Re: [Samba] Advice on Winbindd and NTLM Auth Performance
- Date: Fri, 01 Sep 2017 22:10:13 +1200
- From: Andrew Bartlett via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Advice on Winbindd and NTLM Auth Performance
On Fri, 2017-09-01 at 10:36 +0100, Arnab Roy via samba wrote:
> Hi All,
> I am using winbind and ntlm auth in Freeradius. At the moment that seems to
> be a major bottleneck. It seems like the ntlm_auth execution is taking a
> while , what all options can improve this .
What is your DC, and how far away it it network-wise?
Have you tried setting
winbind max domain connections = 10
winbind offline logon = no
(actually the default, but you might have set it without realising it
doesn't help with NTLM authentication).
> For starters adding TCP_NODELAY in smb.conf seems to have helped a little.
That is unlikely to be at all related.
NTLM authentication has to be checked at the DC, so it can't be cached.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
To unsubscribe from this list go to the following URL and read the