Ok folks, Got ya some log level 10 of this fun stuff..
Steps: First everything is normal. DCs are up. Log level 10 is set. I run wbinfo -t I run net ads info I run net ads testjoin then I bring the DC down. Now I run time getfacl /xymount/tera HSA-PFX10101001:/var/log/samba # time getfacl /xymount/tera getfacl: Removing leading '/' from absolute path names # file: xymount/tera # owner: root # group: root user::rwx user:webadmin:rwx group::r-x group:webadmin:r-x group:2000512:rwx group:2000513:rwx mask::rwx other::r-- default:user::rwx default:group::r-x default:group:webadmin:r-x default:group:2000512:rwx default:group:2000513:rwx default:mask::rwx default:other::r-- real 29m10.058s user 0m0.020s sys 0m0.008s Then I bring the DCs back up then I run again getfacl /xymount/tera All is well - winbind recovered after the DCs were back up. This must be because Im on 3.4.2 now instead of 3.2.X or earlier which would not recover quickly after the DCs were back. LOGS here: ftp://djfuq.org/logs10.tar Cheers, -Clayton > > > > > On Fri, 23 Oct 2009 14:51:03 -0600, Robert LeBlanc <[email protected]> > wrote: >> On Fri, Oct 23, 2009 at 2:45 PM, Jeremy Allison <[email protected]> wrote: >> >>> On Fri, Oct 23, 2009 at 02:34:45PM -0600, Robert LeBlanc wrote: >>> > 3.4.2 >>> >>> Ok, what does your smb.conf look like. What is the >>> configured winbindd backend ? >>> >> >> We have switched to hash for the increased flexibility. I have flushed > the >> idmap cache and everything resolves perfectly when a DC is contactable. >> >> #======================= Global Settings ======================= >> >> [global] >> workgroup = byu >> realm = BYU.LOCAL >> preferred master = no >> server string = %h server >> dns proxy = no >> >> #### Debugging/Accounting #### >> >> log file = /cluster/log/samba/log.%m >> max log size = 1000 >> syslog = 0 >> panic action = /usr/share/samba/panic-action %d >> >> ####### Authentication ####### >> >> security = ADS >> encrypt passwords = true >> passdb backend = tdbsam >> obey pam restrictions = yes >> invalid users = root >> unix password sync = yes >> passwd program = /usr/bin/passwd %u >> passwd chat = *Enter\snew\s*\spassword:* %n\n >> *Retype\snew\s*\spassword:* >> %n\n *password\supdated\ssuccessfully* . >> pam password change = yes >> >> ########## Printing ########## >> >> load printers = no >> printing = bsd >> printcap name = /dev/null >> show add printer wizard = no >> disable spoolss = yes >> >> ############ Misc ############ >> >> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 >> # allow trusted domains = No >> # idmap backend = rid:BYU=10000-100000000 >> # idmap config BYU:backend = rid >> # idmap config BYU:range = 10000-100000000 >> # idmap uid = 10000-100000000 >> # idmap gid = 10000-100000000 >> idmap backend = hash >> winbind nss info = hash >> winbind use default domain = yes >> winbind separator = + >> winbind enum groups = no >> winbind enum users = no >> winbind nested groups = yes >> template homedir = /home/%U >> template shell = /bin/bash >> winbind refresh tickets = yes >> # use kerberos keytab = yes >> # kerberos method = system keytab # should work after bug is fixed >> winbind offline logon = yes >> >> #======================= Share Definitions ======================= >> >> >> >> Robert LeBlanc >> Life Sciences & Undergraduate Education Computer Support >> Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
