I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is very basic setup with Ldap setup. All of our desktop (Windows and MAC) clients (>250) simultaneously started dropping their connections to our Samba fileserver. Since then, I have tested with RHEL5 and SuSE with Samba 3.0.23c, 24 and 25. None the latested fix this problem. So I downgraded to samba 3.0.10 and it works better but still have problem disconnecting with clients disconnection. The problem has also appeared on clients running disparate operating systems: Mac OS 10.3.9 and 10.4.x, Windows 2000 and Windows XP. (None of our Linux desktops use the CIFS mounts we provide.) I was never able to replicate on Windows Desktop. I will really appreciate your input --------Here is smb.conf file------------------------------------- [global] # set basic name strings server string = DOMAIN workgroup = NEW_DOMAIN netbios name = DOMAIN # log level and log file. Samba can use syslog as well, but it's just # easier not to. Plus, we can separate out log information by user # (%U) and machine (%m) if we use Samba's internal logging. Samba # auto-rotates logs when they get bigger than 'max log size' Kb, but # it only retains one old log and one new one. log level = 1 vfs:3 log file = /var/log/samba/%U.%m.log max log size = 102400 # how to add machine trust accounts to LDAP add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m' # only bind to the correct (cluster) IP address; otherwise, we'll broadcast # this nodes IP address and the SAN IP as master browsers in addition to the # cluster IP. bind interfaces only = true interfaces = 10.1.1.44 # for netlogon (which we don't use) logon path logon home # some performance tweaks socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE # no limit to the number of processes to spawn (which is good, because # Samba has recently been going crazy and spawning hundreds of processes) max smbd processes = 0 # basic domain master setup encrypt passwords = yes domain logons = yes domain master = yes local master = yes preferred master = yes security = user # os level = 33 will make Huxley win any contests to see who is the # domain master. (There shouldn't be any, but what the hey.) os level = 33 # where to find the WINS server wins server = 10.9.1.12 # users in this (LDAP) group will have their smbd processes run as # root, giving them access to _everything_. They will also be allowed # to join computers to the domain admin users = +ntadmin # LDAP setup -- where to find stuff, etc. At least some earlier # versions of Samba had a bug that forced machine accounts and user # accounts to be in the same tree, which is why they're not separated # out passdb backend = ldapsam:ldap://ldap.example.com ldap suffix = o=example.com,o=isp ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap admin dn = cn=directory manager ldap ssl = on # not sure what these do, to be honest idmap uid = 10000-20000 idmap gid = 10000-20000 # include extra user configuration. For instance, if you wanted to # turn up the log level for John User, you could create a file called # 'juser.inc' (or whatever John's username is) and add a 'log level' # line to it. This include statement has to be here, at the end of # the [global] section and before any of the shares, so that it can # override any global configuration directives, but won't be # considered part of any particular share. include = /etc/samba/%U.inc ################################## # HOME DRIVE # ################################## [home] comment = Home directories # basic config: don't allow guest access, allow write, show this # volume in a volume listing of this machine guest ok = 0 read only = no browseable = yes # create the path from the user's home directory, which is populated # from LDAP path = %H # auto-create home and publichtml folders root preexec = /usr/local/maint/mkhome '%U' # the permissions of a given folder should be the same as the # permissions of its parent. This helps preserve permissions for both # home and publichtml, which should be different inherit permissions = yes # default permissions directory mask = 0700 force directory mode = 0700 create mask = 0600 force create mode = 0600 ################################## # MISC DRIVE # ################################## [misc] comment = misc drive path = /misc # basic config: don't allow guest access, allow write, show this # volume in a volume listing of this machine guest ok = 0 read only = no browseable = yes # for some reason, inherit permissions doesn't work on /misc, although # it should. Set all permissions according to the defaults. When I # create a new folder for a department, etc., I can set its # permissions specially, which will allow me to prevent or allow # anonymous access as necessary. inherit permissions = no directory mask = 2775 force directory mode = 2770 create mask = 0664 force create mode = 0660 # allow some more fancy ACL-based controls on files nt acl support = yes map acl inherit = yes inherit acls = yes # let anyone who has write access to a file change its permissions. # this is similar to the way DOS/Windows does things dos filemode = yes # anyone who can write to a file can change its timestamp (again, to # mimic DOS/Windows) dos filetimes = yes # configuration for full audit plugin, which will let us see all # accesses and operations on the Misc drive. Currently disabled due # to high I/O loads caused by it. #vfs objects = full_audit full_audit:success = all full_audit:failure = none full_audit:facility = LOCAL6 # different groups access webdirs different, so include it from a file. include = /etc/samba/%G.inc
Any help Please On Tue, 2007-11-13 at 16:35 -0600, BIS wrote:> I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is > very basic setup with Ldap setup. > > All of our desktop (Windows and MAC) clients (>250) simultaneously > started dropping their connections to our Samba fileserver. Since then, > I have tested with RHEL5 and SuSE with Samba 3.0.23c, 24 and 25. None > the latested fix this problem. > > So I downgraded to samba 3.0.10 and it works better but still have > problem disconnecting with clients disconnection. The problem has also > appeared on clients running disparate operating systems: Mac OS 10.3.9 > and 10.4.x, Windows 2000 and Windows XP. (None of our Linux desktops > use the CIFS mounts we provide.) > > I was never able to replicate on Windows Desktop. > > I will really appreciate your input > > > > --------Here is smb.conf file------------------------------------- > > [global] > > # set basic name strings > server string = DOMAIN > workgroup = NEW_DOMAIN > netbios name = DOMAIN > > # log level and log file. Samba can use syslog as well, but it's just > # easier not to. Plus, we can separate out log information by user > # (%U) and machine (%m) if we use Samba's internal logging. Samba > # auto-rotates logs when they get bigger than 'max log size' Kb, but > # it only retains one old log and one new one. > log level = 1 vfs:3 > log file = /var/log/samba/%U.%m.log > max log size = 102400 > > # how to add machine trust accounts to LDAP > add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m' > > # only bind to the correct (cluster) IP address; otherwise, we'll > broadcast > # this nodes IP address and the SAN IP as master browsers in addition to > the > # cluster IP. > bind interfaces only = true > interfaces = 10.1.1.44 > > # for netlogon (which we don't use) > logon path > logon home > > # some performance tweaks > socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536 > SO_KEEPALIVE > > # no limit to the number of processes to spawn (which is good, because > # Samba has recently been going crazy and spawning hundreds of > processes) > max smbd processes = 0 > > # basic domain master setup > encrypt passwords = yes > domain logons = yes > domain master = yes > local master = yes > preferred master = yes > security = user > # os level = 33 will make Huxley win any contests to see who is the > # domain master. (There shouldn't be any, but what the hey.) > os level = 33 > > # where to find the WINS server > wins server = 10.9.1.12 > > # users in this (LDAP) group will have their smbd processes run as > # root, giving them access to _everything_. They will also be allowed > # to join computers to the domain > admin users = +ntadmin > > # LDAP setup -- where to find stuff, etc. At least some earlier > # versions of Samba had a bug that forced machine accounts and user > # accounts to be in the same tree, which is why they're not separated > # out > passdb backend = ldapsam:ldap://ldap.example.com > ldap suffix = o=example.com,o=isp > ldap machine suffix = ou=People > ldap user suffix = ou=People > ldap group suffix = ou=Groups > ldap admin dn = cn=directory manager > ldap ssl = on > > # not sure what these do, to be honest > idmap uid = 10000-20000 > idmap gid = 10000-20000 > > # include extra user configuration. For instance, if you wanted to > # turn up the log level for John User, you could create a file called > # 'juser.inc' (or whatever John's username is) and add a 'log level' > # line to it. This include statement has to be here, at the end of > # the [global] section and before any of the shares, so that it can > # override any global configuration directives, but won't be > # considered part of any particular share. > include = /etc/samba/%U.inc > > ################################## > # HOME DRIVE # > ################################## > [home] > comment = Home directories > > # basic config: don't allow guest access, allow write, show this > # volume in a volume listing of this machine > guest ok = 0 > read only = no > browseable = yes > > # create the path from the user's home directory, which is populated > # from LDAP > path = %H > > # auto-create home and publichtml folders > root preexec = /usr/local/maint/mkhome '%U' > > # the permissions of a given folder should be the same as the > # permissions of its parent. This helps preserve permissions for both > # home and publichtml, which should be different > inherit permissions = yes > > # default permissions > directory mask = 0700 > force directory mode = 0700 > create mask = 0600 > force create mode = 0600 > > ################################## > # MISC DRIVE # > ################################## > [misc] > comment = misc drive > path = /misc > > # basic config: don't allow guest access, allow write, show this > # volume in a volume listing of this machine > guest ok = 0 > read only = no > browseable = yes > > # for some reason, inherit permissions doesn't work on /misc, although > # it should. Set all permissions according to the defaults. When I > # create a new folder for a department, etc., I can set its > # permissions specially, which will allow me to prevent or allow > # anonymous access as necessary. > inherit permissions = no > directory mask = 2775 > force directory mode = 2770 > create mask = 0664 > force create mode = 0660 > > # allow some more fancy ACL-based controls on files > nt acl support = yes > map acl inherit = yes > inherit acls = yes > > # let anyone who has write access to a file change its permissions. > # this is similar to the way DOS/Windows does things > dos filemode = yes > > # anyone who can write to a file can change its timestamp (again, to > # mimic DOS/Windows) > dos filetimes = yes > > # configuration for full audit plugin, which will let us see all > # accesses and operations on the Misc drive. Currently disabled due > # to high I/O loads caused by it. > #vfs objects = full_audit > full_audit:success = all > full_audit:failure = none > full_audit:facility = LOCAL6 > > # different groups access webdirs different, so include it from a file. > include = /etc/samba/%G.inc > >
Hello, I have a problem with samba. Clients (Mac OSX 10.3.9, 10.4.10 and Windows XP) disconnect periodically. Samba (v3) runs on RedHat 3 enterprise. Mac OSX workstations communicate with RedHat server via samba protocol only ( Netatalk is not installed). OSX workstations are disconnected sometimes after 10 minutes, sometimes after 60 minutes. Windows XP workstation disconnects after few days. Samba logs for MAC OSX client says: walczak (192.168.8.4) connect to service heineken_acc initially as user pietrucha (uid=555, gid=10) (pid 25147) [2007/11/15 09:55:01, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2007/11/15 09:55:01, 1] smbd/service.c:close_cnum(841) walczak (192.168.8.4) closed connection to service heineken_acc smb .conf is attached. Thank you in advance. -------------- next part -------------- Piotr Walczak
Other than the error message in the log is this causing a problem? John
> Hello John, > thanks for reply. > No other errors causing the problem. > Piotr Walczak > IT Engineer >I am not sure that was what I was looking for. Is this disconnection causing a real problem? I ask this because in normal operation CIFS/SMB servers/clients are allowed to disconnect (usually after a period of inactivity) and the client will reconnect when it needs to. John
On Nov 27, 2007 10:39 AM, PIOTR Walczak <p_walczak@grey.com.pl> wrote:> John, > yes it causing problem. This can happen even if you copy file on the > server. > Suddenly the workstation (especially MacOSX) is disconnected from > server and you have to connect again. > But I have Samba server on MacOSX and this problem does not exist >That is not normal. Have you checked you network switches / NIC to see if they are experiencing dropouts under a load? You can do this by flooding a lot of packets from client to server using a program like netperf (needs to run on client and server) and setting it to run for several minutes. While it is doing that you can look at the networking tab in the Windows Task Manager. If the connection has a drop out you will see that on the graph. John