[Samba] AD DC eventually not browsable without restart
Kevin Field
kev at brantaero.com
Fri Sep 6 11:57:18 MDT 2013
(Just for the record, I haven't restarted samba in a couple weeks now.)
That's very interesting: via the IP, it is browsable.
As for the outputs:
$ sudo netstat -anp | grep "samba\|smb"
tcp 0 0 0.0.0.0:139 0.0.0.0:*
LISTEN 5714/samba
tcp 0 0 0.0.0.0:464 0.0.0.0:*
LISTEN 19028/samba
tcp 0 0 0.0.0.0:53 0.0.0.0:*
LISTEN 19035/samba
tcp 0 0 0.0.0.0:88 0.0.0.0:*
LISTEN 19028/samba
tcp 0 0 0.0.0.0:636 0.0.0.0:*
LISTEN 19026/samba
tcp 0 0 0.0.0.0:445 0.0.0.0:*
LISTEN 19034/samba
tcp 0 0 0.0.0.0:1024 0.0.0.0:*
LISTEN 19023/samba
tcp 0 0 0.0.0.0:3268 0.0.0.0:*
LISTEN 19026/samba
tcp 0 0 0.0.0.0:3269 0.0.0.0:*
LISTEN 19026/samba
tcp 0 0 0.0.0.0:389 0.0.0.0:*
LISTEN 19026/samba
tcp 0 0 0.0.0.0:135 0.0.0.0:*
LISTEN 19023/samba
tcp 0 0 10.0.1.2:445 10.0.1.1:1777
ESTABLISHED 19044/samba
tcp 0 0 10.0.1.2:1024 10.0.1.1:3024
ESTABLISHED 19023/samba
tcp 0 0 10.0.1.2:445 10.0.1.1:2130
ESTABLISHED 5714/samba
tcp 0 0 10.0.1.2:58561 10.0.1.1:1025
ESTABLISHED 19029/samba
udp 0 0 10.0.1.2:389 0.0.0.0:*
19027/samba
udp 0 0 0.0.0.0:389 0.0.0.0:*
19027/samba
udp 0 0 10.0.1.2:137 0.0.0.0:*
19024/samba
udp 0 0 10.255.255.255:137 0.0.0.0:*
19024/samba
udp 0 0 0.0.0.0:137 0.0.0.0:*
19024/samba
udp 0 0 10.0.1.2:138 0.0.0.0:*
19024/samba
udp 0 0 10.255.255.255:138 0.0.0.0:*
19024/samba
udp 0 0 0.0.0.0:138 0.0.0.0:*
19024/samba
udp 0 0 0.0.0.0:53 0.0.0.0:*
19035/samba
udp 0 0 10.0.1.2:464 0.0.0.0:*
19028/samba
udp 0 0 0.0.0.0:464 0.0.0.0:*
19028/samba
udp 0 0 10.0.1.2:88 0.0.0.0:*
19028/samba
udp 0 0 0.0.0.0:88 0.0.0.0:*
19028/samba
unix 2 [ ] DGRAM 1900834 5714/samba
/var/lib/samba/private/smbd.tmp/msg/msg.5714
unix 2 [ ACC ] STREAM LISTENING 413329 19023/samba
/var/run/samba/ncalrpc/np/dnsserver
unix 2 [ ACC ] STREAM LISTENING 413331 19023/samba
/var/run/samba/ncalrpc/np/ntsvcs
unix 2 [ ACC ] STREAM LISTENING 413334 19023/samba
/var/run/samba/ncalrpc/np/browser
unix 2 [ ACC ] STREAM LISTENING 413336 19023/samba
/var/run/samba/ncalrpc/np/unixinfo
unix 2 [ ACC ] STREAM LISTENING 413339 19023/samba
/var/run/samba/ncalrpc/np/protected_storage
unix 2 [ ACC ] STREAM LISTENING 413344 19023/samba
/var/run/samba/ncalrpc/np/spoolss
unix 2 [ ] DGRAM 413345 19025/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19025
unix 2 [ ACC ] STREAM LISTENING 413347 19023/samba
/var/run/samba/ncalrpc/np/lsass
unix 2 [ ACC ] STREAM LISTENING 413350 19023/samba
/var/run/samba/ncalrpc/np/lsarpc
unix 2 [ ACC ] STREAM LISTENING 413352 19023/samba
/var/run/samba/ncalrpc/np/netlogon
unix 2 [ ACC ] STREAM LISTENING 413354 19023/samba
/var/run/samba/ncalrpc/np/samr
unix 2 [ ACC ] STREAM LISTENING 413356 19023/samba
/var/run/samba/ncalrpc/np/rpcecho
unix 2 [ ACC ] STREAM LISTENING 413358 19023/samba
/var/run/samba/ncalrpc/DEFAULT
unix 2 [ ACC ] STREAM LISTENING 413363 19023/samba
/var/run/samba/ncalrpc/np/wkssvc
unix 2 [ ACC ] STREAM LISTENING 413404 19031/samba
/var/lib/samba/ntp_signd/socket
unix 2 [ ACC ] STREAM LISTENING 413365 19023/samba
/var/run/samba/ncalrpc/EPMAPPER
unix 2 [ ] DGRAM 413367 19026/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19026
unix 2 [ ACC ] STREAM LISTENING 413372 19023/samba
/var/run/samba/ncalrpc/np/epmapper
unix 2 [ ] DGRAM 413374 19027/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19027
unix 2 [ ] DGRAM 413382 19028/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19028
unix 2 [ ] DGRAM 413385 19029/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19029
unix 2 [ ] DGRAM 413387 19030/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19030
unix 2 [ ] DGRAM 413402 19031/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19031
unix 2 [ ACC ] STREAM LISTENING 413406 19030/samba
/var/run/samba/winbindd/pipe
unix 2 [ ACC ] STREAM LISTENING 413410 19030/samba
/var/lib/samba/winbindd_privileged/pipe
unix 2 [ ] DGRAM 413407 19032/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19032
unix 2 [ ] DGRAM 413315 5714/samba
/var/lib/samba/private/smbd.tmp/msg/msg.0
unix 2 [ ] DGRAM 413412 19033/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19033
unix 2 [ ] DGRAM 413414 19034/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19034
unix 2 [ ] DGRAM 413421 19035/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19035
unix 2 [ ] DGRAM 2454592 19023/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19023.43
unix 2 [ ACC ] STREAM LISTENING 413452 19026/samba
/var/lib/samba/private/ldapi
unix 2 [ ACC ] STREAM LISTENING 413324 19023/samba
/var/run/samba/ncalrpc/np/srvsvc
unix 2 [ ] DGRAM 413319 19023/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19023
unix 2 [ ] DGRAM 413321 19024/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19024
unix 2 [ ACC ] STREAM LISTENING 413454 19026/samba
/var/lib/samba/private/ldap_priv/ldapi
unix 2 [ ] DGRAM 413574 19044/samba
/var/lib/samba/private/smbd.tmp/msg/msg.19044
unix 2 [ ACC ] STREAM LISTENING 413326 19023/samba
/var/run/samba/ncalrpc/np/winreg
unix 2 [ ] DGRAM 413309 5714/samba
$ sudo tail -n 50 /var/log/samba/log.samba
Exiting pid 18864 on SIGTERM
[2013/08/24 15:35:45.472267, 0] ../source4/smbd/server.c:121(sig_term)
[2013/08/24 15:35:45.472118, 0] ../source4/smbd/server.c:121(sig_term)
[2013/08/24 15:35:45.472279, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18861 on SIGTERM
[2013/08/24 15:35:45.472188, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18865 on SIGTERM
[2013/08/24 15:35:45.472765, 0] ../source4/smbd/server.c:121(sig_term)
[2013/08/24 15:35:45.472761, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18870 on SIGTERM
Exiting pid 18871 on SIGTERM
[2013/08/24 15:35:45.472656, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18868 on SIGTERM
[2013/08/24 15:35:45.472518, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18869 on SIGTERM
[2013/08/24 15:35:45.472268, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18876 on SIGTERM
[2013/08/24 15:35:45.472625, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18874 on SIGTERM
Exiting pid 18875 on SIGTERM
[2013/08/24 15:35:45.472525, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18877 on SIGTERM
[2013/08/24 15:35:45.472138, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18866 on SIGTERM
[2013/08/24 15:35:45.472808, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18873 on SIGTERM
[2013/08/24 15:35:45.472528, 0] ../source4/smbd/server.c:121(sig_term)
Exiting pid 18872 on SIGTERM
Exiting pid 18867 on SIGTERM
[2013/08/24 15:35:47.005135, 0]
../source4/smbd/server.c:370(binary_smbd_main)
samba version 4.0.9-SerNet-RedHat-4.el6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
[2013/08/24 15:35:47.304064, 0]
../source4/smbd/server.c:482(binary_smbd_main)
samba: using 'standard' process model
[2013/09/05 15:40:25.959585, 0]
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
[2013/09/05 15:40:26.167233, 0]
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
[2013/09/05 15:40:26.214237, 0]
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
[2013/09/05 15:40:26.243104, 0]
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
[2013/09/05 15:40:26.934168, 0]
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
[2013/09/05 15:40:26.968185, 0]
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
[2013/09/06 13:53:21.498801, 0]
../source4/smb_server/smb/service.c:127(make_connection)
make_connection: couldn't find service *.:
NT_STATUS_OBJECT_NAME_NOT_FOUND
[2013/09/06 13:53:23.152701, 0]
../source4/smb_server/smb/service.c:127(make_connection)
make_connection: couldn't find service DESKTOP.INI:
NT_STATUS_OBJECT_NAME_NOT_FOUND
The forestFunctionality errors are from the Windows AD replication
status tool.
Thanks,
Kev
On 2013-09-06 1:46 PM, Ricky Nance wrote:
> Next time its unresponsive, try hitting it with \\ip.to.new.dc and see
> if its browsable, also get the output of netstat -anp | grep
> "samba\|smbd" as well as tail -n 50 /usr/local/samba/var/log.samba and
> tail -n 50 usr/local/samba/var/log.smbd (adjust the path as needed),
> also I am interested if top has anything to say about samba or smbd (as
> for processor and memory usage).
>
> Ricky
>
>
> On Fri, Sep 6, 2013 at 12:12 PM, Kevin Field <kev at brantaero.com
> <mailto:kev at brantaero.com>> wrote:
>
> Yep, that's exactly it. Thanks!
>
> Kev
>
>
> On 2013-09-06 10:16 AM, Ricky Nance wrote:
>
> Have you disabled syslinux? That is what that change looks like
> to me.
>
> Ricky
>
>
> On Thu, Sep 5, 2013 at 3:26 PM, Kevin Field <kev at brantaero.com
> <mailto:kev at brantaero.com>
> <mailto:kev at brantaero.com <mailto:kev at brantaero.com>>> wrote:
>
> I just noticed something interesting, since I have /etc under
> version control: /etc/mtab changed thusly:
>
> -tmpfs /dev/shm tmpfs
> rw,rootcontext="system_u:____object_r:tmpfs_t:s0" 0 0
>
> +tmpfs /dev/shm tmpfs rw 0 0
>
> Does this mean anything to our troubleshooting?
>
> Thanks,
> Kev
>
>
> On 2013-09-04 2:02 PM, Kevin Field wrote:
>
> Yeah, it's still
>
> tmpfs 5.9G 0 5.9G 0% /dev/shm
>
> The really odd thing is, currently, it's telling me
> this if I try to
> access it from OLDDC, running Windows Server 2003. But
> if I
> remote into
> another computer (GEYSER) on the network that's running
> Windows
> XP, I
> can access \\NEWDC just fine. Back to OLDDC and it still
> doesn't work.
>
> Besides the OS I noticed another difference, running "echo
> %logonserver%" from GEYSER, it reports \\G5, whereas
> running that on
> OLDDC reports \\OLDDC. I know this is normal
> behaviour, but I
> wonder if
> it has anything to do with it. I also wonder if, if I
> leave GEYSER
> logged in long enough, I'll have the same result on it
> as I do
> on OLDDC.
>
> So nobody else is having this browsability problem, eh?
>
> Kev
>
> On 2013-08-24 1:41 PM, Kevin Field wrote:
>
> Hmm...it hasn't been long enough since a restart yet,
> because it's not
> doing it ATM, but nonetheless if it's a question of
> an extra
> 45 mb I
> think we have it covered:
>
> tmpfs 5.9G 0 5.9G 0% /dev/shm
>
> But I'll check anyway next opportunity and report
> back if it's a
> positive.
>
> Kev
>
> On 2013-08-24 11:51 AM, Ricky Nance wrote:
>
> I wonder if your hitting the /run/lock fill up that
> another user
> reported on a week or two ago (they are using
> ubuntu). I
> think the
> solution was to make that tmpfs partition
> bigger (like
> 50 mb instead of
> 5 mb). next time it is unresponsive check and
> see what
> the output of 'df
> -h' is.
>
> Ricky
>
>
> On Sat, Aug 24, 2013 at 10:02 AM, Kevin Field
> <kev at brantaero.com <mailto:kev at brantaero.com>
> <mailto:kev at brantaero.com <mailto:kev at brantaero.com>>
> <mailto:kev at brantaero.com
> <mailto:kev at brantaero.com> <mailto:kev at brantaero.com
> <mailto:kev at brantaero.com>>>>
>
> wrote:
>
> I've upgraded to 4.0.9 and this behaviour
> persists.
>
> Should I file a bug report, do you think? �Is
> nobody else
> experiencing this?
>
> Thanks,
>
> Kev
>
> On 2013-08-20 11:40 AM, Kristofer
> Pettijohn wrote:
>
> You may want to see if it is this bug,
> which is
> fixed in 4.0.9:
> https://bugzilla.samba.org/______show_bug.cgi?id=9820
> <https://bugzilla.samba.org/____show_bug.cgi?id=9820>
>
> <https://bugzilla.samba.org/____show_bug.cgi?id=9820
> <https://bugzilla.samba.org/__show_bug.cgi?id=9820>>
>
>
> <https://bugzilla.samba.org/____show_bug.cgi?id=9820
> <https://bugzilla.samba.org/__show_bug.cgi?id=9820>
>
> <https://bugzilla.samba.org/__show_bug.cgi?id=9820
> <https://bugzilla.samba.org/show_bug.cgi?id=9820>>>
>
>
>
>
>
> ------------------------------______--------------------------__--__--__------------
>
>
>
>
> *From: *"Kevin Field"
> <kev at brantaero.com <mailto:kev at brantaero.com>
> <mailto:kev at brantaero.com
> <mailto:kev at brantaero.com>>
> <mailto:kev at brantaero.com
> <mailto:kev at brantaero.com> <mailto:kev at brantaero.com
> <mailto:kev at brantaero.com>>>>
> *To: *samba at lists.samba.org
> <mailto:samba at lists.samba.org>
> <mailto:samba at lists.samba.org
> <mailto:samba at lists.samba.org>>
> <mailto:samba at lists.samba.org
> <mailto:samba at lists.samba.org>
>
> <mailto:samba at lists.samba.org
> <mailto:samba at lists.samba.org>>__>
> *Sent: *Tuesday, August 20, 2013
> 9:38:32 AM
> *Subject: *[Samba] AD DC eventually not
> browsable without
> restart
>
>
> I have a SerNet Samba 4.0.8 AD DC
> running on
> CentOS 6.4 (newdc)
> replicating from a W2K3 DC (olddc).
> �When I
> first launch Samba
> using
> `sudo samba`, I can go to the Windows
> server
> and browse to
> \\newdc in
> Explorer, and I see mytestshare, netlogon,
> printers, sysvol, and
> "Printers and Faxes".
>
> After a while (I'm not sure how long
> precisely,
> but under 24
> hours) I
> could not navigate to \\newdc without the
> following error:
>
> ---------------------------
> \\newdc
> ---------------------------
> \\newdc is not accessible. You might
> not have
> permission to
> use this
> network resource. Contact the
> administrator of
> this server to
> find out
> if you have access permissions.
>
> The Server service is not started.
> ---------------------------
> OK
> ---------------------------
>
> But in the interim, I had not been doing
> anything in the system,
> so I'm
> not sure what might have caused it.
> �One time
> it even happened
> on a
> weekend when no backup or anything
> particularly
> special is
> scheduled
> while I was away.
>
> Anyway, running `sudo killall samba`
> and then
> `sudo samba`
> makes it
> suddenly browsable again.
>
> This is happening every day. �I guess
> it would
> be best to figure
> this
> problem out before we make Samba the
> only DC.
>
> Here's my smb.conf, mostly set up by
> samba-tool, and now a
> work in
> progress to add the extras we will use:
>
> # Global parameters
> [global]
> � � � � � workgroup = MYDOMAIN
> � � � � � realm = mydomain.lan
> � � � � � netbios name = NEWDC
> � � � � � server role = active
> directory domain
> controller
> � � � � � server services = rpc, nbt,
> wrepl,
> ldap, cldap, kdc,
> drepl,
> winbind, ntp_signd, kcc, dnsupdate,
> smb, dns
> � � � � � allow dns updates = true
> � � � � � dns forwarder = 192.168.1.1
> # � � � �dns recursive queries = yes
> � � � � � dcerpc endpoint servers =
> epmapper,
> wkssvc, rpcecho,
> samr,
> netlogon, lsarpc, spoolss, drsuapi,
> dssetup,
> unixinfo, browser,
> eventlog6, backupkey, dnsserver,
> winreg, srvsvc
> # � � � dcerpc endpoint servers =
> winreg srvsvc
> � � � � � load printers = yes
> � � � � � printing = cups
>
> [netlogon]
> � � � � � path =
> /var/lib/samba/sysvol/______mydomain.lan/scripts
>
> � � � � � read only = No
>
> [sysvol]
> � � � � � path = /var/lib/samba/sysvol
> � � � � � read only = No
>
> [printers]
> � � � �comment = All Printers
> � � � �path = /var/spool/samba
> � � � �browseable = Yes
> � � � �read only = No
> � � � �printable = Yes
>
> [print$]
> � � � �comment = Point and Print
> Printer Drivers
> � � � �path = /var/lib/samba/printing
> � � � �read only = No
>
> [mytestshare]
> � � � � � path = /srv/mytestshare/
> � � � � � read only = No
>
>
> Any ideas?
>
> Thanks,
> Kev
> --
> To unsubscribe from this list go to the
> following URL and read
> the
> instructions:
>
> �https://lists.samba.org/______mailman/options/samba
> <https://lists.samba.org/____mailman/options/samba>
>
> <https://lists.samba.org/____mailman/options/samba
> <https://lists.samba.org/__mailman/options/samba>>
>
>
>
> <https://lists.samba.org/____mailman/options/samba
> <https://lists.samba.org/__mailman/options/samba>
>
> <https://lists.samba.org/__mailman/options/samba
> <https://lists.samba.org/mailman/options/samba>>>
>
> --
> To unsubscribe from this list go to the
> following
> URL and read the
> instructions:
>
> �https://lists.samba.org/______mailman/options/samba
> <https://lists.samba.org/____mailman/options/samba>
>
> <https://lists.samba.org/____mailman/options/samba
> <https://lists.samba.org/__mailman/options/samba>>
>
> <https://lists.samba.org/____mailman/options/samba
> <https://lists.samba.org/__mailman/options/samba>
>
> <https://lists.samba.org/__mailman/options/samba
> <https://lists.samba.org/mailman/options/samba>>>
>
>
>
>
More information about the samba
mailing list