[Samba] Re: slow logon with many ldap groups

Hansjörg Maurer Hansjoerg.Maurer at dlr.de
Thu Jan 22 13:03:47 GMT 2009


Hi

can you try

nss_initgroups_ignoreusers ldap

in /etc/ldap.conf

regards

Hansjörg


Robin Harteveld wrote:
>>> Dear all,
>>>
>>> I'm having some problems with my samba-ldap configuration. The server
>>> is 
>>>       
>> a 
>>     
>>> domain controler. Most of the time there is no problem. But when some
>>> use 
>>>       
>> rs 
>>     
>>> try to logon, the workstation gets very slow.
>>> After some testing i found the cause. When a user is a member of many
>>> lda 
>>>       
>> p 
>>     
>>> groups (more then 64), i get the following error:
>>>
>>> "smbd[32384]: nss_ldap: could not get LDAP result - Decoding error"
>>>       
>> 99% that's a nss_ldap bug. Can you try to upgrade that and
>> the openldap libs?
>>
>>
>>     
>
> Thanks Volker,
>
> After the update of nss_ldap the logon problem is solved. All works fine.
>
> Only when i reboot my server it takes very long (about 5 min) to start the 
> named service and another 5 mins to start ldap.
>
> Any idea?
>
>   

-- 
_________________________________________________________________

Deutsches Zentrum fuer Luft- und Raumfahrt e.V.
in der Helmholtz-Gemeinschaft

Institut fuer Robotik und Mechatronik

Dr. Hansjörg Maurer

LAN- und Systemmanager

Münchner Strasse 20
82234 Wessling
Germany 

Telefon: 08153/28-2431 
Telefax: 08153/28-1134

E-Mail: Hansjoerg.Maurer at dlr.de
Internet: http://www.robotic.dlr.de/

__________________________________________________________________


There are 10 types of people in this world, 
those who understand binary and those who don't.



More information about the samba mailing list