[Samba] winbindd: Exceeding 200 client connections,
no idle connection found
Elvar
elvar at ooz.net
Wed Feb 20 07:05:21 GMT 2008
Jason Haar wrote:
> Elvar wrote:
>> I know I'm beating a dead dog asking about this but I still haven't
>> seen a resolution. Can anyone out there tell me how to fix this? When
>> this happens my users cannot get past the Squid proxy and are
>> presented with an authentication popup window in their browser which
>> does not let them past until the 200 connections limit is no longer
>> maxed out. There are probably 500 computers total at this facility
>> and sometimes more than 200 connections is needed.
>>
> That doesn't sound right... Squid aggressively caches the lookups so
> that winbind doesn't have to keep doing it - you really shouldn't be
> hitting that limit. Check your "credentialsttl" settings - they should
> be 2hours or the like.
>
> Argh. I've just google'd this: it only applies to Basic auth. I bet
> you're using NTLM? Due to the hokey way (technical term ;-) NTLM
> works, Squid can't cache the lookups as much (from a posting in 2003 -
> can't find anything newer).
>
Jason,
You are right, I'm using NTLM to authenticate everyone to the AD domain.
Thanks for taking the time to read and reply though.
Kind regards,
Elvar
More information about the samba
mailing list