[Samba] winbindd crashing -- how to auto-heal?

Rowland Penny rpenny at samba.org
Sat Sep 1 15:20:55 UTC 2018


On Sat, 1 Sep 2018 10:21:17 -0400
Jamie Jackson <jamiejaxon at gmail.com> wrote:

> Hi Rowland,
> 
> Here's the info you asked for.
> 
> $ cat /etc/redhat-release
> Red Hat Enterprise Linux Server release 7.5 (Maipo)
> $ smbcontrol --version
> Version 4.7.1
> 
> smb.conf:
> ------------------------------
> 
> [global]
>         security = ADS
>         realm = REDACTED.WAN
>         encrypt passwords = true
>         workgroup = REDACTED
> 
>         winbind enum users = yes
>         winbind enum groups = yes
>         winbind nested groups = yes
>         winbind use default domain = yes
>         winbind refresh tickets = yes
>         idmap config * : backend = autorid
>         idmap config * : range = 1000000-2999999999
>         template homedir = /home/%D/%U
>         template shell = /bin/bash
>         log level = 1
>         debug pid = true
>         max log size = 0
>         nt acl support = Yes
>         map acl inherit = Yes
>         client use spnego = Yes
>         preferred master = no
>         printing = bsd
>         printcap name = /dev/null
>         disable spoolss = yes
> 
> ## These came from http://www.howtoforge.com/samba_active_directory
> #        socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
> #        os level = 20
> #        dns proxy = no
> #        disable netbios = Yes
> ## Required by infosec to pass scan.  Added 10-18-2011 GLS
>         guest account = nobody
>         restrict anonymous = 1
> 
> #### Debugging/Accounting ####
> 
> # This tells Samba to use a separate log file for each machine
> # that connects
>    log file = /var/log/samba/log.%m
> 
> # Put a capping on the size of the log files (in Kb).
> #   max log size = 1024
> 
> # We want Samba to log a minimum amount of information to syslog.
> Everything # should go to /var/log/samba/log.{smbd,nmbd} instead. If
> you want to log # through syslog you should set the following
> parameter to something higher. syslog = 0
> 
> # Do something sensible when Samba crashes: mail the admin a backtrace
>    panic action = /usr/share/samba/panic-action %d
> ------------------------------
> 

Is there some reason for using the autorid backend ?
Most people use the 'ad' or 'rid' backend.
Are you also using sssd ?

You are running Samba as a Unix domain member, so I expect your machine
is joined to the domain.

Rowland



More information about the samba mailing list