Il 08/05/2012 21:37, Kevin Elliott ha scritto:
Interesting.
I'l try this and see what happens.
Any idea why setting such an aggressive cache refresh time for the idmap issue
could resovle this?
My server is still in test, so I don't know what will happen when
hundreds of users became to connect. As a reference, in the current
working server with samba Version 3.0.33-3.29.el5_7.4 the parameter
idmap cache time is set to the default (900).
I wonder about such difference (900 vs 604800) and I did use 900 instead
of 300. Now it looks good (after 1 day), but I'll keep in test for some
while.
I also had bad mapping problems: winbind reported uncorrect number of
groups and wrong group for some users.
I guess this is also related to the cache because after yesterday is
working correctly and I don't know why (may be: net cache flush or some
smb.conf parameter or ...).
I also verified that setting idmap uid and idmap gid at a value like
10000-20000 does not work (I have no unix user or group in the range
1000-65000, so I supposed the range 10000-20000 was equivalent to
15000-25000 ...)
My actual settings are:
[global]
workgroup = CED
realm = CED.AOS
server string = Samba Server Version %v
security = ADS
password server = 172.18.10.24 172.18.10.23
name resolve order = lmhosts host bcast
passdb backend = tdbsam
ldap ssl = no
idmap uid = 100000-200000
idmap gid = 100000-200000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
cups options = raw
winbind cache time = 300
idmap cache time = 900
encrypt passwords = yes
Regards
Daniele Bernazzi
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba