We have similar problem to with samba file server, serving about 800 users. After server restart samba/winbind works as intended. After some time (it may be couple of weeks, or it may be 1 day) server does not authenticate new connections. Old connections work. For example: I don't turn off my computer, and next day I can access samba shares, reade/create/delete files and directories as usual. Users who just started computers and try to access shares are rejected with unknown user/password. After winbind restart (don't need to restart samba) everything works as intended again for day or sometimes for couple of weeks.
Server configuration: security=ADS realm=our.domain.com client schanel=no wins support=no domain logons=no domain master=auto password server=dc.our.domain.com server string=failai local master=yes idmap uid=10000-20000 idmap gid=10000-20000 winbind enum users=yes winbind enum groups=yes encrypt password=true keepalive=600 socket options=TCP_NODELAY dns proxy=no log level=1 large readwrite=yes When users can't connect I see in log file: [2012/05/10] 00:59:59.024569, 1] smbd/service.c:678(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED [2012/05/10] 00:59:59.025649, 1] smbd/service.c:678(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED ....... What's interesting, some users (I would gues 1 from 10) can connect even at this time, as I see log: [2012/05/10] 07:48:07.777869, 1] smbd/service.c:678(make_connection_snum) __ffff_10.23.15.20 (::ffff:10.23.14.20) connect to service apps initially as user CENTRAS\nijovizb (uid=10717, guid=10004) (pid 6861) ....... Than after winbind all users can connect -- View this message in context: http://samba.2283325.n4.nabble.com/winbind-stop-working-tp4597615p4622980.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
