[Samba] Samba clients disconnect periodically

BIS bimal at bimal.biz
Tue Nov 13 22:35:48 GMT 2007


I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is
very basic setup with Ldap setup. 

All of our desktop  (Windows and MAC) clients (>250) simultaneously
started dropping their connections to our Samba fileserver. Since then,
I have tested with RHEL5 and SuSE with Samba 3.0.23c, 24 and 25. None
the latested fix this problem.

So I downgraded to samba 3.0.10 and it works better but still have
problem disconnecting with clients disconnection. The problem has also
appeared on clients running disparate operating systems: Mac OS 10.3.9
and 10.4.x, Windows 2000 and Windows XP.  (None of our Linux desktops
use the CIFS mounts we provide.)

I was never able to replicate on Windows Desktop.

I will really appreciate your input



--------Here is smb.conf file-------------------------------------

[global]	

# set basic name strings
server string = DOMAIN
workgroup = NEW_DOMAIN
netbios name = DOMAIN

# log level and log file.  Samba can use syslog as well, but it's just
# easier not to.  Plus, we can separate out log information by user
# (%U) and machine (%m) if we use Samba's internal logging.  Samba
# auto-rotates logs when they get bigger than 'max log size' Kb, but
# it only retains one old log and one new one.
log level = 1 vfs:3
log file = /var/log/samba/%U.%m.log
max log size = 102400

# how to add machine trust accounts to LDAP
add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m'

# only bind to the correct (cluster) IP address; otherwise, we'll
broadcast
# this nodes IP address and the SAN IP as master browsers in addition to
the
# cluster IP.
bind interfaces only = true
interfaces = 10.1.1.44

# for netlogon (which we don't use)
logon path =
logon home =

# some performance tweaks
socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536
SO_KEEPALIVE

# no limit to the number of processes to spawn (which is good, because
# Samba has recently been going crazy and spawning hundreds of
processes)
max smbd processes = 0  

# basic domain master setup
encrypt passwords = yes
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
security = user
# os level = 33 will make Huxley win any contests to see who is the
# domain master.  (There shouldn't be any, but what the hey.)
os level = 33

# where to find the WINS server
wins server = 10.9.1.12

# users in this (LDAP) group will have their smbd processes run as
# root, giving them access to _everything_.  They will also be allowed
# to join computers to the domain
admin users = +ntadmin

# LDAP setup -- where to find stuff, etc.  At least some earlier
# versions of Samba had a bug that forced machine accounts and user
# accounts to be in the same tree, which is why they're not separated
# out
passdb backend = ldapsam:ldap://ldap.example.com
ldap suffix = o=example.com,o=isp
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap admin dn = cn=directory manager
ldap ssl = on

# not sure what these do, to be honest
idmap uid = 10000-20000
idmap gid = 10000-20000

# include extra user configuration.  For instance, if you wanted to
# turn up the log level for John User, you could create a file called
# 'juser.inc' (or whatever John's username is) and add a 'log level'
# line to it.  This include statement has to be here, at the end of
# the [global] section and before any of the shares, so that it can
# override any global configuration directives, but won't be
# considered part of any particular share.
include = /etc/samba/%U.inc

##################################
#           HOME DRIVE           #
##################################
[home]
comment = Home directories

# basic config: don't allow guest access, allow write, show this
# volume in a volume listing of this machine
guest ok = 0
read only = no
browseable = yes

# create the path from the user's home directory, which is populated
# from LDAP
path = %H

# auto-create home and publichtml folders
root preexec = /usr/local/maint/mkhome '%U'

# the permissions of a given folder should be the same as the
# permissions of its parent.  This helps preserve permissions for both
# home and publichtml, which should be different
inherit permissions = yes

# default permissions
directory mask = 0700
force directory mode = 0700
create mask = 0600
force create mode = 0600

##################################
#           MISC DRIVE           #
##################################
[misc]
comment = misc drive
path = /misc

# basic config: don't allow guest access, allow write, show this
# volume in a volume listing of this machine
guest ok = 0
read only = no
browseable = yes

# for some reason, inherit permissions doesn't work on /misc, although
# it should.  Set all permissions according to the defaults.  When I
# create a new folder for a department, etc., I can set its
# permissions specially, which will allow me to prevent or allow
# anonymous access as necessary.
inherit permissions = no
directory mask = 2775
force directory mode = 2770
create mask = 0664
force create mode = 0660

# allow some more fancy ACL-based controls on files
nt acl support = yes
map acl inherit = yes
inherit acls = yes

# let anyone who has write access to a file change its permissions.
# this is similar to the way DOS/Windows does things
dos filemode = yes

# anyone who can write to a file can change its timestamp (again, to
# mimic DOS/Windows)
dos filetimes = yes

# configuration for full audit plugin, which will let us see all
# accesses and operations on the Misc drive.  Currently disabled due
# to high I/O loads caused by it.
#vfs objects = full_audit
full_audit:success = all
full_audit:failure = none
full_audit:facility = LOCAL6

# different groups access webdirs different, so include it from a file.
include = /etc/samba/%G.inc




More information about the samba mailing list