[Samba] winbind stop working
samba.10.danber at spamgourmet.com
Wed May 9 03:16:42 MDT 2012
Il 08/05/2012 21:37, Kevin Elliott ha scritto:
> I'l try this and see what happens.
> Any idea why setting such an aggressive cache refresh time for the idmap issue could resovle this?
My server is still in test, so I don't know what will happen when
hundreds of users became to connect. As a reference, in the current
working server with samba Version 3.0.33-3.29.el5_7.4 the parameter
idmap cache time is set to the default (900).
I wonder about such difference (900 vs 604800) and I did use 900 instead
of 300. Now it looks good (after 1 day), but I'll keep in test for some
I also had bad mapping problems: winbind reported uncorrect number of
groups and wrong group for some users.
I guess this is also related to the cache because after yesterday is
working correctly and I don't know why (may be: net cache flush or some
smb.conf parameter or ...).
I also verified that setting idmap uid and idmap gid at a value like
10000-20000 does not work (I have no unix user or group in the range
1000-65000, so I supposed the range 10000-20000 was equivalent to
My actual settings are:
workgroup = CED
realm = CED.AOS
server string = Samba Server Version %v
security = ADS
password server = 172.18.10.24 172.18.10.23
name resolve order = lmhosts host bcast
passdb backend = tdbsam
ldap ssl = no
idmap uid = 100000-200000
idmap gid = 100000-200000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
cups options = raw
winbind cache time = 300
idmap cache time = 900
encrypt passwords = yes
More information about the samba