[Samba] winbind + ads: only works for 10 hours?
Jon Noack
noackjr at alumni.rice.edu
Sat Mar 27 09:48:51 GMT 2004
On 3/26/2004 5:14 PM, Andrew Bartlett wrote:
> On Sat, 2004-03-27 at 08:42, Jon Noack wrote:
>> I run FreeBSD 5.2.1 and recently configured Samba 3.0.2a (from
>> ports) for ADS using the FreeBSD-bundled krb5 (Heimdal 0.6, I
>> believe) and OpenLDAP 2.1.28 (from ports). It is setup to
>> authenticate off a Windows 2000 Domain Controller and is primarily
>> used to provide proxy authentication for Squid. I will share more
>> about my configuration if asked, but as it works flawlessly at
>> first I think it's something minor.
>>
>> Everything works quite well until 10 hours after winbindd was
>> started. Then requests get denied. I set up a cron job to
>> demonstrate this. The cron job just logs the time and the output
>> of "wbinfo -t" every five minutes:
>>
>> I suppose I could restart winbindd every 9 hours...
>
> Fixes for this are in the current CVS tree. We now fetch a new
> ticket as the old ticket expires.
Andrew,
Thanks for the info. I found bug #1208 (from
http://cvs.samba.org/cgi-bin/cvsweb/samba/source/libads/kerberos.c) and
will watch there for any further developments.
Am I correct in assuming these fixes will be in 3.0.3 (so I can get an
idea of when I can put this into production)?
Thanks again,
Jon
More information about the samba
mailing list