No, the rest of the Domain / Network is good, only the Samba box. I have a strong suspicion that it is winbind maybe enumerating the entire user database from the domain controller before allowing access? <guessing here...>I wonder if it is a user/group permissions token issue then. When you connect via Network Neighborhood, is there a delay when you first connect to the network or the domain (i.e. Microsoft Windows Network or My-Domain)?
Again, this is off the top of my head. It's been awhile since I studied the internals of SMB (which packets are sent first and why, what the packets look like). So, sorry I can't provide more expert assistance at the moment. I am interested to know what's causing the delay, though.
Curtis
-----Original Message----- From: Toole, Robert [mailto:[EMAIL PROTECTED] Sent: August 26, 2003 8:57 AM To: '[EMAIL PROTECTED]' Subject: RE: (clug-talk) Samba + Winbind Very slow inital connection
Curtis,
The delay is the same whether I use the IP address or the name, about 10 to 20 seconds.
If I browse to it in net-neighborhood, there is no delay. Weird.
WINS is set up and working properly and I checked the WINS db, the Samba server is registered properly.
All nodes are set as hybrid in DHCP.
The samba box is listed in DNS as well, and Name resolution works for name and IP, from both client looking for server, and server looking for client.
Checked the logs in /var/log/samba - appears to be nothing unusual
Using: RH 9.0, Samba 2.2.7a, winbind.
Smb.conf: (actual domain and user names edited for security)
# Global parameters [global] workgroup = my-domain netbios name = sambabox server string = Calgary Samba Server security = DOMAIN encrypt passwords = Yes obey pam restrictions = Yes password server = my-domain controller pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* unix password sync = Yes log file = /var/log/samba/%m.log max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No wins server = 192.168.1.60 winbind uid = 10000-20000 winbind gid = 10000-20000 winbind separator = + winbind cache time = 360 winbind enum users = No winbind enum groups = No admin users = my-domain+admin1 etc... read list = @"my-domain+Domain Users" write list = @"my-domain+Domain Admins" printing = cups
[printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No
[software] comment = Calgary Software path = /data/software admin users = my-domain+admin etc... read only = No inherit permissions = Yes inherit acls = Yes
[knll] comment = KNLL Users path = /data/KNLL valid users = +"my-domain+Domain Admins" admin users = my-domain+admin_user etc... read list = read only = No create mask = 0770 security mask = 0770 directory mask = 0770 directory security mask = 0770 inherit permissions = Yes inherit acls = Yes
-----Original Message----- From: Curtis Sloan [mailto:[EMAIL PROTECTED] Sent: Sunday, August 24, 2003 5:47 PM To: [EMAIL PROTECTED] Subject: RE: (clug-talk) Samba + Winbind Very slow inital connection
Does it work faster if you use directed IP (e.g. \\192.168.0.333\share)?
I'm wondering if it is a NetBIOS name resolution issue. Have you specified a WINS server? Are you running nmbd? What resolution node type is the WINS server running (i.e. broadcast)? These are just off the top of my head.
Curtis
-----Original Message----- From: Robert Toole [mailto:[EMAIL PROTECTED] Sent: August 23, 2003 4:45 PM To: [EMAIL PROTECTED] Subject: (clug-talk) Samba + Winbind Very slow inital connection
All,
I have set up a Samba box as a member of an NT4 domain, Using winbind. Everything works quite well except for one annoying thing,
When you initially try to connect to to the Samba box from Win2K or XP, by typing in \\sambabox\share in windows explorer, It can take up to 20 seconds for the share to be displayed. (Haven't tried from Network Neighborhood, I just set this up on friday)
Once a connection has been established, it's smooth sailing.
I've checked DNS, and reverse DNS, the clients and server can all resolve both hostnames and IP addreses.
I've tried turning off the enum groups and users options for winbind, and also upped the cache time to 360 seconds from 15 in smb.conf
Our NT User database has about 3000 users and 400 groups, but winbind queries a local domain controller (No WAN Links) and I'd think that it is not too big.
If anyone has any ideas or suggestions I'd appreciate it.. I can post relevant config files and other info if requested. (Don't have easy access to the box from home)
Thanks. -- Robert Toole [EMAIL PROTECTED]
At home, I use Samba as my domain controller, there is no winbind involved, and no delays ever. it works fantastic.
If I have time tomorrow, I'll fire up ethereal and see what there is to see.
I'll keep you posted..
Thanks for the help,
-- Robert Toole [EMAIL PROTECTED]
