On 19/12/11 19:10, Jelle de Jong wrote: > On 19/12/11 11:22, Jelle de Jong wrote: >> On 23/05/11 13:37, Jelle de Jong wrote: >>> I got a few servers that where running stable and somehow winbindd >>> started complaining. There were no users added or any samba related >>> updates. Also the problems did not started on the same day one of the >>> servers started today and on other one months ago... >>> >>> winbindd[14450]: [2011/05/23 13:33:13.442070, 0] >>> winbindd/idmap_ldap.c:472(idmap_ldap_allocate_id) >>> winbindd[14450]: Cannot allocate gid above 20000! >>> >>> # winbindd --version >>> Version 3.5.6 >> >> I am still having these errors and I keep increasing the values: >> >> idmap uid = 10000-60500 >> idmap gid = 10000-60500 >> >> I started with 20000 and I am now on 60500... >> >> Dec 19 11:01:15 stayce winbindd[23861]: [2011/12/19 11:01:15.569602, 0] >> winbindd/idmap_ldap.c:472(idmap_ldap_allocate_id) >> Dec 19 11:01:15 stayce winbindd[23861]: Cannot allocate gid above 60500! >> >> # winbindd --version >> Version 3.5.6 > > I found the following: > > samba (2:3.5.8~dfsg-1) unstable; urgency=low > * New upstream release. This fixes the following bugs: > - Winbind leaks gids with idmap ldap backend (upstrem #7777) > Closes: #613624 > > Upgraded to: > > # winbindd --version > Version 3.5.11 > > Hopefully this will fix my issues.
Sadly this didn't work!! A few days later the problem started again...
stayce:~# grep "Cannot allocate gid above" /var/log/syslog
Dec 22 07:28:15 stayce winbindd[26373]: Cannot allocate gid above 61000!
Dec 22 07:28:15 stayce winbindd[26373]: Cannot allocate gid above 61000!
Dec 22 07:29:53 stayce winbindd[26373]: Cannot allocate gid above 61000!
<snip>
Dec 22 09:31:40 stayce winbindd[26373]: Cannot allocate gid above 61000!
stayce:~# winbindd -V
Version 3.5.11
stayce:~# smbd -V
Version 3.5.11
stayce:~# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[documenten]"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = company
netbios name = SERVER
passdb backend = ldapsam
log file = /var/log/samba/log.%m
smb ports = 445
time server = Yes
load printers = No
printcap name = /dev/null
disable spoolss = Yes
logon script = netlogon.bat
logon path = \\%N\profiles\%U
domain logons = Yes
preferred master = Yes
domain master = Yes
dns proxy = No
ldap admin dn = cn=admin,dc=company,dc=nl
ldap delete dn = Yes
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=computers
ldap passwd sync = yes
ldap suffix = dc=company,dc=nl
ldap ssl = no
ldap user suffix = ou=users
usershare max shares = 0
usershare path = /srv/storage/shares
panic action = /usr/share/samba/panic-action %d
idmap backend = ldap:ldap://localhost/
idmap alloc backend = ldap
idmap uid = 10000-61000
idmap gid = 10000-61000
template homedir = /srv/storage/shares/
template shell = /bin/bash
ldapsam:trusted = yes
ldapsam:editposix = yes
idmap alloc config : ldap_url = ldap://localhost/
idmap alloc config : ldap_base_dn = ou=idmap,dc=company,dc=nl
idmap alloc config : ldap_user_dn = cn=admin,dc=company,dc=nl
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[documenten]
path = /srv/storage/shares
read only = No
inherit acls = Yes
map acl inherit = Yes
hide unreadable = Yes
store dos attributes = Yes
vfs objects = recycle
recycle:keeptree = Yes
recycle:versions = Yes
recycle:touch_mtime = Yes
[homes]
comment = Home Directories
path = /srv/storage/samba/homes/%U
read only = No
inherit acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
root preexec = /usr/local/bin/samba-mkdir-home %U
[netlogon]
comment = Network Logon Service
path = /srv/storage/samba/netlogon
read only = No
inherit acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
[profiles]
comment = Users profiles
path = /srv/storage/samba/profiles
read only = No
inherit acls = Yes
profile acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
Can somebody help me?
Kind regards,
Jelle de Jong
signature.asc
Description: OpenPGP digital signature
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
