[Samba] Urgent: problem with SAMBA+LDAP

Stéphane Purnelle stephane.purnelle at tiscali.be
Sat Apr 23 10:14:15 GMT 2005


Your ldap server is on the same server or on a other server ?
Have you verify that you not have a network problem with your  server 
which contain LDAP.

Luiz Alfredo Baggiotto a écrit :

>Greetings Experts!
>
>Sorry for my poor english, but I´m inside of a terrible nightmare!!!
>I´m using Samba+LDAP has about 2 months ago without problems, but in the last 4 hours, the system is absolutelly unstable. I couldn´t upgrade or patched anything. The problem simply has appeared.
>
>Principally system characteristics:
>
>- Sun Fire V880 running Solaris 9
>- openldap-2.2.23
>- nss_ldap-232
>- pam_ldap-176
>- samba-3.0.11 ==> samba-3.0.14a
>
>Symptoms: the users couldn´t make login in Samba domain and the network for those that already connected were was very slow. SSH, NFS and Apache services were ok. The syslog said "nss_ldap: could not get LDAP result - Can't contact LDAP server".
>
>I tried to reinitialize the daemons (samba and ldap) but the problem has persisted. After that, I rebooted the server, but it doesn´t solve the problem too. Then I was upgraded my samba (from 3.0.11 to 3.0.14a) and now is possible to make login and work normally, but as at the moment it has only one few users, I fear that in the Monday the problem can be happened again.
>
>Please, PLEASE: somebody has some idea about as it can happen and as I could solve the problem, in case that it happens again? I´m really despaired. Any help is very appreciated!
>
>My smb.conf is thus:
>
># Global parameters
>[global]
>        workgroup = MY_DOMAIN
>        netbios name = ARRAKIS
>        server string = Server
>        security = USER
>        passdb backend = ldapsam:ldap://ldap.domain/
>        passwd program = /usr/local/sbin/smbldap-passwd -u %u
>        passwd chat = *password* %n\n *new*password* %n\n
>        passwd chat debug = Yes
>        encrypt passwords = Yes
>        log level = 3
>        max log size = 50000
>        load printers = No
>        kernel oplocks = No
>        utmp = yes
>        domain logons = Yes
>        domain master = Yes
>        use sendfile = no
>        keep alive = 60
>        smb ports = 445 139
>        wins server = 10.40.48.25
>        delete user script = /usr/local/sbin/smbldap-userdel "%u"
>        add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
>        set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
>        add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
>        delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
>        add group script = /usr/local/sbin/smbldap-groupadd "%g"
>        delete group script = /usr/local/sbin/smbldap-groupdel "%g"
>        logon drive = h:
>        logon script = %U.bat
>        logon path = \\%N\profiles\%U
>        ldap server = ldap.domain
>        ldap port = 389
>        ldap suffix = dc=domain,dc=mine
>        ldap machine suffix = ou=Computers
>        ldap user suffix = ou=Users
>        ldap group suffix = ou=Groups
>        ldap admin dn = cn=Administrator,dc=domain,dc=min
>        ldap passwd sync = Yes
>        ldap delete dn = Yes
>
>I was compiled the softs with these options:
>
>OpenLDAP: ./configure	--with-tls \
>				--disable-wrappers \
>				--enable-crypt \
>				--enable-bdb \
>				--enable-ldbm \
>				--enable-spasswd \
>				--with-cyrus-sasl \
>				--enable-slapd \
>				--enable-syslog \
>				--enable-ipv6=no \
>				--without-kerberos \
>				--enable-shared
>
>Samba: ./configure	--with-readline \
>				--with-smbwrapper \
>				--with-ldap \
>				--with-ldapsam \
>				--with-pam \
>				--with-pam_smbpass \
>				--with-syslog \
>				--with-quotas \
>				--with-utmp \
>				--with-vfs
>
>Apparently, the most significative system error log says this:
>
>===============================================
>Apr 23 00:09:46 arrakis smbd[22907]: [ID 510469 daemon.error] nss_ldap: could not get LDAP result - Can't contact LDAP server
>Apr 23 00:09:46 arrakis last message repeated 1 time
>Apr 23 00:09:46 arrakis smbd[22907]: [ID 982204 daemon.info] nss_ldap: reconnecting to LDAP server...
>Apr 23 00:09:46 arrakis slapd[159]: [ID 848112 local4.debug] conn=1364 fd=19 ACCEPT from IP=200.132.10.12:34100 (IP=0.0.0.0:389)
>Apr 23 00:09:46 arrakis slapd[159]: [ID 347666 local4.debug] conn=1364 op=0 BIND dn="" method=128
>Apr 23 00:09:46 arrakis slapd[159]: [ID 217296 local4.debug] conn=1364 op=0 RESULT tag=97 err=0 text=
>Apr 23 00:09:46 arrakis smbd[22907]: [ID 569656 daemon.info] nss_ldap: reconnected to LDAP server after 1 attempt(s)
>Apr 23 00:09:46 arrakis slapd[159]: [ID 870088 local4.debug] get_filter: unknown filter type=130
>Apr 23 00:09:46 arrakis last message repeated 3 times
>Apr 23 00:09:46 arrakis slapd[159]: [ID 998954 local4.debug] conn=1364 op=1 SRCH base="dc=domain,dc=mine" scope=2 deref=0 filter="(&(
>objectClass=nisNetgroup)(|(?=undefined)(?=undefined)(?=undefined)(?=undefined)(?=undefined)(?=undefined)(?=undefined)(?=undefined)
>(?=undefined)(?=undefined)(?=undefined)(?=undefined)))"
>
>......
>
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:set_socket_options(202)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   Failed to set socket option SO_KEEPALIVE (Error Invalid argument)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:set_socket_options(202)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   Failed to set socket option TCP_NODELAY (Error Invalid argument)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/access.c:check_access(328)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   Denied connection from  (0.0.0.0)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   Connection denied from 0.0.0.0
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:write_socket_data(430)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   write_socket_data: write failure. Error = Broken pipe
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:write_socket(455)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   write_socket: Error writing 5 bytes to socket 5: ERRNO = Broken pipe
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:send_smb(647)
>Apr 23 00:10:59 arrakis smbd[22828]: [ID 702911 daemon.error]   Error writing 5 bytes to client. -1. (Broken pipe)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:set_socket_options(202)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   Failed to set socket option SO_KEEPALIVE (Error Invalid argument)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:set_socket_options(202)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   Failed to set socket option TCP_NODELAY (Error Invalid argument)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/access.c:check_access(328)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   Denied connection from  (0.0.0.0)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:get_peer_addr(1150)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   getpeername failed. Error was Transport endpoint is not connected
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   Connection denied from 0.0.0.0
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:write_socket_data(430)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   write_socket_data: write failure. Error = Broken pipe
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:write_socket(455)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   write_socket: Error writing 5 bytes to socket 5: ERRNO = Broken pipe
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] lib/util_sock.c:send_smb(647)
>Apr 23 00:10:59 arrakis smbd[22830]: [ID 702911 daemon.error]   Error writing 5 bytes to client. -1. (Broken pipe)
>Apr 23 00:10:59 arrakis smbd[22723]: [ID 702911 daemon.error] [2005/04/23 00:10:59, 0] smbd/server.c:open_sockets_smbd(388)
>Apr 23 00:10:59 arrakis smbd[22723]: [ID 702911 daemon.error]   open_sockets_smbd: accept: Software caused connection abort
>===============================================
>
>I was read about these errors in the samba-list archives and tried to use some options in my smb.conf (more especifically "keep alive = 60", "smb ports = 445 139" e "use sendfile = no"), but this didn´t result. These errors appears to each 1-5 minutes.
>
>THANKS in advance for ANY help.
>
>
>
>  
>


-- 
Stéphane Purnelle <stephane.purnelle at tiscali.be>
Site Web : http://www.linuxplusvalue.be



More information about the samba mailing list