[Samba] winbind causing huge timeouts/delays since 4.8
aspannagel at gmx.de
Fri Feb 22 23:01:30 UTC 2019
Am 22.02.19 um 23:02 schrieb Rowland Penny via samba:
> So, you are trying to use 4 different methods of authentication on the
> same Samba server, Unix, sssd, winbind and ldap, and you expect this to
> work ?
No. we use max. 3 auth providers: (1. and 2. on all unix servers)
1. unix (local passwd)
for static OS/service accounts across all our env
2. sssd (with unix ldap servers as provider)
unix experienced user and application related service accounts
for windows users/services needing access to a group of unix servers
All that worked fine in coexistence since years and just stopped working
smoothly with update to samba-4.8 and can be fixed with provided patches
that fixes patch from Bug#13503 from mid of 2018.
Initial also provided config changes to fix the issues, but they are
> I repeat, from a Samba point of view, your smb.conf is borked, see here
> for more info:
Will take a look, but not certain what configuration options you want
point me too.
> You do not need winbind and sssd on the same Samba server, they do the
> same thing, pick one and delete the other.
They don't - as stated above we use sssd for query/caching entries from
our ldap directory server and not Windows DomainConmtrollers - also this
is possible, but makes more trouble and don't provide what samba's
> Your borked smb.conf is trying to be a Unix domain member, you do not
> use ldap in smb.conf
Samba authenticate and caching AD accounts is working as expected and
> If your smb.conf is set up correctly, your active directory users will
> become Unix users as well.
Indeed it works just fine.
> You can if you so wish, go to git-lab and creating a fork and make your
> changes there, see here for more info:
Thanks for point me there, will take a look.
More information about the samba