Peddu_bhanu
asked on
Samba on inux
Hi,
Im using samba on ubuntu, here are the version details
OS
Distributor ID: Ubuntu
Description: Ubuntu 9.04
Release: 9.04
Codename: jaunty
SAMBA
Version 3.3.2
I have Kerberos authentication.The problem is that samba shares accessed by the users hang periodically and everything is after say like 10 minutes
following are the entries from the log (log.winbindd)
[2010/08/19 10:40:55, 1] libads/ldap_utils.c:ads_do _search_re try_intern al(83)
ads_search_retry: failed to reconnect (Can't contact LDAP server)
[2010/08/19 10:40:55, 1] libads/ldap_utils.c:ads_ra nged_searc h_internal (307)
ads_search: Can't contact LDAP server
[2010/08/19 10:40:55, 0] winbindd/winbindd_ads.c:lo okup_group mem(1038)
ads_ranged_search failed with: Can't contact LDAP server
[2010/08/19 10:41:19, 1] winbindd/winbindd_util.c:t rustdom_re cv(303)
Could not receive trustdoms
AND log (log.winbindd-dc-connect)
[2010/08/19 10:42:52, 1] rpc_client/cli_pipe.c:rpc_ pipe_destr uctor(2362 )
rpc_pipe_destructor: cli_close failed on pipe host KTNAPWDC104.kt.group.local , pipe \NETLOGON, fnum 0x4005. Error was SUCCESS - 0
[2010/08/19 10:42:52, 1] rpc_client/cli_pipe.c:rpc_ pipe_destr uctor(2362 )
rpc_pipe_destructor: cli_close failed on pipe host KTNAPWDC104.kt.group.local , pipe \lsarpc, fnum 0x4017. Error was SUCCESS - 0
[2010/08/19 10:42:52, 1] rpc_client/cli_pipe.c:rpc_ pipe_destr uctor(2362 )
rpc_pipe_destructor: cli_close failed on pipe host KTNAPWDC104.kt.group.local , pipe \NETLOGON, fnum 0x4016. Error was SUCCESS - 0
Any help would be greatly appreciated ad this is a production system and is heavily used.
Thanks
Bhanu
Im using samba on ubuntu, here are the version details
OS
Distributor ID: Ubuntu
Description: Ubuntu 9.04
Release: 9.04
Codename: jaunty
SAMBA
Version 3.3.2
I have Kerberos authentication.The problem is that samba shares accessed by the users hang periodically and everything is after say like 10 minutes
following are the entries from the log (log.winbindd)
[2010/08/19 10:40:55, 1] libads/ldap_utils.c:ads_do
ads_search_retry: failed to reconnect (Can't contact LDAP server)
[2010/08/19 10:40:55, 1] libads/ldap_utils.c:ads_ra
ads_search: Can't contact LDAP server
[2010/08/19 10:40:55, 0] winbindd/winbindd_ads.c:lo
ads_ranged_search failed with: Can't contact LDAP server
[2010/08/19 10:41:19, 1] winbindd/winbindd_util.c:t
Could not receive trustdoms
AND log (log.winbindd-dc-connect)
[2010/08/19 10:42:52, 1] rpc_client/cli_pipe.c:rpc_
rpc_pipe_destructor: cli_close failed on pipe host KTNAPWDC104.kt.group.local
[2010/08/19 10:42:52, 1] rpc_client/cli_pipe.c:rpc_
rpc_pipe_destructor: cli_close failed on pipe host KTNAPWDC104.kt.group.local
[2010/08/19 10:42:52, 1] rpc_client/cli_pipe.c:rpc_
rpc_pipe_destructor: cli_close failed on pipe host KTNAPWDC104.kt.group.local
Any help would be greatly appreciated ad this is a production system and is heavily used.
Thanks
Bhanu
ASKER
Thank you bit freeze
for the sake of clarity i will post my smb.conf and krb5.conf files ,I request you all experts to please have a look at them and suggest,please find the attached files
This is a production box,I would highly appreciate any timely response.
Thanks in advance
krb5.conf.txt
smb.conf.txt
for the sake of clarity i will post my smb.conf and krb5.conf files ,I request you all experts to please have a look at them and suggest,please find the attached files
This is a production box,I would highly appreciate any timely response.
Thanks in advance
krb5.conf.txt
smb.conf.txt
The 1st four error messages indicate that you are not able to connect to the LDAP server.
I would check it to make sure that there are no problems, check for network issues: ports going down and back up, traffic flooding, and things like that.
I would check it to make sure that there are no problems, check for network issues: ports going down and back up, traffic flooding, and things like that.
I would suggest that, during outages, you test the ldap connection directly using a suitable ldap browser on the linux host (it will have command line tools already, but apache directory studio is an excellent, and free, gui tool you can run on the xwindows desktop)
I would suspect that something is overloaded - either the network link, the host's cpu/ram, the available sockets on the host, or the AD host with ldap on it - and discovering which it is would be the first diagnostic step.
I would suspect that something is overloaded - either the network link, the host's cpu/ram, the available sockets on the host, or the AD host with ldap on it - and discovering which it is would be the first diagnostic step.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi it4soho;
So far so good, I have zeroed in on DNS. I will update once i monitor for 2 to 3 days.Thank you for your inputs.
Bhanu
So far so good, I have zeroed in on DNS. I will update once i monitor for 2 to 3 days.Thank you for your inputs.
Bhanu
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
Make sure the Linux server has the PDC as it's primary DNS server.
Check /etc/resolv.conf
Then check /etc/krb5.conf
[libdefaults]
default_realm = MYDOMAIN.COM
[realms]
MYDOMAIN.COM = {
kdc = PDC.MYDOMAIN.COM
admin_server = PDC.MYDOMAIN.COM
}
[domain_realm]
.PDC.MYDOMAIN.COM = MYDOMAIN.COM
PDC.MYDOMAIN.COM = MYDOMAIN.COM
in /etc/samba/smb.conf
make sure your idmap uid and gid is set higher than any local user uid.
I am using:
idmap uid = 15000-25000
idmap gid = 15000-25000
I had to upgrade my samba to version 3.4 to get rid of the intermittent connection problems on the Ubuntu 9 standard version of samba, and currently run it on Ubuntu 10.04 with samba 3.4.7 with no problems.