We see winbind continually falling foul of Murphy's Law and choosing broken domain controllers to send all its requests to, as such it gets into all kinds of "hung" or offline states when it shouldn't
Our Active Directory 2003 servers are primarily on Dell servers which come with 2 Ethernet cards. If the sysadmin installing them isn't careful, the 2nd unused Ethernet card can be left enabled but not plugged into anything - with the affect that Windows assigns a 169.254 address to it - and that is broadcast out to Windows-land as a valid IP address option (ie the DC tells the world it has 2 IP addresses - but only one works). End result is that sometimes winbind decides that broken address is the best IP to use - and of course it never responds - leading to hangs. Windows clients appear to sanity-check the DC addresses they learn from the network (I see ping packets a lot from clients) and so don't show any problem with this situation - but Samba does.
Thanks for your report.
Samba actually does some sort of keeping track of unreachable DCs,
but possibly your situation is not covered. I will have to investigate
this further. Stay tuned...