[Samba] Unable to open a particular share.

Alain Deléglise alain.deleglise at alterway.fr
Mon Aug 25 03:41:49 MDT 2014 

Hello everybody,

we have a strange behaviour since a BDC was rebooted.

We have an infrastructure were one big Samba server is defined as a PDC, 
and a few others servers are defined as BDC. This infrastructure is 
deployed in a school, so we have the PDC and one BDC for each section of 
the school (college, elementary school ...). Most of the clients 
computers are Windows XP, and the servers are running Ubuntu 12.04.

On each BDC some shares are defined, such as software sharing and groups 
sharing. And on the PDC there's a "public" share. Since the BDC has been 
rebooted, every share opens normally, except the "public" share. It even 
freeze the client computer, and the client computers failed to open a 
session and open a temporary session with error ID 1509 on WinXP (The 
I/O operation has been aborted because of either a thread exit or an 
application request.).

By raising the log level on the PDC, I can see that when I try to open 
the share on a client computer, it tries to list every account and then 
stop :

/[2014/08/25 09:49:23.165623,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: bcde//
//[2014/08/25 09:49:23.167202,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: acap//
//[2014/08/25 09:49:23.168752,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: mlaine//
//[2014/08/25 09:49:23.170496,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: gbanc//
//[2014/08/25 09:49:23.172343,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: pfusillier//
//[2014/08/25 09:50:22.930538,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: adelafont//
//[2014/08/25 09:50:22.937741,  2] 
passdb/pdb_ldap.c:553(init_sam_from_ldap)//
//  init_sam_from_ldap: Entry found for user: adelafont//
//[2014/08/25 09:50:22.938159,  1] 
smbd/service.c:1081(make_connection_snum)//
//  ltprof02 (192.168.66.130) connect to service adelafont initially as 
user adelafont (uid=1505, gid=512) (pid 1684)//
//[2014/08/25 09:50:31.338592,  1] smbd/process.c:457(receive_smb_talloc)//
//  receive_smb_raw_talloc failed for client 192.168.66.130 read error = 
NT_STATUS_CONNECTION_RESET./

This share is on an ext4 partition with usrquota and acl options 
activated. The PDC use samba 3.6.3. All the client computers have been 
joined to the domain.

No changes were made to the main PDC server.

Some errors spotted in the logs :

/[2014/08/25 09:50:31.373232,  2] smbd/open.c:2690(open_directory)//
//  open_directory: unable to create .. Error was 
NT_STATUS_OBJECT_NAME_COLLISION/ --> very strange, the directory ".." ??

/[2014/08/25 10:24:04.328752,  3] smbd/process.c:1467(switch_message)//
//  switch message SMBntcreateX (pid 5046) conn 0x7f685d165cf0//
//[2014/08/25 10:24:04.328925,  3] lib/module.c:48(do_smb_load_module)//
//  Error loading module '/usr/lib/samba/rpc/browser.so': 
/usr/lib/samba/rpc/browser.so: cannot open shared object file: No such 
file or directory/ --> googled that, didn't find any relevant thing ..
/
//[2014/08/25 10:24:04.333897,  3] lib/sysquotas.c:432(sys_get_quota)//
//  sys_get_vfs_quota() failed for mntpath[/home] bdev[/dev/sda4] 
qtype[4] id[512]: Operation not permitted/ --> repquota /home seems to 
work fine thought


Here is the output of testparm -s :
/
//[global]//
//    unix charset = utf8//
//    workgroup = LAPRO//
//    netbios name = SERVEUR//
//    netbios aliases = PIERRE//
//    server string = L!nux//
//    interfaces = 127.0.0.1/8, 192.168.1.0/255.255.255.0//
//    bind interfaces only = Yes//
//    map to guest = Bad User//
//    passdb backend = ldapsam:ldap://127.0.0.1///
//    passwd program = /usr/sbin/smbldap-passwd %u//
//    passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* 
%n\n *passwd:*all*authentication*tokens*updated*successfully*//
//    unix password sync = Yes//
//    syslog = 0//
//    log file = /var/log/samba/log.%U//
//    max log size = 512//
//    min receivefile size = 16384//
//    time server = Yes//
//    unix extensions = No//
//    client use spnego = No//
//    socket options = TCP_NODELAY IPTOS_THROUGHPUT SO_RCVBUF=16384 
SO_SNDBUF=16384//
//    load printers = No//
//    printcap name = /dev/null//
//    disable spoolss = Yes//
//    add user script = /usr/sbin/smbldap-useradd -m '%u' -t 2//
//    rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold'//
//    delete user script = /usr/sbin/smbldap-userdel '%u'//
//    add group script = /usr/sbin/smbldap-groupadd -p '%g'//
//    delete group script = /usr/sbin/smbldap-groupdel '%g'//
//    add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'//
//    delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' 
'%g'//
//    set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'//
//    add machine script = /usr/sbin/smbldap-useradd -w '%u' -t 2//
//    domain logons = Yes//
//    init logon delay = 1000//
//    os level = 32//
//    preferred master = Yes//
//    domain master = Yes//
//    wins support = Yes//
//    ldap admin dn = cn=Manager,dc=lapro,dc=local//
//    ldap group suffix = ou=Groups//
//    ldap idmap suffix = ou=Idmap//
//    ldap machine suffix = ou=Computers//
//    ldap suffix = dc=lapro,dc=local//
//    ldap ssl = no//
//    ldap user suffix = ou=Users//
//    remote announce = 192.168.255.255/LAPRO//
//    socket address = 192.168.1.1 127.0.0.1//
//    panic action = /usr/share/samba/panic-action %d//
//    idmap config * : backend = tdb//
//    inherit acls = Yes//
//    hosts allow = 192.168., 127.//
//    aio read size = 16384//
//    aio write size = 16384//
//    map acl inherit = Yes//
//    write cache size = 16384//
//    printing = bsd//
//    print command = lpr -r -P'%p' %s//
//    lpq command = lpq -P'%p'//
//    lprm command = lprm -P'%p' %j//
//    case sensitive = No//
//    hide unreadable = Yes//
//    browseable = No//
//    delete readonly = Yes//
//    dos filetime resolution = Yes//
//    fake directory create times = Yes//
//
//[homes]//
//    comment = Mes Documents//
//    valid users = %S//
//    read only = No//
//    create mask = 0700//
//    directory mask = 0700//
//    veto files = /.recycle/.profiles/.groupes///
//    browseable = Yes//
//    root preexec = /etc/samba/scripts/smb_check_homes %H %U %G//
//    vfs objects = recycle:keeptree//
//    recycle: maxsize = 0//
//    recycle: exclude = *.tmp *.temp *.cache .recycle*//
//    recycle: noversion = *.doc|*.xls|*.ppt//
//    recycle: keeptree = True//
//    recycle: touch = True//
//    recycle: version = True//
//    recycle: repository = .recycle/%U//
//
//[poubelle]//
//    comment = Poubelle//
//    path = %H/.recycle//
//    read only = No//
//    create mask = 0664//
//    browseable = Yes//
//    root preexec = /etc/samba/scripts/smb_check_recycle %H %U %G//
//    wide links = Yes//
//    vfs objects = audit//
//
//[profiles]//
//    comment = Profiles//
//    path = %H/.profiles/%a//
//    read only = No//
//    create mask = 04600//
//    directory mask = 04700//
//    profile acls = Yes//
//    veto files = /.recycle*/.profiles*/.groupes*///
//    veto oplock files = /prf*.tmp///
//    root preexec = /etc/samba/scripts/smb_check_profiles %H %U %G %a//
//
//[profiles.V2]//
//    comment = Profiles//
//    path = %H/.profiles/%a//
//    read only = No//
//    create mask = 04600//
//    directory mask = 04700//
//    profile acls = Yes//
//    veto files = /.recycle*/.profiles*/.groupes*///
//    veto oplock files = /prf*.tmp///
//    copy = profiles//
//    root preexec = /etc/samba/scripts/smb_check_profiles %H %U %G %a//
//
//[groupes]//
//    comment = Groupes//
//    path = /home/public/groupes//
//    read only = No//
//    create mask = 02770//
//    directory mask = 0770//
//    veto files = /.recycle///
//    browseable = Yes//
//    vfs objects = recycle:keeptree//
//    recycle: maxsize = 0//
//    recycle: exclude = *.tmp *.temp *.cache .recycle*//
//    recycle: noversion = *.doc|*.xls|*.ppt//
//    recycle: keeptree = True//
//    recycle: touch = True//
//    recycle: version = True//
//    recycle: repository = .recycle/%U//
//
//[public]//
//    comment = Public//
//    path = /home/public/public//
//    read only = No//
//    create mask = 0775//
//    directory mask = 0775//
//    veto files = /.recycle///
//    browseable = Yes//
//    vfs objects = recycle:keeptree//
//    recycle: maxsize = 0//
//    recycle: exclude = *.tmp *.temp *.cache .recycle*//
//    recycle: noversion = *.doc|*.xls|*.ppt//
//    recycle: keeptree = True//
//    recycle: touch = True//
//    recycle: version = True//
//    recycle: repository = .recycle/%U/

Thanks and have a good day !
-- 


DELEGLISE Alain

More information about the samba mailing list