headers
Philip Pemberton | 1 Jul 2009 01:26
Picon

Intermittent stalling in file transfers / server connections

Samba version 3.2.3, in PDC mode

Client PC is Windows XP SP3 32-bit

Server is a standard Intel Atom230 PC, four Ethernet ports, running Ubuntu 
Server 8.10. It provides Internet access (routing/perimeter firewall, dnsmasq 
DNS/DHCP server), email (Fetchmail, Postfix and Procmail), printing (CUPS) and 
Apache+PHP+MySQL for webapp testing.

I'm trying to track down an issue with my Samba server. Basically, I can be 
happily transferring files to/from it for a couple of hours, then suddenly 
(and seemingly randomly), the transfer will stall for about 30 seconds. This 
is typified by Winamp's audio output stopping for 30 seconds, then restarting 
from where it left off (or sometimes 30 seconds further on). Usually the apps 
that are running on the XP box will continue running, but Explorer won't allow 
access to Start->Run or start any more apps until after the 30-second wait.

I've done all the network tests -- swapping ports on the server (and client) 
sides, swapping cables, pinging back and forth... Even during the 30-second 
wait, I can still access the server and other machines on the LAN (ping, SSH, 
you name it). Just that Samba itself doesn't seem to work properly...

Here's my smb.conf:

=======================================

[global]
         netbios name            = wolf
         workgroup                       = MILKYWAY
         server string           = Fileserver
(Continue reading)

Permalink | Reply | 10 comments |
headers
Steve B | 1 Jul 2009 03:43
Picon

Re: Problems resolving most users with winbind and AD/SFU (Resolved?)

Problem solved.  Sort-of.  I just don't know why the solution works.
Here's what I found...

First, I tried updating SFU 3.5 with the following hotfixes: 913030,
886655, 887531, 932143, 883520, 894186, 931930, 892561, 896428,
888993, 932143, and 939778.  No change.

Second, I used ADSI Edit from the Win2k support tools to compare
side-by-side a working account with a "Could not get info for user
..." account.  All AD fields were identical, with the exception of
fields expected to be different like name, UID, etc.  ADSI Edit also
showed nothing out of ordinary in the Schema, groups, etc.

Third, I checked the NIS server settings on the SFU side using "ypcat
-k -d MYDOM passwd" & group.  All accounts were visible with nothing
of serious note.

Last, I checked various groups for membership.  I found that the
accounts that resolved belonged to various BUILTIN groups on the AD
server.  I added a test account to the BUILTIN\Administrators and
BUILTIN\Backup Users groups, and in a few minutes the test account
started working in winbind.  I added another account, and within an
hour it was also accessible from winbind.  I removed these tests from
both BUILTIN groups and they remained functional in winbind.  I added
all accounts to these BUILTIN groups, and in an hour every account was
functional in winbind.  I went back in and removed all accounts that
shouldn't belong to those groups and they still remained usable by
winbind.  What the heck?  I have no clue what hidden flag got enabled
on these accounts to make them work just by temporarily passing them
through the BUILTIN groups.  On one of the Samba fileservers I had not
(Continue reading)

Permalink | Reply | 0 comments |
headers
Volker Lendecke | 1 Jul 2009 07:29
Picon
Favicon

Re: Intermittent stalling in file transfers / server connections

On Wed, Jul 01, 2009 at 12:26:09AM +0100, Philip Pemberton wrote:
> I added the 'smb ports = 139', 'max log size' and 'log level' lines to 
> try and track down the issue -- the log files are pretty massive, but 
> contain very little that makes any sense to me :(

Well, we could possibly make more sense of them if we saw
them. In particular the part where the timeout happens. A
couple of 100 lines before that and some 100's of lines
after that timeout is necessary.

Volker

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 9 comments |
headers
Tamás Pisch | 1 Jul 2009 10:56
Picon

Re: PAM LDAP password change error

Hi,

thanks for your advice. I set it, and the unix passwd sync too. I restored
the original /etc/pam.d/passwd file. This way it seems to work. Soon I will
test the installation with a Windows client too. One additional info: I use
smbldap-passwd instead of smbpasswd.

2009/6/25 Adam Williams <awilliam <at> mdah.state.ms.us>

> why not just use ldap passwd sync = yes, and then change passwords with
> smbpasswd?
>
>
> Tamás Pisch wrote:
>
>> Hi,
>>
>> I go trough the SaMBa guide Making happy users secondly. I configure
>> Debian
>> Lenny on XEN.
>> I have problem with PAM. When i try to change a user's password with
>> smbldap-passwd it runs without error, but when i try to log in I get the
>> "Login incorrect" message. When I try to change a user's password with
>> passwd I get the "Authentication service cannot retrieve authentication
>> info" message.
>> I removed every ACLs from slapd.conf.
>> I tried to follow the second version of the PAM configuration, because as
>> I
>> see on Debian, the pam-unix2.so doesn't support ldap.
>> I didn't include pam_pwcheck.so, because it gave me an error about it
(Continue reading)

Permalink | Reply | 0 comments |
headers
Juan José Villaplana Querol | 1 Jul 2009 10:27
Picon

Troubles with dfs-linked root shares

Hi,

Im trying to set up a samba cluster (using RHCS) to hold students'
Home directories according to the following schema:

                        \\disc\personal
                              |
         +--------------------+----------------------+
         |                    |                      |
         |                    |                      |
         v                    v                      v
 \\disc01\target      \\disc02\target   ...  \\discXY\target   

The service "disc" will only hold dfs links and act as a load balancer
to the services "disc01" to "discXY" that will hold real user data.

The share "personal" on "disc" is configured as:

  [personal]
      path = /mnt/discdata000/personal/%U
      msdfs root = true

and "target" share is configured on the remaining "discXY" services as:

  [target]
      path = /mnt/discdataXYZ/personal/%U

DFS links are created as follows (users will be evenly hashed among
"discXY" "target" shares):
(Continue reading)

Permalink | Reply | 0 comments |
headers
christoph.beyer | 1 Jul 2009 12:03
Picon
Favicon

net ads join -> strong(er) authentication required

Hi,

my windows folks migrated to AD 2008 R2, resulting in the following error 
message when trying to join the domain:

[HOST] /etc $ /opt/csw/bin/net ads join -U <USER>
Enter <USER>'s password:
[2009/07/01 11:51:28,  0] libads/sasl.c:ads_sasl_spnego_bind(819)
   kinit succeeded but ads_sasl_spnego_krb5_bind failed: Strong(er) 
authentication required
Failed to join domain: failed to connect to AD: Strong(er) authentication 
required

Any hints ?

best regards
 	~christoph

-- 
/*   Christoph Beyer     |   Office: Building 2b / 23     *\
  *   DESY                |    Phone: 040-8998-2317        *
  *   - IT -              |      Fax: 040-8998-4060        *
\*   22603 Hamburg       |     http://www.desy.de         */

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 3 comments |
headers
Chris Hills | 1 Jul 2009 12:07
Favicon
Gravatar

Deskzilla site license for bugzilla.samba.org

Hi

I have been given a site license [1] for ALM Works Deskzilla [2] for use 
with bugzilla.samba.org, and they have asked that I provide it to anyone 
who wishes to use it.

Regards,

Chris Hills

[1] http://www.chaz6.com/files/deskzilla_samba.license
[2] http://almworks.com/deskzilla/

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Permalink | Reply | 0 comments |
headers
Guenther Deschner | 1 Jul 2009 12:26
Picon
Favicon

Re: net ads join -> strong(er) authentication required

On Wed, Jul 01, 2009 at 12:03:28PM +0200, christoph.beyer <at> desy.de wrote:
> Hi,
>
> my windows folks migrated to AD 2008 R2, resulting in the following error 
> message when trying to join the domain:
>
> [HOST] /etc $ /opt/csw/bin/net ads join -U <USER>
> Enter <USER>'s password:
> [2009/07/01 11:51:28,  0] libads/sasl.c:ads_sasl_spnego_bind(819)
>   kinit succeeded but ads_sasl_spnego_krb5_bind failed: Strong(er)  
> authentication required
> Failed to join domain: failed to connect to AD: Strong(er) authentication 
> required
>
> Any hints ?

You might need to set "client ldap sasl wrapping" in order to make this
work.  See the manpage for possible settings.

Guenther

-- 
Günther Deschner                    GPG-ID: 8EE11688
Red Hat                         gdeschner <at> redhat.com 
Samba Team                              gd <at> samba.org

--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
(Continue reading)

Permalink | Reply | 1 comment |
headers
Juan José Villaplana Querol | 1 Jul 2009 12:52
Picon

Unix Extensions + ext3 quotas + df

Hi,

Some time ago, I reported an issue (1) regarding to the "disk free"
to Quotas mapping when Unix Extensions are enabled.

The issue still persists in RHEL 5.3 (samba-3.0.33-3.7.el5).

In the meanwhile I have found a workaround via the attached *ugly*
patch, but an official solution would be appreciated.

Best regards,
                Juanjo

(1) https://bugzilla.samba.org/show_bug.cgi?id=5395

--

-- 
Juan José Villaplana Querol/Servei d'Informàtica/Universitat Jaume I
Powered by Mutt [http://www.mutt.org/]
Dilbert: ... and starting today, all passwords must contain letters,
         numbers, doodles, sign language and squirrel noises.

*** source/smbd/trans2.c.orig	2008-11-18 16:37:41.000000000 +0100
--- source/smbd/trans2.c	2009-07-01 12:17:16.000000000 +0200
***************
*** 2583,2612 ****
--- 2583,2642 ----
  					CIFS_UNIX_POSIX_PATH_OPERATIONS_CAP)));
  			break;
(Continue reading)

Permalink | Reply | 0 comments |
headers
Philip Pemberton | 1 Jul 2009 13:04
Picon

Re: Intermittent stalling in file transfers / server connections

Volker Lendecke wrote:
> Well, we could possibly make more sense of them if we saw
> them. In particular the part where the timeout happens. A
> couple of 100 lines before that and some 100's of lines
> after that timeout is necessary.

Problem is, they're over the posting limit for the list...

OK, here we go -- shoved in the /temp area of my website:

Samba log (smbd.log): http://www.philpem.me.uk/temp/samba/smbd_log.txt
Samba log (cheetah.log): http://www.philpem.me.uk/temp/samba/cheetah_log.txt
Wireshark trace: http://www.philpem.me.uk/temp/samba/wireshark_log.txt

The machines are:
   Wolf (10.0.0.1)    -- Server. Ubuntu Server 8.10. MAC=Jetway.
   Cheetah (10.0.0.8) -- Client. Windows XP SP3. MAC=ASUSTeK.

The stalling starts at around packet 8882 in the Wireshark log (the gap 
between 8882 and 8883 *is* the stall), which equates to 11:25:43 AM. The stall 
seems to end at 11:26:02 AM (packet 8883). Both machines sync their clocks on 
boot, so the timing should be within a second or so of each other.

Thanks,
--

-- 
Phil.
usenet08 <at> philpem.me.uk
http://www.philpem.me.uk/
If mail bounces, replace "08" with the last two digits of the current year.
(Continue reading)

Permalink | Reply | 7 comments |

Gmane