[Samba] Homes shares randomly dissapear on AD-DC'S
Achim Gottinger
achim at ag-web.biz
Tue Jul 8 04:34:29 MDT 2014
Am 08.07.2014 11:23, schrieb Achim Gottinger:
> Hi,
>
> I have an strange issue on our company network. We run samba4 ad-dc's
> on four branches as separate sites, they are connected via ipsec
> tunnels, all servers are debian wheezy systems using sernet 4.1.9-8
> samba packages.
> We use roaming profiles with folder redirection configured via GPo's.
> In tree of the four branches users suddenly losse the connection to
> their home shares, since their appdata and desktop folders are
> redirected there desktop goes blank and all types of errors pop up. If
> i look at the samba server i can see the all shares are still
> available beside the homes share and the sare with the username. It's
> fixable with an samba restart on the server side. It never happens on
> the main site just at the branches.
> First this happen every two weeks or so on tree branches thougt i can
> prevent it by restarting samba every night but that did not help.
> Two days ago i upgraded samba from 4.1.4-7 to 4.1.9-8 and since then
> it happes twice a day.
>
> Here's the config we use at all four locations with differen netbios
> name's of course.
>
> # Global parameters
> [global]
> workgroup = DOMAIN
> realm = domain.local
> netbios name = SERVER
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
> dns forwarder = 192.168.160.200
> template shell = /bin/bash
> log level = 3
> wins support = Yes
> deadtime = 10
> socket options = TCP_NODELAY SO_KEEPALIVE TCP_KEEPIDLE=120
> TCP_KEEPINTVL=10 TCP_KEEPCNT=5
> ea support = yes
> store dos attributes = yes
> map readonly = no
> map archive = no
> map system = no
> map hidden = no
> strict allocate = yes
> acl allow execute always = yes
> vfs objects = dfs_samba4, acl_xattr, aio_pthread
> aio read size = 1024
> aio write size = 1024
> csc policy = disable
> reset on zero vc = yes
> idmap config * : range = 3000000-4000000
>
> [netlogon]
> root preexec = /etc/samba/scripts/user.py "%U"
> path = /var/lib/samba/sysvol/fot.local/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [profiles]
> path = /data/profiles
> read only = no
>
> [homes]
> read only = No
>
> [data]
> path = /data/data
> read only = No
> inherit acls = Yes
>
> [applic]
> path = /data/applic
> read only = No
> inherit acls = Yes
>
> [printers]
> comment = All Printers
> path = /var/lib/samba/printing
> browseable = Yes
> read only = No
> printable = Yes
>
> [print$]
> comment = Point and Print Printer Drivers
> path = /var/lib/samba/drivers
> read only = No
>
> Unfortunately i have no error messages from log.smbd, had the log
> level increased from1 to 3 and it seems to rotate once it reaches 5MB,
> another thing i have to investigate now, there is no logrotate
> configuration which interferes here.
> I remember seeing errors like "service [username]not found trying
> [username] as a printer".
>
> Once it starts to happen for one user others can work for an while and
> access there home shares but they loose them in an timeframe of about
> an hour.
>
> Have some of you seens such an behavior? It looks kinda dubious here
> atm. :-)
>
> achim~
>
Hmm only differnce between main site and the branches was this setting
only defined at the main site.
reset on zero vc = yes
Added it to the branches configs, increased log level to 5 and max log
size to 500MB and have to wait if the issue appears again.
More information about the samba
mailing list