[Samba] winbind : suspend nightmare
Jon Gerdes
gerdesj at blueloop.net
Thu Oct 24 12:53:53 UTC 2019
On Wed, 2019-10-23 at 22:21 -0700, Jeremy Allison wrote:
> On Wed, Oct 23, 2019 at 11:58:33PM +0000, Jon Gerdes wrote:
> > winbind has a concept of offline and online but I don't know what
> > that
> > is, nor how nss works with it. I've tried using smbcontrol to tell
> > winbind it is offline or online but that does not seem to work.
> > Restarting winbind normally gets my account working again. If I had
> > to
> > guess, then offline and online mean "network available" (layer 2/3)
> > and
> > not "AD available" (layer 3/4)
>
> I implemented the 'winbind offline' code many years ago
> whilst working for SuSE to cover this exact use case.
>
> It detects when it can't contact a DC and puts itself
> into the 'offline' mode, which means serve logins out
> of local cache. It should do this for whatever reason
> when it can't talk to a DC (network fail, DC not
> found etc. etc.).
>
> On startup if winbind can't talk to a DC it sets
> a retry timer to go off every 10 seconds to try
> and re-connect to the DC. It keeps that timeout
> until it does contact a DC, when it resets the
> reconnect timer to be 30 seconds. If it loses
> connection to the DC after it has once made
> connection it puts itself in offline mode and
> then retries every 30 seconds.
>
> The long (30) second timeout can be changed
> by setting the parameter:
>
> winbind reconnect delay = X.
>
> Hope this helps !
>
> Jeremy.
Jeremy
Thanks for that. I was steeling myself to diving into the code but
having the author describe it is fantastic.
Cheers
Jon
More information about the samba
mailing list