[Samba] Unable to use more than 1000 concurrent ntlm_auth processes
Michael Hendrie
michael at hendrie.id.au
Sat Aug 18 07:33:08 MDT 2012
Hi List,
I'm running a heavily loaded squid server that uses ntlm_auth to provide NTLM authentication.
As load has increased over time, I've found the need to increase the number of ntlm_auth processes available to squid as well as the "winbind max clients" value in the smb.conf file. This has worked well up until now but seems I've hit some sort of limit.
If I keep the number of ntlm_auth processes under 1000, all is good. Going above continually produces the messages below in /var/log/messages and the additional helpers unusable:
Aug 16 22:34:17 prox (ntlm_auth): [2012/08/16 22:34:17.342283, 0] utils/ntlm_auth.c:186(get_winbind_domain)
Aug 16 22:34:17 prox (ntlm_auth): could not obtain winbind domain name!
Aug 16 22:34:17 prox (ntlm_auth): [2012/08/16 22:34:17.345335, 0] utils/ntlm_auth.c:186(get_winbind_domain)
Aug 16 22:34:17 prox (ntlm_auth): could not obtain winbind domain name!
Aug 16 22:34:17 prox (ntlm_auth): [2012/08/16 22:34:17.353230, 0] utils/ntlm_auth.c:186(get_winbind_domain)
Aug 16 22:34:17 prox (ntlm_auth): could not obtain winbind domain name!
Aug 16 22:34:17 prox (ntlm_auth): [2012/08/16 22:34:17.358237, 0] utils/ntlm_auth.c:186(get_winbind_domain)
Aug 16 22:34:17 prox (ntlm_auth): could not obtain winbind domain name!
And with winbindd log level on 9, /var/log/samba/winbindd.log shows:
[2012/08/16 22:33:42.352991, 6] winbindd/winbindd.c:768(new_connection)
accepted socket 1032
[2012/08/16 22:33:42.359183, 6] winbindd/winbindd.c:768(new_connection)
accepted socket 1036
[2012/08/16 22:37:59.337941, 2] winbindd/winbindd.c:710(winbind_client_response_written)
Could not write response[14772:INTERFACE_VERSION] to client: Broken pipe
[2012/08/16 22:37:59.338755, 3] winbindd/winbindd_misc.c:352(winbindd_interface_version)
[14607]: request interface version
[2012/08/16 22:37:59.339035, 2] winbindd/winbindd.c:710(winbind_client_response_written)
Could not write response[14607:INTERFACE_VERSION] to client: Broken pipe
[2012/08/16 22:37:59.339319, 3] winbindd/winbindd_misc.c:352(winbindd_interface_version)
[14777]: request interface version
[2012/08/16 22:37:59.339637, 2] winbindd/winbindd.c:710(winbind_client_response_written)
Could not write response[14777:INTERFACE_VERSION] to client: Broken pipe
[2012/08/16 22:42:59.321236, 3] winbindd/winbindd_misc.c:352(winbindd_interface_version)
[14363]: request interface version
[2012/08/16 22:42:59.321588, 2] winbindd/winbindd.c:710(winbind_client_response_written)
Could not write response[14363:INTERFACE_VERSION] to client: Broken pipe
Running distro supplied samba versions:
samba3x.x86_64: 3.5.10-0.110.el5_8
samba3x-common.x86_64: 3.5.10-0.110.el5_8
samba3x-winbind.x86_64: 3.5.10-0.110.el5_8
Does anyone have any suggestions on how to overcome this issue, I am happy to compile from source if there are any options that could help?
Thanks
Mick
More information about the samba
mailing list