Hi people: I have a winbind 3.2.5 running on a box to authenticate users in my squid. My PDC is a samba 3.0.24 and it stores users on ldap. I have aprox 500 users and when they all use the squid my winbind generates a lot of traffic to my pdc box causing high load on the smb process that talks to the winbind... killing the performance of the squid.
Is there anyway to reduce this traffic? Why everytime a user navigates the winbind revalidates the credentials? Cache for username/passwords? TTL? something? Can I avoid the rpc traffic to the PDC and setup the winbind to talk to the pdc via ldap? This is my winbind smb.conf: [global] workgroup = DOMAIN netbios name = PROXY wins support = No wins server = 10.1.0.44 password server = * dns proxy = No log file = /var/log/samba/log.%m max log size = 1000 syslog only = No syslog = 0 security = domain domain master = No encrypt passwords = Yes passdb backend = tdbsam printing = none load printers = No restrict anonymous = 1 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind separator = \\ winbind uid = 10000-20000 winbind gid = 10000-20000 winbind cache time = 900 winbind offline logon = Yes Just for curious.. this is my squid.conf regarding ntlm: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN auth_param ntlm children 280 auth_param ntlm keep_alive on I try both keep_alive, on and off... no changes. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
