[Samba] Sometimes PC can not find network path
willie_chang at avision.com.cn
willie_chang at avision.com.cn
Sun May 6 00:52:05 GMT 2007
Dear all,
I have a linux server that uses redhat AS4.I want to make a samba file
server.Because we have a windows 2003 domain,I must use "security =
ADS".The samba version is samba-3.0.10-1.4E.9.
The samba server joined windows 2003 domain successful.I can find samba
server in the "network neighborhood".Client PC access samba server must
confirms with PDC.The domain member can access directly.
There is a problem that sometimes client PC can not access the samba
server.The hint is "can not find network path".I check samba server logs
and find following error :
[2007/04/28 13:53:58, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
Under is some config files.They also in attachment.Hope you can help
me.Thank you!
*******smb.conf*******
[global]
workgroup = AVISION
realm = AVISION.COM.CN
server string = Samba sfislinux
security = ADS
password server = szad02.avision.com.cn
guest account = sambaguest
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=81
92
load printers = No
printcap name = /etc/printcap
dns proxy = No
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind enable local accounts = Yes
winbind use default domain = Yes
cups options = raw
[IT]
path = /Samba/IT
read only = No
guest ok = Yes
*******hosts******
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
10.2.20.191 sfislinux.avision.com.cn sfislinux
10.2.90.102 szad02.avision.com.cn avision.com.cn
*******krb5.conf******
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = AVISION.COM.CN
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
AVISION.COM.CN = { kdc = szad02.avision.com.cn:88
admin_server = szad02.avision.com.cn:749
default_domain = avision.com.cn
}
[domain_realm]
.avision.com.cn = AVISION.COM.CN
avision.com.cn = AVISION.COM.CN
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = { debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
*****nsswitch.conf*****
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# ldap Use LDAP (only if nss_ldap is installed)
# nisplus or nis+ Use NIS+ (NIS version 3), unsupported
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files ldap nis
#shadow: db files ldap nis
#group: db files ldap nis
passwd: files winbind & szlig
shadow: files
group: files winbind & szlig
#hosts: db files ldap nis dns
hosts: files dns
# Example - obey only what ldap tells us...
#services: ldap [NOTFOUND=return] files
#networks: ldap [NOTFOUND=return] files
#protocols: ldap [NOTFOUND=return] files
#rpc: ldap [NOTFOUND=return] files
#ethers: ldap [NOTFOUND=return] files
bootparams: files
ethers: files
netmasks: files
networks: files
protocols: files winbind
rpc: files
services: files winbind
netgroup: files winbind
publickey: files
automount: files winbind
aliases: files
**********system-auth*************
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so broken_shadow
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100
quiet
account [default=bad success=ok user_unknow=ignore]
/lib/security/$ISA/pam_krb5.so
account [default=bad success=ok user_unknow=ignore]
/lib/security/$ISA/pam_winbind.so
account required /lib/security/$ISA/pam_permit.so
#account requisite /lib/security/$ISA/pam_succeed_if.so user ingroup
unix
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok
md5 shadow
password sufficient /lib/security/$ISA/pam_krb5.so use_authtok
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_mkhomedir.so skel=etc/skel
umask=0027
seesion optional /lib/security/$ISA/pam_krb5.so
*******kdc.conf************
[kdcdefaults]
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
v4_mode = nopreauth
[realms]
AVISION.COM.CN = { master_key_type = des-cbc-crc
supported_enctypes = arcfour-hmac:normal arcfour-hmac:norealm
arcfour-hmac:onlyrealm des3-hmac-sha1:normal des-hmac-sha1:normal
des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
}
********a part of samba log about one client pc*************
[2007/04/28 08:48:57, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 5249)
[2007/04/28 08:49:05, 0] smbd/connection.c:register_message_flags(220)
register_message_flags: tdb_fetch failed
[2007/04/28 08:49:05, 0] smbd/service.c:make_connection(805)
avs03575- (10.2.20.99) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2007/04/28 08:49:08, 0] smbd/connection.c:register_message_flags(220)
register_message_flags: tdb_fetch failed
[2007/04/28 09:04:08, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 09:04:08, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 09:11:24, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 76a7
[2007/04/28 09:14:58, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 09:15:27, 0] smbd/service.c:make_connection(805)
avs03575- (10.2.20.99) couldn't find service desktop.ini
[2007/04/28 09:17:10, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7511
[2007/04/28 09:26:41, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 09:32:13, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 72da
[2007/04/28 09:48:46, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 76a7
[2007/04/28 09:51:44, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7543
[2007/04/28 09:51:58, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7252
[2007/04/28 10:00:26, 0] smbd/connection.c:register_message_flags(220)
register_message_flags: tdb_fetch failed
[2007/04/28 10:00:26, 0] smbd/service.c:make_connection(805)
avs03575- (10.2.20.99) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2007/04/28 10:00:28, 0] smbd/connection.c:register_message_flags(220)
register_message_flags: tdb_fetch failed
[2007/04/28 10:07:37, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 10:14:48, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7199
[2007/04/28 10:14:55, 0] smbd/connection.c:register_message_flags(220)
register_message_flags: tdb_fetch failed
[2007/04/28 10:14:55, 0] smbd/service.c:make_connection(805)
avs03575- (10.2.20.99) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2007/04/28 10:14:56, 0] smbd/connection.c:register_message_flags(220)
register_message_flags: tdb_fetch failed
[2007/04/28 10:16:24, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7559
[2007/04/28 10:16:55, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 75f3
[2007/04/28 10:28:02, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7561
[2007/04/28 10:29:51, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 10:34:52, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 10:35:46, 1] smbd/ipc.c:api_fd_reply(292)
api_fd_reply: INVALID PIPE HANDLE: 7300
[2007/04/28 10:45:10, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 11:55:38, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 7355)
[2007/04/28 11:55:45, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 12:49:53, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 7685)
[2007/04/28 12:50:10, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 13:03:53, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 7746)
[2007/04/28 13:09:41, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 13:09:41, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 13:17:27, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 7798)
[2007/04/28 13:23:55, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 13:32:17, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 13:42:26, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 7846)
[2007/04/28 13:42:37, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 13:42:43, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 7860)
[2007/04/28 13:53:58, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2007/04/28 13:53:58, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
[2007/04/28 14:07:48, 1] smbd/service.c:make_connection_snum(648)
avs03575- (10.2.20.99) connect to service IT initially as user
AVISION\avs03575 (uid=16777216, gid=16777220) (pid 8020)
[2007/04/28 14:07:58, 1] smbd/service.c:close_cnum(841)
avs03575- (10.2.20.99) closed connection to service IT
(See attached file: smb.conf)(See attached file: hosts)(See attached file:
krb5.conf)(See attached file: nsswitch.conf)(See attached file:
system-auth)(See attached file: kdc.conf)
More information about the samba
mailing list