[Samba] Slow Samba - Winbind - NT PDC - low bandwidth - Understanding the reason

Bob Bob bcnuup at optusnet.com.au
Sun Sep 26 06:40:45 GMT 2004 

Hi all.. I apologies for the length.

Run a very old Samba version (2.2.5 - Yes security problems) and winbind 
  on two boxes. One on the same (local) LAN as the NT4 PDC, the other 
(remote) on the end of an often congested link (512K)

This is part of a fairly large WAN - maybe 12 domains and the head "IT 
group" partway through implementing AD. They are also responsible for 
providing WINS for both the local LAN and the remote one. The remote-ish 
Samba box uses the same PDC as the Samba box on the local LAN. There is 
no BDC.

So here is the problem. I am more concerned about understanding rather 
than fixing this. We will no doubt go to a later Linux version that 
includes samba with AD support in the next few months.

The remote Samba box shares that LAN with a W2K server box. The users at 
that end see a large disparity in resource wait time (eg UNC share 
folder openings and printer access) compared to that of those on the 
local LAN between their Samba and W2K server. For example opening a 
printer select dialogue on the local LAN (has two Samba printers on it) 
might take a noticable half second delay but those at the remote end 
might wait 5 seconds. Note that these are resources on their local LAN, 
not a connection over the congested link.

Note that a mapped resource (eg drive letter) is initially slower from 
the Samba server but seems to stay cached for a long period. It is more 
of a problem for UNC shares.

There is little difference in server hardware and there are no ethernet 
issues. Enumeration is off

I am thinking that the problem is in the propogation delay of PDC or 
WINS data from the remote site to either the local PDC or the corporate 
run WINS system. I made (possibly) small inroads by turning off trusted 
domains in smb.conf and setting an environment variable (that escapes me 
at the moment) that restricts winbind to looking for only the domain I 
want information from.

Creating lmhosts entries in the Samba box for the PDC and all other 
servers in the domain  made no perceptible difference nor did creating 
lmhosts in a remote W2K test workstation for the Samba server. I am 
guessing that it isnt a WINS issue but a PDC/authentication one.

I have to assume that there is some caching of user information on the 
remote W2K server that doesnt exist on the Samba box. Would anyone care 
to comment on that? Does the Samba box talk to the PDC a lot or is there 
anything/a setting that might make it talk "too much"?

If it is worth posting my smb.conf pls say so.

Cheers

Bob

More information about the samba mailing list