[Pkg-samba-maint] DO NOT REPLY [Bug 7259] Winbind eventually locks "forever" if one of ActiveDirectory refuses all connections

samba-bugs at samba.org samba-bugs at samba.org
Fri Apr 2 17:37:12 UTC 2010 

https://bugzilla.samba.org/show_bug.cgi?id=7259





------- Comment #5 from drewskiwooskie at gmail.com  2010-04-02 12:37 CST -------
I checked out 3.5.2-GIT-UNKNOWN-test yesterday and installed it on two servers
in my dev environment. I have two AD servers in my lab. I made the linux
servers leave the domain, and then re-join the domain. I did not login to the
servers for an hour after doing so to make sure nothing got cached. I then
rebooted the one AD server, waited 15 minutes after it came up, then rebooted
the other AD server.  I then waited another hour before logging in to the linux
servers.
the one server with 3.5.2-GIT has been working like a champ. no issues at all.
The other gives this from the logs:
[2010/04/02 17:59:08.331357,  1]
winbindd/winbindd_ads.c:126(ads_cached_connection)
  ads_connect for domain AWESOME failed: No logon servers
[2010/04/02 17:59:14.411718,  1]
winbindd/winbindd_ads.c:126(ads_cached_connection)
  ads_connect for domain AWESOME failed: No logon servers
[2010/04/02 18:01:08.946911,  1]
winbindd/winbindd_ads.c:126(ads_cached_connection)
  ads_connect for domain AWESOME failed: No logon servers

On further investigation, it appeared the ip it was trying to contact the AD
server on was unreachable (I accidentally had the secondary AD server register
a "private" ip on its other NIC into DNS, which neither linux server can hit).
However it seemed as if winbind would not try to look at any other ips for that
domain, like it was stuck on checking that ip until it was reachable, or
winbind got restarted (which fixed the problem). I let that server sit for
about an hour before I tried logging in, so it was trying to reach that IP for
about an hour. The other ips advertised for the domain were reachable the
entire time. 
Is this default behavior or a bug? Should winbind keep trying the ips listed
from dns for the domain until it can talk to one instead of zoning in on one
ip, or am I misunderstanding how its supposed to work?


-- 
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the Pkg-samba-maint mailing list