Hi,If you could set the ntlmdebug to 2 and send the bit of the logfile that shows the hung connections, we could see if we can catch this bad boy in action. (A capture of packets would be great too :) )
Hope I am emailing the right people - appologies if not :)
We have been using modperl & Apache::AuthenNTLM on HP-UX for a few months
now, and it works just peachy most of the time. However, every now and then
we get a problem with the web server hanging when trying to load a page. If
I check the netstat -a output I can see there is an established connection
to our domain server with a netbios session - which I assume is Apache
trying to authenticate the user.
I recall reading somewhere that there is some issue whereby the domainI seem to remember the semaphore being a possible cause for hanging the server. Have you increased/decreased the "semtimeout" value to see if that helped?
server and web server fail to communicate properly, and are left in a state
where each is listening for the other - a recipe for hung processes if ever
there was one ... unfortunately I can't remember what the cause of this was,
nor what the resolution was (if any). Anyone know what I'm on about ?
One peculiarity of our system (well, I assume it's us being peculiar, butCould you expand on this? You are saying that:
you never know) ... we don't actually authenticate against a genuine domain
comtroller, but are using a regular NT server that is trusted by the domain
controllers for all our domains. This came about because the AuthenNTLM
module (or Apache itself) could not correctly identify the domain in order
to choose the correct domain controller - it always uses the "default" or
"fallback" domains. Works fine for domain FOO when that domain is the
fallback domain, but then users in domian BAR won't authenticate - and vice
versa. The only way it works (and it does) is to set the fallback domain to
a generic NT server that is trusted by both FOO and BAR domain controllers,
and somehow it works out who to authenticate against which controller
(apparently this is a kosher bit of NT functionality). Still, I can't help
but wonder if this is causing our hanging problem ... any thoughts folks?
# domain pdc bdc
PerlAddVar ntdomain "name_domain1 name_of_pdc1"
PerlAddVar ntdomain "other_domain pdc_for_domain bdc_for_domain"Won't allow you to authenticate against both FOO and BAR domain controllers?
thanks,
-- Shannon Eric Peevey => "speeves" Dyno-Mite! System Administrator => [EMAIL PROTECTED] Central Web Support => (940) 369-8876 University of North Texas => http://web2.unt.edu
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
