On 28/12/2020 11:35, mj via samba wrote:> Hi Jason,
>
> I was following this thread with interest, but it seems to have died a
> silent death.
>
> We might be seeing something similar on our samba domain member servers.
>
> We run (automatic) nightly reboots of our DCs, one reboots at 02:00,
> one at 03:00 and the third at 04:00.
Why do you reboot your DC's every night ?>
> On our main (winbind) fileserver we often (but not always) see that at
> one of the above times, for a few minutes, the AD groups are gone.
That shouldn't happen>
> (I run a script on the member server that verifies the existance of
> our AD groups using "getent group")
But then again 'getent group' (without a specific group) shouldn't
work
because you shouldn't have the 'winbind enum' lines in a production
Unix
domain member smb.conf>
> We know that at DC-reboot time, the two other DCs are up and running,
> so the reboots should really be little (or even: no) impact on the
> member servers.
I agree with that, a DC going down shouldn't affect the Unix domain
member.>
> I was hoping for continued dialogue in this ticket.
>
> Curious if everybody here can actually reboot their DCs (or stop samba
> on them) without any consequence on their domain member servers?
Yes, I can.>
> We have three DCs, no problems between them, they have recently been
> examined by sernet with basically no remarks. The DCs run 4.12.8
> sernet, and the domain member server is still on 4.10.18. (yes, we
> will upgrade that soon)
Well if Sernet cannot find anything wrong (unless they only gave them a
cursory glance), then there shouldn't be anything wrong, quite a few of
the Samba team work there ?
Rowland