Bug 6895 - winbind choosing broken DCs to bind to
winbind choosing broken DCs to bind to
Status: ASSIGNED
Product: Samba 3.4
Classification: Unclassified
Component: Winbind
3.4.2
Other Linux
: P3 normal
: ---
Assigned To: Michael Adam
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-11-15 14:55 UTC by Jason Haar
Modified: 2009-11-20 17:57 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Haar 2009-11-15 14:55:33 UTC
We see winbind continually falling foul of Murphy's Law and choosing broken domain controllers to send all its requests to, as such it gets into all kinds of "hung" or offline states when it shouldn't

Our Active Directory 2003 servers are primarily on Dell servers which come with 2 Ethernet cards. If the sysadmin installing them isn't careful, the 2nd unused Ethernet card can be left enabled but not plugged into anything - with the affect that Windows assigns a 169.254 address to it - and that is broadcast out to Windows-land as a valid IP address option (ie the DC tells the world it has 2 IP addresses - but only one works). End result is that sometimes winbind decides that broken address is the best IP to use - and of course it never responds - leading to hangs. Windows clients appear to sanity-check the DC addresses they learn from the network (I see ping packets a lot from clients) and so don't show any problem with this situation - but Samba does.

Jason
Comment 1 Michael Adam 2009-11-20 17:57:58 UTC
Thanks for your report.

Samba actually does some sort of keeping track of unreachable DCs,
but possibly your situation is not covered. I will have to investigate
this further. Stay tuned...

Michael