[Samba] Multi instance samba problem after updating from 4.15.5 to 4.17.4
Peter Varkoly
peter at varkoly.de
Tue Jan 10 19:02:50 UTC 2023
Hi,
I have 3 samba instances running on one server: samba AD file and a
printserver instance.
After updating to 4.17.4 I have the problem, that connecting the one
instance with smbclient or from a windows client sometimes the shares of
the other instance will be listed.
The behavior is such that this behavior remains stable for a while, then
changes and the correct shares are delivered again. This is about 1
minunte.
In the logfiles of the instances it is evident that the instances have
read the correct configuration.
Bad state:
# smbclient -L fileserver -U register%XXXXXXXXXX
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
n013-kyocera Printer
n108-lexmark Printer
p001-kyocera Printer
w105-hp Printer
zb-brother Printer
lehrer-ta Printer
IPC$ IPC IPC Service (Samba 4.17.4)
Right state:
# smbclient -L fileserver -U register%XXXXXXXXXX
Sharename Type Comment
--------- ---- -------
groups Disk Shared directories of groups you are
member in.
users Disk All users
all Disk Folder for all
allteachers Disk Folder for all teacher
software Disk Folder for software
IPC$ IPC IPC Service (Samba 4.17.4)
register Disk Home Directories
SMB1 disabled -- no workgroup available
Connecting a specific instance works fine even if the bad shares was
delivered immediately before.
The dns resolution works correct.
Do you have any idea?
Configfile samba-ad instance:
----------------
[global]
netbios name = admin
realm = <DOMAIN.DE>
workgroup = <DOMAIN>
dns forwarder = 172.16.0.5
server role = active directory domain controller
idmap_ldb:use rfc2307 = Yes
check password script =
/usr/share/cranix/tools/check_password_complexity.sh
bind interfaces only = yes
interfaces = 127.0.0.1, 172.16.0.2
ntlm auth = yes
template shell = /bin/bash
ldap server require strong auth = no
hosts deny = 172.16.1.0/24
load printers = no
printcap name = /dev/null
disable spoolss = yes
[sysvol]
path = /var/lib/samba/sysvol
read only = No
browseable = No
[netlogon]
comment = Network logon
path = /var/lib/samba/sysvol/gy-ho.de/scripts
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh
netlogon open %U %I %a %m gy-ho.de
read only = No
Config file samba file server:
--------------------
[global]
workgroup = <DOMAIN>
realm = <DOMAIN.DE>
netbios name = fileserver
security = ADS
bind interfaces only = yes
interfaces = 172.16.0.1
pid directory = /run/sambafileserver
cache directory = /var/lib/fileserver
lock directory = /var/lib/fileserver/lock
state directory = /var/lib/fileserver
private directory = /var/lib/fileserver/private
log level = 5
wide links = Yes
unix extensions = No
load printers = no
printcap name = /dev/null
disable spoolss = yes
min domain uid = 0
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
[itool]
comment = Imaging Tool
path = /srv/itool
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh itool
open %u %I %a %m
inherit permissions = Yes
#valid users = @teachers, @sysadmins, @workstations, root,
Administrator, ossreader
#force group = sysadmins
browseable = no
guest ok = no
writable = yes
strict locking = no
[profiles]
comment = Network profiles
path = /home/profiles/
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh
profiles open %U %I %a %m gy-ho.de
browseable = No
read only = No
force create mode = 0600
force directory mode = 0700
csc policy = disable
store dos attributes = yes
vfs objects = acl_xattr
[homes]
comment = Home Directories
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh homes
open %U %I %a %m gy-ho.de
root postexec = /usr/share/cranix/plugins/share_plugin_handler.sh homes
close %U %I %a %m gy-ho.de
veto files = /GROUPS/ALL/
inherit permissions = Yes
browseable = No
printable = No
read only = No
guest ok = No
valid users = %S
[groups]
comment = Shared directories of groups you are member in.
path = /home/groups/LINKED/%U
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh groups
open %U %I %a %m gy-ho.de
root postexec = /usr/share/cranix/plugins/share_plugin_handler.sh groups
close %U %I %a %m gy-ho.de
veto files = /TEACHERS/
inherit permissions = Yes
browseable = Yes
guest ok = No
printable = No
read only = No
[users]
comment = All users
path = /home
inherit permissions = Yes
browseable = Yes
guest ok = No
printable = No
read only = No
[all]
comment = Folder for all
path = /home/all
inherit permissions = Yes
browseable = Yes
guest ok = No
writable = Yes
[allteachers]
comment = Folder for all teacher
path = /home/groups/TEACHERS
inherit permissions = Yes
browseable = Yes
guest ok = No
writable = Yes
[alladmins]
comment = Folder for administration personal
path = /home/groups/ADMINISTRATION
inherit permissions = Yes
browseable = No
guest ok = No
writable = Yes
[software]
comment = Folder for software
path = /home/software
inherit permissions = Yes
browseable = yes
guest ok = no
writable = yes
[salt-repo]
comment = Folder for Salt Packages
path = /srv/salt/win/repo-ng
inherit permissions = Yes
browseable = no
guest ok = no
writable = yes
#valid users = @sysadmins
Config file samba printserver
-------------------------------------
[global]
workgroup = <DOMAIN>
realm = <DOMAIN.DE>
netbios name = printserver
printing = CUPS
security = ADS
bind interfaces only = yes
interfaces = 172.16.0.4
load printers = no
min domain uid = 0
pid directory = /run/sambaprintserver
cache directory = /var/lib/printserver
lock directory = /var/lib/printserver/lock
state directory = /var/lib/printserver
private directory = /var/lib/printserver/private
rpc_server:spoolss = external
rpc_daemon:spoolssd = fork
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
log level = 5
[print$]
comment = Printer Drivers
path = /var/lib/printserver/drivers
read only = No
[n013-kyocera]
path = /var/tmp/
printable = yes
printer name = n013-kyocera
hosts allow = 172.16.0.0/24 172.16.3.0/25
[n108-lexmark]
path = /var/tmp/
printable = yes
printer name = n108-lexmark
hosts allow = 172.16.0.0/24 172.16.14.0/26
[p001-kyocera]
path = /var/tmp/
printable = yes
printer name = p001-kyocera
hosts allow = 172.16.0.0/24 172.16.2.128/25
[w105-hp]
path = /var/tmp/
printable = yes
printer name = w105-hp
hosts allow = 172.16.0.0/24 172.16.15.64/26
[zb-brother]
path = /var/tmp/
printable = yes
printer name = zb-brother
hosts allow = 172.16.0.0/24 172.16.2.64/26
[lehrer-ta]
path = /var/tmp/
printable = yes
printer name = lehrer-ta
hosts allow = 172.16.0.0/24 172.16.8.0/22 172.16.3.192/27
Thanks a lot!
More information about the samba
mailing list