Winbindd hangs (from today CVS)

Jason Haar Jason.Haar at trimble.co.nz
Mon Jan 21 15:06:04 GMT 2002 

[Before I forget. Having a /var/run/winbindd file containing the PID of
winbindd would be REALLY good. As it is, if it hangs, how do you find the
PID to kill when 'ps' is hanging 'cause winbindd has hung? :-)]

I've been having very little luck with winbindd over the past couple of
months, but have been ignoring it basically as an option. Now that I see the
next release of Samba is due out shortly, I thought it might be a good idea
to mention the problems I have - as there may be something to fix.

We run a *very* distributed WAN - with Trusted NT domains spread all over
the world over Frame-Relay and IPSEC VPN links. As such the "connectiveness"
of our WAN is... well... dodgy at best WRT Windows. (things like LDAP, FTP,
SMTP work fine - but we find that RPC based applications *really* don't like
the kind of erratic packet loss that is experienced over VPN links)

i.e. our Unix systems work fine over VPN - Windows, not so well...

Anyway, I think this "dodginess" is bringing out the worst in winbindd. When
I compiled and installed Samba-3.0alpha from CVS this morning (and
yesterday, and ....), it runs OK for a while - really slow - but it runs.
Running "winbindd -i -d9" and making a getent-style query shows it running
off trying to talk to every Domain Controller on our WAN - which will take
MINUTES to finish. The getent app will sit there for a few minutes, then
stuff will flow through.

I tried setting WINBINDD_DOMAIN, but that appears to only affect what the
client returns - not what winbindd does?

Anyway, after some period of slowly working, it stops working :-(

"/usr/local/samba/bin/wbinfo -p" just hangs, and "winbindd -i" is reporting
all sorts of things - but it looks to be working to me (logs aren't full of
socket errors or access denied or the likes...) 

Can someone tell me what to look for, I've got a saved 21Mb logfile that may
contain something... :-)

Here's my winbind config entries:

	winbind uid = 10000-20000
	winbind gid = 10000-20000
	winbind enum users = yes
	winbind enum groups = yes
	winbind cache time = 60
	winbind separator = +
	winbind use default domain = yes

winbindd kicks ass - what a concept! :-)

-- 
Cheers

Jason Haar

Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417

More information about the samba-technical mailing list