[Samba] winbindd issues on member server

Robert Gehr robert.gehr at baumann-gmbh.de
Thu Dec 28 08:39:42 GMT 2006 

Hi there

After having posted a while ago about the trouble I had with 3.0.23 I 
gave it another try with 3.0.23d

I installed the current version on our samba PDC and BDC while the 
member server was still running 3.0.22. This setup has worked for a 
couple of weeks with no issues.

I then upgraded the member server two days ago to 3.0.23d and after 
serveral hours I could not connect via ssh to the member server anymore. 
I got no login shell. I could also not log in on the console. 
Fortunately I still had an open session so I killed winbindd and 
immediately I could log in again. Errors in my winbindd log are as follows.

winbindd Exceeding 200 client connections, no idle connection found

and heaps of:
  nsswitch/winbindd.c:request_main_recv(556) malloc failed

The "malloc failed" entries I also get under 3.0.22 which works OK

Another thing that happened was that all of a sudden users had no write 
permissions on shares anymore they could write to a couple of minutes 
before. After logging in anew to the domain they could write again to 
the shares.

So I am back on 3.0.22


The system is not the most up to date because it's the our main 
fileserver and we don't want to play too many tricks.

smb.conf of the member server:


  unix charset = ISO8859-1
    display charset = ISO8859-1
    workgroup = MYDOM
    server string = %h (Samba %v)
    interfaces = 10.230.1.1/255.255.0.0
    security = DOMAIN
    password server = pdc, bdc
    deadtime = 10
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    wins server = baadm1
    kernel oplocks = No
    ldap admin dn = cn=root,dc=mydom,dc=de
    ldap group suffix = ou=groups
    ldap idmap suffix = ou=idmap
    ldap machine suffix = ou=computers
    ldap passwd sync = Yes
    ldap suffix = dc=mydom,dc=de
    ldap ssl = start tls
    ldap user suffix = ou=people
    idmap backend = ldap:ldap://pdc.mydom.de
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    winbind trusted domains only = Yes
    acl group control = Yes
    create mask = 00
    force create mode = 0775
    directory mask = 00
    force directory mode = 0775
    map acl inherit = Yes
    veto oplock files = 
/*.sql/*.SQL/*.idx/*.IDX/*.fxp/*.FXP/*.xls/*.doc/*.mdb/*.DBF/*.dbf/*.CDX/*.cdx/*.mdx/*.MDX/*.mmo/*.MMO/*.prg/*.PRG/*.dbt/*.DBT/
    level2 oplocks = No
    strict locking = No
    log level = 1



Some other info that might help.


Host type: i486-suse-linux-gnu
System: Linux bafs1 2.6.8.1 #2 Thu Sep 9 16:57:23 CEST 2004 i686 i686 
i386 GNU/Linux
Architecture: i686

Addons: db db2 linuxthreads noversion
Build CFLAGS: -O2 -mcpu=i486 -march=i486 -g
Build CC: gcc
Compiler version: 2.95.3 20010315 (SuSE)
Kernel headers: UTS_RELEASE
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio


Thanks for your help

-- 
Best Regards
Rob

More information about the samba mailing list