[Samba] Advice on Winbindd and NTLM Auth Performance

Arnab Roy arniekol at gmail.com
Fri Sep 1 22:30:53 UTC 2017


Hello Everyone,

Thanks for your inputs I have followed whats here https://wiki.freeradius.
org/guide/Active-Directory-direct-via-winbind . Apart from the different
location for the directories. I have added the recommended options in samba.

However I cannot see why this would make a difference to performance.

The guide for setting up a samba domain member seems more to be aimed at
the whole samba stack I only need winbind is that not correct?

Apologies I'm new to samba.

Many Thanks
Arnab

On Fri, Sep 1, 2017 at 11:53 AM, Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Fri, 1 Sep 2017 10:52:44 +0100
> Arnab Roy via samba <samba at lists.samba.org> wrote:
>
> > Hi Louis,
> >
> > Yes of course that would help duh! apologies the OS is fedora 25 Samba
> > version samba-4.5.10-0.fc25.x86_64
> >
> > smb.conf
> >
> > server string = Samba Server MY-NETWORKS
> > hosts allow = 127.
> > log file = /var/log/samba/log-MY-NETWORKS.%m
> > log level = 0
> > max log size = 50
> >
> > security = ads
> > encrypt passwords = yes
> > passdb backend = tdbsam
> > load printers = no
> > cups options = raw
> > printcap name = /dev/null
> > allow trusted domains = yes
> > ntlm auth = yes
> >
> > WORKGROUP=MY-NETWORKS
> > REALM=my-networks.com
> > password server = x.x.x.x y.y.y.y
> > pid directory = /var/run/samba/my-networks.com
> > lock directory = /var/cache/samba/my-networks.com
> > private dir = /var/cache/samba/my-networks.com
> > winbindd socket directory = /var/cache/samba/my-networks.com
> > winbindd privileged socket directory = /var/cache/samba/
> > my-networks.com/winbindd_privileged
> > smb passwd file = /var/cache/samba/my-networks.com
> > state directory = /var/cache/samba/my-networks.com
> > cache directory = /var/cache/samba/my-networks.com
> > ntp signd socket directory = /var/cache/samba/my-networks.com
> > winbind offline logon = true
> >
> > socket options = TCP_NODELAY IPTOS_LOWDELAY
> > getwd cache winbind
> > max domain connections = 250
> > winbind max clients = 5000
> >
> > My question can I cache the logins or do something to speed things
> > up ?
> >
>
> You could try setting up Samba correctly, even allowing for the fact
> you are using sssd (not supported by Samba), there is a lot there that
> shouldn't be there, see here:
>
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list