[Samba] Samba transfer performance

Rowland Penny rpenny at samba.org
Sat Aug 14 15:06:40 UTC 2021 

On Sat, 2021-08-14 at 14:30 +0000, Thaddeus Waldner via samba wrote:
> 
> Here is my smb.conf. I failed to mention that this is a domain
> controller. I plan to eventually join a dedicated file server to the
> domain.
> 
> # Global parameters
> [global]
> dns forwarder = 8.8.8.8
> interfaces = 10.1.10.2;capability=RSS,speed=10000000000
> passdb backend = samba_dsdb
> realm = NDS.SCHOOL.COM<http://NDS.SCHOOL.COM>
> server min protocol = SMB3
> server multi channel support = Yes
> server role = active directory domain controller
> template homedir = /home/%U
> template shell = /bin/bash
> workgroup = NDS
> rpc_server:tcpip = no
> rpc_daemon:spoolssd = embedded
> rpc_server:spoolss = embedded
> rpc_server:winreg = embedded
> rpc_server:ntsvcs = embedded
> rpc_server:eventlog = embedded
> rpc_server:srvsvc = embedded
> rpc_server:svcctl = embedded
> rpc_server:default = external
> winbindd:use external pipes = true
> fruit:delete_empty_adfiles = yes
> fruit:wipe_intentionally_left_blank_rfork = yes
> fruit:zero_file_id = yes
> fruit:posix_rename = yes
> fruit:veto_appledouble = no
> fruit:model = MacSamba
> fruit:metadata = stream
> idmap_ldb:use rfc2307 = yes
> idmap config * : backend = tdb
> map archive = No
> vfs objects = dfs_samba4 acl_xattr fruit streams_xattr
> 
> 
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
> 
> 
> [netlogon]
> path = /var/lib/samba/sysvol/nds.newdaleschool.com/scripts<

Hmm, you have 'realm = NDS.SCHOOL.COM' yet it is
'nds.newdaleschool.com' above, bad sanitisation ??

> 
> read only = No
> 
> 
> [home]
> path = /srv/home
> read only = No
> acl_xattr:ignore system acl = yes
> 
> 
> [students]
> path = /srv/students
> read only = No
> spotlight backend = elasticsearch
> acl_xattr:ignore system acl = yes
> 
> 
> [staff]
> path = /srv/staff
> read only = No
> spotlight backend = elasticsearch
> acl_xattr:ignore system acl = yes
> 
> 
> [Backups]
> path = /srv/backups
> read only = No
> vfs objects = fruit streams_xattr

You have just turned off the standard vfs_objects on this share

> fruit:time machine = yes
> acl_xattr:ignore system acl = yes
> 
> 
> 
> [students]
> path = /srv/students
> read only = No
> spotlight backend = elasticsearch
> acl_xattr:ignore system acl = yes
> 
> 
> [staff]
> path = /srv/staff
> read only = No
> spotlight backend = elasticsearch
> acl_xattr:ignore system acl = yes
> 
> 
> [Backups]
> path = /srv/backups
> read only = No
> vfs objects = fruit streams_xattr
> fruit:time machine = yes
> acl_xattr:ignore system acl = yes

And again.

It is never a good idea to use an AD DC as a fileserver. If you had
been upfront about what you are doing, I would have advised you to stop
doing it and use a separate fileserver. I would also have asked you to
run 'samba-tool testparm --suppress-prompt' instead of 'testparm -s'

Rowland

More information about the samba mailing list