Displaying 20 results from an estimated 2000 matches similar to: "[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?"
2017 Mar 27
4
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
Can you tell more about your setup?
Is zarafa and samba on the same server for example.
Which MTA are you using postfix/exim?
My top was about 150 users, and all my printers are connected also so about 200 devices do ldap searches.
but my setup is split over 10+ servers ( 2 are AD DC )
So best is to tell what you can about your setup, anonimize if needed.
Greetz,
Louis
2017 Mar 27
3
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
On Mon, 2017-03-27 at 10:43 +0200, Gaetan SLONGO via samba wrote:
> Zarafa is not on the same server as Samba
>
> We only have 2 AD/DC Samba 4.5 (CentOS 7) and we put required indexes
> on LDAP .
>
> Arround 1000 mailboxes but not all are simultaneously in use (approx
> 1/3 in use).
> MTA is postfix (and is still connected to Samba AD, this one is not
> causing the
2017 Mar 27
0
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
No, you have to do that manualy, or look the the samba4 ADS script for kopano ( or zarafa )
But I mostly follow the documentation.
And when i run :
time ldbsearch -H /var/lib/samba/private/sam.ldb -s base -b @INDEXLIST
....
real 0m0.230s
user 0m0.184s
sys 0m0.044s
so if yours take more that 20 sec there is something very wrong.
I suggest check you samba AD database and
2017 Mar 27
0
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
Zarafa is not on the same server as Samba
We only have 2 AD/DC Samba 4.5 (CentOS 7) and we put required indexes on LDAP .
Arround 1000 mailboxes but not all are simultaneously in use (approx 1/3 in use).
MTA is postfix (and is still connected to Samba AD, this one is not causing the issue).
As a workarround, we currently deployed a synchronization connector from AD to OpenLDAP. It solves the
2017 Mar 27
0
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
Thank you for your message Andrew. Then .. Waiting for this improvement... :-)
Indexes seem correct to me. But I'm not sure at 100% because I cannot find clear explanation regarding the searchFlags attribute value .. 1, 2, ... ? Maybe you have one ?
Thanks !
----- Mail original -----
De: "Andrew Bartlett" <abartlet at samba.org>
À: "Gaetan SLONGO" <gslongo
2017 Mar 27
1
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
Hi,
I talked to Zarafa (Kopano now) support and they acknowledge that their product in combination with Samba does not scale welland is only suitable for what they call smaller setups.
Met Vriendelijke Groet,
Kind Regards,
Salutations,
Bart Coninckx
Bits 'n Tricks BVBA
Hoge Mierdse Heide 182
2360 Oud-Turnhout
tel. +32 14 480 820
gsm +32 478 88 33 08
info at bitsandtricks.com
2017 Mar 23
1
[Samba 4.5] Very slow LDAP Queries (almost unusable), performance tunning ?
Dear users,
We are facing to a big latency issue regarding the LDAP Server (both encrypted & plain).
We have a Zarafa mail server which makes a lot of queries and puts a samba process to 100% usage. This latency makes the mail server unusable.. The mail server was previously on OpenLDAP and there was not performance issues.
A simple LDAP query can take up to 25 sec to perform !!
We
2013 Sep 14
2
samba4 adding an index to sam.ldb
I have a large installation >20k users. We're using samba4 for AD Authentication, and also email address validation. I'm trying to edit the @INDEXLIST in sam.ldb to add an index on otherMailbox to speed up searches (0.05 sec for indexed, vs 2.5 sec for non-indexed searches) I'm finding that when I use ldbedit to do this, it appears to add the additional @IDXATTR. However, when I
2017 Oct 27
3
Adding indexing to samba AD question.
Hai,
I need to add some extra indexing on my AD DB, and im not sure if what the correct/best methode is.
And is there any reason i should not do this, i did search on the wiki, but could not find the info i searched for.
I know the following. Checked the current index. ( source info : https://wiki.samba.org/index.php/LDB )
ldbsearch -H /var/lib/samba/private/sam.ldb -s base -b @INDEXLIST
2017 Dec 19
2
Replication issue (maybe due to 4.7.0 bug?)
On Tue, 2017-12-19 at 11:00 +0100, Gaetan SLONGO wrote:
> Hi Andrew,
>
> Thank you for your answer. The issue is in the source or destination ?
> Because meanwhile I noticed the destination server was on 4.6.11 and not 4.7.3 as the source. What do you think about it ?
Update the destination to 4.7.4 when this is released in a few days.
I hope this helps,
Andrew Bartlett
--
Andrew
2017 Dec 13
2
Replication issue (maybe due to 4.7.0 bug?)
On Wed, 2017-12-13 at 11:37 +0100, Gaetan SLONGO wrote:
> Hi Andrew.
>
> Any idea to solve this ?
You need to turn up the logs on the destination server until you get
more useful log entries leading up to:
==> /var/log/samba/log.samba <==
[2017/12/07 10:10:55.825907, 0]
../source4/dsdb/repl/drepl_out_helpers.c:942(dreplsrv_op_pull_source_ap
ply_changes_trigger)
Failed to
2017 Dec 14
2
Replication issue (maybe due to 4.7.0 bug?)
On Thu, 2017-12-14 at 11:40 +0100, Gaetan SLONGO wrote:
> Hi Andrew,
>
> By increasing global logs (not only drs) I get this : Failed to apply records: ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3643: Failed to remove backlink of msDS-RevealedDSAs when deleting CN=DMZRODC
This is bug
https://bugzilla.samba.org/show_bug.cgi?id=13095
and
2018 May 29
4
Samba 4.8 RODC not working
I think you missed these in the firewall, if you allowed the "in" for the DC, you also need the OUT.
49152:65535/tcp ALLOW OUT
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Gaetan SLONGO via samba
> Verzonden: dinsdag 29 mei 2018 16:40
> Aan: Rowland Penny
> CC: samba at lists.samba.org
2018 May 31
4
Samba 4.8 RODC not working
Hai Gaetan,
Can you post the output this this command : netstat -plaunt | egrep "ntp|bind|named|samba|?mbd"
and iptables -S
@Rowland, https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage
might need a smal change. test as followed
The wiki line: netstat -tulpn | egrep "samba|smbd|nmbd|winbind"
Now test my line and see the changes. this catches everything a DC
2010 Dec 07
3
Samba4 LDAP LDB Indexes
I have a system running Samba 4 Alpha 11, and I seem to have a corrupted LDB
file in my directory. (Probably the result of taking a backup without using
tdbbackup). Right now, running tdbbackup on the file produces an error
message similar to the following:
Failed to insert into DC=WWW,DC=EXAMPLE,DC=COM.ldb.bak.tmp
failed to copy DC=WWW,DC=EXAMPLE,DC=COM.ldb
If I run
ldbsearch -H
2018 Dec 10
5
Samba 4 with Microsoft Exchange
Hi All,
We would like to know if recent developments and improvements allow to use a Microsoft Exchange infrastructure with Samba 4 as an Active Directory Controller ?
Any informations about it ?
Thank you very much
2018 Jun 13
4
Samba 4.8 RODC not working
On Wed, 13 Jun 2018 10:05:23 +0200 (CEST)
Gaetan SLONGO <gslongo at it-optics.com> wrote:
> Hi Rowland,
>
>
> Same, as said; winbind isn't started :-)
>
>
>
> [root at dmzrodc ~]# ps ax | egrep "ntp|bind|named|samba|?mbd"
> 650 ? Ss 0:00 /usr/sbin/ntpd -u ntp:ntp -g
> 1205 ? Ss 0:00 /usr/sbin/samba -D
> 1225 ? S 0:00 /usr/sbin/samba
2018 Jun 13
3
Samba 4.8 RODC not working
On Wed, 13 Jun 2018 10:40:28 +0200 (CEST)
Gaetan SLONGO <gslongo at it-optics.com> wrote:
> Hi Louis, Hi Rowland,
>
>
> I will respond to both in this mail.
>
>
> Yes winbind is installed :
>
>
>
> [root at dmzrodc ~]# which winbindd
> /usr/sbin/winbindd
> [root at dmzrodc ~]# rpm -qa |grep winbind
>
2018 May 29
2
Samba 4.8 RODC not working
Hi Rowland,
As said into the reply sent to Andrew, Winbind is installed, but not started by samba (this is sernet packages)
Thanks
----- Mail original -----
De: "Rowland Penny via samba" <samba at lists.samba.org>
À: samba at lists.samba.org
Envoyé: Jeudi 24 Mai 2018 20:48:22
Objet : Re: [Samba] Samba 4.8 RODC not working
On Thu, 24 May 2018 11:30:40 +0200 (CEST)
2018 Jun 13
2
Samba 4.8 RODC not working
On Wed, 13 Jun 2018 12:28:23 +0200 (CEST)
Gaetan SLONGO <gslongo at it-optics.com> wrote:
> Hi Rowland,
>
>
> I have no homes share. As far as I know I should not have that share
> on a DC ..?
Then don't worry about it, I was just checking if you had one.
>
>
> Regarding the security consideration for a DMZ zone, what do you
> suggest instead of putting