I recently couldn't connect to a windowXP domain share from a winXP client.(Samba is the PDC) When I attempted to mount the share from the samba server this is the error I got. colin@Alfalfa:~/oakwood$ smbmount //buckwheat/share buckwheat/ Password: 6586: tree connect failed: ERRDOS - ERRnomem (Insufficient server memory to perform the requested function.) colin@Alfalfa:~/oakwood$ smbmount -v Usage: mount.smbfs service mountpoint [-n] [-o options,...] Version 3.0.14a-Debian colin@Alfalfa:~/oakwood$ uname -a Linux Alfalfa 2.6.8-2005.05.31 #1 Tue May 31 18:00:26 CDT 2005 i686 GNU/Linux colin@Alfalfa:~/oakwood$ free total used free shared buffers cached Mem: 516236 513016 3220 0 7808 312980 -/+ buffers/cache: 192228 324008 Swap: 979956 327440 652516 A few mins later after I restarted the afflicted client I got this: colin@Alfalfa:~/oakwood$ smbmount //buckwheat/share buckwheat/ Password: 6641: session setup failed: ERRDOS - ERRnoaccess (Access denied.) SMB connection failed windows gives: \\buckwheat\share is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. Not enough server storage is available to process this command. or \\buckwheat\share is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The network path is unavailable I can connect to shares on both the server and other clients from the afflicted systems. Amazingly this doesn't produce any message in my samba logs. Any Idea whats going on here?
leavenode.20.eatallspam@spamgourmet.com wrote:> Hi Colin, > Am Mittwoch 28 September 2005 09:35 you wrote: > > > >> Walter Mautner wrote: >> >> >>>> colin ingram wrote: >>>> (sorry, not directly subscribed to the samba mailing list, read it >>>> over >>>> usenet) >>>> >>> >> no problem...me too >> >> > > Well, you need to be subscribed to be able to post there? > > >actually you don't but I am sure that is the preferred method. It justs takes little longer for you message to arrive since it has to be approved. I am sending this back to lists with updated information.> .... > > >>>>> colin@Alfalfa:~/oakwood$ smbmount //buckwheat/share buckwheat/ >>>>> >>>> >>>> You need to set the sharename with a whitespace inside parentheses! >>>> >>> >> the share name is actually //buckwheat/share I was trying to mount on >> directory buckwheat/ >> >> > > Somehow misleading, indeed :) > > >>>>> server to find out if you have access permissions. Not enough server >>>>> storage is available to process this command. >>>>> >>>>> >>>> > Usually such messages are accompanied by a hundred nmbd processes > hanging around waiting for name resolution (and eating up all memory). > Did you try a ps -ef or similar command when you got the message? > >yep...everything seems in order> >> I did not put this in my original email because it is complete >> speculation >> but do you think this could have been caused from booted the afflicted >> system with a knoppix cd. What I'm thinking is that the wins server >> somehow got confused when a new host with the same ip/mac address. I >> think the records stay around for a long time. I experienced this >> earlier when I switch my server to a new system and name, but same >> mac/ip. I think I eventually had to purge samba from my system and >> reinstall to get the network working. >> > > > Sounds reasonable, at least my name resolution theory with the mass of > hanging nmbd processes (had that long ago but don't actually remember > the circumstances) is applicable. > You won't, however, need to trash all your samba and resinstall - just > find out about wins.dat, browse.dat, gencache.tdb and connections.tdb > - my 3.020 stores them in /var/cache/samba - and delete them. > >I tried deleting browse.dat but this didn't make a difference. I don't have wins.dat, gencache.tdb, or connections.tdb. Should I?????> When you put "wins support = yes" in your smb.conf, don't forget to > also put "options netbios-name-servers <ip-of-your-samba>" in > /etc/dhcpd.conf if you use dhcp to assign ips, or - on the clients - > use tcpip-properties-advanced-wins settings tab to insert the server > there. > > >I've done this already. smb.conf and dhcpd.conf attached> Good luck! > > >-------------- next part -------------- [global] panic action = /usr/share/samba/panic-action %d netbios name = alfalfa workgroup = OAKWOOD server string = Fileserver guest account = nobody log file = /var/log/samba/log.%m max log size = 5000 security = user domain logons = yes logon home logon path logon script = %U.bat encrypt passwords = true passdb backend = smbpasswd guest invalid users = bin adm sync shutdown halt mail news uucp operator socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.111.0/24 local master = yes os level = 255 domain master = yes preferred master = yes wins support = yes dns proxy = no name resolve order = wins lmhosts hosts unix password sync = false passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = yes writable = no share modes = no browseable = no ;[printers] ; comment = All Printers ; browseable = no ; path = /tmp ; printable = yes ; public = no ; writable = no ; create mode = 0700 [Music] path = /share/music comment = tunes writable = yes [Amy] path = /share/amy comment = Amy's Files writable = yes directory mask = 0777 [Colin] path = /share/colin comment = Colin's Files writable = yes directory mask = 0777 [Pictures] path = /share/pictures comment = photo archive writable = yes directory mask = 0777 [Programs] path = /share/programs comment = program/driver backup writable = yes directory mask = 0777 [Temp] path = /share/temp comment = No Permanent Storage writable = yes directory mask = 0777 [FTP] path = /share/ftp/bookmarks comment = The FTP server writable = yes force user = gadfly force group = gadfly [Packages] path = /share/apt comment = Apt Repository writable = yes [Folding] path = /home/folder comment = Folding @ Home writable = no -------------- next part -------------- #ddns-update-style interim; #option domain-name "example.org"; #option domain-name-servers 24.196.64.53, 68.115.71.53, 24.159.193.40; option domain-name-servers 192.168.111.1; default-lease-time 86400; max-lease-time 604800; authoritative; log-facility local7; subnet 192.168.111.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option broadcast-address 192.168.111.255; ignore client-updates; ignore declines; option routers 192.168.111.1; range 192.168.111.4 192.168.111.10; option ntp-servers 192.168.111.1; option netbios-node-type 8; option netbios-name-servers 192.168.111.1; option netbios-dd-server 192.168.111.1; group { use-host-decl-names on; host Buckwheat { hardware ethernet 00:01:29:f9:39:1b; fixed-address 192.168.111.2; } host Darla { hardware ethernet 00:11:95:03:fe:54; fixed-address 192.168.111.3; } host Spanky { hardware ethernet 00:0f:3d:f3:72:33; fixed-address 192.168.111.4; } host DlinkL { hardware ethernet 00:0f:3d:5e:1c:40; fixed-address 192.168.111.254; } } } subnet 24.180.188.0 netmask 255.255.254.0 { }
sorry for the long lag in reply...my grandmother passed so I've been down in TN for her services. leavenode.20.eatallspam@spamgourmet.com wrote: You don't see a slowdown or even jobs failing (oom-killer) when you receive the samba "out of memory" messages? no....very strange .... I tried deleting browse.dat but this didn't make a difference. I don't have wins.dat, gencache.tdb, or connections.tdb. Should I????? Actually yes, maybe these files are not built until a first connection has been established to a new server. Run updatedb and "locate" them afterwards. .... okay I found them.... [global] panic action = /usr/share/samba/panic-action %d netbios name = alfalfa workgroup = OAKWOOD server string = Fileserver guest account = nobody Try a "smbclient -L alfalfa -U nobody" and see if that works from the shell. "nobody" should be able to "browse". this works. I can also colin@Alfalfa:/$ smbclient -L buckwheat Password: Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] Sharename Type Comment --------- ---- ------- IPC$ IPC Remote IPC SharedDocs Disk share Disk ADMIN$ Disk Remote Admin C$ Disk Default share Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] Server Comment --------- ------- Workgroup Master --------- ------- but when I try colin@Alfalfa:/$ smbclient //buckwheat/share Password: Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager] tree connect failed: NT_STATUS_INSUFF_SERVER_RESOURCES After I found browse.dat, wins.dat, connections.tdb, and gencache.tdb... colin@Alfalfa:/var/run/samba$ sudo invoke-rc.d samba stop Stoping Samba daemons: nmbd smbd. colin@Alfalfa:/var/run/samba$ sudo rm -f connections.tdb gencache.tdb/var/lib/samba/wins.dat /var/cache/samba/browse.dat colin@Alfalfa:/var/run/samba$ sudo invoke-rc.d samba start Starting Samba daemons: nmbd smbd. and now I can't even connect to or list the shares on any of my clients colin@Alfalfa:/var/run/samba$ smbclient -L buckwheat Connection to buckwheat failed colin@Alfalfa:/var/run/samba$ smbclient //buckwheat/share Connection to buckwheat failed colin@Alfalfa:/var/run/samba$ smbclient //darla/share Connection to darla failed But I can still list shares on the server. I can also access all shares from windows clients except those on Buckwheat(the aflicted client) log file = /var/log/samba/log.%m max log size = 5000 security = user domain logons = yes You are certain your domain trust stands? If it does, you should be able to "smbclient //winclient/c$ -U root" and give the root password, and connect to the admin share of your clients. Or, if you login to the windows client with root credentials, you should also have local admin rights on the winbox or at least permission to change domain membership. I should have tried that before I deleted those files, because smbclient is no longer working (see above) logon home logon path logon script = %U.bat encrypt passwords = true passdb backend = smbpasswd guest Rather omit the guest here. invalid users = bin adm sync shutdown halt mail news uucp operator socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.111.0/24 <http://192.168.111.0/24> local master = yes os level = 255 Don't use such high levels. You may get adverse effects. Usually 64 is far enough. Okay fixed conf... domain master = yes preferred master = yes wins support = yes dns proxy = no name resolve order = wins lmhosts hosts unix password sync = false passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] comment = Network Logon Service path = /home/samba/netlogon By all means, make sure the netlogon path is accessible/readable for the clients. You have to consider the filesystem permissions. It is Actually I am uncertain where your problem lies, but it's something netbios-name-resolution related. You should use "nbtstat -a <nebiosname>" on windows-clients, and "nmblookup -a <netbiosname> -S" on the linux. You may substitute "-A <ip-of-host>" if names don't work. Make sure your dns setup or your /etc/hosts does not point to the same IPs using different names. Often some setup with different dns/netbios names makes nothing but a big mess in the end. Good Luck again, and come back with your solution (hopefully). nbstat and nmblookup look okay colin@Alfalfa:~$ nmblookup -a darla -S querying darla on 192.168.111.255 <http://192.168.111.255> 192.168.111.3 <http://192.168.111.3> darla<00> Looking up status of 192.168.111.3 <http://192.168.111.3> DARLA <00> - M <ACTIVE> DARLA <20> - M <ACTIVE> OAKWOOD <00> - <GROUP> M <ACTIVE> OAKWOOD <1e> - <GROUP> M <ACTIVE> MAC Address = 00-11-95-03-FE-54 colin@Alfalfa:~$ smbclient -L darla Connection to darla failed colin@Alfalfa:~$ nmblookup -a buckwheat -S querying buckwheat on 192.168.111.255 <http://192.168.111.255> 192.168.111.2 <http://192.168.111.2> buckwheat<00> Looking up status of 192.168.111.2 <http://192.168.111.2> BUCKWHEAT <00> - M <ACTIVE> OAKWOOD <00> - <GROUP> M <ACTIVE> BUCKWHEAT <20> - M <ACTIVE> OAKWOOD <1e> - <GROUP> M <ACTIVE> MAC Address = 00-01-29-F9-39-1B colin@Alfalfa:~$ smbclient //darla/c$ -U root Connection to darla failed And once again nothing I did produced anything interesting in the logs!!!!