[Samba] Samba4 on Ubuntu server
Ricky Nance
ricky.nance at gmail.com
Thu Dec 18 15:47:39 MST 2014
On Thu, Dec 18, 2014 at 10:39 AM, Rowland Penny <rowlandpenny at googlemail.com
> wrote:
>
> On 18/12/14 16:19, Germ van Eck wrote:
>
>> Not sure about the high CPU load, but you have the [netlogon] share
>> twice in your smb.conf. Your first matches mine, have you added the
>> second yourself?
>> The second one looks weird with 2 path definitions.
>> Cj Tibbetts schreef op do 18-12-2014 om 08:59 [-0700]:
>>
>>> New to linux and new to Samba so any direction in troubleshooting would
>>> be
>>> helpful. Here is what I have so far.
>>>
>>> Within a half an hour of a reboot of the server my cpu reaches high
>>> numbers
>>> and becomes slow to respond on all actions. With my limited
>>> understanding I
>>> have used vmstat to observe the system. I noticed is that the numbers of
>>> forks grows from 1-2k to 43k within 30 minutes after reboot. I saw a dns
>>> error in a log file at one point but now I don’t remember where. I am
>>> running samba 4.1.9 compiled with internal dns. I have 2 other DC’s that
>>> are not properly replicating and a third that is completely silent even
>>> when the FSMO is crashing. Here are some logs and smb.conf to get
>>> started.
>>>
>>> [2014/12/16 07:47:59.925907, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'cdn.beanstock.com', forwarding
>>>
>>> [2014/12/16 07:47:59.929961, 2]
>>> ../source4/dns_server/dns_update.c:764(dns_server_process_update)
>>>
>>> Got a dns update request.
>>>
>>> [2014/12/16 07:47:59.931044, 2]
>>> ../source4/dns_server/dns_update.c:721(dns_update_allowed)
>>>
>>> Update not allowed for unsigned packet.
>>>
>>> [2014/12/16 07:48:00.197341, 1]
>>> ../source4/dns_server/dns_query.c:526(handle_tkey)
>>>
>>> Tkey handshake completed
>>>
>>> [2014/12/16 07:48:00.198457, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'helix.beanstock.co', forwarding
>>>
>>> [2014/12/16 07:48:00.199562, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'loadm.exelator.com', forwarding
>>>
>>> [2014/12/16 07:48:00.199884, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'mpp.vindicosuite.com', forwarding
>>>
>>> [2014/12/16 07:48:02.128537, 3]
>>> ../lib/ldb-samba/ldb_wrap.c:320(ldb_wrap_connect)
>>>
>>> ldb_wrap open of secrets.ldb
>>>
>>> [2014/12/16 07:48:02.284734, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'p.raasnet.com', forwarding
>>>
>>> [2014/12/16 07:48:02.285459, 3]
>>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>>
>>> Terminating connection - 'dns_tcp_call_loop:
>>> tstream_read_pdu_blob_recv()
>>> - NT_STATUS_CONNECTION_DISCONNECTED'
>>>
>>> [2014/12/16 07:48:02.285767, 3]
>>> ../source4/smbd/process_single.c:114(single_terminate)
>>>
>>> single_terminate: reason[dns_tcp_call_loop:
>>> tstream_read_pdu_blob_recv()
>>> - NT_STATUS_CONNECTION_DISCONNECTED]
>>>
>>> [2014/12/16 07:48:02.286168, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'adadvisor.net', forwarding
>>>
>>> [2014/12/16 07:48:02.286615, 2]
>>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>>
>>> Not authoritative for 'sync.teads.tv', forwarding
>>>
>>> [2014/12/16 07:48:03.535189, 0]
>>> ../source4/librpc/rpc/dcerpc_sock.c:262(continue_socket_connect)
>>>
>>> Failed to connect host 10.2.10.10 on port 135 -
>>> NT_STATUS_CONNECTION_REFUSED
>>>
>>> [2014/12/16 07:48:03.599416, 0]
>>> ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket)
>>>
>>> Failed to connect host 10.2.10.10 (75566c2f-274e-485c-809a-
>>> b63fd5a29b11._
>>> msdcs.ad.ha.net) on port 135 - NT_STATUS_CONNECTION_REFUSED.
>>>
>>> [2014/12/16 07:48:03.862288, 2]
>>> ../source4/dns_server/dns_update.c:764(dns_server_process_update)
>>>
>>> Got a dns update request.
>>>
>>> [2014/12/16 07:48:03.863345, 2]
>>> ../source4/dns_server/dns_update.c:721(dns_update_allowed)
>>>
>>> Update not allowed for unsigned packet.
>>>
>>> [2014/12/16 07:48:04.324020, 1]
>>> ../source4/dns_server/dns_query.c:526(handle_tkey)
>>>
>>> Tkey handshake completed
>>>
>>> [2014/12/16 07:48:04.770196, 0]
>>> ../source4/librpc/rpc/dcerpc_sock.c:262(continue_socket_connect)
>>>
>>> Failed to connect host 10.2.10.10 on port 135 -
>>> NT_STATUS_CONNECTION_REFUSED
>>>
>>> [2014/12/16 07:48:04.770671, 0]
>>> ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket)
>>>
>>> Failed to connect host 10.2.10.10 (75566c2f-274e-485c-809a-
>>> b63fd5a29b11._
>>> msdcs.ad.ha.net) on port 135 - NT_STATUS_CONNECTION_REFUSED.
>>>
>>> [2014/12/16 07:48:05.781269, 2]
>>> ../source4/dns_server/dns_update.c:764(dns_server_process_update)
>>>
>>> Got a dns update request.
>>>
>>> [2014/12/16 07:48:08.091355, 3]
>>> ../libcli/auth/schannel_state_tdb.c:181(schannel_fetch_session_key_tdb)
>>>
>>> schannel_fetch_session_key_tdb: restored schannel info key
>>> SECRETS/SCHANNEL/HASERVER1
>>>
>>> [2014/12/16 07:48:08.091672, 3]
>>> ../source4/auth/ntlm/auth.c:270(auth_check_password_send)
>>>
>>> auth_check_password_send: Checking password for unmapped user
>>> [A0218]\[Teacher]@[A0218]
>>>
>>> auth_check_password_send: mapped user is: [AD]\[Teacher]@[A0218]
>>>
>>> [2014/12/16 07:48:08.094254, 3]
>>> ../source4/auth/ntlm/auth_sam.c:61(authsam_search_account)
>>>
>>> sam_search_user: Couldn't find user [Teacher] in samdb, under
>>> DC=ad,DC=ha,DC=net
>>>
>>> [2014/12/16 07:48:08.094435, 2]
>>> ../source4/auth/ntlm/auth.c:420(auth_check_password_recv)
>>>
>>> auth_check_password_recv: sam_ignoredomain authentication for user
>>> [AD\Teacher] FAILED with error NT_STATUS_NO_SUCH_USER
>>>
>>> [2014/12/16 07:48:08.095864, 3]
>>> ../source4/rpc_server/dcerpc_server.c:963(dcesrv_request)
>>>
>>> [2014/12/16 07:48:08.376870, 2]
>>> ../source4/dns_server/dns_update.c:398(handle_one_update)
>>>
>>> Looking at record:
>>>
>>> [2014/12/16 07:48:08.377765, 2]
>>> ../source4/dns_server/dns_update.c:399(handle_one_update)
>>>
>>> [2014/12/16 07:48:08.377821, 1] ../librpc/ndr/ndr.c:296(ndr_
>>> print_debug)
>>>
>>> discard_const(update): struct dns_res_rec
>>>
>>> name : 'A3003.ad.ha.net'
>>>
>>> rr_type : DNS_QTYPE_A (0x1)
>>>
>>> rr_class : DNS_QCLASS_ANY (0xFF)
>>>
>>> ttl : 0x00000000 (0)
>>>
>>> length : 0x0000 (0)
>>>
>>> rdata : union dns_rdata(case 0x1)
>>>
>>> ipv4_record : (null)
>>>
>>> unexpected : DATA_BLOB length=0
>>>
>>> [2014/12/16 07:48:08.384693, 0]
>>> ../source4/librpc/rpc/dcerpc_sock.c:262(continue_socket_connect)
>>>
>>> Failed to connect host 10.2.10.10 on port 135 -
>>> NT_STATUS_CONNECTION_REFUSED
>>>
>>> [2014/12/16 07:48:08.385357, 0]
>>> ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket)
>>>
>>> Failed to connect host 10.2.10.10 (75566c2f-274e-485c-809a-
>>> b63fd5a29b11._
>>> msdcs.ad.ha.net) on port 135 - NT_STATUS_CONNECTION_REFUSED.
>>>
>>> [2014/12/16 07:48:08.704073, 3]
>>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>>
>>> Terminating connection - 'ldapsrv_call_loop:
>>> tstream_read_pdu_blob_recv()
>>> - NT_STATUS_CONNECTION_DISCONNECTED'
>>>
>>> [2014/12/16 07:48:08.704509, 3]
>>> ../source4/smbd/process_single.c:114(single_terminate)
>>>
>>> single_terminate: reason[ldapsrv_call_loop:
>>> tstream_read_pdu_blob_recv()
>>> - NT_STATUS_CONNECTION_DISCONNECTED]
>>>
>>> [2014/12/16 07:48:09.211098, 3]
>>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>>
>>> Terminating connection - 'ldapsrv_call_loop:
>>> tstream_read_pdu_blob_recv()
>>> - NT_STATUS_CONNECTION_DISCONNECTED'
>>>
>>> [2014/12/16 07:48:09.211753, 3]
>>> ../source4/smbd/process_single.c:114(single_terminate)
>>>
>>> single_terminate: reason[ldapsrv_call_loop:
>>> tstream_read_pdu_blob_recv()
>>> - NT_STATUS_CONNECTION_DISCONNECTED]
>>>
>>> [2014/12/16 07:48:09.654492, 3]
>>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>>
>>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>>>
>>> [2014/12/16 07:48:09.655160, 3]
>>> ../source4/smbd/process_single.c:114(single_terminate)
>>>
>>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>>>
>>> [2014/12/16 07:48:09.655573, 3]
>>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>>
>>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>>>
>>> [2014/12/16 07:48:09.655906, 3]
>>> ../source4/smbd/process_single.c:114(single_terminate)
>>>
>>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>>>
>>> [2014/12/16 07:48:10.979974, 0]
>>> ../source4/dsdb/dns/dns_update.c:294(dnsupdate_nameupdate_done)
>>>
>>> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
>>> NT_STATUS_IO_TIMEOUT
>>>
>>> [2014/12/16 07:48:12.915321, 2]
>>> ../source4/dns_server/dns_update.c:398(handle_one_update)
>>>
>>> Looking at record:
>>>
>>> [2014/12/16 07:48:12.915515, 2]
>>> ../source4/dns_server/dns_update.c:399(handle_one_update)
>>>
>>> [2014/12/16 07:48:12.915557, 1] ../librpc/ndr/ndr.c:296(ndr_
>>> print_debug)
>>>
>>> discard_const(update): struct dns_res_rec
>>>
>>> name : 'A3003.ad.ha.net'
>>>
>>> rr_type : DNS_QTYPE_A (0x1)
>>>
>>> rr_class : DNS_QCLASS_IN (0x1)
>>>
>>> ttl : 0x000004b0 (1200)
>>>
>>> length : 0x0004 (4)
>>>
>>> rdata : union dns_rdata(case 0x1)
>>>
>>> ipv4_record : 10.3.12.100
>>>
>>> unexpected : DATA_BLOB length=0
>>>
>>>
>>>
>>> smb.conf
>>>
>>> # Global parameters
>>>
>>> [global]
>>>
>>> workgroup = AD
>>>
>>> realm = AD.HA.NET
>>>
>>> netbios name = HAM1
>>>
>>> server role = active directory domain controller
>>>
>>> dns forwarder = 8.8.8.8
>>>
>>> # dns forwarder = 10.1.254.2
>>>
>>> idmap_ldb:use rfc2307 = yes
>>>
>>> # added 20141215 to quash printer status errors
>>>
>>> printing = bsd
>>>
>>> printcap name = /dev/null
>>>
>>> log level = 3
>>>
>>>
>>>
>>> [netlogon]
>>>
>>> path = /usr/local/samba/var/locks/sysvol/ad.ha.net/scripts
>>>
>>> read only = No
>>>
>>>
>>>
>>> [sysvol]
>>>
>>> path = /usr/local/samba/var/locks/sysvol el = 3 read only = No
>>> [netlogon]
>>>
>>> path = /usr/local/samba/var/locks/sysvol/ad.ha.net/scripts
>>>
>>> read only = No [sysvol]
>>>
>>> path = /usr/local/samba/var/locks/sysvol
>>>
>>> read only = No
>>>
>>
>>
> He has also got [sysvol] twice and just what is 'el =3' ?
>
> either it is a very bad 'cut & paste' error or he needs to remove the
> extra shares.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
CJ, can you give us the exact output from "samba-tool testparm
--suppress-prompt"? You mentioned you were having dns issues, does
"samba-tool dbcheck --cross-ncs" show any errors?
I'd also be interested in seeing the output from ps_mem.py ran every 5
mins. You can do this by downloading the script, doing crontab -e, and
putting in a line like
*/5 * * * * date >> /root/memusage.txt && /path/to/ps_mem.py | grep
"samba\|mbd" >> /root/memusage.txt && echo -e "\n\n\n" >> /root/memusage.txt
You can download ps_mem at
https://raw.githubusercontent.com/pixelb/ps_mem/master/ps_mem.py
This will give you a file named /root/memusage.txt and it will add lines
every 5 mins with the total memory usage of samba.
Ricky
More information about the samba
mailing list