[Samba] Too much init_sam_from_ldap...

Tue, 29 Sep 2009 13:21:12 -0700 

Hi !
I'm working in a educational administration, i've made a domain with a Samba 3.4.1 PDC with a LDAP backend. When a user log into an XP Workstation, i see in the log file a lot of "init_sam_from_ldap". In fact, instead of scanning only the user who try to connect, a lot of them are scanned. I've got about 600 account into the LDAP so the time needed by the user to connect into the workstation is a little increased. 


   The problem is also more important when i've pratices sessions 
because i've between 16 and 64 users that try to log onto the domain at 
the same time. I see "init_sam_from_ldap" into all of workstation log 
files (on the samba server) and the load average of the LDAP server 
increase dramatically... On a practice session with only 16 users 
connecting at the same time, the elapsed time before the user can "use" 
his workstation is between 5 and 10 minutes !!! When only 1 user try to 
connect (from the same workstation) the time is lesser than 20 seconds...



   How can I stop (or limit) all of this "init_sam_from_ldap...", to 
let all of my students working properly ??


   Thanks by advance,
   Bruno

Following : Usefull informations

* Sample of workstation SAMBA logfile :
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: benoijod
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
 push_conn_ctx(102) : conn_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
 pop_sec_ctx (12268, 10000) - sec_ctx_stack_ndx = 0
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
 push_sec_ctx(12268, 10000) : sec_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
 push_conn_ctx(102) : conn_ctx_stack_ndx = 0
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:210(push_sec_ctx)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  3] smbd/uid.c:428(push_conn_ctx)
 push_conn_ctx(102) : conn_ctx_stack_ndx = 1
[2009/09/29 19:13:34,  3] smbd/sec_ctx.c:310(set_sec_ctx)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: chevamic
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: delapmic
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: demarjoh
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: ouldbahm
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: molinste
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: baerrud
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: brihifay
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: chomacam
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: colomben
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: ducroant
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: ouldmyou
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: mokadabd
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: antiomar
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: andrirad
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: aprilame
...
[2009/09/29 19:13:34,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
 init_sam_from_ldap: Entry found for user: duperjon
...
...
...

* The LDAP Server : DELL PowerEdge 2950 with 2x QuadCore and 4Gb Memory
* The SAMBA PDC : DELL PowerEdge 1950 with 2x QuadCore and 4Gb Memory


PS: Sorry for my poor english :-)

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to