[Samba] Random disconnects from Samba server
Hirayama, Pat
phirayam at fredhutch.org
Thu Mar 1 00:51:42 UTC 2018
First, some background.
We have a Linux server (CentOS 7.3.1611, Samba 4.4.4, sssd 1.14.0) that is providing access vis SMB to various file systems (home folders on NetApp filer, shared data stored on SwiftStack), and joined to our Active Directory. Clients connecting to it are Windows 7 or 10 (mostly Win10), or OS X Macs running ... El Capitan or Sierra or High Sierra). Our problem is that we get reports from some clients that they've lost connection and when they try to remap the drive, they get access denied or other generic error messages. Meanwhile, other clients continue to access their storage through this Samba server with no issues. Logs don't actually seem to point to any specific issues. Sometimes restarting sssd is sufficient. Other times, we've had to actually remove the Linux server from our Active Directory and rejoin it -- which disconnects everybody.
So, I built a second Linux Server (Ubuntu 16.04.2 LTS, Samba 2.4.3.11+_dfsg-0ubuntu0.16.04.12, sssd 1.13.4-lubuntu1.10) to see if I get different results. I joined it to our AD. This one seems more stable .... but I have a Win10 test user who reports getting disconnected with popups complaining that "the directory name is invalid" or "the handle is invalid". Sometimes the user is working actively in the directory in question. Sometimes it is just connected, but he is off doing something else. Again, logs are unhelpful -- even with log level = 5.
One of the main reasons we're doing this is that the home drives in question are often accessed from Linux, and so there are softlinks to other file systems. So, users have a bunch of softlinks pointing to directories on different file systems and access them by first going to their home directory, then clicking on the softlink so that they end up where they want to go, regardless of whether they are on a Mac or a Windows machine (hence "follow symlinks = yes" in smb.conf below.
Any thoughts or suggestions on what I should look at next would be appreciated.
Thanks,
-p
smb.conf:
[global]
workgroup = XXXXX
client signing = yes
client use spnego = yes
kerberos method = secrets and keytab
realm = XXXXX.ORG
security = ads
unix extensions = no
follow symlinks = Yes
wide links = yes
allow insecure wide links = yes
server string = %h server (Samba, Ubuntu)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 50000
syslog = 0
panic action = /usr/share/samba/panic-action %d
log level = 5 passdb:5 auth:5
server role = member server
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yes
[home]
path = /home/%U
read only = No
create mask = 0664
directory mask = 02775
inherit acls = Yes
case sensitive = No
veto files = /.tnatr:*/
map readonly = permissions
mangled names = No
browseable = Yes
wide links = Yes
follow symlinks = Yes
dos filemode = Yes
[homes]
comment = %U's Home Directory
path = /home/%U
read only = No
create mask = 0664
directory mask = 02775
inherit acls = Yes
case sensitive = No
veto files = /.tnatr:*/
map readonly = permissions
mangled names = No
public = No
browseable = Yes
writeable = Yes
dos filemode = Yes
follow symlinks = Yes
wide links = Yes
--
Pat Hirayama
Systems Engineer / 206.667.4856 / phirayam at fredhutch.org / Fred Hutch / Cures Start Here
CIT | Advancing IT and Data Services to Accelerate the Elimination of Disease
More information about the samba
mailing list