[Samba] Advice on Winbindd and NTLM Auth Performance
L.P.H. van Belle
belle at bazuin.nl
Fri Sep 1 10:10:47 UTC 2017
ok, i suggest, you start here.
Now i can type out a correct config, below is missing multiple things.
So i preffer you read above, adjust and post the smb.conf again (! before you apply it on the server)
As pointer, where are the IDMAP lines for example.
This way, we can tell whats still wrong, and why, and this should result in a better understanding for you.
and in the end a small and good smb.conf.
Last, if your able to upgrade to Fedora 26, you get samba 4.6.7, which i really advice.
Van: Arnab Roy [mailto:arniekol at gmail.com]
Verzonden: vrijdag 1 september 2017 11:53
Aan: L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Advice on Winbindd and NTLM Auth Performance
Yes of course that would help duh! apologies the OS is fedora 25 Samba version samba-4.5.10-0.fc25.x86_64
server string = Samba Server MY-NETWORKS
hosts allow = 127.
log file = /var/log/samba/log-MY-NETWORKS.%m
log level = 0
max log size = 50
security = ads
encrypt passwords = yes
passdb backend = tdbsam
load printers = no
cups options = raw
printcap name = /dev/null
allow trusted domains = yes
ntlm auth = yes
password server = x.x.x.x y.y.y.y
pid directory = /var/run/samba/my-networks.com
lock directory = /var/cache/samba/my-networks.com
private dir = /var/cache/samba/my-networks.com
winbindd socket directory = /var/cache/samba/my-networks.com
winbindd privileged socket directory = /var/cache/samba/my-networks.com/winbindd_privileged
smb passwd file = /var/cache/samba/my-networks.com
state directory = /var/cache/samba/my-networks.com
cache directory = /var/cache/samba/my-networks.com
ntp signd socket directory = /var/cache/samba/my-networks.com
winbind offline logon = true
socket options = TCP_NODELAY IPTOS_LOWDELAY
getwd cache winbind
max domain connections = 250
winbind max clients = 5000
My question can I cache the logins or do something to speed things up ?
On Fri, Sep 1, 2017 at 10:43 AM, L.P.H. van Belle via samba <samba at lists.samba.org> wrote:
Is suggest, post you OS info and smb.conf that helps.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Arnab Roy via samba
> Verzonden: vrijdag 1 september 2017 11:36
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Advice on Winbindd and NTLM Auth Performance
> Hi All,
> I am using winbind and ntlm auth in Freeradius. At the moment
> that seems to be a major bottleneck. It seems like the
> ntlm_auth execution is taking a while , what all options can
> improve this .
> For starters adding TCP_NODELAY in smb.conf seems to have
> helped a little.
> Many Thanks
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the
More information about the samba