samba - Sep 2005 - Tree connect failed: ERRDOS - ERRnomem

I recently couldn't connect to a windowXP domain share from a winXP
client.(Samba is the PDC) When I attempted to mount the share from the samba
server this is the error I got.

colin@Alfalfa:~/oakwood$ smbmount //buckwheat/share buckwheat/
Password:
6586: tree connect failed: ERRDOS - ERRnomem (Insufficient server memory to
perform the requested function.)

colin@Alfalfa:~/oakwood$ smbmount -v
Usage: mount.smbfs service mountpoint [-n] [-o options,...]
Version 3.0.14a-Debian

colin@Alfalfa:~/oakwood$ uname -a
Linux Alfalfa 2.6.8-2005.05.31 #1 Tue May 31 18:00:26 CDT 2005 i686
GNU/Linux

colin@Alfalfa:~/oakwood$ free
total used free shared buffers cached
Mem: 516236 513016 3220 0 7808 312980
-/+ buffers/cache: 192228 324008
Swap: 979956 327440 652516

A few mins later after I restarted the afflicted client I got this:

colin@Alfalfa:~/oakwood$ smbmount //buckwheat/share buckwheat/
Password:
6641: session setup failed: ERRDOS - ERRnoaccess (Access denied.)
SMB connection failed

windows gives: \\buckwheat\share is not accessible. You might not have
permission to use this network resource. Contact the administrator of this
server to find out if you have access permissions. Not enough server storage
is available to process this command.

or

\\buckwheat\share is not accessible. You might not have permission to use
this network resource. Contact the administrator of this server to find out
if you have access permissions. The network path is unavailable

I can connect to shares on both the server and other clients from the
afflicted systems. Amazingly this doesn't produce any message in my samba
logs. Any Idea whats going on here?

leavenode.20.eatallspam@spamgourmet.com wrote:
> Hi Colin,
> Am Mittwoch 28 September 2005 09:35 you wrote:
>
>  
>
>> Walter Mautner wrote:
>>   
>>
>>>> colin ingram wrote:
>>>> (sorry, not directly subscribed to the samba mailing list, read
it
>>>> over
>>>> usenet)
>>>>       
>>>
>> no problem...me too
>>
>>   
>
> Well, you need to be subscribed to be able to post there?
>
>  
>
actually you don't but I am sure that is the preferred method.  It justs 
takes little longer for you message to arrive since it has to be 
approved.  I am sending this back to lists with updated information.
> ....
>  
>
>>>>> colin@Alfalfa:~/oakwood$ smbmount //buckwheat/share
buckwheat/
>>>>>         
>>>>
>>>> You need to set the sharename with a whitespace inside
parentheses!
>>>>       
>>>
>> the share name is actually //buckwheat/share I was trying to mount on
>> directory buckwheat/
>>
>>   
>
> Somehow misleading, indeed :)
>  
>
>>>>> server to find out if you have access permissions. Not
enough server
>>>>> storage is available to process this command.
>>>>>
>>>>>         
>>>>
> Usually such messages are accompanied by a hundred nmbd processes 
> hanging around waiting for name resolution (and eating up all memory). 
> Did you try a ps -ef or similar command when you got the message?
>  
>
yep...everything seems in order
>
>> I did not put this in my original email because it is complete 
>> speculation
>> but do you think this could have been caused from booted the afflicted
>> system with a knoppix cd.  What I'm thinking is that the wins
server
>> somehow got confused when a new host with the same ip/mac address.  I
>> think the records stay around for a long time.  I experienced this
>> earlier when I switch my server to a new system and name, but same
>> mac/ip.  I think I eventually had to purge samba from my system and
>> reinstall to get the network working.
>>   
>
>
> Sounds reasonable, at least my name resolution theory with the mass of 
> hanging nmbd processes (had that long ago but don't actually remember 
> the circumstances) is applicable.
> You won't, however, need to trash all your samba and resinstall - just 
> find out about wins.dat, browse.dat, gencache.tdb and connections.tdb 
> - my 3.020 stores them in /var/cache/samba - and delete them.
>  
>
I tried deleting browse.dat but this didn't make a difference.  I don't 
have wins.dat, gencache.tdb, or connections.tdb.  Should I?????
> When you put "wins support = yes" in your smb.conf, don't
forget to
> also put "options netbios-name-servers <ip-of-your-samba>"
in
> /etc/dhcpd.conf if you use dhcp to assign ips, or - on the clients - 
> use tcpip-properties-advanced-wins settings tab to insert the server 
> there.
>
>  
>
I've done this already.  smb.conf and dhcpd.conf attached
> Good luck!
>
>  
>
-------------- next part --------------
[global]
   panic action = /usr/share/samba/panic-action %d
   netbios name = alfalfa
   workgroup = OAKWOOD
   server string = Fileserver
   guest account = nobody
   log file = /var/log/samba/log.%m
   max log size = 5000
   security = user
   domain logons = yes
   logon home    logon path    logon script = %U.bat
   encrypt passwords = true
   passdb backend = smbpasswd guest
   invalid users = bin adm sync shutdown halt mail news uucp operator
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   interfaces = 192.168.111.0/24
   local master = yes
   os level = 255
   domain master = yes
   preferred master = yes
   wins support = yes
   dns proxy = no
   name resolve order = wins lmhosts hosts
   unix password sync = false
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
   add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M
%u
 
[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes
   writable = no
   share modes = no
   browseable = no

;[printers]
;   comment = All Printers
;   browseable = no
;   path = /tmp
;   printable = yes
;   public = no
;   writable = no
;   create mode = 0700

[Music]
   path = /share/music
   comment = tunes
   writable = yes
   
[Amy]
   path = /share/amy
   comment = Amy's Files
   writable = yes
   directory mask = 0777

[Colin]
   path = /share/colin
   comment = Colin's Files
   writable = yes
   directory mask = 0777

[Pictures]
   path = /share/pictures
   comment = photo archive
   writable = yes
   directory mask = 0777

[Programs]
   path = /share/programs
   comment = program/driver backup
   writable = yes
   directory mask = 0777
 
[Temp]
   path = /share/temp
   comment = No Permanent Storage
   writable = yes
   directory mask = 0777

[FTP]
   path = /share/ftp/bookmarks
   comment = The FTP server
   writable = yes
   force user = gadfly
   force group = gadfly

[Packages]
   path = /share/apt
   comment = Apt Repository
   writable = yes

[Folding]
   path = /home/folder
   comment = Folding @ Home
   writable = no
-------------- next part --------------
#ddns-update-style interim;
#option domain-name "example.org";
#option domain-name-servers 24.196.64.53, 68.115.71.53, 24.159.193.40;
option domain-name-servers 192.168.111.1;

default-lease-time 86400;
max-lease-time 604800;
authoritative;
log-facility local7;

subnet 192.168.111.0 netmask 255.255.255.0 {
	option subnet-mask 255.255.255.0;
	option broadcast-address 192.168.111.255;
	ignore client-updates;
	ignore declines;
	option routers 192.168.111.1;
	range 192.168.111.4 192.168.111.10;
	option ntp-servers 192.168.111.1;
	option netbios-node-type 8;
	option netbios-name-servers 192.168.111.1;
	option netbios-dd-server 192.168.111.1;
	
	group {
		use-host-decl-names on;

		host Buckwheat {
			hardware ethernet 00:01:29:f9:39:1b;
			fixed-address 192.168.111.2;
		}

		host Darla {
			hardware ethernet 00:11:95:03:fe:54;
			fixed-address 192.168.111.3;
		}
		
		host Spanky {
			hardware ethernet 00:0f:3d:f3:72:33;
			fixed-address 192.168.111.4;
		}

		host DlinkL {
			hardware ethernet 00:0f:3d:5e:1c:40;
			fixed-address 192.168.111.254;
		}
	}
}

subnet 24.180.188.0 netmask 255.255.254.0 {
}

sorry for the long lag in reply...my grandmother passed so I've been down in
TN for her services.

leavenode.20.eatallspam@spamgourmet.com wrote:

You don't see a slowdown or even jobs failing (oom-killer) when you receive
the samba "out of memory" messages?

 no....very strange

....

I tried deleting browse.dat but this didn't make a difference.  I don't
have wins.dat, gencache.tdb, or connections.tdb.  Should I?????


Actually yes, maybe these files are not built until a first connection has
been established to a new server. Run updatedb and "locate" them
afterwards.
....

 okay I found them....

[global]
   panic action = /usr/share/samba/panic-action %d
   netbios name = alfalfa
   workgroup = OAKWOOD
   server string = Fileserver
   guest account = nobody


Try a "smbclient -L alfalfa -U nobody" and see if that works from the
shell.
"nobody" should be able to "browse".

 this works.

I can also

colin@Alfalfa:/$ smbclient -L buckwheat
Password:
Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

 Sharename Type Comment
 --------- ---- -------
 IPC$ IPC Remote IPC
 SharedDocs Disk
 share Disk
 ADMIN$ Disk Remote Admin
 C$ Disk Default share
Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

 Server Comment
 --------- -------

 Workgroup Master
 --------- -------

but when I try
 colin@Alfalfa:/$ smbclient //buckwheat/share
Password:
Domain=[OAKWOOD] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]
tree connect failed: NT_STATUS_INSUFF_SERVER_RESOURCES


After I found browse.dat, wins.dat, connections.tdb, and gencache.tdb...

colin@Alfalfa:/var/run/samba$ sudo invoke-rc.d samba stop
Stoping Samba daemons: nmbd smbd.
colin@Alfalfa:/var/run/samba$ sudo rm -f connections.tdb
gencache.tdb/var/lib/samba/wins.dat /var/cache/samba/browse.dat
colin@Alfalfa:/var/run/samba$ sudo invoke-rc.d samba start
Starting Samba daemons: nmbd smbd.

and now I can't even connect to or list the shares on any of my clients

colin@Alfalfa:/var/run/samba$ smbclient -L buckwheat
Connection to buckwheat failed
colin@Alfalfa:/var/run/samba$ smbclient //buckwheat/share
Connection to buckwheat failed
colin@Alfalfa:/var/run/samba$ smbclient //darla/share
Connection to darla failed

But I can still list shares on the server. I can also access all shares from
windows clients except those on Buckwheat(the aflicted client)

   log file = /var/log/samba/log.%m
   max log size = 5000
   security = user
   domain logons = yes


You are certain your domain trust stands?
If it does, you should be able to "smbclient //winclient/c$ -U root"
and give
the root password, and connect to the admin share of your clients. Or, if you
login to the windows client with root credentials, you should also have local
admin rights on the winbox or at least permission to change domain
membership.

 I should have tried that before I deleted those files, because smbclient is
no longer working (see above)


   logon home    logon path    logon script = %U.bat
   encrypt passwords = true
   passdb backend = smbpasswd guest


Rather omit the guest here.

   invalid users = bin adm sync shutdown halt mail news uucp operator
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   interfaces = 192.168.111.0/24 <http://192.168.111.0/24>
   local master = yes
   os level = 255


Don't use such high levels. You may get adverse effects. Usually 64 is far
enough.

 Okay fixed conf...

   domain master = yes
   preferred master = yes
   wins support = yes
   dns proxy = no
   name resolve order = wins lmhosts hosts
   unix password sync = false
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
   add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon


By all means, make sure the netlogon path is accessible/readable for the
clients. You have to consider the filesystem permissions.


It is

Actually I am uncertain where your problem lies, but it's something
netbios-name-resolution related. You should use "nbtstat -a
<nebiosname>" on
windows-clients, and "nmblookup -a <netbiosname> -S" on the
linux. You may
substitute "-A <ip-of-host>" if names don't work.
Make sure your dns setup or your /etc/hosts does not point to the same IPs
using different names. Often some setup with different dns/netbios names
makes nothing but a big mess in the end.

Good Luck again, and come back with your solution (hopefully).

 nbstat and nmblookup look okay

colin@Alfalfa:~$ nmblookup -a darla -S
querying darla on 192.168.111.255 <http://192.168.111.255>
192.168.111.3 <http://192.168.111.3> darla<00>
Looking up status of 192.168.111.3 <http://192.168.111.3>
DARLA <00> - M <ACTIVE>
DARLA <20> - M <ACTIVE>
OAKWOOD <00> - <GROUP> M <ACTIVE>
OAKWOOD <1e> - <GROUP> M <ACTIVE>

MAC Address = 00-11-95-03-FE-54

colin@Alfalfa:~$ smbclient -L darla
Connection to darla failed
colin@Alfalfa:~$ nmblookup -a buckwheat -S
querying buckwheat on 192.168.111.255 <http://192.168.111.255>
192.168.111.2 <http://192.168.111.2> buckwheat<00>
Looking up status of 192.168.111.2 <http://192.168.111.2>
BUCKWHEAT <00> - M <ACTIVE>
OAKWOOD <00> - <GROUP> M <ACTIVE>
BUCKWHEAT <20> - M <ACTIVE>
OAKWOOD <1e> - <GROUP> M <ACTIVE>

MAC Address = 00-01-29-F9-39-1B

colin@Alfalfa:~$ smbclient //darla/c$ -U root
Connection to darla failed

And once again nothing I did produced anything interesting in the logs!!!!