Web lists-archives.com

Re: [Samba] net ads and wbinfo are painfully slow -- but they work




On Thu, 2 Feb 2017 09:36:28 -0800
Chris Stankevitz <chrisstankevitz@xxxxxxxxx> wrote:

> On Tue, Jan 31, 2017 at 2:45 PM, Rowland Penny via samba
> <samba@xxxxxxxxxxxxxxx> wrote:
> >> /etc/resolv.conf:
> >> root@nickel:~ # cat /etc/resolv.conf
> >> nameserver 192.168.11.5
> >> nameserver 192.168.1.4
> >> domain mydomain.local
> >>
> >
> > I take it at least one of the above nameservers is the AD DC, is the
> > other another AD DC ? If it isn't, then remove it. If they are both
> > DCs, try changing the order.
> 
> They are both DCs.  I will try changing the order.  Is it possible for
> me to restrict winbindd so that it attempt to only contact one of the
> two DCs?  Once DC is local and another DC is remote (goes through a
> firewall and is 80 ms ping time away).

You could try adding 'password server = <the nearest DC>' to your
smb.conf and just having that DCs ipaddress as the nameserver.

> 
> > I would also change the 'domain mydomain.local' to 'search
> > mydomain.local'
> 
> I will try.
> 
> > Is a firewall getting in the way ?
> 
> Possibly.  Winbind seems to prefer using the DC that is through a
> firewall (see my comment above).

Hmm, it could just be that winbind is asking for something from the DC
behind the firewall, waiting for an answer, not getting one and then
giving up and trying the other DC.

I have set up freesbsd 11 in a vm and installed samba44 just like I
would on devuan and I get this:

root@freebsd:~ # net cache flush
root@freebsd:~ # time getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
0.000u 0.005s 0:00.01 0.0%	0+0k 5+0io 0pf+0w
root@freebsd:~ # time getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
0.000u 0.001s 0:00.00 0.0%	0+0k 0+0io 0pf+0w

So if all else fails, you could try upgrading ;-)
At least then we could compare like for like.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba