[Samba] Advice on Winbindd and NTLM Auth Performance

L.P.H. van Belle belle at bazuin.nl
Fri Sep 1 10:10:47 UTC 2017


ok, i suggest, you start here.
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member 
 
Now i can type out a correct config, below is missing multiple things. 
So i preffer you read above, adjust and post the smb.conf again (! before you apply it on the server) 
As pointer, where are the IDMAP lines for example.
 
This way, we can tell whats still wrong, and why, and this should result in a better understanding for you. 
and in the end a small and good smb.conf. 
 
Last, if your able to upgrade to Fedora 26, you get samba 4.6.7, which i really advice. 
 
 
 
Greetz, 
 
Louis
 
 
 
 

Van: Arnab Roy [mailto:arniekol at gmail.com] 
Verzonden: vrijdag 1 september 2017 11:53
Aan: L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Advice on Winbindd and NTLM Auth Performance



Hi Louis, 

Yes of course that would help duh! apologies the OS is fedora 25 Samba version samba-4.5.10-0.fc25.x86_64 


smb.conf


server string = Samba Server MY-NETWORKS
hosts allow = 127.
log file = /var/log/samba/log-MY-NETWORKS.%m
log level = 0
max log size = 50


security = ads
encrypt passwords = yes
passdb backend = tdbsam
load printers = no
cups options = raw
printcap name = /dev/null
allow trusted domains = yes
ntlm auth = yes


WORKGROUP=MY-NETWORKS
REALM=my-networks.com
password server = x.x.x.x y.y.y.y
pid directory = /var/run/samba/my-networks.com
lock directory = /var/cache/samba/my-networks.com
private dir = /var/cache/samba/my-networks.com
winbindd socket directory = /var/cache/samba/my-networks.com
winbindd privileged socket directory = /var/cache/samba/my-networks.com/winbindd_privileged
smb passwd file = /var/cache/samba/my-networks.com
state directory = /var/cache/samba/my-networks.com
cache directory = /var/cache/samba/my-networks.com
ntp signd socket directory = /var/cache/samba/my-networks.com
winbind offline logon = true


socket options = TCP_NODELAY IPTOS_LOWDELAY
getwd cache winbind
max domain connections = 250
winbind max clients = 5000



My question can I cache the logins or do something to speed things up ?


TIA


On Fri, Sep 1, 2017 at 10:43 AM, L.P.H. van Belle via samba <samba at lists.samba.org> wrote:
Hai,

Is suggest, post you OS info and smb.conf that helps.


Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Arnab Roy via samba
> Verzonden: vrijdag 1 september 2017 11:36
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Advice on Winbindd and NTLM Auth Performance
>
> Hi All,
>
> I am using winbind and ntlm auth in Freeradius. At the moment
> that seems to be a major bottleneck. It seems like the
> ntlm_auth execution is taking a while , what all options can
> improve this .
>
> For starters adding TCP_NODELAY in smb.conf seems to have
> helped a little.
>
> Many Thanks


> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba




More information about the samba mailing list