[Samba] fixed delay logging onto Samba3.3 from Vista Business
mathog at caltech.edu
Thu May 27 13:34:08 MDT 2010
Marc Cain wrote:
> When the following local GPO is left in its default setting Samba
domain logons are delayed for 30 seconds: "Computer
Configuration\Administrative Templates\System\User Profiles\Set maximum
wait time for the network if the user has a roaming user profile or
remote home directory."
> Enable this and set the value to 0 to work around this timeout. The
timeout does not occur when logging into an Active Directory PDC running
Server 2008 R2. I have not tested this with w2k8 R2 client.
> In addition, if the user's desktop is set to a solid background color
logons of any kind (local, AD, samba) will be delayed by 30 seconds. Set
the background to any .jpg image or apply Microsoft's hotfix to work
around this issue. This is a cumulative timeout; that is, if the above
timeout is in affect and the solid background color timeout is also in
affect the delay is 60 seconds.
Oh crud, the background is solid. On the other hand, the machine is
fully patched, so maybe that hotfix is already in place.
I ran wireshark on the client, and also had netlogon going. Edited the
netlogon.log so that the times all ended in .000000 and saved the dump
in .csv format. Merged them and sorted by time. You can see the
The login starts with the netlogon 11:28:44.000000 entry.
Some interesting stuff in there. There is an ARP request just before
the end of the 30 second gap in netlogon messages at 11:29:15.000000.
Just before that there are 5 seconds where no packets move between the
server and the client, in either direction. (188.8.131.52 / Gigabyte is
the workstations, 184.108.40.206 / Supermicro is the server.)
Why the heck is the client waiting for 30 seconds from the start of the
session to look up the server's address, and why is it sending out an
ARP when the workstation had a TCP packet at 11:28:39.677891, only 35
seconds before? Not to mention that in this case both the server and
workstation have static IP addresses!
The 15 second gap starting at 11:29:16 corresponds to 3 ICMP ping
requests from the client to the server, none of which trigger a response
packet. Of course the server firewall is configured to drop all of
those - I bet allowing them will eliminate the 15 second delay.
Possibly one of the configuration settings you mention would do the same.
mathog at caltech.edu
Manager, Sequence Analysis Facility, Biology Division, Caltech
More information about the samba