[Samba] TLDAP_SERVER_DOWN

Peter Eriksson pen at lysator.liu.se
Thu Feb 11 10:28:23 UTC 2021


I just noticed the following in my log files:

> % fgrep TLDAP /var/log/messages
> Feb 11 01:57:40 balur00 winbindd[70648]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 03:01:00 balur00 winbindd[70648]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 04:01:00 balur00 winbindd[70648]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 05:01:00 balur00 winbindd[70648]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 06:01:00 balur00 winbindd[70648]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 08:01:00 balur00 winbindd[50001]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 09:01:00 balur00 winbindd[50001]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 09:34:19 balur00 winbindd[50001]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 10:01:00 balur00 winbindd[50001]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 10:37:39 balur00 winbindd[50001]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646
> Feb 11 11:01:00 balur00 winbindd[50001]:   idmap_ad_tldap: tldap_context_disconnect: TLDAP_SERVER_DOWN at ../../source3/lib/tldap.c:646


One of the messages seems to coincide with a failed connection attempt:

> /liu/sbin/samba-watchdog: Notice: SMB connection to //balur00/testuser timed out
> Thu Feb 11 11:01:00 CET 2021
> /liu/sbin/samba-watchdog: Notice: SMB connection to //balur00/testuser OK at second attempt


I’m curious about the TLDAP_SERVER_DOWN messages - what does it indicate? Problems communicating with the AD servers? The Kerberos ticket shouldn’t have expired that quickly (samba servers restarted at 07:00)?


Samba 4.13.4 as a file server, FreeBSD 12.2, talking to Microsoft AD servers. 

We restart Samba at 07:00 every morning and run a watchdog-script that basically tries a “smbclient” connection to the server at *:01 every hour and if it takes too long it retries the connection, and if it fails 3 times then restarts Samba (this is to fix the “goes awol after 10 hours”-problem).

Any ideas/suggestions?

- Peter





More information about the samba mailing list