[Samba] Winbind and caching - idmap, DC

Rowland penny rpenny at samba.org
Fri Oct 18 19:44:37 UTC 2019


On 18/10/2019 20:43, Ralph Böhme wrote:
> Hi Rowland,
>
>> Am 18.10.2019 um 21:36 schrieb Rowland penny via samba <samba at lists.samba.org>:
>>
>> On 18/10/2019 20:30, Ralph Boehme via samba wrote:
>>>> This issue is intermittent, but seems to be more likely the more DCs and sites there are in the domain. Likely some AD DS misconfiguration is involved too, as I see sometimes Winbind connecting to a DC in a wrong site, but that is also outside of my control. There is also a timeout value outside of my control that limits how long I can wait and retry for.
>>> I'd say either fix your script to precreate ranges, as you have the
>>> SIDs, SIDs tell you the domain, so you should be able to provision and
>>> autorid config right from the start.
>>>
>>> Alternatively, write a tool that only wipes the idmap cache entries in
>>> gencache, eg net cache idmap flush or similar.
>>>
>>> -slow
>>>
>> Hi Ralph, could you please update this wikipage with some of that:
>>
>> https://wiki.samba.org/index.php/Idmap_config_autorid
> oh, will do. :)))
>
> -slow
>
Thanks :-) ;-)

Rowland





More information about the samba mailing list