[Samba] samba shares fail after active directory reboot
Hong K Phooey
hkp at insightbb.com
Mon Jan 17 08:37:19 MST 2011
We have a samba server that uses active directory security. We have three active directory servers and use a dfs namespace (test.local) to encompass those three servers. We currently are using password server = TEST.local, but have had all three AD servers listed, but it has not helped.
Whenever ANY of those servers go down for maintenance, the samba shares do not come up and restarting the winbind and smb services does not seem to help. We have to reboot the linux box for the shares to show up again.
Should samba not try to query one of the other two servers when one is down? It does not appear to do so, or we have failed to modify a setting that will allow that.
Any assistance with this issue would be appreciated.
Here are the log entries for the failure:
[2011/01/15 11:19:28, 1] smbd/sesssetup.c:464(reply_spnego_kerberos)
Username TEST\sql-svc-agent-prod is invalid on this system
[2011/01/15 11:19:28, 0] lib/util_sock.c:738(write_data)
[2011/01/15 11:19:28, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
write_data: write failure in writing to client 0.0.0.0. Error Broken pipe
[2011/01/15 11:19:28, 0] smbd/process.c:62(srv_send_smb)
Error writing 39 bytes to client. -1. (Transport endpoint is not connected)
PDC: windows 2008 R2
Samba: 3.4.7 on ubuntu 10.4
Load smb config files from /etc/samba/smb.conf
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
workgroup = TEST
realm = TEST.LOCAL
server string = %h server (Samba, Ubuntu)
security = ADS
map to guest = Bad User
obey pam restrictions = Yes
password server = TEST.local
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
machine password timeout = 0
domain master = No
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 500-10000000
idmap gid = 500-10000000
template shell = /bin/bash
winbind refresh tickets = Yes
create mask = 0664
hosts deny = 172.17.4.0/255.255.255.0, 172.19.4.0/255.255.255.0
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
More information about the samba
mailing list