[Samba] Member server only shares locally

Dale Schroeder dale at BriannasSaladDressing.com
Thu Sep 18 11:59:56 MDT 2014 

On 09/18/2014 8:48 AM, Peter Waeckerle wrote:
> Hello
>
> In 2 different subnets I have setup 2 identical samba servers (RH 6.5) as
> fileservers for windows clients. Each is a member of it's own AD Domain
> (Windows 2003 Servers).
> The problem: one of them only is accessible and sharing locally.
>
>
> On the windows-client, trying to mount a share gives this error:
>
> C:\Users\testuser>net use y: \\samba_server\topfolder /user:testuser
>
> System error 64 has occurred.
>
>
> The specified network name is no longer available.
>
> On the server's log.xxx.xx.xxx.xxx:
> [2014/09/18 11:20:26.827312,  2]
> smbd/sesssetup.c:1279(setup_new_vc_session)
>
>    setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
>
> [2014/09/18 11:20:26.867163,  1] smbd/process.c:457(receive_smb_talloc)
>
>    receive_smb_raw_talloc failed for client xxx.xx.xxx.xxx read error =
> NT_STATUS_CONNECTION_RESET.
>
> [2014/09/18 11:20:26.875706,  2]
> smbd/sesssetup.c:1279(setup_new_vc_session)
>
>    setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
>
> [2014/09/18 11:20:26.915785,  1] smbd/process.c:457(receive_smb_talloc)
>
>    receive_smb_raw_talloc failed for client xxx.xx.xxx.xxx read error =
> NT_STATUS_CONNECTION_RESET.
>
> [2014/09/18 11:20:26.924913,  2]
> smbd/sesssetup.c:1279(setup_new_vc_session)
>
>    setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
>
> [2014/09/18 11:20:26.973284,  1] smbd/service.c:1114(make_connection_snum)
>
>    xxx.xx.xxx.xxx (xxx.xx.xxx.xxx) connect to service topfolder initially
> as user AD_DOMAIN\testuser (uid=71691, gid=70513) (pid 2757)
>
> [2014/09/18 11:20:26.973753,  1] smbd/process.c:457(receive_smb_talloc)
>
>    receive_smb_raw_talloc failed for client xxx.xx.xxx.xxx read error =
> NT_STATUS_CONNECTION_RESET.
>
> [2014/09/18 11:20:26.973914,  1] smbd/service.c:1378(close_cnum)
>
>    xxx.xx.xxx.xxx (xxx.xx.xxx.xxx) closed connection to service topfolder
>
>
> Interestingly, doing the same thing on the linux-server itself works
> perfectly well:
>
> # smbclient \\\\samba_server\\topfolder -U testuser
>
> Enter testuser's password:
>
> Domain=[AD_DOMAIN] OS=[Unix] Server=[Samba 3.6.9-169.el6_5]
>
> smb: \> dir
>
>    .                                   D        0  Mon Apr 14 15:01:51 2014
>
>    ..                                  D        0  Thu Dec  5 14:52:42 2013
>
>    IAL1                                D        0  Tue Sep  9 12:08:57 2014
>
>
>
>                  50396 blocks of size 1048576. 47292 blocks available
>
> smb: \> quit
>
> On the server's log
> # cat log.samba_server
>
> [2014/09/18 11:28:02.487245,  2] auth/auth.c:309(check_ntlm_password)
>
>    check_ntlm_password:  authentication for user [testuser] -> [testuser]
> -> [AD_DOMAIN\testuser] succeeded
>
> [2014/09/18 11:28:02.558210,  1] smbd/service.c:1114(make_connection_snum)
>
>    samba_server (193.41.104.172) connect to service topfolder initially as
> user AD_DOMAIN\testuser (uid=71691, gid=70513) (pid 2910)
>
> [2014/09/18 11:28:10.010228,  1] smbd/service.c:1378(close_cnum)
>
>    samba_server (193.41.104.172) closed connection to service topfolder
>
>
> Also the command "net view \\samba_server /user: testuser" doesn't work:
>
> C:\Users\testuser>net view \\samba_server
>
> System error 53 has occurred.
>
>
> The network path was not found.
>
> on the server:
> [2014/09/18 14:29:12.427478,  2]
> smbd/sesssetup.c:1279(setup_new_vc_session)
>
>    setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
>
> [2014/09/18 14:29:12.469729,  1] smbd/process.c:457(receive_smb_talloc)
>
>    receive_smb_raw_talloc failed for client xxx.xx.xxx.xxx read error =
> NT_STATUS_CONNECTION_RESET.
>
> [2014/09/18 14:29:12.487330,  2]
> smbd/sesssetup.c:1279(setup_new_vc_session)
>
>    setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
>
> [2014/09/18 14:29:12.527111,  1] smbd/process.c:457(receive_smb_talloc)
>
>    receive_smb_raw_talloc failed for client xxx.xx.xxx.xxx read error =
> NT_STATUS_CONNECTION_RESET.
>
> smb.conf:
>
> [global]
>
>          workgroup = AD_DOMAIN
>          realm = AD_DOMAIN.aaaaaaa.bbbb.ccc
>
>          server string = Test File Server
>          interfaces = xxx.xx.xxx.yyy/24
>
>          bind interfaces only = Yes
>
>          security = ADS
>
>          allow trusted domains = No
>
>          log file = /var/log/samba/log.%m
>
>          max log size = 4096
>
>          disable netbios = Yes
>
>          load printers = No
>
>          local master = No
>
>          idmap negative cache time = 60
>
>          winbind cache time = 3600
>
>          winbind enum users = Yes
>
>          winbind enum groups = Yes
>
>          winbind use default domain = Yes
>
>          winbind refresh tickets = Yes
>
>          idmap config SNI : backend = rid
>
>          idmap config SNI : range = 70000-200000
>
>          idmap config SNI : default = yes
>
>          idmap config * : range = 70000-200000
>
>          idmap config * : backend = tdb
>
> Why do I get these errors only on one of them since both samba, ldap,
> kerberos and network settings are the same?
> There doesn't seem to be a firewall in between. Kerberos and ldap seem to
> be ok, otherwise I wouldn't be allowed to mount the share locally.
> Where to search for "the difference"? Obviously there is at least one...
>
> Any idea?
>
> Regards
> Peter
Peter,

You have identical ranges for default and SNI in your idmap config. 
Ranges cannot overlap, so try fixing that first, then see what kind of 
errors you get.

Dale

More information about the samba mailing list