Hi,
On Mon, 27 Aug 2018, dbischof--- via FreeIPA-users wrote:
in order to be able to use IPA auth for Samba shares, I followed this
guide:
https://bgstack15.wordpress.com/2017/05/10/samba-share-with-freeipa-auth/
IPA and Samba are running on the same server, everything worked fine.
Actually, it still does, but since the upgrade from 7.4 to 7.5
(including IPA 4.5.0->4.5.4, Samba 4.6.2->4.7.1 and sssd-1.15.2->1.60.0)
file browsing and copying is painfully slow on Mac, Windows and Linux
(<10% of the theoretical maximum). It "feels" as whether there is a
timeout after each file operation.
Nothing in the server logs. Client logs on Linux occasionally show a
"CIFS VFS: ioctl error in smb2_get_dfs_refer rc=-2". Reverting Samba
back to non-IPA auth (dedicated Samba accounts) gives expected
performance (near theoretical maximum).
I'm out of ideas on how to diagnose this. Any hints?
for the record: I found the problem. Samba performance issues were caused
by outdated sssd cache entries.
A
---
rm -f /var/lib/sss/db/*
systemctl restart sssd
---
solved the issues instantly. I'd probably better used the sss_cache
utility, as I learned afterwards.
Mit freundlichen Gruessen/With best regards,
--Daniel.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
