[Samba] Offline authentication issue: authentication / nss hangs

Florian Gleixner flo at redflo.de
Sat Mar 16 13:55:36 MDT 2013


i am using winbind to get user/group information and authentication from
a AD. It works well when the AD is fully reachable and when i'm not
Whenever i use a normal internet connection, name services and
authenication need some 10 minutes to work and get stuck sometimes. I
use opensuse 12.2 with samba 3.6.7. I have set:

winbind offline logon = yes
winbind refresh tickets = yes

and i use the "ad" idmap backend.

The AD is worldwide resolvable (DNS) but one cannot query or
authenticate worldwide.

Is there any setting to change timeout values?
Is the DNS resolvability the cause?

Another thing i noticed: The credential cache and/or the name service
cache gets invalidated sometimes. Is it possible to change settings
here? What causes a cache invalidation?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20130316/34e53189/attachment.pgp>

More information about the samba mailing list