap backend = tdb >> idmap uid = 500-2000000 >> idmap gid = 500-2000000 >> winbind enum users = yes >> winbind enum groups = yes >> template homedir = /home/sites/%U >> template shell = /bin/bash >> client use spnego = yes >> client ntlmv2 auth = yes >> encrypt passwords = yes >> winbind use default domain = yes >> winbind nss info = template rfc2307 >> restrict anonymous = 2 >> idmap config WEBHOSTING : schema_mode = rfc2307 >> idmap config WEBHOSTING : backend = ad >> idmap config WEBHOSTING : range = 500 - 300000000 >> >> >> >> >> [home] >> hide dot files = no >> path = /home/sites >> read only = no >> dos filetime resolution = yes >> >> I am using samba 3.3.9, do we know whether this issue has been fixed in >> samba 3.4.x ? >> >> Any help greatly appreciated. >> >> Thanks, >> >> Wasim >> >> > >
Wasim Bashir wrote:>I am having a weird issue with samba where once a week approximately at >the >same time users will lose connectivity, > >if i run > >wbinfo -u all users are displayed >wbinfo -g all groups are displayed > >However running getent passwd only shows local-users, no remote usersare>shown.. > >To fix the issue I have to change the name of my idmap config andrestart>samba and winbind and everything works fine for a week... > >Am I missing something obvious here ? I have attached my config below : > > > >[global] > security = ads > max mux = 16384 > log file = /home/sites/samba-log/log.%m > > ldap timeout = 45 > ldap connection timeout = 30 > max open files = 100000 > realm = merlin.internaloffice.co.uk > password server = 10.0.9.0 > workgroup = WEBHOSTING > idmap backend = tdb > idmap uid = 500-2000000 > idmap gid = 500-2000000 > winbind enum users = yes > winbind enum groups = yes > template homedir = /home/sites/%U > template shell = /bin/bash > client use spnego = yes > client ntlmv2 auth = yes > encrypt passwords = yes > winbind use default domain = yes > winbind nss info = template rfc2307 > restrict anonymous = 2 > idmap config WEBHOSTING : schema_mode = rfc2307 > idmap config WEBHOSTING : backend = ad > idmap config WEBHOSTING : range = 500 -300000000> > > > >[home] >hide dot files = no >path = /home/sites >read only = no >dos filetime resolution = yes > >I am using samba 3.3.9, do we know whether this issue has been fixed in >samba 3.4.x ? > >Any help greatly appreciated. > >Thanks, > >WasimCould it be a network issue rather than Samba itself - a switch being turned off briefly, IP address being refreshed, DNS issue - that breaks the communication with kerberos or PDC? I heard of one site whose network was interrupted at the same time each day, which they eventually traced to a heavy delivery lorry crushing a badly-installed underground cable. Moray. "To err is human.? To purr, feline"