[Samba] Invalid key 0 given to dptr_close on Samba 4.1 Domain Controller/File Server

Thomas Maerz tmaerz at brewerscience.com
Mon Feb 17 18:28:49 MST 2014 

Hello,

	I am currently working on a solution to replace Apple OpenDirectory on some aging Xserve hardware. I currently have  CentOS Samba4 AD DC’s replicating for redundancy using sernet-samba repositories. The third one has File/Print roles defind and it works perfectly EXCEPT on OSX 10.6. IT works great on any Windows workstation and OSX 10.7,10.8, 10.9 GNOME/Nautilus and even CIFS CLI mounting on linux. I am able to join machines to the domain, manage them with group policies and manage the permissions on the linux server using a windows member server, which is really nice.

The issue comes when one of the hundreds of OSX 10.6 computers tries to connect. They sort of work in that they can freely browse any folders and files on the file server that they want until they come across something they don’t have access to. At that point the Finder window will either stop doing anything or show a folder with a one way (do not enter/inacessible) icon on it. After that you have to unmount and remount the file share to see anything.

Here is my smb.conf:

[global]

	workgroup = AD
	realm = AD.BREWERSCIENCE.COM
	netbios name = CORPFS
	server role = active directory domain controller
	dns forwarder = 192.168.2.20
	idmap_ldb:use rfc2307 = yes
	log level = 2
;	log file = /var/log/samba/log.%m
	vfs objects = acl_xattr
	map acl inherit = yes
;	inherit acls = yes
	inherit permissions = yes
	store dos attributes = yes
;	oplocks = no
;	level2 oplocks = no
;	kernel oplocks = yes



[netlogon]
	path = /var/lib/samba/sysvol/ad.brewerscience.com/scripts
	read only = No
	browseable = no

[sysvol]
	path = /var/lib/samba/sysvol
	read only = No
	browseable = no

[IT_Division]
	writeable = yes
	path = /mnt/corpserver/IT_Division
	browseable = no

[Archive]
	writeable = yes
	path = /mnt/corpserver/Archive

[Limited_Access]
	writeable = yes
	path = /mnt/corpserver/Limited_Access

[Human_Resources]
	writeable = yes
	path = /mnt/corpserver/Human_Resources
	browseable = no

[Customer]
	writeable = yes
	path = /mnt/corpserver/Customer

[People]
	writeable = yes
	path = /mnt/corpserver/People

[Technology]
	writeable = yes
	path = /mnt/corpserver/Technology

I have set up the filesystems that those are mounted to have barrier=1,cal,user_xattr:

/dev/sdb	/mnt/corpserver/Customer	ext4	barrier=1,acl,user_xattr	0	0
/dev/sdc	/mnt/corpserver/IT_Division	ext4	barrier=1,acl,user_xattr	0	0
/dev/sdd	/mnt/corpserver/Technology	ext4	barrier=1,acl,user_xattr	0	0
/dev/sde	/mnt/corpserver/Limited_Access	ext4	barrier=1,acl,user_xattr	0	0
/dev/sdf	/mnt/corpserver/Archive		ext4	barrier=1,acl,user_xattr	0	0
/dev/sdg	/mnt/corpserver/People		ext4	barrier=1,acl,user_xattr	0	0
/dev/sdh	/mnt/corpserver/Human_Resources	ext4	barrier=1,acl,user_xattr	0	0

Please help!

Thomas Maerz

More information about the samba mailing list