[Samba] Slow Directory Access after upgrade to 3.5.6

Dale Schroeder dale at BriannasSaladDressing.com
Mon Sep 26 11:51:23 MDT 2011


On 09/26/2011 11:05 AM, Mike wrote:
> On Sun, Sep 25, 2011 at 5:44 PM, sghaida<saddam.abughaida at gmail.com>  wrote:
>
>> hello,
>>
>> why do you use samba as preferred master ?? . it seems that you are using
>> samba only for shares security=user so you can set preferred master = no
>> and
>> remove the OS entries since it only helps in master election, and regarding
>> the wins (nmblookup) you need to run the nmb service. and to clarify the
>> problem in more understandable way. can you dump the output of testparam
>> -vv
>>
>>
>>
> Hi Saddam,
>
> Thank you very much for your reply.
> A long time ago when I first set up the server, I thought I read the
> "preferred master" parameter was necessary for clients, but it appears I am
> wrong in this understanding.  I will research this in the samba
> documentation.

If you wish for your Samba system to be the domain master browser, then use

     domain master = Yes
     preferred master = Yes
     local master = Yes
     os level = 99    # (65 or higher)

That might solve your master browser error messages.  See
http://lists.samba.org/archive/samba-technical/2000-June/008259.html

Another suggestion here:
http://www.mail-archive.com/samba@lists.samba.org/msg61180.html

Otherwise, you can do as Saddam suggests.

Dale
>
> I am currently running the nmbd process, but I get the feeling perhaps
> running an "nmb service" may be something different.
>
> I have enclosed the testparm -vv dump below.
> The server role is stated as:   ROLE_STANDALONE
>
> Thanks again for taking the time to respond; very much appreciated.
> Here's the other output:
>
>
> [global]
>      dos charset = CP850
>      unix charset = UTF-8
>      display charset = LOCALE
>      workgroup = MW
>      netbios name = A1
>      netbios aliases =
>      netbios scope =
>      server string = A1 Server
>      interfaces =
>      bind interfaces only = No
>      security = USER
>      auth methods =
>      encrypt passwords = Yes
>      update encrypted = No
>      client schannel = Auto
>      server schannel = Auto
>      allow trusted domains = Yes
>      map to guest = Never
>      null passwords = No
>      obey pam restrictions = No
>      password server = *
>      smb passwd file = /etc/samba/private/smbpasswd
>      private dir = /etc/samba/private
>      passdb backend = tdbsam
>      algorithmic rid base = 1000
>      root directory =
>      guest account = nobody
>      enable privileges = Yes
>      pam password change = No
>      passwd program =
>      passwd chat = *new*password* %n\n *new*password* %n\n *changed*
>      passwd chat debug = No
>      passwd chat timeout = 2
>      check password script =
>      username map =
>      password level = 0
>      username level = 0
>      unix password sync = No
>      restrict anonymous = 0
>      lanman auth = No
>      ntlm auth = Yes
>      client NTLMv2 auth = No
>      client lanman auth = No
>      client plaintext auth = No
>      preload modules =
>      dedicated keytab file =
>      kerberos method = default
>      map untrusted to domain = No
>      log level = 3
>      syslog = 1
>      syslog only = No
>      log file = /var/log/samba.%m
>      max log size = 500
>      debug timestamp = Yes
>      debug prefix timestamp = No
>      debug hires timestamp = Yes
>      debug pid = No
>      debug uid = No
>      debug class = No
>      enable core files = Yes
>      smb ports = 445 139
>      large readwrite = Yes
>      max protocol = NT1
>      min protocol = CORE
>      min receivefile size = 0
>      read raw = Yes
>      write raw = Yes
>      disable netbios = No
>      reset on zero vc = No
>      acl compatibility = auto
>      defer sharing violations = Yes
>      nt pipe support = Yes
>      nt status support = Yes
>      announce version = 4.9
>      announce as = NT
>      max mux = 50
>      max xmit = 16644
>      name resolve order = lmhosts wins host bcast
>      max ttl = 259200
>      max wins ttl = 518400
>      min wins ttl = 21600
>      time server = Yes
>      unix extensions = Yes
>      use spnego = Yes
>      client signing = auto
>      server signing = No
>      client use spnego = Yes
>      client ldap sasl wrapping = plain
>      enable asu support = No
>      svcctl list =
>      deadtime = 0
>      getwd cache = Yes
>      keepalive = 300
>      lpq cache time = 30
>      max smbd processes = 0
>      paranoid server security = Yes
>      max disk size = 0
>      max open files = 16384
>      socket options = TCP_NODELAY
>      use mmap = Yes
>      hostname lookups = No
>      name cache timeout = 660
>      ctdbd socket =
>      cluster addresses =
>      clustering = No
>      ctdb timeout = 0
>      load printers = Yes
>      printcap cache time = 750
>      printcap name =
>      cups server =
>      cups encrypt = No
>      cups connection timeout = 30
>      iprint server =
>      disable spoolss = No
>      addport command =
>      enumports command =
>      addprinter command =
>      deleteprinter command =
>      show add printer wizard = Yes
>      os2 driver map =
>      mangling method = hash2
>      mangle prefix = 1
>      max stat cache size = 256
>      stat cache = Yes
>      machine password timeout = 604800
>      add user script =
>      rename user script =
>      delete user script =
>      add group script =
>      delete group script =
>      add user to group script =
>      delete user from group script =
>      set primary group script =
>      add machine script =
>      shutdown script =
>      abort shutdown script =
>      username map script =
>      logon script =
>      logon path = \\%N\%U\profile
>      logon drive =
>      logon home = \\%N\%U
>      domain logons = No
>      init logon delayed hosts =
>      init logon delay = 100
>      os level = 99
>      lm announce = Auto
>      lm interval = 60
>      preferred master = Yes
>      local master = Yes
>      domain master = Auto
>      browse list = Yes
>      enhanced browsing = Yes
>      dns proxy = Yes
>      wins proxy = No
>      wins server =
>      wins support = Yes
>      wins hook =
>      kernel oplocks = Yes
>      lock spin time = 200
>      oplock break wait time = 0
>      ldap admin dn =
>      ldap delete dn = No
>      ldap group suffix =
>      ldap idmap suffix =
>      ldap machine suffix =
>      ldap passwd sync = no
>      ldap replication sleep = 1000
>      ldap suffix =
>      ldap ssl = start tls
>      ldap ssl ads = No
>      ldap deref = auto
>      ldap follow referral = Auto
>      ldap timeout = 15
>      ldap connection timeout = 2
>      ldap page size = 1024
>      ldap user suffix =
>      ldap debug level = 0
>      ldap debug threshold = 10
>      eventlog list =
>      add share command =
>      change share command =
>      delete share command =
>      preload =
>      lock directory = /var/cache/samba
>      state directory = /var/cache/samba
>      cache directory = /var/cache/samba
>      pid directory = /var/run
>      utmp directory =
>      wtmp directory =
>      utmp = No
>      default service =
>      message command =
>      get quota command =
>      set quota command =
>      remote announce =
>      remote browse sync =
>      socket address = 0.0.0.0
>      nmbd bind explicit broadcast = Yes
>      homedir map = auto.home
>      afs username map =
>      afs token lifetime = 604800
>      log nt token command =
>      time offset = 0
>      NIS homedir = No
>      registry shares = No
>      usershare allow guests = No
>      usershare max shares = 0
>      usershare owner only = Yes
>      usershare path = /var/cache/samba/usershares
>      usershare prefix allow list =
>      usershare prefix deny list =
>      usershare template share =
>      panic action =
>      perfcount module =
>      host msdfs = Yes
>      passdb expand explicit = No
>      idmap backend = tdb
>      idmap alloc backend =
>      idmap cache time = 604800
>      idmap negative cache time = 120
>      idmap uid =
>      idmap gid =
>      template homedir = /home/%D/%U
>      template shell = /bin/false
>      winbind separator = \
>      winbind cache time = 300
>      winbind reconnect delay = 30
>      winbind enum users = No
>      winbind enum groups = No
>      winbind use default domain = No
>      winbind trusted domains only = No
>      winbind nested groups = Yes
>      winbind expand groups = 1
>      winbind nss info = template
>      winbind refresh tickets = No
>      winbind offline logon = No
>      winbind normalize names = No
>      winbind rpc only = No
>      create krb5 conf = Yes
>      comment =
>      path =
>      username =
>      invalid users =
>      valid users =
>      admin users =
>      read list =
>      write list =
>      printer admin =
>      force user =
>      force group =
>      read only = Yes
>      acl check permissions = Yes
>      acl group control = No
>      acl map full control = Yes
>      create mask = 0744
>      force create mode = 00
>      security mask = 0777
>      force security mode = 00
>      directory mask = 0755
>      force directory mode = 00
>      directory security mask = 0777
>      force directory security mode = 00
>      force unknown acl user = No
>      inherit permissions = No
>      inherit acls = No
>      inherit owner = No
>      guest only = No
>      administrative share = No
>      guest ok = No
>      only user = No
>      hosts allow = 192.168.1., 127.
>      hosts deny = 0.0.0.0/0
>      allocation roundup size = 1048576
>      aio read size = 0
>      aio write size = 0
>      aio write behind =
>      ea support = No
>      nt acl support = Yes
>      profile acls = No
>      map acl inherit = No
>      afs share = No
>      smb encrypt = auto
>      block size = 1024
>      change notify = Yes
>      directory name cache size = 100
>      kernel change notify = Yes
>      max connections = 0
>      min print space = 0
>      strict allocate = No
>      strict sync = No
>      sync always = No
>      use sendfile = No
>      write cache size = 0
>      max reported print jobs = 0
>      max print jobs = 1000
>      printable = No
>      printing = cups
>      cups options =
>      print command =
>      lpq command = %p
>      lprm command =
>      lppause command =
>      lpresume command =
>      queuepause command =
>      queueresume command =
>      printer name =
>      use client driver = No
>      default devmode = Yes
>      force printername = No
>      printjob username = %U
>      default case = lower
>      case sensitive = Auto
>      preserve case = Yes
>      short preserve case = Yes
>      mangling char = ~
>      hide dot files = Yes
>      hide special files = No
>      hide unreadable = No
>      hide unwriteable files = No
>      delete veto files = No
>      veto files =
>      hide files =
>      veto oplock files =
>      map archive = Yes
>      map hidden = No
>      map system = No
>      map readonly = yes
>      mangled names = Yes
>      store dos attributes = No
>      dmapi support = No
>      browseable = Yes
>      access based share enum = No
>      blocking locks = Yes
>      csc policy = manual
>      fake oplocks = No
>      locking = Yes
>      oplocks = Yes
>      level2 oplocks = Yes
>      oplock contention limit = 2
>      posix locking = Yes
>      strict locking = Auto
>      share modes = Yes
>      dfree cache time = 0
>      dfree command =
>      copy =
>      preexec =
>      preexec close = No
>      postexec =
>      root preexec =
>      root preexec close = No
>      root postexec =
>      available = Yes
>      volume =
>      fstype = NTFS
>      set directory = No
>      wide links = No
>      follow symlinks = Yes
>      dont descend =
>      magic script =
>      magic output =
>      delete readonly = No
>      dos filemode = No
>      dos filetimes = Yes
>      dos filetime resolution = No
>      fake directory create times = No
>      vfs objects =
>      msdfs root = No
>      msdfs proxy =
>
> [share1]
>      path = /abc/def
>      read only = No
>      create mask = 0777
>      directory mask = 0777
>      guest ok = Yes
>
> ## I changed the name above for purpose of privacy.
> ## All other shares have the same parameters as those stated
> ## above in "share1".


More information about the samba mailing list