[Samba] member server 3.0.23c drives me nuts
robert.gehr at baumann-gmbh.de
Mon Oct 9 14:06:00 GMT 2006
First of all thanks to the developer team in providing the samba suite.
I have been running samba servers for serveral years now but 3.0.23c
just drives me nuts.
I have a PDC and BDC running samba 3.0.23c with openldap as backend and
also a samba member server trying to run 2.0.23c.
The member server is the primary file server so I can't play with it all
The member server was running 3.0.22 before without any problems. Last
night I upgraded to 3.0.23c and the fun began.
Things I observed:
1) Random people just could not mount any shares on the member server
anymore or the mount process took very very long. All of a sudden, they
could connect to the shares again at normal speed without me changing
2) I could not log in to the member server anymore via ssh and also not
on the console. The server just didn't give me a shell. This led me to
resetting the server who had an uptime of almost 600 days. This is
actually what grieves me most ;-)
After poking around a bit I found in log.winbindd
[2006/10/09 14:41:41, 0] nsswitch/winbindd.c:process_loop(832)
winbindd: Exceeding 200 client connections, no idle connection found
[2006/10/09 14:41:41, 0] nsswitch/winbindd.c:request_main_recv(556)
googling I found someone describing the same problem and also not being
able to log into his box anymore.
If I kill winbindd and fire it up again it works for about an hour or
two before the message appears again.
wbinfo -u then produces an error like "Cannot connect to DOMAIN" or
something like that.
3) When trying to assign acls in windows to files joe suddenly appears
as "joe (Unix User\joe)" instead of "joe (MYDOMAIN\joe)"
Here goes the global part of smb.conf on the member server.
unix charset = ISO8859-1
display charset = ISO8859-1
workgroup = MYDOM
server string = %h (Samba %v)
interfaces = 10.230.1.1/255.255.0.0
security = DOMAIN
password server = pdc, bdc
deadtime = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins server = pdc
kernel oplocks = No
ldap admin dn = cn=admin,dc=mydom,dc=de
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=computers
ldap suffix = dc=mydom,dc=de
ldap ssl = start tls
ldap user suffix = ou=people
idmap backend = ldap:ldap://pdc.mydom.de
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind trusted domains only = Yes
acl group control = Yes
create mask = 00
force create mode = 0775
directory mask = 00
force directory mode = 0775
map acl inherit = Yes
veto oplock files = /*.xls/*.doc/*.mdb
level2 oplocks = No
strict locking = No
log level = 1
What am I missing or am I getting too old for the job??
Help is greatly appreciated.
"Technological progress has merely provided us
with more efficient means for going backwards"
~ Aldous Huxley
/\ /_ o__
o* ~(_) ,>/'_ o__
Robert Gehr (_)\(_) ,>/'_ o__ o__
Baumann GmbH, 92224 Amberg (_)\(_) ,>/'_ ,>/'_
visit: http://www.baumann-gmbh.de (_)\(_) (_)\(_)
More information about the samba