[Samba] a lot of nonbody session with same pid
Alberto Maria Fiaschi
alberto.fiaschi at estar.toscana.it
Mon Apr 19 08:16:07 UTC 2021
I make a test machine. The sever is member of AD domain (config at he end of these mail).
The behavior is identical. The PCs that are in workgroups generate many sessions with the nobody user, especially when they open excell files or run some program.
The server SO is Ubuntu 20.04.2 LTS with samba ver 4.11.6-Ubuntu .
[global]
workgroup = AOUP
security = ADS
SERVER ROLE = MEMBER SERVER
realm = AOUP.LAN
map untrusted to domain = Yes
winbind refresh tickets = Yes
winbind nss info = rfc2307
idmap config * : range = 100-120
username map = /etc/samba/user.map
idmap config AOUP : backend = ad
idmap config AOUP : unix_nss_info
idmap config AOUP :schema_mode = rfc2307
idmap config AOUP :unix_nss_info = yes
idmap config AOUP : range = 200-9999999999999
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind use default domain = yes
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
server min protocol = NT1
#restrict anonymous = 2
map to guest = never
usershare allow guests = no
create mask = 0777
directory mask = 0777
nt acl support = yes
case sensitive = No
# disabilito supporto stampanti
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
min receivefile size = 16384
use sendfile = true
strict allocate = Yes
aio read size = 16384
aio write size = 16384
write cache size = 65536
map hidden = no
map system = no
map archive = no
map readonly = no
store dos attributes = yes
strict locking = no
follow symlinks = yes
unix extensions = yes
#unix charset = utf-8
#dos charset = cp1250
dos charset = 850
unix charset = ISO8859-1
smb ports = 445
smb encrypt = desired
log file = /var/log/samba/%I.log
log level = 3
#log level = 1 auth:2 passdb:2 idmap:2
[Test]
path = /sambatest/shares
read only = no
[TEST2]
comment = Cartella documenti TEST
path = /sambatest/shares/Uosi/groups/TEST2
valid users = @uosi_vpn_ro, at uosi_vpn_rw
write list = @uosi_vpn_rw
force user = nobody
force group = uosi_quota
79,1 97%
----- Messaggio originale -----
> On 14/04/2021 14:31, Alberto Maria Fiaschi via samba wrote:
> > hi ,
> > I have thousands of nobody connections that remain active. smbstatus shows
> > tens of connections with the same pid. The server is configured as CLASSIC
> > PRIMARY DOMAIN CONTROLLER with openldap backend. I have about 3000 clients
> > connecting. almost all are not in domain (heterogeneous workgroups). The
> > only cases in which the problem does not occur are those of some PCs that
> > are part of an AD domain (strange because the server does not know the
> > other domain).
> > This is a big problem because it slows down the server and makes the files
> > under / var / cache / samba grow considerably
> > I tried to change many options, but the behavior remained the same. Some
> > advice ? Please help!
> > Samba version 4.7.6-Ubuntu on Ubuntu 18.04.5 LTS
> >
>
> Go to the Acer notebook and turn off the Guest user.
>
> Can I also suggest that you start making plans to upgrade to AD, SMBv1
> is going away and a PDC must use SMBv1.
>
> Rowland
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Alberto Maria Fiaschi
alberto.fiaschi at estar.toscana.it
ESTAR - Ente di Supporto Tecnico Amministrativo Regionale
Dip.to Tecnologie Informatiche
Area: Tecnologie Informatiche Nord-Ovest
UOC: Reti e Sistemi Area Nord-Ovest
c/o Azienda Ospedaliero Universitaria Pisana
Presidio Ospedaliero Spedali Riuniti Santa Chiara
Via Roma, 67 - 56126 Pisa, Italy
Tel. +39 050 99 3117
Fax +39 050 99 3396
profilo su https://it.linkedin.com/in/alberto-fiaschi
More information about the samba
mailing list