[Samba] Winbind, cached logons and 'user persistency'...
Marco Gaiarin
gaio at sv.lnf.it
Fri Jan 18 09:02:55 UTC 2019
Mandi! L.P.H. van Belle via samba
In chel di` si favelave...
> Maybe the winbind cache time is set to low for this.
OK. But this look still strange/dangerous to me. Two 'open point':
1) seems to me that there's many 'cache time' parameters:
+ idmap cache time, default 604800 (one week); seems related only to
SID<->GID/UID query, so unrelated here.
+ winbind cache time, default 300 (5 minutes); this seems the
parameter i need to tackle with.
but... HOW work that cache? There's a 'negative' timeout also? Or
simply cache data and use cached data if all DC are not available?
2) in my network i've 7 DCs. Tearing down the main switch i've surely
disconnected all the remote DCs. But still i've two local one, one of
that in the same phisical proxmox server of the DM member that lost
cache. So could be reachable!!
I suppose that a DM will try to contact *all* DCs (at first glance, the
same-site-dc; after all available DCs), right?
There's some things i can do to make sure DCs are alive and kicking?
Ah, DM are 4.8.8+nmu-1~deb9, your packages.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list