[Samba] File locking problem

Ulrik Guenther kpanic at 00t.org
Wed Mar 23 19:38:59 GMT 2005

Hello everyone,

I have a 50-client Samba installation here (version of Samba is 3.0.12). The problem is, that files are not locked correctly. The scenario is the following:
1. User A opens a word document file and edits it
2. User B tries to open the same file, too
3. Instead of getting a warning that the file is in use by another user (like it was when we had NT4), Word opens the file without any problems
4. Now, both users edit the file and save it.
5. Result: Data loss.

This was just an example, the same thing occurs with AutoCAD files, Excel files, OpenOffice.org files,... every file, to sum it up.
I already tried turning opportunistic locking off, turning strict locking on/off, nothing worked (you can find the smb.conf of the server attached to this mail). Last weekend I noticed a strange behavior: I was logged in on two clients with the same user and tried to open the same file on both. This time, the program (tried with Notepad, Word) protested and said that the file is already open.
If I understood the functionality of Samba right, a new smbd process is spawned for every client who logs on (for every user or for every client?)... so might this be an issue with SystemV IPC?
On this server we use LDAP for storing group and user information for Samba. The following data might also be valuable:
* the server is empowered by an AMD Opteron 144 with 1 GiB of RAM
* the operating system is FreeBSD 5.3-STABLE
* Samba version is 3.0.12
* OpenLDAP version is 2.2.23
* OpenLDAP is running on the same computer as Samba
* the data is stored on a Geom-Vinum RAID-1 volume set (mirrored)

Please, please help as soon as possible, as we already have lost a big bunch of data! If you need more information, just ask, I'll try to provide it asap.

Thanks in advance,

Ulrik Guenther
-------------- next part --------------
   netbios name = SAMBASERVER
   netbios aliases = SERVER1
   workgroup = WORKGROUP
   server string = Samba LDAP PDC
   ldap passwd sync = yes
   passdb backend = ldapsam:ldap://
   ldap admin dn = cn=Manager,dc=somecompany,dc=org
   ldap suffix = dc=somecompany,dc=org
   ldap group suffix = ou=Groups
   ldap user suffix = ou=Users
   ldap machine suffix = ou=Computers
   ldap ssl = no
   syslog = yes 
   log level = 0
   log file = /dataroot/samba/log/samba.log
   os level = 65
   preferred master = yes
   domain master = yes
   local master = yes
   security = user
   encrypt passwords = yes
   domain logons = yes
   logon path = \\SERVER1\profiles\%U
   logon drive = H:
   logon home = \\SERVER1\homes\%U
   logon script = netlogon.bat

   add user script = /usr/local/sbin/smbldap-useradd -m "%u"
   ldap delete dn = yes
   add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
   add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
   add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
   delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
   set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

   Dos charset = ISO8859-15
   mangling method = hash
   display charset = ISO8859-1
   unix charset = ISO8859-1
   admin users = Administrator
   printcap name = cups
   load printers = yes
   keep alive = 10
   deadtime = 360
   lock directory = /dataroot/samba/locks
   comment = Drucker
   printing = CUPS
   printable = yes
   create mask = 0600
   path = /klettroot/printers
   browseable = yes
   guest ok = yes

   path = /dataroot/netlogon
   comment = Network Logon Service
   read only = yes
   write list = @"Domain Admins"
   browseable = no
   guest ok = yes

   comment = Nutzerprofile
   path = /dataroot/profiles
   read only = no
   browseable = no
   create mask = 0664
   directory mask = 0775
   profile acls = Yes
   guest ok = yes
   force user = %U
   valid users = %U @"Domain Admins"

   comment = Dateien von %U (%u)
   read only = no
   create mask = 0644
   directory mask = 0775
   browseable = no

   path = /dataroot/shares/programm
   comment = Programme
   read only = no
   create mask = 0644
   directory mask = 0775
   browseable = yes
   guest ok = yes

   path = /dataroot/shares/daten
   comment = Daten
   read only = no
   create mask = 0664
   directory mask = 0775
   browseable = yes
   guest ok = no
   valid users = %U @"Domain Users" @"Domain Admins"

   path = /dataroot/shares/cd
   browseable = yes
   directory mask =0775
   create mask = 0644
   read only = no
   guest ok = no

More information about the samba mailing list