[Samba] AD DC eventually not browsable without restart

Kristofer Pettijohn kristofer at cybernetik.net
Tue Aug 20 09:40:42 MDT 2013

You may want to see if it is this bug, which is fixed in 4.0.9: https://bugzilla.samba.org/show_bug.cgi?id=9820 

----- Original Message -----

From: "Kevin Field" <kev at brantaero.com> 
To: samba at lists.samba.org 
Sent: Tuesday, August 20, 2013 9:38:32 AM 
Subject: [Samba] AD DC eventually not browsable without restart 

I have a SerNet Samba 4.0.8 AD DC running on CentOS 6.4 (newdc) 
replicating from a W2K3 DC (olddc). When I first launch Samba using 
`sudo samba`, I can go to the Windows server and browse to \\newdc in 
Explorer, and I see mytestshare, netlogon, printers, sysvol, and 
"Printers and Faxes". 

After a while (I'm not sure how long precisely, but under 24 hours) I 
could not navigate to \\newdc without the following error: 

\\newdc is not accessible. You might not have permission to use this 
network resource. Contact the administrator of this server to find out 
if you have access permissions. 

The Server service is not started. 

But in the interim, I had not been doing anything in the system, so I'm 
not sure what might have caused it. One time it even happened on a 
weekend when no backup or anything particularly special is scheduled 
while I was away. 

Anyway, running `sudo killall samba` and then `sudo samba` makes it 
suddenly browsable again. 

This is happening every day. I guess it would be best to figure this 
problem out before we make Samba the only DC. 

Here's my smb.conf, mostly set up by samba-tool, and now a work in 
progress to add the extras we will use: 

# Global parameters 
workgroup = MYDOMAIN 
realm = mydomain.lan 
netbios name = NEWDC 
server role = active directory domain controller 
server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbind, ntp_signd, kcc, dnsupdate, smb, dns 
allow dns updates = true 
dns forwarder = 
# dns recursive queries = yes 
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, 
netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, 
eventlog6, backupkey, dnsserver, winreg, srvsvc 
# dcerpc endpoint servers = winreg srvsvc 
load printers = yes 
printing = cups 

path = /var/lib/samba/sysvol/mydomain.lan/scripts 
read only = No 

path = /var/lib/samba/sysvol 
read only = No 

comment = All Printers 
path = /var/spool/samba 
browseable = Yes 
read only = No 
printable = Yes 

comment = Point and Print Printer Drivers 
path = /var/lib/samba/printing 
read only = No 

path = /srv/mytestshare/ 
read only = No 

Any ideas? 

To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 

More information about the samba mailing list