Thomas Maerz
2014-Feb-18 01:28 UTC
[Samba] Invalid key 0 given to dptr_close on Samba 4.1 Domain Controller/File Server
Hello, I am currently working on a solution to replace Apple OpenDirectory on some aging Xserve hardware. I currently have CentOS Samba4 AD DC?s replicating for redundancy using sernet-samba repositories. The third one has File/Print roles defind and it works perfectly EXCEPT on OSX 10.6. IT works great on any Windows workstation and OSX 10.7,10.8, 10.9 GNOME/Nautilus and even CIFS CLI mounting on linux. I am able to join machines to the domain, manage them with group policies and manage the permissions on the linux server using a windows member server, which is really nice. The issue comes when one of the hundreds of OSX 10.6 computers tries to connect. They sort of work in that they can freely browse any folders and files on the file server that they want until they come across something they don?t have access to. At that point the Finder window will either stop doing anything or show a folder with a one way (do not enter/inacessible) icon on it. After that you have to unmount and remount the file share to see anything. Here is my smb.conf: [global] workgroup = AD realm = AD.BREWERSCIENCE.COM netbios name = CORPFS server role = active directory domain controller dns forwarder = 192.168.2.20 idmap_ldb:use rfc2307 = yes log level = 2 ; log file = /var/log/samba/log.%m vfs objects = acl_xattr map acl inherit = yes ; inherit acls = yes inherit permissions = yes store dos attributes = yes ; oplocks = no ; level2 oplocks = no ; kernel oplocks = yes [netlogon] path = /var/lib/samba/sysvol/ad.brewerscience.com/scripts read only = No browseable = no [sysvol] path = /var/lib/samba/sysvol read only = No browseable = no [IT_Division] writeable = yes path = /mnt/corpserver/IT_Division browseable = no [Archive] writeable = yes path = /mnt/corpserver/Archive [Limited_Access] writeable = yes path = /mnt/corpserver/Limited_Access [Human_Resources] writeable = yes path = /mnt/corpserver/Human_Resources browseable = no [Customer] writeable = yes path = /mnt/corpserver/Customer [People] writeable = yes path = /mnt/corpserver/People [Technology] writeable = yes path = /mnt/corpserver/Technology I have set up the filesystems that those are mounted to have barrier=1,cal,user_xattr: /dev/sdb /mnt/corpserver/Customer ext4 barrier=1,acl,user_xattr 0 0 /dev/sdc /mnt/corpserver/IT_Division ext4 barrier=1,acl,user_xattr 0 0 /dev/sdd /mnt/corpserver/Technology ext4 barrier=1,acl,user_xattr 0 0 /dev/sde /mnt/corpserver/Limited_Access ext4 barrier=1,acl,user_xattr 0 0 /dev/sdf /mnt/corpserver/Archive ext4 barrier=1,acl,user_xattr 0 0 /dev/sdg /mnt/corpserver/People ext4 barrier=1,acl,user_xattr 0 0 /dev/sdh /mnt/corpserver/Human_Resources ext4 barrier=1,acl,user_xattr 0 0 Please help! Thomas Maerz
Thomas Maerz
2014-Jul-01 01:44 UTC
[Samba] Invalid key 0 given to dptr_close on Samba 4.1 Domain Controller/File Server
Also I never got a response to this, but our solution ended being to hire interns to upgrade all the 10.6 OSX machines to at least OSX 10.7. On Feb 17, 2014, at 7:28 PM, Thomas Maerz wrote:> Hello, > > I am currently working on a solution to replace Apple OpenDirectory on some aging Xserve hardware. I currently have CentOS Samba4 AD DC?s replicating for redundancy using sernet-samba repositories. The third one has File/Print roles defind and it works perfectly EXCEPT on OSX 10.6. IT works great on any Windows workstation and OSX 10.7,10.8, 10.9 GNOME/Nautilus and even CIFS CLI mounting on linux. I am able to join machines to the domain, manage them with group policies and manage the permissions on the linux server using a windows member server, which is really nice. > > The issue comes when one of the hundreds of OSX 10.6 computers tries to connect. They sort of work in that they can freely browse any folders and files on the file server that they want until they come across something they don?t have access to. At that point the Finder window will either stop doing anything or show a folder with a one way (do not enter/inacessible) icon on it. After that you have to unmount and remount the file share to see anything. > > Here is my smb.conf: > > [global] > > workgroup = AD > realm = AD.BREWERSCIENCE.COM > netbios name = CORPFS > server role = active directory domain controller > dns forwarder = 192.168.2.20 > idmap_ldb:use rfc2307 = yes > log level = 2 > ; log file = /var/log/samba/log.%m > vfs objects = acl_xattr > map acl inherit = yes > ; inherit acls = yes > inherit permissions = yes > store dos attributes = yes > ; oplocks = no > ; level2 oplocks = no > ; kernel oplocks = yes > > > > [netlogon] > path = /var/lib/samba/sysvol/ad.brewerscience.com/scripts > read only = No > browseable = no > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > browseable = no > > [IT_Division] > writeable = yes > path = /mnt/corpserver/IT_Division > browseable = no > > [Archive] > writeable = yes > path = /mnt/corpserver/Archive > > [Limited_Access] > writeable = yes > path = /mnt/corpserver/Limited_Access > > [Human_Resources] > writeable = yes > path = /mnt/corpserver/Human_Resources > browseable = no > > [Customer] > writeable = yes > path = /mnt/corpserver/Customer > > [People] > writeable = yes > path = /mnt/corpserver/People > > [Technology] > writeable = yes > path = /mnt/corpserver/Technology > > I have set up the filesystems that those are mounted to have barrier=1,cal,user_xattr: > > /dev/sdb /mnt/corpserver/Customer ext4 barrier=1,acl,user_xattr 0 0 > /dev/sdc /mnt/corpserver/IT_Division ext4 barrier=1,acl,user_xattr 0 0 > /dev/sdd /mnt/corpserver/Technology ext4 barrier=1,acl,user_xattr 0 0 > /dev/sde /mnt/corpserver/Limited_Access ext4 barrier=1,acl,user_xattr 0 0 > /dev/sdf /mnt/corpserver/Archive ext4 barrier=1,acl,user_xattr 0 0 > /dev/sdg /mnt/corpserver/People ext4 barrier=1,acl,user_xattr 0 0 > /dev/sdh /mnt/corpserver/Human_Resources ext4 barrier=1,acl,user_xattr 0 0 > > Please help! > > Thomas Maerz