[Samba] winbindd: Exceeding 200 client connections,
no idle connection found
Elvar
elvar at elvar.org
Fri Apr 11 13:58:37 GMT 2008
Scott Lovenberg wrote:
> Gerald (Jerry) Carter wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Elvar wrote:
>> |
>> | Just an update on this. I recompiled and installed putting in 600
>> as the
>> | max simultaneous clients since they have 550 computers. After having
>> | done that, internet connectivity was working great for about a month
>> | whereas before daily max connections would be reached and users
>> would be
>> | stuck at the proxy auth prompt. Unfortunately the same thing occurred
>> | yesterday. What I don't understand is how it could be reached when the
>> | total number of computers is only 550.
>>
>> Sounds like a web proxy server right ? so the question is
>> whether or not the proxy server is spawning multiple
>> auth requests to handle multiple connection attempts from
>> a single client or not.
>>
>> | Any hints or feedback on this would be greatly appreciated. Output
>> from
>> | the log.winbindd file is below. I only pasted a few of them, but
>> the log
>> | had many listed in a row until the local IT person three finger
>> saluted
>> | the box.
>> |
>> | Also, is there any way to view the current number of winbindd
>> processes
>> | in use? I'd love to monitor that using Zabbix or something and have it
>> | auto respond when the total reaches 590 or something similar.
>>
>> It's more about the number of open fds which includes the
>> ones between parent and child processes. Use lsof to monitor
>> and match the pid with right winbindd process. Also look at
>> what other files winbindd process have opened.
>>
>>
>> |
>> | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850)
>> | winbindd: Exceeding 600 client connections, no idle connection found
>> | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383)
>> | PANIC: assert failed at nsswitch/winbindd.c(383)
>> | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850)
>> | winbindd: Exceeding 600 client connections, no idle connection found
>> | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383)
>>
>> which log file are these showing up in? And what version
>> of Samba is this?
>>
>> |
>> |
>> |
>> | Kind regards,
>> | Elvar
>> |
>>
>>
> Not sure if it means anything, but aren't there a number of addons
> that use squid (ntlm_auth?) as an interface between samba and apache
> or PAM? I've never been brave enough to go down that road, but
> perhaps they've got something like that going on? 'lsof' should tell
> the tale if that's the case, I suppose.
Yes, Squid comes with it's own NTLM AUTH mechanism but it does not
support the --require-membership option which allows me to force users
to be a part of a specific "internet access" group. That's why I'm using
winbindd.
Elvar
More information about the samba
mailing list