[Samba] Sporadic Homedirs lost

Achim Frank achim.frank at erfrakon.de
Wed Jul 16 16:31:11 GMT 2008 

Hi List,

since the upgrade of a LDAP based PDC/BDC system to PDC/BDC and fileserver we 
have problems with users sporadic loolsing their homedirs.
These events are unreproducible and only sporadic. Only the homedir not any of 
the other shares mounted from the fileserver are subject to this connection 
breakoff. The logs seem to suggest the username has been "forgotten" by the 
fileserver as the user wants to access this private share.

Attached find a portion of the logs from fileserver at the event of loosing a 
homedir (loglevel 3):

[2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(221)
  check_ntlm_password:  Checking password for unmapped user []\[]@[MACHINE] 
with the new password interface
[2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(224)
  check_ntlm_password:  mapped user is: [DOMAIN]\[]@[MACHINE]
[2008/07/15 09:43:01, 3] auth/auth.c:check_ntlm_password(270)
  check_ntlm_password: guest authentication for user [] succeeded

In the morning everything works ok like this:

[2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(221)
  check_ntlm_password:  Checking password for unmapped user 
[DOMAIN]\[myself]@[MACHINE] with the new password interface
[2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(224)
  check_ntlm_password:  mapped user is: [DOMAIN]\[myself]@[MACHINE]
[2008/07/15 08:09:44, 3] auth/auth.c:check_ntlm_password(270)
  check_ntlm_password: winbind authentication for user [myself] succeeded
[2008/07/15 08:09:44, 2] auth/auth.c:check_ntlm_password(309)
  check_ntlm_password:  authentication for user [myself] -> [myself] -> 
[myself] succeeded


Versions of Samba:
The systems are running Debian Etch. PDC/BDC on Backports kernel 2.6.24-1-686, 
fileserver on stock Etch Kernel. Samba is installed as Sernet Etch Packages 
(http://ftp.sernet.de/pub/samba/debian/ sernet-samba_3.0.28-21_i386.deb 
sernet-samba-common_3.0.28-21_i386.deb sernet-samba-doc_3.0.28-21_all.deb 
sernet-smbclient_3.0.28-21_i386.deb). We also tried sernet-samba versions 
3.0.30-22 and 3.2.0-22 but to no avail.

Samba configuration:

PDC/BDC:
[global]
...
        map to guest = Bad User
        obey pam restrictions = Yes
        template homedir = /home/%U
        veto files = /lost+found/users/
...
only shares [profiles] and [netlogon]

fileserver:
[global]
...
        security = domain
        map to guest = Bad User
        obey pam restrictions = Yes
        template homedir = /home/%U
       veto files = /lost+found/users/

[homes]
        comment = Heimatverzeichnis
        read only = No
        create mask = 0700
        browseable = No


Has anybody a clue why this could happen? Are there "magic" switches to be set 
with smb.conf on PDC/BDC if homedirs are not present on the authenticating 
servers or anything else we migght have overlooked?

Any recommendation on how to track down this misbehaving?

Thanks for your answers,
--achim

More information about the samba mailing list