Run away number of smbd children

Dave Daugherty dave.daugherty at
Mon Oct 15 19:23:41 GMT 2007

On Behalf Of Kevin Robinson
Sent: Monday, October 15, 2007 6:04 AM

> Replies below, and thanks!

> > Dave Daugherty wrote:
> > Kevin:
> > 
> > I know what you mean... and although that problem is serious, I am
> > convinced it's your only problem.  Were your users actually able to
> logon?

> Nope, and the ones that were got booted except for a fraction of them.

> If 1000 were connected, that would drop to maybe 100 -- collected via 
> smbstatus.  However, the smbd processes would soar to 5000+ before I 
> found it and would restart the services.

Then maybe the underlying problem was the machine account password
getting out of wack.  Authentications may backup if Samba is having
problems authenticating with the domain controller using its machine

Did anyone by chance reset the computer account password in AD using

> Yea, we have one main group and oddly enough ... that's the log file 
> pointed our per our initial conversation (GACL).  I'll have to collect

> some stats on the look ups and network utilization.  How did you
> the number of SID->GID lookups?

I was looking at the winbindd-idmap log file timestamps and could see
bursts of lookups over time, with some idle times interspersed in
between.  This is not unusual as when a user authenticates, SMBD must
look up the groups that user belongs to for authorization purposes.  It
gets these groups in the form of SIDs and must translate these to GIDs.
Once the groups are resolved to GIDs, SMBD caches this information in a
user authentication structure so it does not have to look up the info
again each time the user accesses a file or directory.  


Dave Daugherty

More information about the samba-technical mailing list