Hi List:
My setup:
cups-1.3.5
nss_ldap-259
openldap-2.4.7
openslp-1.2.1
perl-5.10.0
samba-3.0.28
I have an application that is a Win32 app. We share the application on a
Samba server. The application has 3 DLLs that it opens and uses code from.
Originally we were running a 2.x version of Samba and all users had local
accounts. Samba was not acting in a domain controller role. Users had both
Linux accounts as well as Samba accounts. In this configuration, things ran
fine for years. On this particular network, we have about 60 workstations
running our software off the Samba share.
Recently, we moved to the setup I list above including setting up Samba to
be a domain controller ( security=user ). No Linux local accounts are used
and all user credentials are stored in LDAP. File access is very fast! No
complaints there.
The situation that arises is this:
When roughly 20 or so users logon and fire up our software, the software
begins to pause. The share in question is the [erppro] share in my smb.conf
file. Our software is basically an accounting software package and it has
many screens where user input is prompted. So there are lots of Text Boxes
with blinking cursors. During my investigation of our software
"pausing", I
noticed that even the cursor would stop blinking for roughly 3-4 seconds and
start blinking again. We are running the exact same version and
configuration of software as before the upgrade to this configuration and
version of samba.
The problem gets worst as more users connect and use our software. On a
test machine, I copied all the EXE and DLL files up to the local hard disk
and the problem went away.
My assumption so far is that many users opening the DLL files associated
with our application is somehow causing the problem.
I tried fiddling with the following parameters without any noticeable
difference no matter what I do except in the case of the socket options.
The setting you see below, commented out, causes file copying to/from the
samba server to run much faster than if I put the setting back in.
;oplocks = false
;level2oplocks = false
;socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
Anyone else running into similar issues?
Any thoughts or suggestions welcome!
Thanks,
~Eric
My SMB.CONF (Note some lines are commented out)
--------------------------------------------------------------------------
[global]
interfaces = eth0 lo
bind interfaces only = yes
## NetBIOS Names
netbios name = dc1
workgroup = myworkgroup
comment = [Samba %v :: PDC]
## Operational Mode (PDC - Primary Domain Controller)
os level = 65
security = user
encrypt passwords = yes
domain logons = yes
preferred master = yes
domain master = yes
local master = yes
lm announce = no
disable netbios = no
guest account = nobody
deadtime = 15
name resolve order = wins lmhosts host bcast
; dns proxy tells nmbd when acting as a WINS server and finding that
a NetBIOS name has not been
; registered, should treat the NetBIOS name word-for-word as a DNS
name and do a lookup with the
; DNS server for that name on behalf of the name-querying client.
dns proxy = yes
; time server nmbd to advertise itself as a time source to windows
clients
time server = yes
## WINS/DNS SETTINGS
;Also needed when using ACL
wins support = Yes
## LDAP Settings
passdb backend = ldapsam:ldap://127.0.0.1/
ldap suffix = dc=myworkgroup,dc=corp
ldap admin dn = uid=root,dc=myworkgroup,dc=corp
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap group suffix = ou=Groups
ldap delete dn = yes
ldap passwd sync = yes
ldap ssl = no
; The following parameters to assist in adding/deleting
users/machines from a client.
; Note: That using these peramaters that refrence the smbldap-tools
means you install samba ldap tools
; NOTE2: the add machine script uses a -t 15 value which needs to
be larger than the
; the negative time to live values in /etc/nscd.conf !
;
----------------------------------------------------------------------------
------
add user script = /usr/local/pozix/samba/bin/smbldap-useradd -m -s
/bin/false "%u"
add machine script = /usr/local/pozix/samba/bin/smbldap-useradd -w
-t 15 -s /bin/false -d /dev/null -g 515 "%u"
add group script = /usr/local/pozix/samba/bin/smbldap-groupadd -p
"%g"
add user to group script /usr/local/pozix/samba/bin/smbldap-groupmod -m
"%u" "%g"
delete user from group script
/usr/local/pozix/samba/bin/smbldap-groupmod -x "%u" "%g"
set primary group script /usr/local/pozix/samba/bin/smbldap-usermod -g
"%g" "%u"
;
----------------------------------------------------------------------------
------
## LOGGING
log level = 1
## FILES/DIRECTORIES
directory mask = 0750
hide dot files = yes
hide unreadable = yes
hide files = /desktop.ini/
;veto files = /*.eml/*.nws/riched20.dll/*.{*}/
;veto files = /*.eml/*.nws/*.{*}/
;veto oplock files = /*.doc/*.xls/*.mdb/
;oplocks = false
;level2oplocks = false
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
create mask = 0644
;socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
## VIRUS SCANNING -- causing problems in the global section because its
scanning printers
;vfs object = vscan-clamav
;vscan-clamav: config-file /usr/local/pozix/samba/lib/vscan-clamav.conf
;vfs object = vscan-oav
;vscan-oav: config-file = /usr/local/pozix/samba/lib/vscan-oav.conf
## PROFILE
; Location of user's home directory and where it should be mounted
logon drive = Z:
logon script = scripts\login.bat
; logon path is path for roaming profiles
logon path = \\%L\profiles\%U
; logon home is for Win9x clients
logon home = \\%L\%U
## PRINTING Section Global Settings
; if you want your own defined print commands to work
; with a Samba that has CUPS support compiled in, simply use
printing = sysv
printing = cups
printcap name = cups
; note: the /etc/printcap was a work around to get the printer to
show up
; under windows. I eventually was able to comment it out in favor
of the
; line above, printcap name = cups, after discovering that cupsd
only works
; with utf-8 character sets. So I had to set the Linux OS locale to
EN_US.UTF8
; and after doing that, things started working! This is not
documented very well
; if at all. CUPS documentation talks about UTF8 dependency but it
does not talk
; about how it affects samba here nor do the samba documents mention
this.
; -- Eric Mayo, Pozicom Technologies, Inc.
;printcap name = /etc/printcap
;cups options = raw
load printers = Yes
show add printer wizard = Yes
max print jobs = 100
lpq cache time = 100
;disable spoolss = no
max reported print jobs = 1000
## PRINTERS -- This section gets applied to every printer found in cups
(load printers = yes).
[printers]
comment = All Network Printers
printable = yes
path = /var/smbshares/spool
guest ok = yes
public = yes
read only = yes
create mode = 0777
browseable = no
use client driver = no
## Win2K, WinXP Print Clients
[print$]
comment = Printer Driver Downloads
path = /var/smbshares/prndrivers
browseable = yes
guest ok = no
read only = yes
create mask = 0664
directory mask = 0775
valid users = @"Domain Users",@"Print
Operators",@"Domain
Admins",administrator,root
write list = @"Print Operators",@"Domain
Admins",administrator,root
[netlogon]
path = /var/smbshares/netlogon
comment = Network Logon Service
guest ok = yes
browseable = no
locking = no
write list = @"Domain Admins",Administrator
case sensitive = no
;vfs object = recycle
;recycle: config-files = /etc/samba/samba-recycle.conf
[profiles]
path = /var/smbshares/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = no
guest ok = yes
;profile acls = yes
;csc policy = disable
# great way to secure profiles
;force user = %U
# allow administrator to access all profiles
valid users = %U
;nt acl support = no
;default case = lower
;short preserve case = no
;case sensitive = no
[profdata]
path = /var/smbshares/profdata
read only = no
create mask = 0600
directory mask = 0700
browseable = no
guest ok = no
;vfs object = vscan-clamav
;vscan-clamav: config-file /usr/local/pozix/samba/lib/vscan-clamav.conf
[homes]
comment = Private Documents of %U
path = /var/smbshares/homes/%U
writeable = yes
read only = no
create mask = 0644
directory mask = 0775
browseable = no
valid users = %S
locking = no
root preexec = /usr/local/pozix/samba/bin/mkhomes.sh %U
;vfs object = vscan-clamav
;vscan-clamav: config-file /usr/local/pozix/samba/lib/vscan-clamav.conf
;vfs object = recycle
;recycle: config-files = /etc/samba/samba-recycle.conf
;vfs object = recycle vscan-clamav
;vscan-clamav: config-file = /etc/samba/samba-vscan-clamav.conf
[public]
comment = Public Share
path = /var/smbshares/public
create mask = 0660
directory mask = 0770
force user = everyone
;force group = @"Domain Users"
browseable = yes
writeable = yes
read only = no
write list = @"Domain Users", @"Domain Admins"
valid users = @"Domain Users", @"Domain Admins"
;vfs object = vscan-clamav
;vscan-clamav: config-file /usr/local/pozix/samba/lib/vscan-clamav.conf
[erppro]
comment = ERP PRO
path = /var/smbshares/winbjcs
browseable = yes
writeable = yes
read only = no
[software]
comment = Software
path = /var/smbshares/software
browseable = yes
writeable = yes
read only = no
write list = @"Domain Admins"
valid users = @"Domain Users", @"Domain Admins"
[scans]
comment = Lanier Scans
path = /var/smbshares/scans
browseable = yes
writeable = yes
read only = no
create mask = 0660
directory mask = 0770
write list = @"Domain Users", @"Domain Admins"
valid users = @"Domain Users", @"Domain Admins"
Eric Mayo
Pozicom Technologies, Inc.