subject:"\[Samba\] Too much init_sam_from

Re: [Samba] Too much init_sam_from_ldap...

2009-09-30 Thread Bruno MACADRE

Bruno MACADRE a écrit :
 Hi !
 
I'm working in a educational administration, i've made a domain with
 a Samba 3.4.1 PDC with a LDAP backend. When a user log into an XP
 Workstation, i see in the log file a lot of init_sam_from_ldap. In
 fact, instead of scanning only the user who try to connect, a lot of
 them are scanned. I've got about 600 account into the LDAP so the time
 needed by the user to connect into the workstation is a little increased.
 
The problem is also more important when i've pratices sessions
 because i've between 16 and 64 users that try to log onto the domain at
 the same time. I see init_sam_from_ldap into all of workstation log
 files (on the samba server) and the load average of the LDAP server
 increase dramatically... On a practice session with only 16 users
 connecting at the same time, the elapsed time before the user can use
 his workstation is between 5 and 10 minutes !!! When only 1 user try to
 connect (from the same workstation) the time is lesser than 20 seconds...
 
How can I stop (or limit) all of this init_sam_from_ldap..., to let
 all of my students working properly ??
 
Thanks by advance,
Bruno
 
 Following : Usefull informations
 
 * Sample of workstation SAMBA logfile :
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: benoijod
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
 [2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 2
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (12268, 1) - sec_ctx_stack_ndx = 0
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(12268, 1) : sec_ctx_stack_ndx = 1
 [2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 0
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
 [2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
  push_conn_ctx(102) : conn_ctx_stack_ndx = 1
 [2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: chevamic
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: delapmic
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: demarjoh
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: ouldbahm
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: molinste
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: baerrud
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: brihifay
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: chomacam
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: colomben
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: ducroant
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: ouldmyou
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: mokadabd
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: antiomar
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: andrirad
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: aprilame
 ...
 [2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: duperjon
 ...
 ...
 ...
 
 * The LDAP Server : DELL PowerEdge 2950 with 2x QuadCore and 4Gb Memory
 * The SAMBA PDC : DELL PowerEdge 1950 with 2x QuadCore and 4Gb Memory
 
 
 PS: Sorry for my poor english :-)
 

I investigate a little more since my last mail :

I've downgraded my SAMBA 3.4.1 to SAMBA 3.3.7 the problem is the same.

Re: [Samba] Too much init_sam_from_ldap...

2009-09-30 Thread Bruno MACADRE

Finally i've opened a bug on samba.org (Bug #6771).

At this time i've made a workaround using pdbedit during the night to
translate an ldapsam backend into smbpasswd backend :

# pdbedit -i ldapsam:ldap://ldapserver/; -e
smbpasswd:/var/lib/samba/private/smbpasswd

It's a really bad workaround but i can't stop my production anymore...

With this workaround the time needed for 1 user to log into any
workstation is lesser than 5 seconds (it's amazing ^^)

I hope that somebody find something better than my workaround, i don't
like this kind of poor work...

regards,
Bruno
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Too much init_sam_from_ldap...

2009-09-29 Thread Bruno MACADRE


Hi !

   I'm working in a educational administration, i've made a domain with 
a Samba 3.4.1 PDC with a LDAP backend. When a user log into an XP 
Workstation, i see in the log file a lot of init_sam_from_ldap. In 
fact, instead of scanning only the user who try to connect, a lot of 
them are scanned. I've got about 600 account into the LDAP so the time 
needed by the user to connect into the workstation is a little increased.


   The problem is also more important when i've pratices sessions 
because i've between 16 and 64 users that try to log onto the domain at 
the same time. I see init_sam_from_ldap into all of workstation log 
files (on the samba server) and the load average of the LDAP server 
increase dramatically... On a practice session with only 16 users 
connecting at the same time, the elapsed time before the user can use 
his workstation is between 5 and 10 minutes !!! When only 1 user try to 
connect (from the same workstation) the time is lesser than 20 seconds...


   How can I stop (or limit) all of this init_sam_from_ldap..., to 
let all of my students working properly ??


   Thanks by advance,
   Bruno

Following : Usefull informations

* Sample of workstation SAMBA logfile :
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: benoijod
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
 push_conn_ctx(102) : conn_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
 pop_sec_ctx (12268, 1) - sec_ctx_stack_ndx = 0
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
 push_sec_ctx(12268, 1) : sec_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
 push_conn_ctx(102) : conn_ctx_stack_ndx = 0
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
 push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: chevamic
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: delapmic
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: demarjoh
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: ouldbahm
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: molinste
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: baerrud
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: brihifay
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: chomacam
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: colomben
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: ducroant
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: ouldmyou
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: mokadabd
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: antiomar
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: andrirad
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: aprilame
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: duperjon
...
...
...

* The LDAP Server : DELL PowerEdge 2950 with 2x QuadCore and 4Gb Memory
* The SAMBA PDC : DELL PowerEdge 1950 with 2x QuadCore and 4Gb Memory


PS: Sorry for my poor english :-)

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Too much init_sam_from_ldap...

Re: [Samba] Too much init_sam_from_ldap...

[Samba] Too much init_sam_from_ldap...

3 matches

Site Navigation

Mail list logo

Footer information