[Samba] High cpu load on LDAP

Heinz Hölzl heinz.hoelzl at gvcc.net
Mon Sep 19 14:04:46 UTC 2022

I often have the problem of high load on the LDAP processes.
1-3 LDAP processes cause 100% cpu load for approx. 10 sec. This happens
regularly in intervals of 2-3 minutes.
How can I find out which client is causing this load and why?
How can I configure the logging to see who/what is causing the LDAP
We have about 5000 users, 4000 clients in our AD with 4 DCs with Samba



# Global parameters
	bind interfaces only = Yes
	interfaces = lo ens3
	netbios name = DC1
	realm = XXXX.NET
	workgroup = XXXX
	server role = active directory domain controller
	idmap_ldb:use rfc2307 = yes
	comment = 
	template homedir = /home/%U
 	template shell = /bin/bash
	ldap server require strong auth = No
	ntlm auth = Yes 
        log level = auth_json_audit:0 auth_audit:3
	logging = syslog
	password hash gpg key ids = "4FE6CFC510ADE7B9"
	dns forwarder =
	dns update command = /usr/local/samba/sbin/samba_dnsupdate --
	logon script = login.bat

More information about the samba mailing list