[Samba] Samba4 on Ubuntu server
Rowland Penny
rowlandpenny at googlemail.com
Thu Dec 18 09:39:24 MST 2014
On 18/12/14 16:19, Germ van Eck wrote:
> Not sure about the high CPU load, but you have the [netlogon] share
> twice in your smb.conf. Your first matches mine, have you added the
> second yourself?
> The second one looks weird with 2 path definitions.
> Cj Tibbetts schreef op do 18-12-2014 om 08:59 [-0700]:
>> New to linux and new to Samba so any direction in troubleshooting would be
>> helpful. Here is what I have so far.
>>
>> Within a half an hour of a reboot of the server my cpu reaches high numbers
>> and becomes slow to respond on all actions. With my limited understanding I
>> have used vmstat to observe the system. I noticed is that the numbers of
>> forks grows from 1-2k to 43k within 30 minutes after reboot. I saw a dns
>> error in a log file at one point but now I don’t remember where. I am
>> running samba 4.1.9 compiled with internal dns. I have 2 other DC’s that
>> are not properly replicating and a third that is completely silent even
>> when the FSMO is crashing. Here are some logs and smb.conf to get started.
>>
>> [2014/12/16 07:47:59.925907, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'cdn.beanstock.com', forwarding
>>
>> [2014/12/16 07:47:59.929961, 2]
>> ../source4/dns_server/dns_update.c:764(dns_server_process_update)
>>
>> Got a dns update request.
>>
>> [2014/12/16 07:47:59.931044, 2]
>> ../source4/dns_server/dns_update.c:721(dns_update_allowed)
>>
>> Update not allowed for unsigned packet.
>>
>> [2014/12/16 07:48:00.197341, 1]
>> ../source4/dns_server/dns_query.c:526(handle_tkey)
>>
>> Tkey handshake completed
>>
>> [2014/12/16 07:48:00.198457, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'helix.beanstock.co', forwarding
>>
>> [2014/12/16 07:48:00.199562, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'loadm.exelator.com', forwarding
>>
>> [2014/12/16 07:48:00.199884, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'mpp.vindicosuite.com', forwarding
>>
>> [2014/12/16 07:48:02.128537, 3]
>> ../lib/ldb-samba/ldb_wrap.c:320(ldb_wrap_connect)
>>
>> ldb_wrap open of secrets.ldb
>>
>> [2014/12/16 07:48:02.284734, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'p.raasnet.com', forwarding
>>
>> [2014/12/16 07:48:02.285459, 3]
>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>
>> Terminating connection - 'dns_tcp_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED'
>>
>> [2014/12/16 07:48:02.285767, 3]
>> ../source4/smbd/process_single.c:114(single_terminate)
>>
>> single_terminate: reason[dns_tcp_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED]
>>
>> [2014/12/16 07:48:02.286168, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'adadvisor.net', forwarding
>>
>> [2014/12/16 07:48:02.286615, 2]
>> ../source4/dns_server/dns_query.c:629(dns_server_process_query_send)
>>
>> Not authoritative for 'sync.teads.tv', forwarding
>>
>> [2014/12/16 07:48:03.535189, 0]
>> ../source4/librpc/rpc/dcerpc_sock.c:262(continue_socket_connect)
>>
>> Failed to connect host 10.2.10.10 on port 135 -
>> NT_STATUS_CONNECTION_REFUSED
>>
>> [2014/12/16 07:48:03.599416, 0]
>> ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket)
>>
>> Failed to connect host 10.2.10.10 (75566c2f-274e-485c-809a-b63fd5a29b11._
>> msdcs.ad.ha.net) on port 135 - NT_STATUS_CONNECTION_REFUSED.
>>
>> [2014/12/16 07:48:03.862288, 2]
>> ../source4/dns_server/dns_update.c:764(dns_server_process_update)
>>
>> Got a dns update request.
>>
>> [2014/12/16 07:48:03.863345, 2]
>> ../source4/dns_server/dns_update.c:721(dns_update_allowed)
>>
>> Update not allowed for unsigned packet.
>>
>> [2014/12/16 07:48:04.324020, 1]
>> ../source4/dns_server/dns_query.c:526(handle_tkey)
>>
>> Tkey handshake completed
>>
>> [2014/12/16 07:48:04.770196, 0]
>> ../source4/librpc/rpc/dcerpc_sock.c:262(continue_socket_connect)
>>
>> Failed to connect host 10.2.10.10 on port 135 -
>> NT_STATUS_CONNECTION_REFUSED
>>
>> [2014/12/16 07:48:04.770671, 0]
>> ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket)
>>
>> Failed to connect host 10.2.10.10 (75566c2f-274e-485c-809a-b63fd5a29b11._
>> msdcs.ad.ha.net) on port 135 - NT_STATUS_CONNECTION_REFUSED.
>>
>> [2014/12/16 07:48:05.781269, 2]
>> ../source4/dns_server/dns_update.c:764(dns_server_process_update)
>>
>> Got a dns update request.
>>
>> [2014/12/16 07:48:08.091355, 3]
>> ../libcli/auth/schannel_state_tdb.c:181(schannel_fetch_session_key_tdb)
>>
>> schannel_fetch_session_key_tdb: restored schannel info key
>> SECRETS/SCHANNEL/HASERVER1
>>
>> [2014/12/16 07:48:08.091672, 3]
>> ../source4/auth/ntlm/auth.c:270(auth_check_password_send)
>>
>> auth_check_password_send: Checking password for unmapped user
>> [A0218]\[Teacher]@[A0218]
>>
>> auth_check_password_send: mapped user is: [AD]\[Teacher]@[A0218]
>>
>> [2014/12/16 07:48:08.094254, 3]
>> ../source4/auth/ntlm/auth_sam.c:61(authsam_search_account)
>>
>> sam_search_user: Couldn't find user [Teacher] in samdb, under
>> DC=ad,DC=ha,DC=net
>>
>> [2014/12/16 07:48:08.094435, 2]
>> ../source4/auth/ntlm/auth.c:420(auth_check_password_recv)
>>
>> auth_check_password_recv: sam_ignoredomain authentication for user
>> [AD\Teacher] FAILED with error NT_STATUS_NO_SUCH_USER
>>
>> [2014/12/16 07:48:08.095864, 3]
>> ../source4/rpc_server/dcerpc_server.c:963(dcesrv_request)
>>
>> [2014/12/16 07:48:08.376870, 2]
>> ../source4/dns_server/dns_update.c:398(handle_one_update)
>>
>> Looking at record:
>>
>> [2014/12/16 07:48:08.377765, 2]
>> ../source4/dns_server/dns_update.c:399(handle_one_update)
>>
>> [2014/12/16 07:48:08.377821, 1] ../librpc/ndr/ndr.c:296(ndr_print_debug)
>>
>> discard_const(update): struct dns_res_rec
>>
>> name : 'A3003.ad.ha.net'
>>
>> rr_type : DNS_QTYPE_A (0x1)
>>
>> rr_class : DNS_QCLASS_ANY (0xFF)
>>
>> ttl : 0x00000000 (0)
>>
>> length : 0x0000 (0)
>>
>> rdata : union dns_rdata(case 0x1)
>>
>> ipv4_record : (null)
>>
>> unexpected : DATA_BLOB length=0
>>
>> [2014/12/16 07:48:08.384693, 0]
>> ../source4/librpc/rpc/dcerpc_sock.c:262(continue_socket_connect)
>>
>> Failed to connect host 10.2.10.10 on port 135 -
>> NT_STATUS_CONNECTION_REFUSED
>>
>> [2014/12/16 07:48:08.385357, 0]
>> ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket)
>>
>> Failed to connect host 10.2.10.10 (75566c2f-274e-485c-809a-b63fd5a29b11._
>> msdcs.ad.ha.net) on port 135 - NT_STATUS_CONNECTION_REFUSED.
>>
>> [2014/12/16 07:48:08.704073, 3]
>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>
>> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED'
>>
>> [2014/12/16 07:48:08.704509, 3]
>> ../source4/smbd/process_single.c:114(single_terminate)
>>
>> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED]
>>
>> [2014/12/16 07:48:09.211098, 3]
>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>
>> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED'
>>
>> [2014/12/16 07:48:09.211753, 3]
>> ../source4/smbd/process_single.c:114(single_terminate)
>>
>> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED]
>>
>> [2014/12/16 07:48:09.654492, 3]
>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>
>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>>
>> [2014/12/16 07:48:09.655160, 3]
>> ../source4/smbd/process_single.c:114(single_terminate)
>>
>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>>
>> [2014/12/16 07:48:09.655573, 3]
>> ../source4/smbd/service_stream.c:66(stream_terminate_connection)
>>
>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>>
>> [2014/12/16 07:48:09.655906, 3]
>> ../source4/smbd/process_single.c:114(single_terminate)
>>
>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>>
>> [2014/12/16 07:48:10.979974, 0]
>> ../source4/dsdb/dns/dns_update.c:294(dnsupdate_nameupdate_done)
>>
>> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
>> NT_STATUS_IO_TIMEOUT
>>
>> [2014/12/16 07:48:12.915321, 2]
>> ../source4/dns_server/dns_update.c:398(handle_one_update)
>>
>> Looking at record:
>>
>> [2014/12/16 07:48:12.915515, 2]
>> ../source4/dns_server/dns_update.c:399(handle_one_update)
>>
>> [2014/12/16 07:48:12.915557, 1] ../librpc/ndr/ndr.c:296(ndr_print_debug)
>>
>> discard_const(update): struct dns_res_rec
>>
>> name : 'A3003.ad.ha.net'
>>
>> rr_type : DNS_QTYPE_A (0x1)
>>
>> rr_class : DNS_QCLASS_IN (0x1)
>>
>> ttl : 0x000004b0 (1200)
>>
>> length : 0x0004 (4)
>>
>> rdata : union dns_rdata(case 0x1)
>>
>> ipv4_record : 10.3.12.100
>>
>> unexpected : DATA_BLOB length=0
>>
>>
>>
>> smb.conf
>>
>> # Global parameters
>>
>> [global]
>>
>> workgroup = AD
>>
>> realm = AD.HA.NET
>>
>> netbios name = HAM1
>>
>> server role = active directory domain controller
>>
>> dns forwarder = 8.8.8.8
>>
>> # dns forwarder = 10.1.254.2
>>
>> idmap_ldb:use rfc2307 = yes
>>
>> # added 20141215 to quash printer status errors
>>
>> printing = bsd
>>
>> printcap name = /dev/null
>>
>> log level = 3
>>
>>
>>
>> [netlogon]
>>
>> path = /usr/local/samba/var/locks/sysvol/ad.ha.net/scripts
>>
>> read only = No
>>
>>
>>
>> [sysvol]
>>
>> path = /usr/local/samba/var/locks/sysvol el = 3 read only = No
>> [netlogon]
>>
>> path = /usr/local/samba/var/locks/sysvol/ad.ha.net/scripts
>>
>> read only = No [sysvol]
>>
>> path = /usr/local/samba/var/locks/sysvol
>>
>> read only = No
>
He has also got [sysvol] twice and just what is 'el =3' ?
either it is a very bad 'cut & paste' error or he needs to remove the
extra shares.
Rowland
More information about the samba
mailing list