Hi everybody, I have a Samba 3.0.4 PDC configured on my network. Previously, there was a Windows NT 4 PDC, that was migrated to my Samba / OpenLDAP configuration. Everything is working fine, except our ISA Server. Indeed, ISA Server was previously configured to let users that belong to the "Internet Access" group to surf. During the migration phase, we did not change anything. Now it works, but very very slowly, and by far slower than before the migration. Tracing the network data between the ISA server and the Samba Server, and having a look at the openLDAP log file make me think that ISA Server tries to authenticate user for each request, and not once per session. Indeed, I've got much network traffic, lots a LDAP requests like that : Jul 29 15:22:36 ldap slapd[25440]: conn=2 op=2222 SRCH base="dc=test,dc=fr" scope=2 filter="(&(uid=USER1)(objectClass=sambaSamAccount))" and much load on the server, because of slapd processes. If I turn off ISA server, everything is OK and normal. So is NTLM authentication different in Samba than in Windows NT PDC ? What would you advise me ? Many thanks Julien
------------------------------------------------------ My smb.conf file : [Global] workgroup = RUEIL1 netbios name = LDAP server string = SAMBA-LDAP PDC username map = /etc/samba/smbusers encrypt passwords = yes interfaces = 172.16.0.115/16 domain logons = Yes os level = 65 domain master = Yes local master = Yes preferred master = Yes security = user wins support = Yes name resolve order = wins bcast lmhosts host admin users = install administrateur passdb backend = ldapsam:ldap://localhost ldap admin dn = "cn=samba,ou=DSA,dc=mairie-rueilmalmaison,dc=fr" ldap ssl = off ldap delete dn = yes ldap user suffix = ou=Utilisateurs ldap group suffix = ou=Groupes ldap machine suffix = ou=Machines ldap suffix = dc=mairie-rueilmalmaison,dc=fr ldap idmap suffix = ou=Utilisateurs ldap passwd sync = yes Dos charset = 850 Unix charset = ISO8859-1 log level = 1 #log level = 3 log file = /var/log/samba/%m.log max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE IPTOS_LOWDELAY logon script = logon.bat logon drive = H: logon home = logon path = add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add user script = /usr/local/sbin/smbldap-useradd -m "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" #delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" [homes] comment = RÃpertoires utilisateurs valid users = %U read only = No create mask = 0664 directory mask = 0775 browseable = No [netlogon] path = /var/lib/samba/netlogon browseable = No read only = Yes
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
