Hi All
We have the following problem:
We configured samba with LDAP and this works fine. As soon as they try to login
wit a user who is member of 15 groups, it takes very long to login with Windows
and then an mostly an errormessage appears.
On win 2000 is the error: There has been made a change to the server. Contact
you sysadmin
When a user logins (member of 15 groups) ldap shows the following logging:
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = test_filter 6
Dec 24 10:43:45 localhost slapd[3322]: = test_filter
Dec 24 10:43:45 localhost slapd[3322]: EQUALITY
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: search access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl gidNumber requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = test_filter 6
Dec 24 10:43:45 localhost slapd[3322]: = test_filter_and 6
Dec 24 10:43:45 localhost slapd[3322]: = test_filter 6
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl entry requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl objectClass requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl objectClass requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl objectClass requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl cn requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl cn requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl gidNumber requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl gidNumber requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl description requested
Dec 24 10:43:45 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl description requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaSID requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaSID requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaGroupType requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaGroupType requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl displayName requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to
cn=engineering_w,ou=Groups,dc=sif-group,dc=nl displayName requested
Dec 24 10:43:46 localhost slapd[3322]: = root access granted
And then really realy much, very long. With continuesly an other cn = groupname
Now I see that the logging winbindd in /etc/samba/ shows:
[2004/12/24 10:58:36, 1] lib/smbldap.c:another_ldap_try(936)
Connection to LDAP server failed for the 11 try!
[2004/12/24 10:58:37, 0] lib/smbldap.c:smbldap_open_connection(545)
ldap_initialize: Time limit exceeded
[2004/12/24 10:58:37, 1] lib/smbldap.c:another_ldap_try(936)
Connection to LDAP server failed for the 12 try!
[2004/12/24 10:58:38, 0] lib/smbldap.c:smbldap_open_connection(545)
ldap_initialize: Time limit exceeded
[2004/12/24 10:58:38, 1] lib/smbldap.c:another_ldap_try(936)
Connection to LDAP server failed for the 13 try!
[2004/12/24 10:58:39, 0]