samba - May 2021 - "Directory is invalid"

Ever since I moved my file server to Samba I've been getting an error on 
some files when users try to open them.  It pops up a window and says 
"Directory is invalid".  Below is my smb.conf.  I assumed it had 
something to do with directory name length but it happens even from the 
root of the share.  Funny thing is that it won't work then after a 
little wait (no set time) it will work and you can open the file.  Could 
it be something like the number of open files on the share?  I'm running 
Samba 4.14.3 on a Arch Linux box.

[global]
    workgroup = MD
    security = ADS
    realm = MD.MDWAINWRIGHT.CA
    server role = member server
    server string = Files server for md.mdwainwright.ca Samba %v

    winbind refresh tickets = Yes
    vfs objects = acl_xattr
    map acl inherit = Yes
    store dos attributes = Yes

    # Allow a single, unified keytab to store obtained Kerberos tickets
    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab

    # Do not require that login usernames include the default domain
    winbind use default domain = yes
    winbind scan trusted domains = no

    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes

    # UID/GID mapping for local users
    idmap config * : backend = tdb
    idmap config * : range = 3000-7999

    # UID/GID mapping for domain users
    idmap config MD:backend = ad
    idmap config MD:schema_mode = rfc2307
    idmap config MD:range = 10000-999999
    idmap config MD:unix_primary_group = yes
    idmap config MD:unix_nss_info = yes

    # Template settings for users without ''unixHomeDir'' and 
''loginShell'' att>
    template shell = /bin/bash
    template homedir = /mnt/Disk1/Users/%U

    # Allow offline/cached credentials and ticket refresh
    winbind offline logon = yes
    winbind refresh tickets = yes

    create mask = 0664
    directory mask = 2755
    force create mode = 0644
    force directory mode = 2755

    username map = /etc/samba/user.map

[Shared]
    comment = User shared files
    path = /UserData/Shared
    vfs objects = shadow_copy2 acl_xattr
    shadow:basedir=/Userdata/Shared
    shadow:format = @GMT_%Y.%m.%d-%H.%M.%S
    shadow:sort = desc
    shadow:snapdir = /UserData/.Sharedsnapshots
    shadow:localtime=yes
    public = yes
    read only = no
    printable = no
    force group = "MD\Domain Users"
    write list = "MD\Domain Users"

-- 
Stephen Atkins

On 11/05/2021 17:04, Stephen Atkins via samba wrote:
> Ever since I moved my file server to Samba I've been getting an error 
> on some files when users try to open them.? It pops up a window and 
> says "Directory is invalid".? Below is my smb.conf.? I assumed it
had
> something to do with directory name length but it happens even from 
> the root of the share.? Funny thing is that it won't work then after a 
> little wait (no set time) it will work and you can open the file.? 
> Could it be something like the number of open files on the share?? I'm 
> running Samba 4.14.3 on a Arch Linux box.
>
> [global]
> ? workgroup = MD
> ? security = ADS
> ? realm = MD.MDWAINWRIGHT.CA
> ? server role = member server
> ? server string = Files server for md.mdwainwright.ca Samba %v
>
> ? winbind refresh tickets = Yes
> ? vfs objects = acl_xattr
> ? map acl inherit = Yes
> ? store dos attributes = Yes
>
> ? # Allow a single, unified keytab to store obtained Kerberos tickets

No, it doesn't store tickets
> dedicated keytab file = /etc/krb5.keytab
> ? kerberos method = secrets and keytab
>
> ? # Do not require that login usernames include the default domain
> ? winbind use default domain = yes
> ? winbind scan trusted domains = no
>
> ? load printers = no
> ? printing = bsd
> ? printcap name = /dev/null
> ? disable spoolss = yes
>
> ? # UID/GID mapping for local users

The '*' domain isn't for local users, it is for the Well Known SIDs
> idmap config * : backend = tdb
> ? idmap config * : range = 3000-7999
>
> ? # UID/GID mapping for domain users
> ? idmap config MD:backend = ad
> ? idmap config MD:schema_mode = rfc2307
> ? idmap config MD:range = 10000-999999
> ? idmap config MD:unix_primary_group = yes
> ? idmap config MD:unix_nss_info = yes

I take that you have added uidNumber & gidNumber attributes to AD.
>
> ? # Template settings for users without ''unixHomeDir'' and
> ''loginShell'' att>
> ? template shell = /bin/bash
> ? template homedir = /mnt/Disk1/Users/%U
>
> ? # Allow offline/cached credentials and ticket refresh
> ? winbind offline logon = yes
> ? winbind refresh tickets = yes
>
> ? create mask = 0664
> ? directory mask = 2755
> ? force create mode = 0644
> ? force directory mode = 2755
>
> ? username map = /etc/samba/user.map

What is in the user.map ?
>
> [Shared]
> ? comment = User shared files
> ? path = /UserData/Shared
> ? vfs objects = shadow_copy2 acl_xattr
> ? shadow:basedir=/Userdata/Shared
> ? shadow:format = @GMT_%Y.%m.%d-%H.%M.%S
> ? shadow:sort = desc
> ? shadow:snapdir = /UserData/.Sharedsnapshots
> ? shadow:localtime=yes
> ? public = yes
> ? read only = no
> ? printable = no
> ? force group = "MD\Domain Users"
> ? write list = "MD\Domain Users"
>
Apart from the comments I made above, there doesn't seem to be anything 
really wrong, is sssd in use as well ?

Can you please post your /etc/nsswitch.conf file.

Rowland