[Samba] 3.6.8: Winbind/Active Directory: lsass.exe process run cpu to 100%
Heather Choi
hceuterpe at gmail.com
Fri Sep 28 20:52:31 MDT 2012
You definitely should have "files" placed *before* winbind of passwd,
group and shadow, like:
passwd: files winbind
shadow: files winbind
group: files winbind
Otherwise, you will be hitting AD a whole ton for localized users and
definitely root with services running.
On 09/27/2012 02:00 AM, David Touzeau wrote:
> Dear
> I have connected samba 3.6.8 to my Active Directory in the lsass.exe
> run to 100%
> When stopping winbind the lsass.exe CPU is down to 0%
> When set winbindd to debug mode, it seems it try to scan the root user
> every time.
> I would to know how to ban nsswitch to query winbindd for system
> internal users such has root, apache.....
>
> Here it is my nsswitch.conf :
>
> #
> # Example configuration of GNU Name Service Switch functionality.
> # If you have the `glibc-doc-reference' and `info' packages installed,
> try:
> # `info libc "Name Service Switch"' for information about this file.
> bind_policy soft
>
> passwd: compat ldap winbind
> group: compat ldap winbind
> shadow: compat ldap winbind
>
> hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns
> networks: files
>
> protocols: db files
> services: db files
> ethers: db files
> rpc: db files
> netmasks: files
> netgroup: files nis
> publickey: files
> bootparams: files
> aliases: files
> automount: ldap files
>
> Attached file is the winbindd debug mode:
>
>
More information about the samba
mailing list