[Samba] Samba clients disconnect periodically
BIS
bimal at bimal.biz
Tue Nov 13 22:35:48 GMT 2007
I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is
very basic setup with Ldap setup.
All of our desktop (Windows and MAC) clients (>250) simultaneously
started dropping their connections to our Samba fileserver. Since then,
I have tested with RHEL5 and SuSE with Samba 3.0.23c, 24 and 25. None
the latested fix this problem.
So I downgraded to samba 3.0.10 and it works better but still have
problem disconnecting with clients disconnection. The problem has also
appeared on clients running disparate operating systems: Mac OS 10.3.9
and 10.4.x, Windows 2000 and Windows XP. (None of our Linux desktops
use the CIFS mounts we provide.)
I was never able to replicate on Windows Desktop.
I will really appreciate your input
--------Here is smb.conf file-------------------------------------
[global]
# set basic name strings
server string = DOMAIN
workgroup = NEW_DOMAIN
netbios name = DOMAIN
# log level and log file. Samba can use syslog as well, but it's just
# easier not to. Plus, we can separate out log information by user
# (%U) and machine (%m) if we use Samba's internal logging. Samba
# auto-rotates logs when they get bigger than 'max log size' Kb, but
# it only retains one old log and one new one.
log level = 1 vfs:3
log file = /var/log/samba/%U.%m.log
max log size = 102400
# how to add machine trust accounts to LDAP
add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m'
# only bind to the correct (cluster) IP address; otherwise, we'll
broadcast
# this nodes IP address and the SAN IP as master browsers in addition to
the
# cluster IP.
bind interfaces only = true
interfaces = 10.1.1.44
# for netlogon (which we don't use)
logon path =
logon home =
# some performance tweaks
socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536
SO_KEEPALIVE
# no limit to the number of processes to spawn (which is good, because
# Samba has recently been going crazy and spawning hundreds of
processes)
max smbd processes = 0
# basic domain master setup
encrypt passwords = yes
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
security = user
# os level = 33 will make Huxley win any contests to see who is the
# domain master. (There shouldn't be any, but what the hey.)
os level = 33
# where to find the WINS server
wins server = 10.9.1.12
# users in this (LDAP) group will have their smbd processes run as
# root, giving them access to _everything_. They will also be allowed
# to join computers to the domain
admin users = +ntadmin
# LDAP setup -- where to find stuff, etc. At least some earlier
# versions of Samba had a bug that forced machine accounts and user
# accounts to be in the same tree, which is why they're not separated
# out
passdb backend = ldapsam:ldap://ldap.example.com
ldap suffix = o=example.com,o=isp
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap admin dn = cn=directory manager
ldap ssl = on
# not sure what these do, to be honest
idmap uid = 10000-20000
idmap gid = 10000-20000
# include extra user configuration. For instance, if you wanted to
# turn up the log level for John User, you could create a file called
# 'juser.inc' (or whatever John's username is) and add a 'log level'
# line to it. This include statement has to be here, at the end of
# the [global] section and before any of the shares, so that it can
# override any global configuration directives, but won't be
# considered part of any particular share.
include = /etc/samba/%U.inc
##################################
# HOME DRIVE #
##################################
[home]
comment = Home directories
# basic config: don't allow guest access, allow write, show this
# volume in a volume listing of this machine
guest ok = 0
read only = no
browseable = yes
# create the path from the user's home directory, which is populated
# from LDAP
path = %H
# auto-create home and publichtml folders
root preexec = /usr/local/maint/mkhome '%U'
# the permissions of a given folder should be the same as the
# permissions of its parent. This helps preserve permissions for both
# home and publichtml, which should be different
inherit permissions = yes
# default permissions
directory mask = 0700
force directory mode = 0700
create mask = 0600
force create mode = 0600
##################################
# MISC DRIVE #
##################################
[misc]
comment = misc drive
path = /misc
# basic config: don't allow guest access, allow write, show this
# volume in a volume listing of this machine
guest ok = 0
read only = no
browseable = yes
# for some reason, inherit permissions doesn't work on /misc, although
# it should. Set all permissions according to the defaults. When I
# create a new folder for a department, etc., I can set its
# permissions specially, which will allow me to prevent or allow
# anonymous access as necessary.
inherit permissions = no
directory mask = 2775
force directory mode = 2770
create mask = 0664
force create mode = 0660
# allow some more fancy ACL-based controls on files
nt acl support = yes
map acl inherit = yes
inherit acls = yes
# let anyone who has write access to a file change its permissions.
# this is similar to the way DOS/Windows does things
dos filemode = yes
# anyone who can write to a file can change its timestamp (again, to
# mimic DOS/Windows)
dos filetimes = yes
# configuration for full audit plugin, which will let us see all
# accesses and operations on the Misc drive. Currently disabled due
# to high I/O loads caused by it.
#vfs objects = full_audit
full_audit:success = all
full_audit:failure = none
full_audit:facility = LOCAL6
# different groups access webdirs different, so include it from a file.
include = /etc/samba/%G.inc
More information about the samba
mailing list