samba - Jan 2019 - Winbind, cached logons and 'user persistency'...

I've noted that some weeks ago, but i was upgrading all my PVE cluster
so i've considered it benevolent.

Yesterday i've updated my main switch, disconnecting for a brief lag of
time all my ''infrastructutes''.

My SMTP server (exim) start to complain about 'unroutable addresses':

 2019-01-16 18:32:40 1gjp3Q-0006aw-TG <= root at sv.lnf.it
H=(3jane.sv.lnf.it) [10.5.1.13] P=esmtp S=655 id=20190116173240.C20003CE035A at
3jane.sv.lnf.it
 2019-01-16 18:33:45 1gjp3Q-0006aw-TG ** gaio at fvg.lnf.it <root at
sv.lnf.it> F=<root at sv.lnf.it>: Unrouteable address

my SMTP server is a DM, configured with winbind and cached/offline
logons. SMTP server use 'nss' as final delivery rules (eg, user that
exist in NSS are delivered).
After some minutes i've reconnected and powered up the new switch, and
all come back as usual.


So seems that disconnecting temporarly the DM from the DCs, lead to
'user not found' error, like as users ''desappear'' from
NSS.
In winbind logs nothing get printed.


Why?!

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''         
http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

Hai Marco, 
> Yesterday i've updated my main switch, disconnecting for a 
> brief lag of time all my ''infrastructutes''.
> 
> My SMTP server (exim) start to complain about 'unroutable
addresses':
> 
>  2019-01-16 18:32:40 1gjp3Q-0006aw-TG <= root at sv.lnf.it 
> H=(3jane.sv.lnf.it) [10.5.1.13] P=esmtp S=655 
> id=20190116173240.C20003CE035A at 3jane.sv.lnf.it
>  2019-01-16 18:33:45 1gjp3Q-0006aw-TG ** gaio at fvg.lnf.it 
> <root at sv.lnf.it> F=<root at sv.lnf.it>: Unrouteable address
> 
> my SMTP server is a DM, configured with winbind and cached/offline
> logons. SMTP server use 'nss' as final delivery rules (eg, user
that
> exist in NSS are delivered).
> After some minutes i've reconnected and powered up the new switch, and
> all come back as usual.
> 
> 
> So seems that disconnecting temporarly the DM from the DCs, lead to
> 'user not found' error, like as users ''desappear''
from NSS.
> In winbind logs nothing get printed.
> 
> 
> Why?!
Your Exim is not complaining about users, but is complaining about a non
deliverable message,
due to not reaching the destination ip adres. ( Unrouteable address ) 

As far i can tell winbind/nss resolved the user by cache, exim tried to deliver
but was unsuccessfull.
If the user wasnt found, you would have seen undeliverable adress so something
like that.

So looks normal to me. 

Greetz, 

Louis

Mandi! L.P.H. van Belle via samba
  In chel di` si favelave...
> Your Exim is not complaining about users, but is complaining about a non
deliverable message,
> due to not reaching the destination ip adres. ( Unrouteable address ) 
No, i'ts an ACL that reply 'Unroutable address' for non existant
users.
Don't help spammers to find useful address. ;-)

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''         
http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

Hai Marco, 


Maybe the winbind cache time is set to low for this. 


Greetz, 

Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Marco Gaiarin via samba
> Verzonden: donderdag 17 januari 2019 15:55
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Winbind, cached logons and 'user 
> persistency'...
> 
> Mandi! L.P.H. van Belle via samba
>   In chel di` si favelave...
> 
> > Your Exim is not complaining about users, but is 
> complaining about a non deliverable message,
> > due to not reaching the destination ip adres. ( Unrouteable 
> address ) 
> 
> No, i'ts an ACL that reply 'Unroutable address' for non 
> existant users.
> Don't help spammers to find useful address. ;-)
> 
> -- 
> dott. Marco Gaiarin				        GNUPG 
> Key ID: 240A3D66
>   Associazione ``La Nostra Famiglia''          
> http://www.lanostrafamiglia.it/
>   Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al 
> Tagliamento (PN)
>   marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   
> f +39-0434-842797
> 
> 		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
>       http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
> 	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>