Fw: Samba 4 - very long login time on Windows 7
fatman
fatman at crackmonkey.us
Fri Jan 28 12:41:50 MST 2011
On Mon, 24 Jan 2011 10:45:06 +1000
Andrew Bartlett <abartlet at samba.org> wrote:
> On Sun, 2011-01-23 at 13:48 +0000, fatman wrote:
> > On Fri, 21 Jan 2011 01:15:49 +0300
> > Matthieu Patou <mat at samba.org> wrote:
> > > >>>> On both systems, Event Viewer shows event IDs 6005 and 6006
> > > >>>> each occurring twice during login.
> > > >>> please provide us tcpdump traces between your s4 server and
> > > >>> your client (1 is sufficient).
> > > It seems that you are using roaming profiles, have you made the
> > > test without ?
> >
> > No. I can make a user without a profile. Will that do or do I need
> > to disable profiles completely?
> >
> > > And also the trace shows no activity on the network between 0:50
> > > to 6:08, do you have anything suspect in the windows logs ?
> >
> > The only suspect thing in the Windows logs is events 6005 and 6006,
> > as mentioned previously. It's almost as if the login halts
> > completely between each 6005/6006 pair.
> >
> > > Also it seems that the trace is not complete, can you make a trace
> > > from the moment when the workstation boot ?
> >
> > That's right, I only started the log when the client was at the
> > login screen. I'll get a new one from boot this time.
> >
> > Btw, the command I'm using is "sudo tcpdump -p -s 0
> > -w /root/file.pcap port 445 or port 139 -i eth0", which is almost
> > per the page you linked, except that I had to specify the interface
> > as it didn't work without.
>
> Please don't restrict the ports. AD logon uses more protocols than
> that.
>
> ie, the examples under 'If you're sure the problem is only related to
> SMB, you can filter the traffic based on the ports:' does not apply to
> use of Samba4.
>
> Andrew Bartlett
Sorry this took so long.
I've put a new trace at the usual location:
https://dreamtrack.dnsalias.com/downloads/login-trace.7z
This one is a full trace from boot, using a user without profile, event
log included, and not restricting any ports. You'll have to filter out
my SSH and web traffic, not that there's much of either. The command I
used was "sudo tcpdump -p -s 0 -w /root/file.pcap -i eth0".
Hope I didn't forget anything this time. ;)
Regards,
Adam J Richardson
More information about the samba-technical
mailing list