[Samba] Samba 4.6.2 member server errors
me at tdiehl.org
me at tdiehl.org
Sun Oct 15 20:21:41 UTC 2017
On Sun, 15 Oct 2017, Rowland Penny via samba wrote:
> On Sun, 15 Oct 2017 13:38:13 -0400 (EDT)
> me at tdiehl.org wrote:
>
>> Yes I understand, however, there are 2 things I am concerned about.
>>
>> When the errors are spewing, winbind never goes to sleep and the load
>> on the server runs somewhere between 6-8 constantly (as shown by
>> top.). Even when there is no one in the office and hence no files
>> being served I still see the high load.
>>
>> When the errors stop (This happens intermittently) winbind will sleep
>> and the load settles down to < 1.
>>
>> The other thing that concerns me is that I am wondering if this is an
>> indication that something more serious is about to break. It is one
>> thing for me to see things in the background and entirely something
>> else for it to impact the users. :-)
>>
>> Suggestions?
>>
>> Regards,
>>
>
> If nothing is connecting, then winbind shouldn't be doing much, so if
> it is, you need to find out why.
>
> Try running 'samba-tool dbcheck' on the DCs
dbcheck has the following output:
(vdc2 pts2) # samba-tool dbcheck
Checking 490 objects
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object CN=User\0ADEL:5f387be0-63de-4486-b22a-bfff6bc2cbcb,CN=Deleted Objects,DC=samdom,DC=mydomain,DC=com - <GUID=bf3dbdad-516d-4ebc-beb9-2b9e3a1fa02b>;CN={A492ADAB-B0BE-4038-B6C7-B831D0C77359},CN=Policies,CN=System,DC=samdom,DC=mydomain,DC=com
Not fixing old string component
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object CN=Machine\0ADEL:bc407cd8-3035-4a40-8171-f91616bd798f,CN=Deleted Objects,DC=samdom,DC=mydomain,DC=com - <GUID=bf3dbdad-516d-4ebc-beb9-2b9e3a1fa02b>;CN={A492ADAB-B0BE-4038-B6C7-B831D0C77359},CN=Policies,CN=System,DC=samdom,DC=mydomain,DC=com
Not fixing old string component
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object CN=User\0ADEL:49f21be1-fe11-44fc-b483-28e06112084e,CN=Deleted Objects,DC=samdom,DC=mydomain,DC=com - <GUID=ab72e6be-b24a-4945-808c-1e1a366a1332>;CN={C8B52BEA-44ED-4A17-9B2D-0DAD8858286B},CN=Policies,CN=System,DC=samdom,DC=mydomain,DC=com
Not fixing old string component
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object CN=Machine\0ADEL:772380e7-e1e5-4614-81c2-ba7a40efa27e,CN=Deleted Objects,DC=samdom,DC=mydomain,DC=com - <GUID=ab72e6be-b24a-4945-808c-1e1a366a1332>;CN={C8B52BEA-44ED-4A17-9B2D-0DAD8858286B},CN=Policies,CN=System,DC=samdom,DC=mydomain,DC=com
Not fixing old string component
Checked 490 objects (0 errors)
Both dc's have the same output. The above says 0 errors but I am not sure if the
above is relevant to this discussion or not.
> Check replication between the DCs
sysvol replication seems to be working. Is there something else I need to check?
> Check the Samba logs on the DCs, is there anything relevant showing at
> the time that winbind is overloading on the domain member
No, but I have not looked with logging turned up.
> Raise the log levels on the DCs and domain members and see if anything
> pops out.
At the moment winbind is quiet. I will turn logging up on the dc's and the
file servers and see what pops up.
What is a good log level for troubleshooting something like this?
>
> One thing I noticed when I looked it your smb.conf again was this:
>
> realm = SAMDOM.MYDOMAIN.com.COM
>
> I take it this was just a typo when you sanitized it.
Yep!! You made me look to be sure though. :-)
> If this is only happening on one domain member, try comparing the
> various files on one with the other (/etc/hosts, /etc/krb5.conf and so
> on).
They are identical modulo things like host names, etc.. I use ansible to manage
them and set variables where appropriate.
Regards,
--
Tom me at tdiehl.org
More information about the samba
mailing list