Bug 6799 - Winbind can cause long delays with bad DNS configurations
Summary: Winbind can cause long delays with bad DNS configurations
Status: RESOLVED WORKSFORME
Alias: None
Product: Samba 3.4
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 3.4.2
Hardware: Other Linux
: P3 normal
Target Milestone: ---
Assignee: Michael Adam
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-10-09 20:26 UTC by Justin Maggard
Modified: 2009-10-21 17:26 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Maggard 2009-10-09 20:26:39 UTC 
I joined a Win2K3 ADS domain, configured nssswitch and PAM to use winbind, and ran happily for a while.  Then my resolv.conf changed to use a different DNS server that could not resolve any of the domain services, and after a reboot, simply logging in to the system console took more than 10 minutes.  Anything using PAM authentication took ages.  This does not happen with Samba 3.0.

Some notes... My domain is called discovery.local, and the main server is hal.discovery.local.  I found that adding an /etc/hosts entry for both discovery.local and hal.discovery.local eliminated the delay.  And, of course, changing fixing resolv.conf made everything work again also.  My current Samba build has MAX_DEBUG set to 2, but if logs are needed, I can rebuild and collect higher debug level logs.
Comment 1 Jeremy Allison 2009-10-13 19:40:55 UTC 
Can you add the debug level 10 logs from winbindd when the system is in this (broken) state ? That will help tracking down what exactly is going on.
Jeremy.
Comment 2 Justin Maggard 2009-10-21 17:26:04 UTC 
Well, after recompiling with MAX_DEBUG set back to 1000, I can't reproduce this issue for some reason.  I'm still trying to figure out what went wrong before, but until then I'll just close this bug.