[Samba] Homes shares randomly dissapear on AD-DC'S

Achim Gottinger achim at ag-web.biz
Tue Jul 8 04:34:29 MDT 2014


Am 08.07.2014 11:23, schrieb Achim Gottinger:
> Hi,
>
> I have an strange issue on our company network. We run samba4 ad-dc's 
> on four branches as separate sites, they are connected via ipsec 
> tunnels, all servers are debian wheezy systems using sernet 4.1.9-8 
> samba packages.
> We use roaming profiles with folder redirection configured via GPo's. 
> In tree of the four branches users suddenly losse the connection to 
> their home shares, since their appdata and desktop folders are 
> redirected there desktop goes blank and all types of errors pop up. If 
> i look at the samba server i can see the all shares are still 
> available beside the homes share and the sare with the username. It's 
> fixable with an samba restart on the server side. It never happens on 
> the main site just at the branches.
> First this happen every two weeks or so on tree branches thougt i can 
> prevent it by restarting samba every night but that did not help.
> Two days ago i upgraded samba from 4.1.4-7 to 4.1.9-8 and since then 
> it happes twice a day.
>
> Here's the config we use at all four locations with differen netbios 
> name's of course.
>
> # Global parameters
> [global]
>         workgroup = DOMAIN
>         realm = domain.local
>         netbios name = SERVER
>         server role = active directory domain controller
>         idmap_ldb:use rfc2307 = yes
>         dns forwarder = 192.168.160.200
>         template shell = /bin/bash
>         log level = 3
>         wins support = Yes
>         deadtime = 10
>         socket options = TCP_NODELAY SO_KEEPALIVE TCP_KEEPIDLE=120 
> TCP_KEEPINTVL=10 TCP_KEEPCNT=5
>         ea support = yes
>         store dos attributes = yes
>         map readonly = no
>         map archive = no
>         map system = no
>         map hidden = no
>         strict allocate = yes
>         acl allow execute always = yes
>         vfs objects = dfs_samba4, acl_xattr, aio_pthread
>         aio read size = 1024
>         aio write size = 1024
>         csc policy = disable
>         reset on zero vc = yes
>         idmap config * : range = 3000000-4000000
>
> [netlogon]
>         root preexec = /etc/samba/scripts/user.py "%U"
>         path = /var/lib/samba/sysvol/fot.local/scripts
>         read only = No
>
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
>
> [profiles]
>         path = /data/profiles
>         read only = no
>
> [homes]
>         read only = No
>
> [data]
>         path = /data/data
>         read only = No
>         inherit acls = Yes
>
> [applic]
>         path = /data/applic
>         read only = No
>         inherit acls = Yes
>
> [printers]
>         comment = All Printers
>         path = /var/lib/samba/printing
>         browseable = Yes
>         read only = No
>         printable = Yes
>
> [print$]
>         comment = Point and Print Printer Drivers
>         path = /var/lib/samba/drivers
>         read only = No
>
> Unfortunately i have no error messages from log.smbd, had the log 
> level increased from1 to 3 and it seems to rotate once it reaches 5MB, 
> another thing i have to investigate now, there is no logrotate 
> configuration which interferes here.
> I remember seeing errors like "service [username]not found trying 
> [username] as a printer".
>
> Once it starts to happen for one user others can work for an while and 
> access there home shares but they loose them in an timeframe of about 
> an hour.
>
> Have some of you seens such an behavior? It looks kinda dubious here 
> atm. :-)
>
> achim~
>
Hmm only differnce between main site and the branches was this setting 
only defined at the main site.

reset on zero vc = yes

Added it to the branches configs, increased log level to 5 and max log 
size to 500MB and have to wait if the issue appears again.






More information about the samba mailing list