I have to mention too that the workstations are windows XP. -------- Message original -------- Sujet: HUGE delays during logon time Date : Wed, 16 Feb 2011 15:47:36 +0100 De : ?ric le h?naff <eric.le.henaff at ens.fr> Pour : samba at lists.samba.org Hello list i recently replaced (1st of january) our old samba server (debian+samba3.0.14a) to a new one (debian squeeze+samba3.5.6). we now have HUGE delays during logon time, up to 8 minutes. The client and servers seems to do nothing during that time. This afternoon, i tried to logon to a workstation. Here is the log. in log.ul_102: [2011/02/16 14:53:31.267254, 1] smbd/service.c:1070(make_connection_snum) ul_102 (::ffff:129.199.59.66) connect to service profiles initially as user *** (uid=1416, gid=513) (pid 2644) [2011/02/16 15:26:45.286766, 1] smbd/service.c:1251(close_cnum) ul_102 (::ffff:129.199.59.66) closed connection to service profiles [2011/02/16 15:26:45.319614, 1] smbd/service.c:1070(make_connection_snum) ul_102 (::ffff:129.199.59.66) connect to service netlogon initially as user *** (uid=1416, gid=513) (pid 2644) [2011/02/16 15:26:48.103532, 1] smbd/service.c:1070(make_connection_snum) ul_102 (::ffff:129.199.59.66) connect to service users initially as user *** (uid=0, gid=513) (pid 2644) So it took 33 minutes !!! It seems it's getting worse. Is it a known problem ? Anybody else encountered it ? Is there a way to correct the problem ? The first connection to service profiles failed. It restarted 33 minutes later and succeeded. The problem may come from service profiles. We have roaming profiles and have problems with them. But i think that if the profiles where misconfigured, it should'nt work at all, should it? Thanks for any suggestions or solutions. here is my smb.conf : #======================= Param?tres globaux ======================[global] ## Browsing/Identification ### workgroup = *** netbios name = *** server string = %h ## PDC domain logons = Yes os level = 65 preferred master = Yes domain master = Yes local master = Yes dns proxy = no wins support = yes #### Debugging/Accounting #### # c'est ? dire le log log file = /var/log/samba/log.%m syslog = 0 panic action = /usr/share/samba/panic-action %d log level = 1 ########## Authentification ########## # security = user # met ? jour le mdp ldap en plus du mdp win # utile pour les applis qui s'authentifient sur le ldap comme cotation ldap passwd sync = Yes # LDAP passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=ens,dc=fr ldap suffix = dc=ens,dc=fr ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap ssl = off add machine script = /usr/sbin/smbldap-useradd -w "%u" # j'ai lu qu'il fallait -W pour les win7 ; ? v?rifier rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' #### Impression #### load printers = yes printing = cups printcap name = cups # printer admin = "@Domain Admins" #### Divers #### socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=819 # j'aime pas les oplocks!! alors j'enl?ve use sendfile = no oplocks = no level2 oplocks = no # Serveur de temps (net time \\serveur /set /y) time server = yes map acl inherit = yes #======================= D?finitions des partages ====================== ### Partages des utilisateurs [profiles] path = /shares/profiles read only = no create mask = 0600 # create mask = 0640 directory mask = 0700 # directory mask = 0750 browseable = No guest ok = Yes profile acls = yes csc policy = disable # next line is a great way to secure the profiles force user = %U # next line allows administrator to access all profiles valid users = %U @"Domain Admins" admin users = *** [users] path = /shares/users read only = No directory mode = 0770 create mode = 0770 admin users = "@Domain Admins" [groups] path = /shares/groups read only = No # pour les repertoires directory mode = 0750 # pour les fichiers create mode = 0740 admin users = "@Domain Admins" vfs object = recycle recycle:keeptree = Yes recycle:versions = Yes recycle:touch = yes recycle:repository = .recycle/%U recycle:exclude = *# recycle:minsize = 1 ### partages du syst?mes [netlogon] comment = Network Logon Service path = /shares/netlogon read only = No browsable = No [printers] comment = All Printers browseable = no path = /tmp printable = yes browseable = no # Windows clients look for this share name as a source of downloadable # printer drivers [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no valid users = "@Domain Admins" @"Print Operators" write list = "@Domain Admins" @"Print Operators" create mask = 0664 directory mask = 0775 ### petits partages utiles aux informaticiens [scripts] comment = scripts partag?s path = /shares/scripts read only = no admin users = "@Domain Admins" [wpkg] comment = wpkg path = /shares/wpkg valid users = "@Domain Admins" read only = no (END) -- ?ric LE H?NAFF ?cole normale sup?rieure de Paris, rue d'ulm - RUBENS Informaticien, Ing?nieur d?veloppements et syst?mes aupr?s du R?seau des biblioth?ques de l'ENS Pr?f?rez firefox! http://www.mozilla-europe.org/fr/ SVP, ?vitez de m'envoyer des attachements au format Word, Excel ou PowerPoint. Pr?f?rez les formats rtf, csv, html ou pdf au lieu des formats word et excel. Voir http://www.gnu.org/philosophy/no-word-attachments.fr.html pour plus d'explications.