[Samba] Winbind, cached logons and 'user persistency'...

Marco Gaiarin gaio at sv.lnf.it
Fri Jan 18 09:02:55 UTC 2019

Mandi! L.P.H. van Belle via samba
  In chel di` si favelave...

> Maybe the winbind cache time is set to low for this. 

OK. But this look still strange/dangerous to me. Two 'open point':

1) seems to me that there's many 'cache time' parameters:

  + idmap cache time, default 604800 (one week); seems related only to
    SID<->GID/UID query, so unrelated here.

  + winbind cache time, default 300 (5 minutes); this seems the
    parameter i need to tackle with.

but... HOW work that cache? There's a 'negative' timeout also? Or
simply cache data and use cached data if all DC are not available?

2) in my network i've 7 DCs. Tearing down the main switch i've surely
 disconnected all the remote DCs. But still i've two local one, one of
that in the same phisical proxmox server of the DM member that lost
cache. So could be reachable!!

I suppose that a DM will try to contact *all* DCs (at first glance, the
same-site-dc; after all available DCs), right?

There's some things i can do to make sure DCs are alive and kicking?

Ah, DM are 4.8.8+nmu-1~deb9, your packages.

dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list