[Samba] a lot of nonbody session with same pid

L.P.H. van Belle belle at bazuin.nl
Mon Apr 19 08:34:03 UTC 2021 

Your setup of wrong. 
Sorry.. 

cat /etc/adduser.conf look at these defaults. 
Now look at the values your using. 

 idmap config * : range = 100-120 		< and increase this range .. 
 idmap config AOUP  : range = 200-9999999999999 
 
UID/GIDs may not overlap one other. 

That needs fixing first. 


Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Alberto Maria Fiaschi via samba
> Verzonden: maandag 19 april 2021 10:16
> Aan: Rowland penny
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] a lot of nonbody session with same pid
> 
> I make a test machine. The sever is member of AD domain 
> (config at he end of these mail). 
> The behavior is identical. The PCs that are in workgroups 
> generate many sessions with the nobody user, especially when 
> they open excell files or run some program.
> The server SO is Ubuntu 20.04.2 LTS with samba ver 4.11.6-Ubuntu .
> 
> [global]
>    workgroup = AOUP
>    security = ADS
>    SERVER ROLE = MEMBER SERVER
>    realm = AOUP.LAN
>    map untrusted to domain = Yes
>    winbind refresh tickets = Yes
>    winbind nss info = rfc2307
>    idmap config * : range = 100-120
>    username map = /etc/samba/user.map
>    idmap config AOUP  : backend = ad
>    idmap config AOUP : unix_nss_info
>    idmap config AOUP  :schema_mode = rfc2307
>    idmap config AOUP :unix_nss_info = yes
>    idmap config AOUP  : range = 200-9999999999999
>    vfs objects = acl_xattr
>    map acl inherit = Yes
>    store dos attributes = Yes
>    dedicated keytab file = /etc/krb5.keytab
>    kerberos method = secrets and keytab
>    winbind use default domain = yes
>    load printers = no
>    printing = bsd
>    printcap name = /dev/null
>    disable spoolss = yes
> 
> server min protocol = NT1
> #restrict anonymous = 2
> map to guest = never
> usershare allow guests = no
> create mask = 0777
> directory mask = 0777
> nt acl support = yes
> case sensitive = No
> # disabilito supporto stampanti
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
> min receivefile size = 16384
> use sendfile = true
> strict allocate = Yes
> 
> aio read size       = 16384
> aio write size      = 16384
> write cache size = 65536
> map hidden           = no
> map system           = no
> map archive          = no
> map readonly         = no
> store dos attributes = yes
> strict locking = no
> follow symlinks = yes
> unix extensions = yes
> 
> #unix charset = utf-8
> #dos charset = cp1250
> 
> dos charset = 850
> unix charset = ISO8859-1
> 
> 
> smb ports = 445
> smb encrypt = desired
> log file = /var/log/samba/%I.log
> log level = 3
> #log level = 1 auth:2 passdb:2  idmap:2
> 
> [Test]
>        path = /sambatest/shares
>        read only = no
> 
> 
> 
> [TEST2]
>         comment = Cartella documenti TEST
>         path = /sambatest/shares/Uosi/groups/TEST2
>         valid users = @uosi_vpn_ro, at uosi_vpn_rw
>         write list = @uosi_vpn_rw
>         force user = nobody
>         force group = uosi_quota
>                                                               
>                                                               
>                                79,1          97%
> 
> 
> 
> 
> ----- Messaggio originale -----
> > On 14/04/2021 14:31, Alberto Maria Fiaschi via samba wrote:
> > > hi ,
> > > I have thousands of nobody connections that remain 
> active. smbstatus shows
> > > tens of connections with the same pid. The server is 
> configured as CLASSIC
> > > PRIMARY DOMAIN CONTROLLER with openldap backend. I have 
> about 3000 clients
> > > connecting. almost all are not in domain (heterogeneous 
> workgroups). The
> > > only cases in which the problem does not occur are those 
> of some PCs that
> > > are part of an AD domain (strange because the server does 
> not know the
> > > other domain).
> > > This is a big problem because it slows down the server 
> and makes the files
> > > under / var / cache / samba grow considerably
> > > I tried to change many options, but the behavior remained 
> the same. Some
> > > advice ? Please help!
> > > Samba version 4.7.6-Ubuntu on Ubuntu 18.04.5 LTS
> > >
> > 
> > Go to the Acer notebook and turn off the Guest user.
> > 
> > Can I also suggest that you start making plans to upgrade 
> to AD, SMBv1
> > is going away and a PDC must use SMBv1.
> > 
> > Rowland
> > 
> > 
> > 
> > 
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> 
> -- 
> Alberto Maria Fiaschi 
> alberto.fiaschi at estar.toscana.it 
> ESTAR - Ente di Supporto Tecnico Amministrativo Regionale 
> Dip.to Tecnologie Informatiche 
> Area: Tecnologie Informatiche Nord-Ovest 
> UOC: Reti e Sistemi Area Nord-Ovest 
> c/o Azienda Ospedaliero Universitaria Pisana 
> Presidio Ospedaliero Spedali Riuniti Santa Chiara 
> Via Roma, 67 - 56126 Pisa, Italy 
> Tel. +39 050 99 3117 
> Fax +39 050 99 3396 
> profilo su https://it.linkedin.com/in/alberto-fiaschi 
> 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list