Hi All,
Wonder is someone can help?
We have mixed windows & Linux boxes in DomA network. Afaik all DomA
clients are blocked and direct connection to DomB are not possible by design
& for security.
DomA DC(Windows) -- trust --> DomB DC(Windows)
^
|
DomA Linux Client(DALC) winbind Samba 3.0.33
For some reason DomA Linux Client attempts ldap connection to all DomB DC once
in 5 to 10 minutes. When that happens it halts application & commands in
ssh sessions. e.g. ls -l, wbinfo -i <username> hangs for upto a minute or
two. DomB have 9 DCs at various locations. I can see it's trying to connect
to the 9 hosts in turn. Attempt connection, blocked, wait for timeout I assume
then try next host.
This causes major issues for the Linux boxes. I can see this by tcpdump. When
it attempts ldap connection to DomB. Any samba lookup(e.g. wbinfo -i, ls -l)
would hang for one to two minutes every time.
There's no DomB settings mentioned in the Linux client configs but somehow
it knows DomB is there and try to connect by ldap.
Linux clients in DomA do not need to authenticate against DomB. It need to
authenticate against DomA only.
How can I make DomA Linux client stop connecting to DomB ldap or eliminate the
hang/delay totally?
DomA Windows client boxes seems to be able authenticate DomB users accounts with
out the direct connection to DomB. The Windows DC and Windows clients works
fine. Do not want to touch those.
Any help is highly appreciated.
Many thanks.
Ryan.