[Samba] member server 3.0.23c drives me nuts

Todd Barbera TBarbera at sbli.com
Mon Oct 9 14:50:15 GMT 2006 

Hi Robert,

I've run into a bug with 3.0.23c in terms of groups not showing up.
Given what I have been reading, you may be wise to downgrade back to
3.0.22 (assuming that was stable for you) until the bugs can get ironed
out. Apparently it's a Brave New World with 3.0.23c... 

Good luck,

Todd

-----Original Message-----
From: samba-bounces+tbarbera=sbli.com at lists.samba.org
[mailto:samba-bounces+tbarbera=sbli.com at lists.samba.org] On Behalf Of
Robert Gehr
Sent: Monday, October 09, 2006 10:06 AM
To: samba at lists.samba.org
Subject: [Samba] member server 3.0.23c drives me nuts

Hello everybody

First of all thanks to the developer team in providing the samba suite.
I have been running samba servers for serveral years now but 3.0.23c 
just drives me nuts.

I have a PDC and BDC running samba 3.0.23c with openldap as backend and 
also a samba member server trying to run 2.0.23c.
The member server is the primary file server so I can't play with it all

that much.
The member server was running 3.0.22 before without any problems. Last 
night I upgraded to 3.0.23c and the fun began.

Things I observed:

1) Random people just could not mount any shares on the member server 
anymore or the mount process took very very long. All of a sudden, they 
could connect to the shares again at normal speed without me changing 
anything.

2) I could not log in to the member server anymore via ssh and also not 
on the console. The server just didn't give me a shell. This led me to 
resetting the server who had an uptime of almost 600 days. This is 
actually what grieves me most ;-)

After poking around a bit I found in log.winbindd

[2006/10/09 14:41:41, 0] nsswitch/winbindd.c:process_loop(832)
   winbindd: Exceeding 200 client connections, no idle connection found
[2006/10/09 14:41:41, 0] nsswitch/winbindd.c:request_main_recv(556)
   malloc failed

googling I found someone describing the same problem and also not being 
able to log into his box anymore.
If I kill winbindd and fire it up again it works for about an hour or 
two before the message appears again.
wbinfo -u then produces an error like "Cannot connect to DOMAIN" or 
something like that.

3) When trying to assign acls in windows to files joe suddenly appears 
as "joe (Unix User\joe)" instead of "joe (MYDOMAIN\joe)"


Here goes the global part of smb.conf on the member server.

    [global]
    unix charset = ISO8859-1
    display charset = ISO8859-1
    workgroup = MYDOM
    server string = %h (Samba %v)
    interfaces = 10.230.1.1/255.255.0.0
    security = DOMAIN
    password server = pdc, bdc
    deadtime = 10
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    wins server = pdc
    kernel oplocks = No
    ldap admin dn = cn=admin,dc=mydom,dc=de
    ldap group suffix = ou=groups
    ldap idmap suffix = ou=idmap
    ldap machine suffix = ou=computers
    ldap suffix = dc=mydom,dc=de
    ldap ssl = start tls
    ldap user suffix = ou=people
    idmap backend = ldap:ldap://pdc.mydom.de
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    winbind trusted domains only = Yes
    acl group control = Yes
    create mask = 00
    force create mode = 0775
    directory mask = 00
    force directory mode = 0775
    map acl inherit = Yes
    veto oplock files = /*.xls/*.doc/*.mdb
    level2 oplocks = No
    strict locking = No
    log level = 1


What am I missing or am I getting too old for the job??

Help is greatly appreciated.


-- 
Best Regards
Robert Gehr


"Technological progress has merely provided us
  with more efficient means for going backwards"

~ Aldous Huxley



      o
   /\ /_          o__
o*  ~(_)         ,>/'_      o__
Robert Gehr     (_)\(_)     ,>/'_   o__       o__
Baumann GmbH, 92224 Amberg (_)\(_)  ,>/'_     ,>/'_
visit: http://www.baumann-gmbh.de  (_)\(_)   (_)\(_)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


The Savings Bank Life Insurance Company of Massachusetts is in no way affiliated with the Savings Bank Life Insurance Company of Connecticut or SBLI USA Mutual Life Insurance Company, Inc. Centrian Life Insurance is the name that the Savings Bank Life Insurance Company of Massachusetts operates under in Connecticut. It is in no way affiliated with the Savings Bank Life Insurance Company, the name that VantisLife Insurance Company operates under in Connecticut.


This message contains information which may be confidential and privileged. Unless you are the addressee (or authorized to receive for the addressee), you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail, and delete or destroy the message.

More information about the samba mailing list