Re: [Samba] winbind causing huge timeouts/delays since 4.8
- Date: Fri, 22 Feb 2019 14:42:02 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] winbind causing huge timeouts/delays since 4.8
On Fri, 22 Feb 2019 15:35:53 +0100
Ralph Böhme via samba <samba@xxxxxxxxxxxxxxx> wrote:
> On Fri, Feb 22, 2019 at 01:59:15PM +0100, Alexander Spannagel via
> samba wrote:
> >I want to share some findings with the community about hugh
> >timeouts/delays since upgraded to samba 4.8 end of last year and a
> >patch fixing this in our setup. It would be great if someone from
> >samba dev team could take a look and if acceptable apply the patch
> >to the common code base. It may also affect current stable and
> >release candidates.
> >The patch expects the patch from BUG 13503 "getpwnam resolves local
> >system accounts to AD" being already applied.
> >Within the company i'm working for, we see frequently system
> >hangs/slowness for a couple of seconds on servers using winbind
> >passwd/group resolution via nsswitch.conf since we updated our OS
> >from CentOS7.5 to CentOS7.6 which includes a samba update from 4.7
> >to 4.8.
> >We could track it down to winbind and when it is asked for an
> >unknown local user account. This means that the users account in
> >question is not in local passwd and doesn't contain any domain like
> >SOMEDOMAIN\account or account@SOMEDOMAIN. The expected behavior is
> >an immediately return with an error like "no such user" or "unknown
> >user", but instead a call like "id unknown" takes 60+ seconds.
> hm, can't reproduce:
> slow@titan:~/git/samba/scratch$ git describe
> slow@titan:~/git/samba/scratch$ sudo bin/net cache flush
> slow@titan:~/git/samba/scratch$ time bin/wbinfo -i foo
> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
> Could not get info for user foo
> real 0m0.025s
> user 0m0.004s
> sys 0m0.004s
> Can you share your full smb.conf?
You might also want to explain why you are using sssd's cache with
To unsubscribe from this list go to the following URL and read the