memory leak in samba4 ad with sernet package 4.0.09 and 4.0.10 on debian wheezy 64Bit

Sun Nov 3 14:07:07 MST 2013

Hi list,
i'm using sernet's packages for samba4 installed on debian wheezy 64Bit.

Starting a while ago with  4.0.09 i hit a memory leak

my small script to monitor the memory usage of samba4 with ps_mem.py:

#!/bin/bash
while :
do
        echo `date -u +%Y.%m.%d-%H.%M.%S`; ./ps_mem.py | grep mb
        #echo "Press [CTRL+C] to stop.."
        sleep 5
done

some results:

2013.10.03-22.59.43
 15.5 MiB +  31.7 MiB =  47.2 MiB       smbd (4)
805.8 MiB +  35.1 MiB = 841.0 MiB       samba (14)
-
-
2013.10.04-07.46.15
904.0 KiB + 849.5 KiB =   1.7 MiB       smbd (2)
  1.8 GiB +   7.3 MiB =   1.8 GiB       samba (14)
-
2013.10.04-08.36.09
916.0 KiB + 859.5 KiB =   1.7 MiB       smbd (2)
  1.9 GiB +   7.6 MiB =   1.9 GiB       samba (14)

i've used a slightly modified dcpromo.sh from the sernet samba appliance to install the active directory and adding the zarafa schema Installer 1.5. dns is internal.

with the update to  4.0.10 this memory leak was gone.

Now i've installed a new system (other place) in same manner beginning with sernet package 4.0.10  and i hit the memory leak again,  samba is now going to consume more than 2GB a day.  more than 6GB in three days, so i restart samba here nightly

according to hints on this list i put  SAMBA_EXTRA_OPTS="--leak-report-full"  in /etc/default/sernet-samba and have some leak reports for package  4.0.09 and 4.0.10.

----

In both systems i successfully added a second DC by following the docs, everything works flawless.
a user created on second dc is nearly immediately synced to the other (first) dc

just a small glitch i found when following the docs on fileservices i did this on the second (new) DC
	 net rpc rights grant 'MYDOMAIN\Domain Admins' SeDiskOperatorPrivilege -Uadministrator
and
 net rpc rights list accounts -Uadministrator | grep SeDiskOperatorPrivilege
Enter administrator's password:
SeDiskOperatorPrivilege

found SeDiskOperatorPrivilege as expected.

but on the other DC:
 net rpc rights list accounts -Uadministrator | grep SeDiskOperatorPrivilege
found nothing, so this right is not synced?

however, all seems to work for me, but i havn't tested much with fileservices

an other small glitch was while using gpmc to add rdp right to users on local computers: i need to create a german "Administratoren" group to make gpmc happy, it doesn't want admnistrators in my german windows XP

adding adm templates for office11,  creating and using GPOs (firewall, rdp etc..)  in my testlab works fine for me, i've tested mostly with xp but a bit with win7 also, wich seem to work for me :-)
i also use successfully zarafa with sso (outlook) and webaccess sso in win7 wich simply works after installed as written in the docs.
funny for me is that i've to learn administrating from windows since samba4 is (seems to?) ready to use....

i successfully used  Active Directory Application Mode (ADAM) on xp  wich includes csvde for bulk importing many users via csv
i made a simple batch creating most AD features for my users  in a csv exportfile like
DN,objectClass,description,name,sAMAccountName,mail,zarafaAccount,zarafaAdmin,zarafaSharedStoreOnly,userAccountControl,sn,givenName,displayName
to reduce the need of clicks in ActiveDirectory Users and Computers ( i'll wait since windowsNT that i'm allowed to resize the properties windows of a user :-)

Samba4 is definitely Great work, i like it...
thanks a lot for this project

jens