[Samba] Sporadic Homedirs lost
Achim Frank
achim.frank at erfrakon.de
Wed Jul 16 16:31:11 GMT 2008
Hi List,
since the upgrade of a LDAP based PDC/BDC system to PDC/BDC and fileserver we
have problems with users sporadic loolsing their homedirs.
These events are unreproducible and only sporadic. Only the homedir not any of
the other shares mounted from the fileserver are subject to this connection
breakoff. The logs seem to suggest the username has been "forgotten" by the
fileserver as the user wants to access this private share.
Attached find a portion of the logs from fileserver at the event of loosing a
homedir (loglevel 3):
[2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(221)
check_ntlm_password: Checking password for unmapped user []\[]@[MACHINE]
with the new password interface
[2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(224)
check_ntlm_password: mapped user is: [DOMAIN]\[]@[MACHINE]
[2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(270)
check_ntlm_password: guest authentication for user [] succeeded
In the morning everything works ok like this:
[2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(221)
check_ntlm_password: Checking password for unmapped user
[DOMAIN]\[myself]@[MACHINE] with the new password interface
[2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(224)
check_ntlm_password: mapped user is: [DOMAIN]\[myself]@[MACHINE]
[2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(270)
check_ntlm_password: winbind authentication for user [myself] succeeded
[2008/07/15 08:09:44, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [myself] -> [myself] ->
[myself] succeeded
Versions of Samba:
The systems are running Debian Etch. PDC/BDC on Backports kernel 2.6.24-1-686,
fileserver on stock Etch Kernel. Samba is installed as Sernet Etch Packages
(http://ftp.sernet.de/pub/samba/debian/ sernet-samba_3.0.28-21_i386.deb
sernet-samba-common_3.0.28-21_i386.deb sernet-samba-doc_3.0.28-21_all.deb
sernet-smbclient_3.0.28-21_i386.deb). We also tried sernet-samba versions
3.0.30-22 and 3.2.0-22 but to no avail.
Samba configuration:
PDC/BDC:
[global]
...
map to guest = Bad User
obey pam restrictions = Yes
template homedir = /home/%U
veto files = /lost+found/users/
...
only shares [profiles] and [netlogon]
fileserver:
[global]
...
security = domain
map to guest = Bad User
obey pam restrictions = Yes
template homedir = /home/%U
veto files = /lost+found/users/
[homes]
comment = Heimatverzeichnis
read only = No
create mask = 0700
browseable = No
Has anybody a clue why this could happen? Are there "magic" switches to be set
with smb.conf on PDC/BDC if homedirs are not present on the authenticating
servers or anything else we migght have overlooked?
Any recommendation on how to track down this misbehaving?
Thanks for your answers,
--achim
More information about the samba
mailing list