[Samba] Samba on Solaris filing

Shane Henry Shane.Henry at integral.com.au
Thu Apr 19 02:08:23 GMT 2007 

G'day all,

I've been getting some strange things happening with my samba setup. At
the moment we've got a SAMBA/LDAP setup to provide single sign/roaming
profiles for our Windows machines. We've got 1 PDC & 3 BDC's all running
Solaris 10 on Sun-Fire-V440's.

The problem is that the system seems to run fine for about a day or two
(users login/logout, etc), but then for no apparent reason users can't
log in.

If I run 'smbclient -L RAVEN' on the PDC, I get the following error:
session request to RAVEN failed (Call timed out: server did not respond
after 20000 milliseconds)
session request to *SMBSERVER failed (Call timed out: server did not
respond after 20000 milliseconds)

Having run the same command the night before, it all worked fine.

I can restart the SAMBA daemons (and the LDAP daemons), but nothing
seems to fix it. The only fix that seems to work is to reboot the
server. Once the system is rebooted, it all seems to work fine for a day
or two, then it just stops working again.

I've looked through the logs and can't seem to find anything that
indicates the problem. I've also searched the net for answers, but as of
yet, I've found no answer but to reboot the servers.

At the moment we're running samba 3.0.23b on Solaris 10.

Any suggestions about where to go from here would be greatly
appreciated.

Thanks in advance,
Shane


smb.conf:
# Global parameters
[global]
	workgroup = SCADA
	netbios name = RAVEN
	server string = Samba Server %v
	interfaces = 159.73.160.13/255.255.255.0
159.73.161.13/255.255.255.0 lo0
	bind interfaces only = Yes
	hosts allow = 159.73.160.0/255.255.255.0
159.73.161.0/255.255.255.0 127.0.0.1
	passdb backend = ldapsam:ldap://127.0.0.1/
	enable privileges = Yes
	username map = /etc/samba/smbusers
	security = user
	log level = 3
	log file = /var/log/samba/samba.log
	max log size = 0
	encrypt passwords = Yes
	unix password sync = Yes
	# smbldap-passwdNT is a hacked script to make it work for us
	passwd program = /usr/local/sbin/smbldap-passwdNT "%u"
	passwd chat = "Changing UNIX and samba passwords for*\nNew
password*" %n\n "*Retype new password*" %n\n "*Password*changed*"
	passwd chat timeout = 10
	passwd chat debug = No
	smb ports = 139
	name resolve order = wins bcast hosts
	time server = Yes
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        preserve case = yes
        short preserve case = yes
        case sensitive = no

        add user script = /usr/local/sbin/smbldap-useradd -m "%u"
        delete user script = /usr/local/sbin/smbldap-userdel "%u"
        add group script = /usr/local/sbin/smbldap-groupadd "%g" 
        delete group script = /usr/local/sbin/smbldap-groupdel "%g"
        add user to group script = /usr/local/sbin/smbldap-groupmod -m
"%u" "%g"
        delete user from group script = /usr/local/sbin/smbldap-groupmod
-x "%u" "%g"
	set primary group script = /usr/local/sbin/smbldap-usermod -g
"%g" "%u"
        add machine script = /usr/local/sbin/smbldap-useradd -w "%u"

	logon script = logon.bat
        logon path = \\%L\profiles\%U
	logon drive = H:
        logon home = \\%L\%U

	domain logons = Yes
	domain master = Yes
	wins support = yes
	preferred master = Yes
	os level = 99

	ldap suffix = dc=scada,dc=ie,dc=com,dc=au
        ldap machine suffix = ou=People
        ldap user suffix = ou=People
        ldap group suffix = ou=Group
	ldap idmap suffix = ou=Idmap
	ldap admin dn = cn=Manager,dc=scada,dc=ie,dc=com,dc=au
	map acl inherit = Yes
	ldap ssl = no
	ldap passwd sync = Yes

	idmap backend = ldap:ldap://127.0.0.1
	idmap uid = 15000-20000
	idmap gid = 15000-20000


[netlogon]
	comment = Network Logon Service
	path = /export/home/samba/netlogon/
	guest ok = Yes
	locking = No

[profiles]
	comment = Profile Share
	path = /export/home/samba/profiles/
	read only = No
	profile acls = Yes

[doc]
	path = /export/home/samba/doc/
	read only = yes
	create mask = 0750
	guest ok = no
	write list = @ie

[homes]
	comment = Home Directories
	valid users = %U
	read only = no
	create mask = 0644
	directory mask = 0775
	browseable = No



**********************************************************************
Please consider our environment before printing this email.

NOTICE - This communication contains information which is confidential and the copyright of Integral Energy Australia or a third party.

If you are not the intended recipient of this communication please delete and destroy all copies and telephone Integral Energy on 131081 immediately. If you are the intended recipient of this communication you should not copy, disclose  or distribute this communication without the authority of Integral Energy.

Any views expressed in this Communication are those of the individual sender, except where the sender specifically states them to be the views of Integral Energy.

Except as required at law, Integral Energy does not represent, warrant and/or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors, virus, interception or inference.
**********************************************************************

More information about the samba mailing list