[Samba] Samba-LDAP with 100%CPU with connections in CLOSE_WAIT
Steffen
fenlo at gfz-potsdam.de
Tue Sep 20 14:32:17 UTC 2022
...
> Finally, if you set 'log level = 5' you can see what time each request
> takes, and what it is. Setting the query timeout just as per Windows
> AD will also work (roughly) and provide notice (level 3 at 1/4 the
> timeout) and warnings at log level 1 after the timeout.
>
> See https://bugzilla.samba.org/show_bug.cgi?id=14694 and
> https://www.oreilly.com/library/view/active-directory-cookbook/0596004648/ch04s24.html for a
> description of the limits.
>
> Andrew Bartlett
Hm, we were trying for a long time to get some log entries which show us the requested LDAP-Queries but with no luck.
Which/Where should we adapt the "log level = 5", just in the global section?
currently we have set:
[global]
...
log level = 5 auth:5 auth_audit:10@/var/log/samba/auth_audit.log
ldap debug level = 5
ldap debug threshold = 1
We only have seen ldap-queries for long or outtimed requests. We don't see "normal" ldap-queries. We tried with ldapsearch from CLI.
More information about the samba
mailing list