samba - Mar 2006 - Bizarre problems with two Samba in the same workgroup

I had to setup a new Samba server as a PDC in my job (Samba 3.0) to replace
and existing Samba server PDC (Samba 2.2), the old server was running ldap
as backend, the new is running tdbsam. I have a lot of bizarre problems when
I put both in the same workgroup with other machines. I will give you a list
of them:

1) The new server is configured as local master browser and domain master
browser, with this configuration the old server never appears in the network
neighborhood.

2) The servers have the same shares. If I define a new share in one of them.
the share appears in the other if I see it in network neighborhood. The
content of the shares of the new server are the same of the old one if a see
them in the network neighborhood (although they are not the same).

3) There is a share defined in the new server (documentacion) that doesn't
appear in network neighborhood (I can only connect to it from command line
with smbclient) eventhough the same share works ok in the old server.

4) If I do nmblookup -MT <Workgroup> the result are the IPs of both
servers.

5) The home of my user doesn't appear in network neighborhood but other
users appear ok.


Next I will give you the content of smb.conf of both servers:

New server running Samba 3.0 (IP 192.168.5.150) in Debian Sarge 3.1

[global]

workgroup = PRUEBA
server string = Servidor2
netbios name = SERVIDOR2
wins support = yes
dns proxy = yes
name resolve order = wins host lmhosts bcast
local master = yes
os level = 200
preferred master = yes
browse list = yes
domain logons = yes
domain master = yes
add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u
logon home logon drive = Z:
logon path = \\%L\profiles\%U
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = tdbsam
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password:* %n\n *Retype*new*UNIX*password:* %n\n
*passwd:*password*updated*successfully*
log level = 3
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

[homes]
comment = Home del usuario %U
valid users = %S
browseable = no
writeable = yes
create mask = 0600
directory mask = 0700

[profiles]
comment = Perfiles de usuarios
path = /home/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no

[documentacion]
comment =  Documentacion ISO 9001
path = /home/docs/
valid users = +users

public = yes
browseable = yes
writeable = yes
create mask = 0640
directory mask = 0750

[grupos]
comment =  Directorio compartido de grupos
path = /home/grupos
# ver el macro %S
valid users = +users
browseable = yes
writeable = yes
create mask = 0660
directory mask = 0770

[noconf]
comment =  No conformidades ISO 9001
path = /home/NoConf/
valid users = +users
browseable = yes
writeable = yes
create mask = 0664
directory mask = 0775

*******************************************************************************************************************************************************

Old server running Samba 2.2 (IP 192.168.5.99) in Debian Woody

workgroup = PRUEBA
netbios name = SERVIDOR
server string = Servidor
domain admin group = " @"Domain Admins" "
log file = /var/log/samba/%m.log
security = user
password level = 16
username level = 16
encrypt passwords = yes
unix password sync = yes
passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
ldap server = localhost
ldap port = 389
ldap ssl = no
ldap suffix = "dc=ledefyl,dc=com"
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = 192.168.5.99/24 127.0.0.1
bind interfaces only = yes
local master = no
os level = 65
domain master = no
preferred master = no
domain logons = no
name resolve order = wins host lmhosts bcast
wins server = 192.168.5.150
dns proxy = no
wins proxy = yes
logon home logon drive = Z:
logon path = \\%L\profiles\%U
logon script = startup.bat
add user script = /usr/local/sbin/smbldap-useradd.pl -m -d /dev/null -g
computers -s /bin/false

[homes]
comment = Home del usuario %U
valid users = %S
browseable = no
writeable = yes
create mask = 0600
directory mask = 0700

[profiles]
comment = Perfiles de usuarios
path = /home/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no
write list = root,"@"Domain Admins""

[grupos]
path = /home/grupos
comment =  Directorio compartido de grupos
# ver el macro %S
valid users = +users
browseable = yes
writeable = yes
create mask = 0660
directory mask = 0770

[documentacion]
comment =  Documentacion ISO 9001
path = /home/iso9001/docs/
valid users = +users
browseable = yes
writeable = yes
create mask = 0640
directory mask = 0750

[noconf]
comment =  No conformidades ISO 9001
path = /home/iso9001/NoConf/
valid users = +users
browseable = yes
writeable = yes
create mask = 0664
directory mask = 0775



I would be very grateful if anyone can tell me what's wrong or point me to a
webpage, file, post in a samba list, or any source of information.

Thanks in advance

Hi All,
 
   I am also facing similar problems though not exactly not the same, 
even after having the wins server = yes to only 1 PDC. nmblookup doesnt 
return the domain server ip but all the rest. Now my computers cannot 
even find the domain to which they are added and cannot access network 
resources. Can anyone point to the right solution for this problem.


Guillermo Dalla Vecchia wrote:
> I had to setup a new Samba server as a PDC in my job (Samba 3.0) to replace
> and existing Samba server PDC (Samba 2.2), the old server was running ldap
> as backend, the new is running tdbsam. I have a lot of bizarre problems
when
> I put both in the same workgroup with other machines. I will give you a
list
> of them:
>
> 1) The new server is configured as local master browser and domain master
> browser, with this configuration the old server never appears in the
network
> neighborhood.
>
> 2) The servers have the same shares. If I define a new share in one of
them.
> the share appears in the other if I see it in network neighborhood. The
> content of the shares of the new server are the same of the old one if a
see
> them in the network neighborhood (although they are not the same).
>
> 3) There is a share defined in the new server (documentacion) that
doesn't
> appear in network neighborhood (I can only connect to it from command line
> with smbclient) eventhough the same share works ok in the old server.
>
> 4) If I do nmblookup -MT <Workgroup> the result are the IPs of both
servers.
>
> 5) The home of my user doesn't appear in network neighborhood but other
> users appear ok.
>
>
> Next I will give you the content of smb.conf of both servers:
>
> New server running Samba 3.0 (IP 192.168.5.150) in Debian Sarge 3.1
>
> [global]
>
> workgroup = PRUEBA
> server string = Servidor2
> netbios name = SERVIDOR2
> wins support = yes
> dns proxy = yes
> name resolve order = wins host lmhosts bcast
> local master = yes
> os level = 200
> preferred master = yes
> browse list = yes
> domain logons = yes
> domain master = yes
> add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
> /bin/false -M %u
> logon home > logon drive = Z:
> logon path = \\%L\profiles\%U
> log file = /var/log/samba/log.%m
> max log size = 1000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> encrypt passwords = true
> passdb backend = tdbsam
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *New*UNIX*password:* %n\n *Retype*new*UNIX*password:* %n\n
> *passwd:*password*updated*successfully*
> log level = 3
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
> [homes]
> comment = Home del usuario %U
> valid users = %S
> browseable = no
> writeable = yes
> create mask = 0600
> directory mask = 0700
>
> [profiles]
> comment = Perfiles de usuarios
> path = /home/profiles
> writeable = yes
> browseable = no
> create mask = 0600
> directory mask = 0700
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> read only = yes
> browseable = no
>
> [documentacion]
> comment =  Documentacion ISO 9001
> path = /home/docs/
> valid users = +users
>
> public = yes
> browseable = yes
> writeable = yes
> create mask = 0640
> directory mask = 0750
>
> [grupos]
> comment =  Directorio compartido de grupos
> path = /home/grupos
> # ver el macro %S
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0660
> directory mask = 0770
>
> [noconf]
> comment =  No conformidades ISO 9001
> path = /home/NoConf/
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0664
> directory mask = 0775
>
>
*******************************************************************************************************************************************************
>
> Old server running Samba 2.2 (IP 192.168.5.99) in Debian Woody
>
> workgroup = PRUEBA
> netbios name = SERVIDOR
> server string = Servidor
> domain admin group = " @"Domain Admins" "
> log file = /var/log/samba/%m.log
> security = user
> password level = 16
> username level = 16
> encrypt passwords = yes
> unix password sync = yes
> passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
> passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
> ldap server = localhost
> ldap port = 389
> ldap ssl = no
> ldap suffix = "dc=ledefyl,dc=com"
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> interfaces = 192.168.5.99/24 127.0.0.1
> bind interfaces only = yes
> local master = no
> os level = 65
> domain master = no
> preferred master = no
> domain logons = no
> name resolve order = wins host lmhosts bcast
> wins server = 192.168.5.150
> dns proxy = no
> wins proxy = yes
> logon home > logon drive = Z:
> logon path = \\%L\profiles\%U
> logon script = startup.bat
> add user script = /usr/local/sbin/smbldap-useradd.pl -m -d /dev/null -g
> computers -s /bin/false
>
> [homes]
> comment = Home del usuario %U
> valid users = %S
> browseable = no
> writeable = yes
> create mask = 0600
> directory mask = 0700
>
> [profiles]
> comment = Perfiles de usuarios
> path = /home/profiles
> writeable = yes
> browseable = no
> create mask = 0600
> directory mask = 0700
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> read only = yes
> browseable = no
> write list = root,"@"Domain Admins""
>
> [grupos]
> path = /home/grupos
> comment =  Directorio compartido de grupos
> # ver el macro %S
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0660
> directory mask = 0770
>
> [documentacion]
> comment =  Documentacion ISO 9001
> path = /home/iso9001/docs/
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0640
> directory mask = 0750
>
> [noconf]
> comment =  No conformidades ISO 9001
> path = /home/iso9001/NoConf/
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0664
> directory mask = 0775
>
>
>
> I would be very grateful if anyone can tell me what's wrong or point me
to a
> webpage, file, post in a samba list, or any source of information.
>
> Thanks in advance
>   

-- 
Pavan Krishna L
Systems Administrator
Diversity Arrays Technology Pty Ltd
Ph:  +61 2 6281 8512
Fax: +61 2 6281 8533
Mob: +61 423 411 281

I have resolved part of my problems. The shares won't show up if they have
more than 12 characters. That was happening with documentacion and my home
(they have 13 characters).
I have lowered the os level from 200 to 65 in the new server (the
recommended value), and 65 to 0 in the old server (to not take part in
master browser elections). That seems to give better results.
But I still can't see the old server (Samba 2.2 configured as client) in the
browsing list (mantained in the new Samba 3.0.14 server). I have the
following question

I can see an entry in wins.dat for the old and new server but nothing more,
although when I see browse.dat I can see the browsing list ok except for the
old server. Is that ok?? shouldn't I see an entry in wins.dat for every
client configured to use wins??

Why Samba 3.0 doesn't add Samba 2.2 to the browsing list??

Thanks in advance


On 3/8/06, Guillermo Dalla Vecchia <hertor28@gmail.com>
wrote:
>
> I had to setup a new Samba server as a PDC in my job (Samba 3.0) to
> replace and existing Samba server PDC (Samba 2.2), the old server was
> running ldap as backend, the new is running tdbsam. I have a lot of bizarre
> problems when I put both in the same workgroup with other machines. I will
> give you a list of them:
>
> 1) The new server is configured as local master browser and domain master
> browser, with this configuration the old server never appears in the
network
> neighborhood.
>
> 2) The servers have the same shares. If I define a new share in one of
> them. the share appears in the other if I see it in network neighborhood.
> The content of the shares of the new server are the same of the old one if
a
> see them in the network neighborhood (although they are not the same).
>
> 3) There is a share defined in the new server (documentacion) that
doesn't
> appear in network neighborhood (I can only connect to it from command line
> with smbclient) eventhough the same share works ok in the old server.
>
> 4) If I do nmblookup -MT <Workgroup> the result are the IPs of both
> servers.
>
> 5) The home of my user doesn't appear in network neighborhood but other
> users appear ok.
>
>
> Next I will give you the content of smb.conf of both servers:
>
> New server running Samba 3.0 (IP 192.168.5.150) in Debian Sarge 3.1
>
> [global]
>
> workgroup = PRUEBA
> server string = Servidor2
> netbios name = SERVIDOR2
> wins support = yes
> dns proxy = yes
> name resolve order = wins host lmhosts bcast
> local master = yes
> os level = 200
> preferred master = yes
> browse list = yes
> domain logons = yes
> domain master = yes
> add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
> /bin/false -M %u
> logon home > logon drive = Z:
> logon path = \\%L\profiles\%U
> log file = /var/log/samba/log.%m
> max log size = 1000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> encrypt passwords = true
> passdb backend = tdbsam
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *New*UNIX*password:* %n\n *Retype*new*UNIX*password:* %n\n
> *passwd:*password*updated*successfully*
> log level = 3
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
> [homes]
> comment = Home del usuario %U
> valid users = %S
> browseable = no
> writeable = yes
> create mask = 0600
> directory mask = 0700
>
> [profiles]
> comment = Perfiles de usuarios
> path = /home/profiles
> writeable = yes
> browseable = no
> create mask = 0600
> directory mask = 0700
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> read only = yes
> browseable = no
>
> [documentacion]
> comment =  Documentacion ISO 9001
> path = /home/docs/
> valid users = +users
>
> public = yes
> browseable = yes
> writeable = yes
> create mask = 0640
> directory mask = 0750
>
> [grupos]
> comment =  Directorio compartido de grupos
> path = /home/grupos
> # ver el macro %S
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0660
> directory mask = 0770
>
> [noconf]
> comment =  No conformidades ISO 9001
> path = /home/NoConf/
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0664
> directory mask = 0775
>
>
*******************************************************************************************************************************************************
>
>
> Old server running Samba 2.2 (IP 192.168.5.99) in Debian Woody
>
> workgroup = PRUEBA
> netbios name = SERVIDOR
> server string = Servidor
> domain admin group = " @"Domain Admins" "
> log file = /var/log/samba/%m.log
> security = user
> password level = 16
> username level = 16
> encrypt passwords = yes
> unix password sync = yes
> passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
> passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
> ldap server = localhost
> ldap port = 389
> ldap ssl = no
> ldap suffix = "dc=ledefyl,dc=com"
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> interfaces = 192.168.5.99/24 127.0.0.1
> bind interfaces only = yes
> local master = no
> os level = 65
> domain master = no
> preferred master = no
> domain logons = no
> name resolve order = wins host lmhosts bcast
> wins server = 192.168.5.150
> dns proxy = no
> wins proxy = yes
> logon home > logon drive = Z:
> logon path = \\%L\profiles\%U
> logon script = startup.bat
> add user script = /usr/local/sbin/smbldap- useradd.pl -m -d /dev/null -g
> computers -s /bin/false
>
> [homes]
> comment = Home del usuario %U
> valid users = %S
> browseable = no
> writeable = yes
> create mask = 0600
> directory mask = 0700
>
> [profiles]
> comment = Perfiles de usuarios
> path = /home/profiles
> writeable = yes
> browseable = no
> create mask = 0600
> directory mask = 0700
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> read only = yes
> browseable = no
> write list = root,"@"Domain Admins""
>
> [grupos]
> path = /home/grupos
> comment =  Directorio compartido de grupos
> # ver el macro %S
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0660
> directory mask = 0770
>
> [documentacion]
> comment =  Documentacion ISO 9001
> path = /home/iso9001/docs/
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0640
> directory mask = 0750
>
> [noconf]
> comment =  No conformidades ISO 9001
> path = /home/iso9001/NoConf/
> valid users = +users
> browseable = yes
> writeable = yes
> create mask = 0664
> directory mask = 0775
>
>
>
> I would be very grateful if anyone can tell me what's wrong or point me
to
> a webpage, file, post in a samba list, or any source of information.
>
> Thanks in advance
>