Good to know, and your description fits my understanding of this issue
and reproduces my scenario well.
Basically all I have to to render the server completely unresponsive
(even basic command line stuff) is take _any_ domain offline.
This seems to mean winbind's caching is not behaving as designed.
François Legal wrote:
I don't know if it helps, but I ran through similar problems with one
samba DC trusting another domain connected via a VPN.
Each time the VPN went down, I had to hard reboot the server (no I did not
have an open session all the time to kill winbindd).
As far as I remember, this was with self built versions 3.2.4 through
3.2.6.
After that, I decided to surrender with trusting another domain with
samba.
François
On Fri, 16 Oct 2009 13:59:45 -0600, <ad...@ateamonsite.com> wrote:
Ok I am not hearing replies back - I dont want this issue to be swept
under
the rug.
It has been a issue for me since SuSE 10.1 + samba-3.0.30-0.1.112 even..
I know now that the commands I was telling you all access UN/PW info
such
as LS or MAN etc, to see if you have permission to run them? IDK I am
guessing.
BUT - if winbind is really caching and the connection is lost, then this
should be a non-issue as you say.
Well here is my nsswitch.conf:
cat /etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files
aliases: files
hosts: files dns
shadow: compat
Isn't this set up right? ;-)
So, famously when DNS is down, crap like SSH and NFS take unreasonable
amounts of time and cause system hangs in linux. This is what I've been
told, and I can accept that.
Since DNS is hosted on the AD server, when that server goes down, SSH,
and
even local login hang for extremely long amounts of time - im talking
more
than 10 minutes... then fail.
In Windows (im sorry Im about to compare 2 operating systems) this is a
non
issue and you can use the machine even if the networking is hosed or you
cant talk to the AD.
So.......
BUMP! :-)
On Wed, 14 Oct 2009 16:51:10 -0600, <ad...@ateamonsite.com> wrote:
Hopefully that isn't a bad thing! haha
Thanks!
On Wed, 14 Oct 2009 15:44:54 -0700, Jeremy Allison <j...@samba.org>
wrote:
On Wed, Oct 14, 2009 at 04:02:41PM -0600, ad...@ateamonsite.com wrote:
Hi Jeremy,
Sorry, didn't look too closely at your winbindd issue.
winbindd will cache all information to allow disconnected
operation (we made this work perfectly at SuSE), so there
certainly shouldn't be a problem with a loss of connection to a DC.
I am sorry to report that I am in fact using SuSE, and this problem
is
very
easy to reproduce if I power off my AD domain, then wait (I guess) 10
minutes - then try and ssh to my Linux box. There is no way to log
into
the
box.
Ok, then I'm going to hand you over to the SuSE Samba Team
maintainers on this list (sorry :-).
Jeremy.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
