Hi, I have an issue on a Samba 4.5 running as AD DC compiled from source installed on a CentOS 7.3 server upgraded from 4.3 which had the same problem ,file transfers of a single file between Samba and windows machines don't go over 13 MB/s while a transfer over ssh( scp or sftp) and rsync goes over 80 and 100 MB/s respectively, network hardware switches and machines ethernet cards are all gigabit ,i also tried increase log verbosity but didn't see anything wrong, maybe i failed to figure it out , anyway i deployed a Samba on other customer with the same version,build options ,configuration, same OS and had no issues, i'l post here samba build options and smb.conf , any ideas or suggestions ? Best Wishes Dante ./configure --jobs=4 -vp --fatal-errors --slow --enable-debug --enable-selftest --with-logdir=/var/log/samba --sysconfdir=/etc --localstatedir=/var/lib/samba --oldincludedir=/usr/local/samba/old_include --mandir=/usr/share/man --with-statedir=/var/lib/samba --with-privatedir=/var/lib/samba/private --with-piddir=/var/run/samba --with-cachedir=/var/cache/samba --with-lockdir=/var/lib/samba/locks --with-logfilebase=/var/log/samba --with-sockets-dir=/var/run/samba --with-configdir=/etc/samba [global] bind interfaces only = yes interfaces = lo em1 workgroup = SOTOPIETRA realm = SOTOPIETRA.LOCAL netbios name = S11 os level = 255 server string = SOTOPIETRA-PDC server role = active directory domain controller dns forwarder = 192.168.0.2 time server = yes admin users = leonardo.soares ntp signd socket directory = /var/lib/samba/ntp_signd server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns max protocol = SMB3_02 max log size = 4096 debug class = yes debug prefix timestamp = yes log file = /var/log/samba/log.%I log level = 1 printing = bsd load printers = no printcap name = /dev/null disable spoolss = yes use sendfile = yes smb2 leases = no dbwrap_tdb_mutexes:* = yes max stat cache size = 65536 [netlogon] path = /var/lib/samba/sysvol/sotopietra.local/scripts read only = yes browsable = no [sysvol] path = /var/lib/samba/sysvol read only = No browsable = no [profiles] vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes path = /samba/profiles writable = yes browsable = yes csc policy = programs [Homedirs] vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes path = /samba/homedirs writable = yes browsable = yes [RH] vfs objects = full_audit,acl_xattr full_audit:prefix = "%u|%I|%P" full_audit:success = rmdir unlink rename full_audit:failure = rmdir unlink rename full_audit:facility = LOCAL0 full_audit:priority = NOTICE map acl inherit = yes store dos attributes = yes writable = yes browsable = yes path = /samba/files/rh
On Thu, 4 May 2017 13:25:34 -0300 (BRT) Dante F. B. Colò via samba <samba at lists.samba.org> wrote:> Hi, > > I have an issue on a Samba 4.5 running as AD DCTry doing this: Remove these lines from [global] os level = 255 admin users = leonardo.soares server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns max protocol = SMB3_02 debug class = yes debug prefix timestamp = yes use sendfile = yes smb2 leases = no dbwrap_tdb_mutexes:* = yes max stat cache size = 65536 They are either the defaults or shouldn't be used on an AD DC Change [profiles to this: [profiles] path = /samba/profiles read only = no Change [Homedirs] to this: [Homedirs] path = /samba/homedirs read only = no Ghange [RH} to this: [RH] path = /samba/files/rh read only = no vfs objects = full_audit full_audit:prefix = "%u|%I|%P" full_audit:success = rmdir unlink rename full_audit:failure = rmdir unlink rename full_audit:facility = LOCAL0 full_audit:priority = NOTICE acl_xattr is built into Samba when running as an AD DC, so you cannot use the old way of doing things, see here for a start: https://wiki.samba.org/index.php/Roaming_Windows_User_Profiles Rowland
Hi Rowland Thank you for your reply, i removed them but nothing changed :(, i also tried to remove others thing like the full_audit module to keep the settings simplest as possible but had no effect, i'll try to build samba with profiling support and debug with some tools like gdb which i don't have much experience but i'll try it. The current Samba versions support the production/stable version of Windows 10 SMB3 ? I'm asking this because on the smb.conf man page it says "Technical Preview", i decided to try to set max protocol to windows 8.1 SMB3_02 because i had some issues with Windows 10 client machines ,some of these machines was hanging during logon , Excel crashing while editing files and doing this didn't happen anymore. When you look at client smb sessions with smbstatus command,the protocol version negotiated of Windows 10 machines appears as "unknown", is this normal ? Best Regards Dante ----- Original Message ----- From: "Rowland Penny" <rpenny at samba.org> To: "samba" <samba at lists.samba.org> Cc: "Dante F. B. Colò" <dante.colo at stwbrasil.com> Sent: Thursday, May 4, 2017 1:57:34 PM Subject: Re: [Samba] Slow file transfer on ADDC mode On Thu, 4 May 2017 13:25:34 -0300 (BRT) Dante F. B. Colò via samba <samba at lists.samba.org> wrote:> Hi, > > I have an issue on a Samba 4.5 running as AD DCTry doing this: Remove these lines from [global] os level = 255 admin users = leonardo.soares server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns max protocol = SMB3_02 debug class = yes debug prefix timestamp = yes use sendfile = yes smb2 leases = no dbwrap_tdb_mutexes:* = yes max stat cache size = 65536 They are either the defaults or shouldn't be used on an AD DC Change [profiles to this: [profiles] path = /samba/profiles read only = no Change [Homedirs] to this: [Homedirs] path = /samba/homedirs read only = no Ghange [RH} to this: [RH] path = /samba/files/rh read only = no vfs objects = full_audit full_audit:prefix = "%u|%I|%P" full_audit:success = rmdir unlink rename full_audit:failure = rmdir unlink rename full_audit:facility = LOCAL0 full_audit:priority = NOTICE acl_xattr is built into Samba when running as an AD DC, so you cannot use the old way of doing things, see here for a start: https://wiki.samba.org/index.php/Roaming_Windows_User_Profiles Rowland