[Samba] winbindd: Exceeding 200 client connections,
no idle connection found
Jason Haar
Jason.Haar at trimble.co.nz
Wed Feb 20 03:28:03 GMT 2008
Elvar wrote:
> I know I'm beating a dead dog asking about this but I still haven't
> seen a resolution. Can anyone out there tell me how to fix this? When
> this happens my users cannot get past the Squid proxy and are
> presented with an authentication popup window in their browser which
> does not let them past until the 200 connections limit is no longer
> maxed out. There are probably 500 computers total at this facility and
> sometimes more than 200 connections is needed.
>
That doesn't sound right... Squid aggressively caches the lookups so
that winbind doesn't have to keep doing it - you really shouldn't be
hitting that limit. Check your "credentialsttl" settings - they should
be 2hours or the like.
Argh. I've just google'd this: it only applies to Basic auth. I bet
you're using NTLM? Due to the hokey way (technical term ;-) NTLM works,
Squid can't cache the lookups as much (from a posting in 2003 - can't
find anything newer).
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the samba
mailing list