Hi,
Background:
- Installed an Astaro 525 with software version 8.301.
- Only with the network and web security subscription enabled.
- The Astaro is serving as a web proxy for approximately 1500 users.
- Joined the Astaro to the existing Windows 2003 domain.
- 2 Web proxy profiles active; 1 SSO based on AD for corporate users and 1 transparant for guests.
Problem:
Repetitively corporate users report having problems while surfing the Internet. Users report getting a basic authentication prompt while surfing the Internet instead of SSO using Kerberos. (proxyserver filled in as FQDN in Internet Explorer).
Guest users do not report any problems at that time.
These messages show up in the logfile of the Astaro when the authentication problems occure:
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.245174, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733007, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733128, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733226, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733310, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733391, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.748513, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
Restarting the web proxy service does the trick as a temporary work-around. After a while the problem returns.
What could this possible be?
Thanks!
Roos
Background:
- Installed an Astaro 525 with software version 8.301.
- Only with the network and web security subscription enabled.
- The Astaro is serving as a web proxy for approximately 1500 users.
- Joined the Astaro to the existing Windows 2003 domain.
- 2 Web proxy profiles active; 1 SSO based on AD for corporate users and 1 transparant for guests.
Problem:
Repetitively corporate users report having problems while surfing the Internet. Users report getting a basic authentication prompt while surfing the Internet instead of SSO using Kerberos. (proxyserver filled in as FQDN in Internet Explorer).
Guest users do not report any problems at that time.
These messages show up in the logfile of the Astaro when the authentication problems occure:
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.245174, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733007, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733128, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733226, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733310, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.733391, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: [2012/03/30 14:26:53.748513, 0] winbindd/winbindd.c:916(winbindd_listen_fde_handler)
2012:03:30-14:26:53 proxy [daemon:err] winbindd[25973]: winbindd: Exceeding 200 client connections, no idle connection found
Restarting the web proxy service does the trick as a temporary work-around. After a while the problem returns.
What could this possible be?
Thanks!
Roos