[Samba] samba problems. accounts expire after a hour, but work after reset

Collen Blijenberg collen at hermanjordan.nl
Tue Mar 13 08:14:03 GMT 2007 

Hi Edmundo, here is the situation:

we have a PDC and BDC running samba 3.0.23d
we have a Application Server running samba 3.0.24 + winbind.
all have fixed (static) IP addresses in the 192.168.2.X segment. (no 
dhcp or whatever)

with resetting, i ment a restart of the samba processes (sorry i was a 
little un clear)
some time's i need to remove the .tdb files (except the secrets.tdb)

what i noticed is that the crash/bug happens at peak hour (150 pc's and 
100 users)
so either samba has too many connections (??) or some other process 
can't handle it
(i was thinking of the mysql deamon, but he has max connections set to 
1000, so that should be enough)
might be the fedora core too ??

so back to testing, i hope the winbind server will keep up today..
btw, no caching name server runnig in the domain...

Cheers, and thx for da input.

Edmundo Valle Neto wrote:
> Collen Blijenberg escreveu:
>> Hi Edmundo, the main problem we have here, is that all out of the 
>> blue, the samba PDC and BDC
>> are giving error's.
>> like TRUST DOMAIN FAILED, or USER AUTH FAILED, MACHINE HAS NO 
>> ACCOUNT. things like that.
>> but the funny part is, there is no reason for the servers to do that, 
>> they run for a few hours (sometimes a day)
>> and then start spitting out these error's.
>>
>> after resetting the PDC, all turns back to normal. and those error's 
>> go away, and samba function as it should be.
>> but then after a while, it's back to the error's again.
>>
>> we do use however the pdb-sql backend for storing the usernames and 
>> all...
>> in that period, of error's the sql get queried. so the backend does 
>> work.
>> and i can't find anny error's generated from the sql backend. also 
>> the sql server is accessible in those error times.
>> (we use it for nss-mysql aswell)
>
> The only similar problem that happened to me once was a problem with 
> an unconfigured network (that was deactivated) in the dhcp server that 
> was running in the same samba server, and I dont remember why it 
> happened.
>
> You said "resetting", restarting samba doesn't make it work? Have you 
> sure that the problem is in samba?
>
>> so either the migration part went wrong (the sid <> uid part +1000), 
>> or samba has a serious bug in the passwd plugin backend ??
>> the winbindd part are for some other servers in the domain.
>
> Where is your winbindd daemon running? In that same server?
> Just a guess, are you using nscd?
>
>> our domain is only accessible for domain accounts, so no guests or 
>> other accounts here. also all machines have registered to the domain
>> no anonymously accounts and all.
>> it's really driving me crazy this bug. cheers
>>
>> Collen
>
> Regards.
>
> Edmundo Valle Neto

More information about the samba mailing list