Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Dear Jeremy, I have the same issue in my customer. The samba's version is 3.0.36 and we have issues with winbindd limit max 200 conections. In pcap, we have the result: GET_DFS_REFERRALS and user anonymous is show in results. in the beginning,we thought the problem was related to viruses. Pcap: 166390 3127.645327 192.168.24.247 192.168.24.13 SMB Session Setup AndX Response 166392 3127.646862 192.168.24.2192.168.24.247 SMB Tree Connect AndX Request, Path: \\DSFW\\IPC$ 166393 3127.646884 192.168.24.247 192.168.24.2TCP microsoft-ds > miva-mqs [ACK] Seq=520 Ack=2952 Win=16380 Len=0 166394 3127.647414 192.168.24.247 192.168.24.2SMB Tree Connect AndX Response 166395 3127.648124 192.168.24.2192.168.24.247 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: 166396 3127.648201 192.168.24.247 192.168.24.2SMB Trans2 Response, QUERY_PATH_INFO, Error: STATUS_NETWORK_ACCESS_DENIED I also discovered that the problem is occurring on connections that are in CLOSE_WAIT state, so it is affecting the number of 200 connections. Can you help me? -- View this message in context: http://samba.2283325.n4.nabble.com/winbindd-Exceeding-200-client-connections-no-idle-connection-found-tp2453096p3433310.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Tue, Jul 14, 2009 at 04:09:18PM +0200, Rene wrote: > > Hi there, > > got the same problem on a Samba 3.3.1 installation. > > winbindd log is filling up faster than logrotate is able to clean it, > and my machine finally ends up with a full partition. > > Searched the Web now half the day and found that it should be solved in > 3.2.8. Is there any other known Issue how this behavior can occur? No, this should be fixed in the latest 3.3.x (and 3.2.8 and above). Can you try upgrading to 3.3.6 (latest 3.3.x release) or 3.4.0 and let us know if the problem happens again please ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Rene wrote: > Jeremy Allison schrieb: >> On Mon, Jul 13, 2009 at 11:53:15AM -0400, Linux Addict wrote: >>> On Sun, Mar 22, 2009 at 3:37 PM, Elvar wrote: >>> Elder Souza wrote: > No prob Jeremy, thanx for your help! > > Elder Souza > (71) 9972-7573 / (71) 8801-5734 > > > On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison wrote: > > > >> On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: >> >> >>> It has been fixed after what version? Do you know? >>> >>> >> Don't have the time to check the release >> notes right now, but it's definately fixed >> in 3.0.32 and 3.2.4. >> >> Jeremy. >> >> >> I just downloaded version 3.0.33 and when I view the local.h file I still see 200 defined as the max simultaneous connections. Is it really fixed? Some of my installations require more than 200 simultaneous connections. I'm still using an older version but until I modified this to 400+ I had problems. /* Max number of simultaneous winbindd socket connections. */ #define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba >>> >>> >>> >>> I am using 3.2.4 but I still get this messages. I had many production >>> servers hit 100% CPU due to winbind. I had to stop winbind 3 times >>> through >>> rc script to stop winbind. >>> >>> I didn't have verbose log enabled, but I would go straight and >>> upgrade if >>> you guys think this is resolved in latest versions. >> >> Ah. My statement that this was fixed in 3.2.4 was wrong, sorry >> about that. >> >> I've checked back in the release notes and the fix for this >> bug (3204) was discovered by Richard Sharpe in Jan 2009, >> and 3.2.4 dates from 18 September 2008. >> >> The fix went into the 3.2 tree on 2009-01-08, and so >> it will have been fixed on the 03 February 2009 release >> Samba 3.2.8 and above. Sorry for the mistake in claiming >> it was fixed in 3.2.4. >> >> Jeremy. > > > Hi there, > > got the same problem on a Samba 3.3.1 installation. > > winbindd log is filling up faster than logrotate is able to clean it, > and my machine finally ends up with a full partition. > > Searched the Web now half the day and found that it should be solved in > 3.2.8. Is there any other known Issue how this behavior can occur? > > > René The same problem was experienced in a 4200 user site with 3.3.2 but has not happened since 3.3.4 went in. The problem first occurred with 3.0.30, also with 3.2.3, then moved to 3.3.2, and in each case was highly intermittent and we could not get a lock on what was causing it because it was always a sudden-death problem that blew up the /var/log/samba file system. At its worst the problem ate up 72GB of storage in a matter of minutes. Also, only one server out of a dozen was ever affected. This makes the matter highly suspicious. I would suggest moving to 3.3.4 or later, but do not rule out that you may have a platform integrity problem. Perhaps one of the library files is damaged. cheers, John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jeremy Allison schrieb: On Mon, Jul 13, 2009 at 11:53:15AM -0400, Linux Addict wrote: On Sun, Mar 22, 2009 at 3:37 PM, Elvar wrote: Elder Souza wrote: No prob Jeremy, thanx for your help! Elder Souza (71) 9972-7573 / (71) 8801-5734 On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison wrote: On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: It has been fixed after what version? Do you know? Don't have the time to check the release notes right now, but it's definately fixed in 3.0.32 and 3.2.4. Jeremy. I just downloaded version 3.0.33 and when I view the local.h file I still see 200 defined as the max simultaneous connections. Is it really fixed? Some of my installations require more than 200 simultaneous connections. I'm still using an older version but until I modified this to 400+ I had problems. /* Max number of simultaneous winbindd socket connections. */ #define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I am using 3.2.4 but I still get this messages. I had many production servers hit 100% CPU due to winbind. I had to stop winbind 3 times through rc script to stop winbind. I didn't have verbose log enabled, but I would go straight and upgrade if you guys think this is resolved in latest versions. Ah. My statement that this was fixed in 3.2.4 was wrong, sorry about that. I've checked back in the release notes and the fix for this bug (3204) was discovered by Richard Sharpe in Jan 2009, and 3.2.4 dates from 18 September 2008. The fix went into the 3.2 tree on 2009-01-08, and so it will have been fixed on the 03 February 2009 release Samba 3.2.8 and above. Sorry for the mistake in claiming it was fixed in 3.2.4. Jeremy. Hi there, got the same problem on a Samba 3.3.1 installation. winbindd log is filling up faster than logrotate is able to clean it, and my machine finally ends up with a full partition. Searched the Web now half the day and found that it should be solved in 3.2.8. Is there any other known Issue how this behavior can occur? René -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Mon, Jul 13, 2009 at 11:53:15AM -0400, Linux Addict wrote: > On Sun, Mar 22, 2009 at 3:37 PM, Elvar wrote: > > > > > > > Elder Souza wrote: > > > >> No prob Jeremy, thanx for your help! > >> > >> Elder Souza > >> (71) 9972-7573 / (71) 8801-5734 > >> > >> > >> On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison wrote: > >> > >> > >> > >>> On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: > >>> > >>> > It has been fixed after what version? Do you know? > > > >>> Don't have the time to check the release > >>> notes right now, but it's definately fixed > >>> in 3.0.32 and 3.2.4. > >>> > >>> Jeremy. > >>> > >>> > >>> > >> > > I just downloaded version 3.0.33 and when I view the local.h file I still > > see 200 defined as the max simultaneous connections. Is it really fixed? > > Some of my installations require more than 200 simultaneous connections. I'm > > still using an older version but until I modified this to 400+ I had > > problems. > > > > /* Max number of simultaneous winbindd socket connections. */ > > #define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 > > > > > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > > I am using 3.2.4 but I still get this messages. I had many production > servers hit 100% CPU due to winbind. I had to stop winbind 3 times through > rc script to stop winbind. > > I didn't have verbose log enabled, but I would go straight and upgrade if > you guys think this is resolved in latest versions. Ah. My statement that this was fixed in 3.2.4 was wrong, sorry about that. I've checked back in the release notes and the fix for this bug (3204) was discovered by Richard Sharpe in Jan 2009, and 3.2.4 dates from 18 September 2008. The fix went into the 3.2 tree on 2009-01-08, and so it will have been fixed on the 03 February 2009 release Samba 3.2.8 and above. Sorry for the mistake in claiming it was fixed in 3.2.4. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Mon, Jul 13, 2009 at 11:53 AM, Linux Addict wrote: > > > On Sun, Mar 22, 2009 at 3:37 PM, Elvar wrote: > >> >> >> Elder Souza wrote: >> >>> No prob Jeremy, thanx for your help! >>> >>> Elder Souza >>> (71) 9972-7573 / (71) 8801-5734 >>> >>> >>> On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison wrote: >>> >>> >>> On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: > It has been fixed after what version? Do you know? > > Don't have the time to check the release notes right now, but it's definately fixed in 3.0.32 and 3.2.4. Jeremy. >>> >> I just downloaded version 3.0.33 and when I view the local.h file I still >> see 200 defined as the max simultaneous connections. Is it really fixed? >> Some of my installations require more than 200 simultaneous connections. I'm >> still using an older version but until I modified this to 400+ I had >> problems. >> >> /* Max number of simultaneous winbindd socket connections. */ >> #define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 >> >> >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba > > > > > I am using 3.2.4 but I still get this messages. I had many production > servers hit 100% CPU due to winbind. I had to stop winbind 3 times through > rc script to stop winbind. > > I didn't have verbose log enabled, but I would go straight and upgrade if > you guys think this is resolved in latest versions. > > > > winbindd: Exceeding 200 client connections, no idle connection found > [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(955) > winbindd: Exceeding 200 client connections, no idle connection found > [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(974) > winbindd: Exceeding 200 client connections, no idle connection found > [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(955) > winbindd: Exceeding 200 client connections, no idle connection found > [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(974) > winbindd: Exceeding 200 client connections, no idle connection found > [2009/07/09 16:51:41, 1] lib/util_tdb.c:tdb_validate_and_backup(1424) > tdb '/var/lib/samba/winbindd_cache.tdb' is valid > [2009/07/09 16:51:41, 1] lib/util_tdb.c:tdb_validate_and_backup(1434) > Created backup '/var/lib/samba/winbindd_cache.tdb.bak' of tdb > '/var/lib/samba/winbindd_cache.tdb' > [2009/07/09 16:51:41, 0] > winbindd/winbindd_cache.c:initialize_winbindd_cache(2374) > initialize_winbindd_cache: clearing cache and re-creating with version > number 1 > [2009/07/09 16:51:42, 1] lib/util_tdb.c:tdb_validate_and_backup(1424) > tdb '/var/lib/samba/winbindd_cache.tdb' is valid > [2009/07/09 16:51:42, 1] lib/util_tdb.c:tdb_validate_and_backup(1434) > Created backup '/var/lib/samba/winbindd_cache.tdb.bak' of tdb > '/var/lib/samba/winbindd_cache.tdb' > u...@hostname$ rpm -qa |grep sam > samba-client-3.2.4-1 > samba-3.2.4-1 > samba-debuginfo-3.2.4-1 > samba-swat-3.2.4-1 > samba-common-3.2.4-1 > samba-doc-3.2.4-1 > > > > > > Looks like this where the bug was tracked. https://bugzilla.samba.org/show_bug.cgi?id=3204 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Sun, Mar 22, 2009 at 3:37 PM, Elvar wrote: > > > Elder Souza wrote: > >> No prob Jeremy, thanx for your help! >> >> Elder Souza >> (71) 9972-7573 / (71) 8801-5734 >> >> >> On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison wrote: >> >> >> >>> On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: >>> >>> It has been fixed after what version? Do you know? >>> Don't have the time to check the release >>> notes right now, but it's definately fixed >>> in 3.0.32 and 3.2.4. >>> >>> Jeremy. >>> >>> >>> >> > I just downloaded version 3.0.33 and when I view the local.h file I still > see 200 defined as the max simultaneous connections. Is it really fixed? > Some of my installations require more than 200 simultaneous connections. I'm > still using an older version but until I modified this to 400+ I had > problems. > > /* Max number of simultaneous winbindd socket connections. */ > #define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba I am using 3.2.4 but I still get this messages. I had many production servers hit 100% CPU due to winbind. I had to stop winbind 3 times through rc script to stop winbind. I didn't have verbose log enabled, but I would go straight and upgrade if you guys think this is resolved in latest versions. winbindd: Exceeding 200 client connections, no idle connection found [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(955) winbindd: Exceeding 200 client connections, no idle connection found [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(974) winbindd: Exceeding 200 client connections, no idle connection found [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(955) winbindd: Exceeding 200 client connections, no idle connection found [2009/07/09 16:50:36, 0] winbindd/winbindd.c:process_loop(974) winbindd: Exceeding 200 client connections, no idle connection found [2009/07/09 16:51:41, 1] lib/util_tdb.c:tdb_validate_and_backup(1424) tdb '/var/lib/samba/winbindd_cache.tdb' is valid [2009/07/09 16:51:41, 1] lib/util_tdb.c:tdb_validate_and_backup(1434) Created backup '/var/lib/samba/winbindd_cache.tdb.bak' of tdb '/var/lib/samba/winbindd_cache.tdb' [2009/07/09 16:51:41, 0] winbindd/winbindd_cache.c:initialize_winbindd_cache(2374) initialize_winbindd_cache: clearing cache and re-creating with version number 1 [2009/07/09 16:51:42, 1] lib/util_tdb.c:tdb_validate_and_backup(1424) tdb '/var/lib/samba/winbindd_cache.tdb' is valid [2009/07/09 16:51:42, 1] lib/util_tdb.c:tdb_validate_and_backup(1434) Created backup '/var/lib/samba/winbindd_cache.tdb.bak' of tdb '/var/lib/samba/winbindd_cache.tdb' u...@hostname$ rpm -qa |grep sam samba-client-3.2.4-1 samba-3.2.4-1 samba-debuginfo-3.2.4-1 samba-swat-3.2.4-1 samba-common-3.2.4-1 samba-doc-3.2.4-1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Elder Souza wrote: No prob Jeremy, thanx for your help! Elder Souza (71) 9972-7573 / (71) 8801-5734 On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison wrote: On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: It has been fixed after what version? Do you know? Don't have the time to check the release notes right now, but it's definately fixed in 3.0.32 and 3.2.4. Jeremy. I just downloaded version 3.0.33 and when I view the local.h file I still see 200 defined as the max simultaneous connections. Is it really fixed? Some of my installations require more than 200 simultaneous connections. I'm still using an older version but until I modified this to 400+ I had problems. /* Max number of simultaneous winbindd socket connections. */ #define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
No prob Jeremy, thanx for your help! Elder Souza (71) 9972-7573 / (71) 8801-5734 On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote: > On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: > > It has been fixed after what version? Do you know? > > Don't have the time to check the release > notes right now, but it's definately fixed > in 3.0.32 and 3.2.4. > > Jeremy. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote: > It has been fixed after what version? Do you know? Don't have the time to check the release notes right now, but it's definately fixed in 3.0.32 and 3.2.4. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
It has been fixed after what version? Do you know? Elder Souza (71) 9972-7573 / (71) 8801-5734 On Tue, Oct 21, 2008 at 5:41 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote: > On Tue, Oct 21, 2008 at 05:33:09PM -0300, Elder Souza wrote: > > Ok, but it's a production server and I will create another and test 3.2.4 > > version. > > If you want to stay on 3.0.x 3.0.32 is the latest version. > > > Another question: Why winbind can't free connections and how can I > set/change a > > timeout value for these connections? > > It's a bug that has been fixed. > > Jeremy. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Tue, Oct 21, 2008 at 05:33:09PM -0300, Elder Souza wrote: > Ok, but it's a production server and I will create another and test 3.2.4 > version. If you want to stay on 3.0.x 3.0.32 is the latest version. > Another question: Why winbind can't free connections and how can I set/change > a > timeout value for these connections? It's a bug that has been fixed. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Ok, but it's a production server and I will create another and test 3.2.4 version. Another question: Why winbind can't free connections and how can I set/change a timeout value for these connections? Elder Souza (71) 9972-7573 / (71) 8801-5734 On Tue, Oct 21, 2008 at 5:19 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote: > On Tue, Oct 21, 2008 at 05:17:19PM -0300, Elder Souza wrote: > > Linux CentOS 5 Final with: > > > >- samba-common-3.0.25b-1.el5_1.4 > >- samba-client-3.0.25b-1.el5_1.4 > >- samba-3.0.25b-1.el5_1.4 > > > > > > Elder Souza > > (71) 9972-7573 / (71) 8801-5734 > > Ancient. Please upgrade to at least 3.0.32. > > Jeremy. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Tue, Oct 21, 2008 at 05:17:19PM -0300, Elder Souza wrote: > Linux CentOS 5 Final with: > >- samba-common-3.0.25b-1.el5_1.4 >- samba-client-3.0.25b-1.el5_1.4 >- samba-3.0.25b-1.el5_1.4 > > > Elder Souza > (71) 9972-7573 / (71) 8801-5734 Ancient. Please upgrade to at least 3.0.32. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Linux CentOS 5 Final with: - samba-common-3.0.25b-1.el5_1.4 - samba-client-3.0.25b-1.el5_1.4 - samba-3.0.25b-1.el5_1.4 Elder Souza (71) 9972-7573 / (71) 8801-5734 On Tue, Oct 21, 2008 at 4:11 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote: > On Tue, Oct 21, 2008 at 02:40:55PM -0300, Elder Souza wrote: > > Hi! > > > > Somebody knows how can i fix this error? My squid allways show user/pass > > popup in ADS+Squid authentication scheme (auth_proxy). > > > > I got a lot of "winbindd: Exceeding 200 client connections, no idle > > connection found" message in winbind.log > > What Samba version are you using ? This is something that > has been fixed in the 3.2.4 release. > > Jeremy. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Tue, Oct 21, 2008 at 02:40:55PM -0300, Elder Souza wrote: > Hi! > > Somebody knows how can i fix this error? My squid allways show user/pass > popup in ADS+Squid authentication scheme (auth_proxy). > > I got a lot of "winbindd: Exceeding 200 client connections, no idle > connection found" message in winbind.log What Samba version are you using ? This is something that has been fixed in the 3.2.4 release. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd: Exceeding 200 client connections, no idle connection found
Hi! Somebody knows how can i fix this error? My squid allways show user/pass popup in ADS+Squid authentication scheme (auth_proxy). I got a lot of "winbindd: Exceeding 200 client connections, no idle connection found" message in winbind.log -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jason Haar wrote: Elvar wrote: I meant to respond to this a long time ago and I'm sorry for the delay. Yes, I'm using NTLM to authenticate the users to Active Directory requiring specific group membership. If the users don't belong to group "Internet Access" they are denied out. I can stomach the lack of encryption, but with basic proxy auth can they still authenticate to AD? Absolutely. There is no difference in Squid's ntlm_auth functionality between choosing Basic or NTLM/Negotiate. ie you can still do group-based access controls using Basic. Ok, I set this up using only basic and not NTLM and the problem I'm seeing is that it prompts the users for their credentials instead of passing automatically in the background. With NTLM they don't have to type in their username and password which is what I need. They will never be ok with having to type in their creds all the time. I'm guessing I'm stuck with NTLM then? Regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jason Haar wrote: Elvar wrote: I meant to respond to this a long time ago and I'm sorry for the delay. Yes, I'm using NTLM to authenticate the users to Active Directory requiring specific group membership. If the users don't belong to group "Internet Access" they are denied out. I can stomach the lack of encryption, but with basic proxy auth can they still authenticate to AD? Absolutely. There is no difference in Squid's ntlm_auth functionality between choosing Basic or NTLM/Negotiate. ie you can still do group-based access controls using Basic. Excellent, I'll try this out asap. Thanks! Regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Elvar wrote: I meant to respond to this a long time ago and I'm sorry for the delay. Yes, I'm using NTLM to authenticate the users to Active Directory requiring specific group membership. If the users don't belong to group "Internet Access" they are denied out. I can stomach the lack of encryption, but with basic proxy auth can they still authenticate to AD? Absolutely. There is no difference in Squid's ntlm_auth functionality between choosing Basic or NTLM/Negotiate. ie you can still do group-based access controls using Basic. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jason Haar wrote: Elvar wrote: Yes, Squid comes with it's own NTLM AUTH mechanism but it does not support the --require-membership option which allows me to force users to be a part of a specific "internet access" group. That's why I'm using winbindd. This isn't the trusted domain issue that showed up about a month ago is it? i.e do you have trusted domains where their domain controllers are some distance away over a WAN link? You don't mention it explicitly, but I'm guessing you're using NTLM proxy authentication? As such it means Squid (and winbind for that matter) cannot cache any of the authentication requests - they all must go through to the backend domain controllers. And if they are remote (ie high latency compared with LAN-connected DCs), Squid and winbind will spend more and more resources tracking outstanding authentication requests. e.g. a single Web page may contain 10+ images - that's 11 auth attempts - and with NTLM that means 33 HTTP transactions - for one Web page! If you have just a handful of users from remote domains, they will swallow a disproportionate amount of your authentication resources. There's a bit of HTTP/1.1 Keepalive reuse that speeds things up - but effectively it's a cow. If you can stomach the lack of encryption, go back to Basic proxy authentication - squid can cache the hell out of that! I bet you'll find all your problems disappear. I meant to respond to this a long time ago and I'm sorry for the delay. Yes, I'm using NTLM to authenticate the users to Active Directory requiring specific group membership. If the users don't belong to group "Internet Access" they are denied out. I can stomach the lack of encryption, but with basic proxy auth can they still authenticate to AD? Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Elvar wrote: Yes, Squid comes with it's own NTLM AUTH mechanism but it does not support the --require-membership option which allows me to force users to be a part of a specific "internet access" group. That's why I'm using winbindd. This isn't the trusted domain issue that showed up about a month ago is it? i.e do you have trusted domains where their domain controllers are some distance away over a WAN link? You don't mention it explicitly, but I'm guessing you're using NTLM proxy authentication? As such it means Squid (and winbind for that matter) cannot cache any of the authentication requests - they all must go through to the backend domain controllers. And if they are remote (ie high latency compared with LAN-connected DCs), Squid and winbind will spend more and more resources tracking outstanding authentication requests. e.g. a single Web page may contain 10+ images - that's 11 auth attempts - and with NTLM that means 33 HTTP transactions - for one Web page! If you have just a handful of users from remote domains, they will swallow a disproportionate amount of your authentication resources. There's a bit of HTTP/1.1 Keepalive reuse that speeds things up - but effectively it's a cow. If you can stomach the lack of encryption, go back to Basic proxy authentication - squid can cache the hell out of that! I bet you'll find all your problems disappear. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elvar wrote: | | | | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) | | winbindd: Exceeding 600 client connections, no idle connection found | | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | | PANIC: assert failed at nsswitch/winbindd.c(383) | | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) | | winbindd: Exceeding 600 client connections, no idle connection found | | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | | which log file are these showing up in? And what version | of Samba is this? | |> These show up in /var/log/samba/log.winbindd. Samba 3.0.28,1. That would make the most sense but doesn't really indicate which pipe it is talking about. If you can get lsof up and running or use the equivalent or /proc//fd from Linux on FreeBSD to look at open file descriptors, that will help. Using sockstat I found many entries which look similar to below. I'm obviously not pasting them all but I tried to copy / paste some of each. The 4th column over is the FD number of the socket. squidntlm_auth 49260 4 stream -> /var/db/samba/winbindd_privileged/pipe squidntlm_auth 49259 4 stream -> /var/db/samba/winbindd_privileged/pipe root smbd 1137 19 stream -> /var/db/samba/winbindd_privileged/pipe root winbindd 1134 11 stream /tmp/.winbindd/pipe root winbindd 1134 12 stream /var/db/samba/winbindd_privileged/pipe root winbindd 1134 14 stream -> ?? root winbindd 1134 18 stream /var/db/samba/winbindd_privileged/pipe root winbindd 1134 19 stream /var/db/samba/winbindd_privileged/pipe Thanks, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elvar wrote: | | | | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) | | winbindd: Exceeding 600 client connections, no idle connection found | | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | | PANIC: assert failed at nsswitch/winbindd.c(383) | | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) | | winbindd: Exceeding 600 client connections, no idle connection found | | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | | which log file are these showing up in? And what version | of Samba is this? | |> These show up in /var/log/samba/log.winbindd. Samba 3.0.28,1. That would make the most sense but doesn't really indicate which pipe it is talking about. If you can get lsof up and running or use the equivalent or /proc//fd from Linux on FreeBSD to look at open file descriptors, that will help. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/3DbIR7qMdg1EfYRAvZQAKDvvmCYbLTEB5gKF4WP2LKren3+fgCguuV7 lEE0M4C23nxcuIja+F68R0U= =vh8R -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Scott Lovenberg wrote: Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elvar wrote: | | Just an update on this. I recompiled and installed putting in 600 as the | max simultaneous clients since they have 550 computers. After having | done that, internet connectivity was working great for about a month | whereas before daily max connections would be reached and users would be | stuck at the proxy auth prompt. Unfortunately the same thing occurred | yesterday. What I don't understand is how it could be reached when the | total number of computers is only 550. Sounds like a web proxy server right ? so the question is whether or not the proxy server is spawning multiple auth requests to handle multiple connection attempts from a single client or not. | Any hints or feedback on this would be greatly appreciated. Output from | the log.winbindd file is below. I only pasted a few of them, but the log | had many listed in a row until the local IT person three finger saluted | the box. | | Also, is there any way to view the current number of winbindd processes | in use? I'd love to monitor that using Zabbix or something and have it | auto respond when the total reaches 590 or something similar. It's more about the number of open fds which includes the ones between parent and child processes. Use lsof to monitor and match the pid with right winbindd process. Also look at what other files winbindd process have opened. | | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | PANIC: assert failed at nsswitch/winbindd.c(383) | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) which log file are these showing up in? And what version of Samba is this? | | | | Kind regards, | Elvar | Not sure if it means anything, but aren't there a number of addons that use squid (ntlm_auth?) as an interface between samba and apache or PAM? I've never been brave enough to go down that road, but perhaps they've got something like that going on? 'lsof' should tell the tale if that's the case, I suppose. Yes, Squid comes with it's own NTLM AUTH mechanism but it does not support the --require-membership option which allows me to force users to be a part of a specific "internet access" group. That's why I'm using winbindd. Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elvar wrote: | | Just an update on this. I recompiled and installed putting in 600 as the | max simultaneous clients since they have 550 computers. After having | done that, internet connectivity was working great for about a month | whereas before daily max connections would be reached and users would be | stuck at the proxy auth prompt. Unfortunately the same thing occurred | yesterday. What I don't understand is how it could be reached when the | total number of computers is only 550. Sounds like a web proxy server right ? so the question is whether or not the proxy server is spawning multiple auth requests to handle multiple connection attempts from a single client or not. Yes, definitely a web proxy server. I'm running Squid 2.6.18 on FreeBSD 6-stable. | Any hints or feedback on this would be greatly appreciated. Output from | the log.winbindd file is below. I only pasted a few of them, but the log | had many listed in a row until the local IT person three finger saluted | the box. | | Also, is there any way to view the current number of winbindd processes | in use? I'd love to monitor that using Zabbix or something and have it | auto respond when the total reaches 590 or something similar. It's more about the number of open fds which includes the ones between parent and child processes. Use lsof to monitor and match the pid with right winbindd process. Also look at what other files winbindd process have opened. I don't believe FreeBSD has lsof but I think sockstat will do the job? | | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | PANIC: assert failed at nsswitch/winbindd.c(383) | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) which log file are these showing up in? And what version of Samba is this? These show up in /var/log/samba/log.winbindd. Samba 3.0.28,1. | | | | Kind regards, | Elvar | - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/2vLIR7qMdg1EfYRAv0NAJ98OJaQ55dXIzFt00kSlMgTJnvJ0ACgyw5X xroiCmlfyo8Z/U0jc1EqUKI= =OQ18 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elvar wrote: | | Just an update on this. I recompiled and installed putting in 600 as the | max simultaneous clients since they have 550 computers. After having | done that, internet connectivity was working great for about a month | whereas before daily max connections would be reached and users would be | stuck at the proxy auth prompt. Unfortunately the same thing occurred | yesterday. What I don't understand is how it could be reached when the | total number of computers is only 550. Sounds like a web proxy server right ? so the question is whether or not the proxy server is spawning multiple auth requests to handle multiple connection attempts from a single client or not. | Any hints or feedback on this would be greatly appreciated. Output from | the log.winbindd file is below. I only pasted a few of them, but the log | had many listed in a row until the local IT person three finger saluted | the box. | | Also, is there any way to view the current number of winbindd processes | in use? I'd love to monitor that using Zabbix or something and have it | auto respond when the total reaches 590 or something similar. It's more about the number of open fds which includes the ones between parent and child processes. Use lsof to monitor and match the pid with right winbindd process. Also look at what other files winbindd process have opened. | | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | PANIC: assert failed at nsswitch/winbindd.c(383) | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) which log file are these showing up in? And what version of Samba is this? | | | | Kind regards, | Elvar | - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/2vLIR7qMdg1EfYRAv0NAJ98OJaQ55dXIzFt00kSlMgTJnvJ0ACgyw5X xroiCmlfyo8Z/U0jc1EqUKI= =OQ18 -END PGP SIGNATURE- Not sure if it means anything, but aren't there a number of addons that use squid (ntlm_auth?) as an interface between samba and apache or PAM? I've never been brave enough to go down that road, but perhaps they've got something like that going on? 'lsof' should tell the tale if that's the case, I suppose. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Elvar wrote: | | Just an update on this. I recompiled and installed putting in 600 as the | max simultaneous clients since they have 550 computers. After having | done that, internet connectivity was working great for about a month | whereas before daily max connections would be reached and users would be | stuck at the proxy auth prompt. Unfortunately the same thing occurred | yesterday. What I don't understand is how it could be reached when the | total number of computers is only 550. Sounds like a web proxy server right ? so the question is whether or not the proxy server is spawning multiple auth requests to handle multiple connection attempts from a single client or not. | Any hints or feedback on this would be greatly appreciated. Output from | the log.winbindd file is below. I only pasted a few of them, but the log | had many listed in a row until the local IT person three finger saluted | the box. | | Also, is there any way to view the current number of winbindd processes | in use? I'd love to monitor that using Zabbix or something and have it | auto respond when the total reaches 590 or something similar. It's more about the number of open fds which includes the ones between parent and child processes. Use lsof to monitor and match the pid with right winbindd process. Also look at what other files winbindd process have opened. | | [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) | PANIC: assert failed at nsswitch/winbindd.c(383) | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) | winbindd: Exceeding 600 client connections, no idle connection found | [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) which log file are these showing up in? And what version of Samba is this? | | | | Kind regards, | Elvar | - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/2vLIR7qMdg1EfYRAv0NAJ98OJaQ55dXIzFt00kSlMgTJnvJ0ACgyw5X xroiCmlfyo8Z/U0jc1EqUKI= =OQ18 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jeremy Allison wrote: On Tue, Feb 19, 2008 at 11:52:50AM -0600, Elvar wrote: I know I'm beating a dead dog asking about this but I still haven't seen a resolution. Can anyone out there tell me how to fix this? When this happens my users cannot get past the Squid proxy and are presented with an authentication popup window in their browser which does not let them past until the 200 connections limit is no longer maxed out. There are probably 500 computers total at this facility and sometimes more than 200 connections is needed. Right now you'll have to change the definition of WINBINDD_MAX_SIMULTANEOUS_CLIENTS in include/local.h from 200 to a higher number and recompile. I'll look into paramaterizing this for 3.2 and later. Jeremy. Hi Jeremy, Just an update on this. I recompiled and installed putting in 600 as the max simultaneous clients since they have 550 computers. After having done that, internet connectivity was working great for about a month whereas before daily max connections would be reached and users would be stuck at the proxy auth prompt. Unfortunately the same thing occurred yesterday. What I don't understand is how it could be reached when the total number of computers is only 550. Any hints or feedback on this would be greatly appreciated. Output from the log.winbindd file is below. I only pasted a few of them, but the log had many listed in a row until the local IT person three finger saluted the box. Also, is there any way to view the current number of winbindd processes in use? I'd love to monitor that using Zabbix or something and have it auto respond when the total reaches 590 or something similar. [2008/04/08 09:40:54, 0] nsswitch/winbindd.c:process_loop(850) winbindd: Exceeding 600 client connections, no idle connection found [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) PANIC: assert failed at nsswitch/winbindd.c(383) [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:process_loop(850) winbindd: Exceeding 600 client connections, no idle connection found [2008/04/08 09:40:55, 0] nsswitch/winbindd.c:rw_callback(383) Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jason Haar wrote: Elvar wrote: I know I'm beating a dead dog asking about this but I still haven't seen a resolution. Can anyone out there tell me how to fix this? When this happens my users cannot get past the Squid proxy and are presented with an authentication popup window in their browser which does not let them past until the 200 connections limit is no longer maxed out. There are probably 500 computers total at this facility and sometimes more than 200 connections is needed. That doesn't sound right... Squid aggressively caches the lookups so that winbind doesn't have to keep doing it - you really shouldn't be hitting that limit. Check your "credentialsttl" settings - they should be 2hours or the like. Argh. I've just google'd this: it only applies to Basic auth. I bet you're using NTLM? Due to the hokey way (technical term ;-) NTLM works, Squid can't cache the lookups as much (from a posting in 2003 - can't find anything newer). Jason, You are right, I'm using NTLM to authenticate everyone to the AD domain. Thanks for taking the time to read and reply though. Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Elvar wrote: I know I'm beating a dead dog asking about this but I still haven't seen a resolution. Can anyone out there tell me how to fix this? When this happens my users cannot get past the Squid proxy and are presented with an authentication popup window in their browser which does not let them past until the 200 connections limit is no longer maxed out. There are probably 500 computers total at this facility and sometimes more than 200 connections is needed. That doesn't sound right... Squid aggressively caches the lookups so that winbind doesn't have to keep doing it - you really shouldn't be hitting that limit. Check your "credentialsttl" settings - they should be 2hours or the like. Argh. I've just google'd this: it only applies to Basic auth. I bet you're using NTLM? Due to the hokey way (technical term ;-) NTLM works, Squid can't cache the lookups as much (from a posting in 2003 - can't find anything newer). -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Jeremy Allison wrote: On Tue, Feb 19, 2008 at 11:52:50AM -0600, Elvar wrote: I know I'm beating a dead dog asking about this but I still haven't seen a resolution. Can anyone out there tell me how to fix this? When this happens my users cannot get past the Squid proxy and are presented with an authentication popup window in their browser which does not let them past until the 200 connections limit is no longer maxed out. There are probably 500 computers total at this facility and sometimes more than 200 connections is needed. Right now you'll have to change the definition of WINBINDD_MAX_SIMULTANEOUS_CLIENTS in include/local.h from 200 to a higher number and recompile. I'll look into paramaterizing this for 3.2 and later. Jeremy. Jeremy, Thank you for the reply! I'll do this immediately and look for the parameter option in the future. Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
On Tue, Feb 19, 2008 at 11:52:50AM -0600, Elvar wrote: > I know I'm beating a dead dog asking about this but I still haven't seen a > resolution. Can anyone out there tell me how to fix this? When this happens > my users cannot get past the Squid proxy and are presented with an > authentication popup window in their browser which does not let them past > until the 200 connections limit is no longer maxed out. There are probably > 500 computers total at this facility and sometimes more than 200 > connections is needed. Right now you'll have to change the definition of WINBINDD_MAX_SIMULTANEOUS_CLIENTS in include/local.h from 200 to a higher number and recompile. I'll look into paramaterizing this for 3.2 and later. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd: Exceeding 200 client connections, no idle connection found
I know I'm beating a dead dog asking about this but I still haven't seen a resolution. Can anyone out there tell me how to fix this? When this happens my users cannot get past the Squid proxy and are presented with an authentication popup window in their browser which does not let them past until the 200 connections limit is no longer maxed out. There are probably 500 computers total at this facility and sometimes more than 200 connections is needed. Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Is there a way to allow more than 200 connections? Elvar wrote: Hello, Can someone tell me how to resolve the "winbindd: Exceeding 200 client connections, no idle connection found" error in my log.winbind? I see tons of them on a regular basis. samba-3.0.28,1 squid-2.6.18 FreeBSD 6.2-STABLE #1: Thu Mar 15 01:46:50 CDT 2007 Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd: Exceeding 200 client connections, no idle connection found
Hello, Can someone tell me how to resolve the "winbindd: Exceeding 200 client connections, no idle connection found" error in my log.winbind? I see tons of them on a regular basis. samba-3.0.28,1 squid-2.6.18 FreeBSD 6.2-STABLE #1: Thu Mar 15 01:46:50 CDT 2007 Kind regards, Elvar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Komal Shah wrote: > What is the status of https://bugzilla.samba.org/show_bug.cgi?id=3204 ? > > I am using latest available version of Samba from samba.org and > it seems that this issue is not solved. Are you on FreeBSD as well ? I can't reproduce this bug. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE3HnSIR7qMdg1EfYRAjhGAJ9NAbZN5RjSXMB6qSA5XLtG0Gz2lwCeOzAu Q+bdmBGPIRHybE4sxzpNsjs= =h3oC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd: Exceeding 200 client connections, no idle connection found
What is the status of https://bugzilla.samba.org/show_bug.cgi?id=3204 ? I am using latest available version of Samba from samba.org and it seems that this issue is not solved. Thanks Regards, Komal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba