[Samba] Clustered Samba: Every 24 hours "There are Currently No Logon Servers Available"

Daniel Müller mueller at tropenklinik.de
Tue Apr 12 04:27:54 MDT 2011 

You are right, so you have to put the samba4wins on different machine(your
pdc) and the secondary wins on your bdc.
So your pdc point to winsserver 1
And your bdc points to your winsserver2. Both winsserver1 and winsserver2
replicate.
Your windows clients have wins1= winsserver1 and wins2= winsserver2
I think if you have a samba4wins running you will not need a nmbd process
running on your ctdb cluster.
I think it should be enough to point to one of the samba4wins ( it will
provide what nmbd is usually doing).
But this a point of try and error.
I myself have discarded ctdb because it should not be used on a pdc or bdc.
I have PDC/ldap2.4 BDC/ldap2.4 in multimaster replication, winbind.
Samba4wins on both Logon-Server push and pull each other.
Glusterfs serving the HA of user data. And ucarp fixing the Ha availability
with a virt.IP switching from
PDC to  BDC as the machines are up or down.


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de 

Von: erik bergsma [mailto:ebergsma1 at gmail.com] 
Gesendet: Dienstag, 12. April 2011 11:20
An: mueller at tropenklinik.de
Cc: samba at lists.samba.org
Betreff: Re: [Samba] Clustered Samba: Every 24 hours "There are Currently No
Logon Servers Available"

Hi Daniel,

again thanks for your input! and a great looking tutorial!
although i have a couple of questions:

- you said to set these options in smb.conf:  bind interfaces only = yes
&& interfaces = 192.168.9.1

in this PDF document (Clustering Samba With CTDB A Tutorial At sambaXP 2009)
http://www.samba.org/~obnox/presentations/sambaXP-2009/sambaxp-2009-tutorial
-samba-ctdb-slides-paper.pdf
it says: " if CTDB MANAGES SAMBA, do not set interfaces or bind interfaces
only" (page 10)

is it safe to ignore these recommendations? and wouldn't that mess up the
whole setup in a CTDB ip takeover?

same thing goes for the "socket address =" option "Setting this option
should never be necessary on usual Samba servers running only one nmbd. By
default Samba will accept connections on any address"
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#SOCKETADDRESS

- your tutorial is for 1 server in a cluster; i think i should implement the
same steps on the other servers, and then setup the push and pull
replication between the nodes, right?
and should every server use its local samba4wins daemon for wins? or should
all the other servers point to samba4wins on the first server?

Erik

2011/4/11 Daniel Müller <mueller at tropenklinik.de>
For your wins server you can use samba4wins. It is great. For your linux-box
you have to compile it.
samba4wins can replicate to another samba4wins. I use it in my samba pdc/bdc
setup so both server have their own wins pus and pull partner. Samba4wins
can be installed on the same server as your ctdb/samba3
For nmbd to run without problems:
Look here: http://ftp.sernet.com/pub/samba4WINS/samba4wins-1.0.8-HOWTO.txt
 
Usually the following sockets are used to listen on:

smbd:
0.0.0.0:139 tcp
0.0.0.0:445 tcp

nmbd:
192.168.9.1:137 udp
0.0.0.0:137 udp
192.168.9.1:138 udp
0.0.0.0:138 udp

In this case all incoming packets would go through the 0.0.0.0:* sockets.
If you would start smbd4wins, it wouldn't be possible to listen on port 137
as nmdd already listens there with the wildcard ip.

So what you need is to make nmbd not using the wildcard address,
and we need a seperate unicast address for smbd4wins.

This will add the 192.168.9.2 as 2nd address to the eth0 interface:
ifconfig eth0:2 192.168.9.2 netmask 255.255.255 broadcast 192.168.9.255

To make nmbd not using the wildcard address, you need this:
so what you need is the following in your smb.conf (for samba3!)
<------ /etc/samba/smb.conf --------------->
[globals]
...
netbios name = SERVER1
...
# only use the given interfaces
bind interfaces only = yes
# this is the unicast address
interfaces = 192.168.9.1
# this is the broadcast address
socket address = 192.168.9.255

# as we want to use samba4wins as wins server
# set the address here
wins server = 192.168.9.2
...
<------------------------------------------>

smbd4wins should only act as wins server and should in this case only handle
unicast
requests, as it's imposible to have 2 unix process listening on the same
broadcast address
and the same port (192.168.9.255 port 127 in this case).
Also it should use a different netbios name!

<------ /etc/samba4wins/samba4wins.conf --------------->
[globals]
...
# it's important that this netbios name is different from 
# the one that's used for samba3!
netbios name = SERVER1-WINS
...
# only use the given interfaces
bind interfaces only = yes
# this is the unicast address
interfaces = 192.168.9.2
# samba4wins is only a wins server, 
# and broadcasts are handled by samba3
# so disable listening on the broadcast address
nbtd:disable_broadcast = yes

# as we want to ourself as wins server
# and don't listen on 127.0.0.1
# we need to explicit set the wins server here
wins server = 192.168.9.2
...
<------------------------------------------>

After these changes, the use of listening sockets should be like this:

smbd:
192.168.9.1:139 tcp
192.168.9.1:445 tcp

nmbd:
192.168.9.1:137 udp
192.168.9.255:137 udp
192.168.9.1:138 udp
192.168.9.255:138 udp

smbd4wins:
192.168.9.2:42 tcp
192.168.9.2:137 udp
 
 
 
 
On Mon, 11 Apr 2011 16:52:37 +0200, erik bergsma <ebergsma1 at gmail.com>
wrote:
Daniel,
thanks for your input! so i have to set this option "wins server =
some.external.wins.ip" on both nodes then, correct? (and the next step is
then to make the win server redundant aswell) 

and do i also have make sure the nmbd processes will not start anymore (that
is configurable in /etc/conf.d/samba on gentoo) or do these processes take
care of the name registration etc. ?

Erik
2011/4/8 Daniel Müller <mueller at tropenklinik.de>
Hi,
in your ctdb-cluster you use the same netbios-name for both nodes!?
As far as I know  wins, nmbd should not be active on both nodes. You should
use an external wins.



-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------

-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von erik bergsma
Gesendet: Freitag, 8. April 2011 12:21
An: samba at lists.samba.org
Betreff: [Samba] Clustered Samba: Every 24 hours "There are Currently No
Logon Servers Available"

All,

i have this very weird and annoying problem in my clustered setup: every ~24
hours the vista clients cant login, or even unlock there screens anymore.
The error they receive is "currently no logon services available"
this is very odd, because i have 2 samba 3.5.8 servers available, running
and configured to handle login requests.

in the mean time the people that are logged in already can use shares etc,
same for mac users. So my guess its a wins/nmbd/netbios issue; not being to
resolve my domain name into an ip address

it is a clustered (CTDB) setup with 2 nodes, based on gentoo, samba 3.5.8,
ldap and glusterfs
the setup is like this:
192.168.100.81 static maintenance ip of node0
192.168.100.82 static ip of node1
192.168.100.83 floating/ctdb ip of node1
192.168.100.84 floating/ctdb ip of node0

node0 has domain master = no, preferred master = no, wins server =
192.168.100.82
node1 had domain master = auto, preferred master = yes, wins support = yes

in the 192.168.100 subnet there are
- some other non samba gentoo machines
- a windows 2k3 server for printing, no wins support installed, smbclient
reports this is the master of another domain (used to have a gentoo & samba
3.0 master, but that is switched off now)
- a windows 2k8 server used for pxe (is domain master of an AD domain, used
only for the PXE setup, not using any recources of the other 2 domain, no
wins support installed, no clients)

in the 192.168.9.* to 192.168.14.* subnets there are ~60 windows vista/
windows 7 clients all statically configured to use 192.168.100.83 and
192.168.100.84 as WINS server

what i do to resolve this issue is:
- turn of ctdb & samba on node0
- reboot node0 (because samba deadlocks, other discussion)
- start ctdb & samba on node0
 - turn of ctdb & samba on node1
- reboot node1 (because samba deadlocks, other discussion)
- start ctdb & samba on node1

only then the issue is resolved, and the clients can login again;
just powering down node0 does not work, even in you restart nmbd on node1
and the log file says its a master browser and domain master of all the ip's
associated

i hate doing the reboot thing again and again, because it screws up the
Glusterfs replication, and is just dirty.

in the past week i had this setting: node0: domain master = auto, preferred
master = auto, i then saw sometimes that node1 and node0 arguing over who is
the master of one of the 4 ip, otherwise the loglevel 1 files stay pretty
clean. Ive now blocked all ingoing and outgoing traffic to and from ports
137,138,139 to the 2 windows machines, just to be safe (and also i have
become a little desperate :( )

the other thing that is weird that node0 starts 1 nmbd process, and node1
starts 2 of them... but this may be by design.

i have a hunch that i have some rogue wins server somewhere that likes to
tell that he is the domain master of my domain, does this make sense? can i
debug this?
or does somebody have another suggestion how to resolve this issue?

thanks in advance!
Erik
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
 
 

More information about the samba mailing list