[Samba] NT_STATUS_TOO_MANY_OPENED_FILES on AD DCs
L.P.H. van Belle
belle at bazuin.nl
Mon Apr 23 12:58:39 UTC 2018
Hai,
I dont run centos, but ...
No, i've not seen this with samba-ad-dc, did notice something like this on my kopano mail server.
And your lucky, i was just working on that.
Run : ulimit -n
See the amount of openfile you may have.
If you running a system with systemd:
systemctl edit samba-ad-dc
Add:
[Service]
LimitNOFILE=65536
ps. Starting lower then the 65536 might be wize.
And Some good info here:
https://unix.stackexchange.com/questions/345595/how-to-set-ulimits-on-service-with-systemd?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Ji??í ??erný via samba
> Verzonden: maandag 23 april 2018 14:19
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] NT_STATUS_TOO_MANY_OPENED_FILES on AD DCs
>
> Hello guys
>
> Yesterday afternoon kerberos stopped working on both of our
> domain controllers.
> Unfortunately, I did not have time to examine it thoroughly,
> I needed to have it up asap.
>
> I know that RDP authentication took a few minutes, but it
> ended up being logged.
> LDAP was normally working.
>
> There were a lot of these messages in the logs:
> [2018/04/22 14:46:43.315705, 1]
> ../source4/auth/kerberos/krb5_init_context.c:484(smb_krb5_init
> _context_basic)
> krb5_init_context failed (Too many open files)
> [2018/04/22 14:46:43.315770, 1]
> ../source4/auth/kerberos/krb5_init_context.c:555(smb_krb5_init
> _context)
> smb_krb5_context_init_basic failed (Too many open files)
> [2018/04/22 14:46:43.350667, 1]
> ../source4/auth/kerberos/krb5_init_context.c:484(smb_krb5_init
> _context_basic)
> krb5_init_context failed (Too many open files)
> [2018/04/22 14:46:43.350711, 1]
> ../source4/auth/kerberos/krb5_init_context.c:555(smb_krb5_init
> _context)
> smb_krb5_context_init_basic failed (Too many open files)
> [2018/04/22 14:46:55.229733, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
> [2018/04/22 14:46:56.239262, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
> [2018/04/22 14:46:57.239552, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
> [2018/04/22 14:46:58.239843, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
> [2018/04/22 14:46:59.240112, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
> [2018/04/22 14:47:00.240399, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
> [2018/04/22 14:47:01.240682, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
> single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES
>
> [2018/04/22 22:21:57.770716, 2]
> ../auth/auth_log.c:760(log_authentication_event_human_readable)
> Auth: [Kerberos KDC,ENC-TS Pre-authentication] user
> [(null)]\[DC01$@SAMDOM.SVMETAL.CZ] at [Sun, 22 Apr 2018
> 22:21:57.770692 CEST] with [(null)] status
> [NT_STATUS_NO_SUCH_USER] workstation [(null)] remote host
> [ipv4:192.168.1.1:43281] mapped to [(null)]\[(null)]. local
> host [NULL]
> [2018/04/22 22:21:57.770872, 0]
> ../source4/smbd/process_single.c:57(single_accept_connection)
>
>
> System: Sernet Samba 4.7.6 on CentOS 6
> Both servers are ADC only, the file service resolves only
> netlogon and sysvol.
>
> Finally, I resolved this by restarting the samba service on
> both servers. And for sure, I upgrade to 4.7.7.
> It's working now, but I'm little bit nervous, because don't
> know what happened.
>
> Did any of you experience this behavior?
>
> Thanks
> Jiri
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list