[Samba] Samba clients disconnect periodically

BIS bimal at bimal.biz
Wed Nov 14 12:07:11 GMT 2007


Any help Please

On Tue, 2007-11-13 at 16:35 -0600, BIS wrote:
> I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is
> very basic setup with Ldap setup. 
> 
> All of our desktop  (Windows and MAC) clients (>250) simultaneously
> started dropping their connections to our Samba fileserver. Since then,
> I have tested with RHEL5 and SuSE with Samba 3.0.23c, 24 and 25. None
> the latested fix this problem.
> 
> So I downgraded to samba 3.0.10 and it works better but still have
> problem disconnecting with clients disconnection. The problem has also
> appeared on clients running disparate operating systems: Mac OS 10.3.9
> and 10.4.x, Windows 2000 and Windows XP.  (None of our Linux desktops
> use the CIFS mounts we provide.)
> 
> I was never able to replicate on Windows Desktop.
> 
> I will really appreciate your input
> 
> 
> 
> --------Here is smb.conf file-------------------------------------
> 
> [global]	
> 
> # set basic name strings
> server string = DOMAIN
> workgroup = NEW_DOMAIN
> netbios name = DOMAIN
> 
> # log level and log file.  Samba can use syslog as well, but it's just
> # easier not to.  Plus, we can separate out log information by user
> # (%U) and machine (%m) if we use Samba's internal logging.  Samba
> # auto-rotates logs when they get bigger than 'max log size' Kb, but
> # it only retains one old log and one new one.
> log level = 1 vfs:3
> log file = /var/log/samba/%U.%m.log
> max log size = 102400
> 
> # how to add machine trust accounts to LDAP
> add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m'
> 
> # only bind to the correct (cluster) IP address; otherwise, we'll
> broadcast
> # this nodes IP address and the SAN IP as master browsers in addition to
> the
> # cluster IP.
> bind interfaces only = true
> interfaces = 10.1.1.44
> 
> # for netlogon (which we don't use)
> logon path =
> logon home =
> 
> # some performance tweaks
> socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536
> SO_KEEPALIVE
> 
> # no limit to the number of processes to spawn (which is good, because
> # Samba has recently been going crazy and spawning hundreds of
> processes)
> max smbd processes = 0  
> 
> # basic domain master setup
> encrypt passwords = yes
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> security = user
> # os level = 33 will make Huxley win any contests to see who is the
> # domain master.  (There shouldn't be any, but what the hey.)
> os level = 33
> 
> # where to find the WINS server
> wins server = 10.9.1.12
> 
> # users in this (LDAP) group will have their smbd processes run as
> # root, giving them access to _everything_.  They will also be allowed
> # to join computers to the domain
> admin users = +ntadmin
> 
> # LDAP setup -- where to find stuff, etc.  At least some earlier
> # versions of Samba had a bug that forced machine accounts and user
> # accounts to be in the same tree, which is why they're not separated
> # out
> passdb backend = ldapsam:ldap://ldap.example.com
> ldap suffix = o=example.com,o=isp
> ldap machine suffix = ou=People
> ldap user suffix = ou=People
> ldap group suffix = ou=Groups
> ldap admin dn = cn=directory manager
> ldap ssl = on
> 
> # not sure what these do, to be honest
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> 
> # include extra user configuration.  For instance, if you wanted to
> # turn up the log level for John User, you could create a file called
> # 'juser.inc' (or whatever John's username is) and add a 'log level'
> # line to it.  This include statement has to be here, at the end of
> # the [global] section and before any of the shares, so that it can
> # override any global configuration directives, but won't be
> # considered part of any particular share.
> include = /etc/samba/%U.inc
> 
> ##################################
> #           HOME DRIVE           #
> ##################################
> [home]
> comment = Home directories
> 
> # basic config: don't allow guest access, allow write, show this
> # volume in a volume listing of this machine
> guest ok = 0
> read only = no
> browseable = yes
> 
> # create the path from the user's home directory, which is populated
> # from LDAP
> path = %H
> 
> # auto-create home and publichtml folders
> root preexec = /usr/local/maint/mkhome '%U'
> 
> # the permissions of a given folder should be the same as the
> # permissions of its parent.  This helps preserve permissions for both
> # home and publichtml, which should be different
> inherit permissions = yes
> 
> # default permissions
> directory mask = 0700
> force directory mode = 0700
> create mask = 0600
> force create mode = 0600
> 
> ##################################
> #           MISC DRIVE           #
> ##################################
> [misc]
> comment = misc drive
> path = /misc
> 
> # basic config: don't allow guest access, allow write, show this
> # volume in a volume listing of this machine
> guest ok = 0
> read only = no
> browseable = yes
> 
> # for some reason, inherit permissions doesn't work on /misc, although
> # it should.  Set all permissions according to the defaults.  When I
> # create a new folder for a department, etc., I can set its
> # permissions specially, which will allow me to prevent or allow
> # anonymous access as necessary.
> inherit permissions = no
> directory mask = 2775
> force directory mode = 2770
> create mask = 0664
> force create mode = 0660
> 
> # allow some more fancy ACL-based controls on files
> nt acl support = yes
> map acl inherit = yes
> inherit acls = yes
> 
> # let anyone who has write access to a file change its permissions.
> # this is similar to the way DOS/Windows does things
> dos filemode = yes
> 
> # anyone who can write to a file can change its timestamp (again, to
> # mimic DOS/Windows)
> dos filetimes = yes
> 
> # configuration for full audit plugin, which will let us see all
> # accesses and operations on the Misc drive.  Currently disabled due
> # to high I/O loads caused by it.
> #vfs objects = full_audit
> full_audit:success = all
> full_audit:failure = none
> full_audit:facility = LOCAL6
> 
> # different groups access webdirs different, so include it from a file.
> include = /etc/samba/%G.inc
> 
> 



More information about the samba mailing list