Prev: [Samba] major upgrade to 3.5.1, major problem
Next: [Probably OT]: Samba LDAP data migration
From: Jeremy Allison on 9 Mar 2010 23:10
On Tue, Mar 09, 2010 at 10:45:39PM -0500, Chris Smith wrote:
> Just upgraded a Samba PDC from 3.0.32 to 3.5.1. The good news - it is
> running - the bad news - probably on life support.
>
> All seemed well until I started getting messages on some Windows
> clients that the domain was not available - if your credentials were
> not cached you could not log in - if they were everything seemed to
> work.
>
> The test:
> nmblookup -B BIGSERVER __SAMBA__
>
> failed (yes, I replaced BIGSERVER with the proper PDC name)
>
> The test:
> nmblookup -M testgroup
>
> also failed.
>
> But if your credentials were cached, you could login, the netlogon
> scripts would run, the shared directories and printers were
> available,etc.
>
> A restart makes everything right (the tests above will produce correct
> info and the domain will be available) - for anywhere from a few
> minutes to an hour or so but at some point samba will lose its head
> and the domain will be unavailable.
>
> Assistance is greatly appreciated.

There were some changes that went into nmbd in 3.5.x to
allow it to run correctly on a box with "bind interfaces only"
set. Can you post your smb.conf ?

Jeremy.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Chris Smith on 9 Mar 2010 23:30
On Tue, Mar 9, 2010 at 11:09 PM, Jeremy Allison <jra(a)samba.org> wrote:
> There were some changes that went into nmbd in 3.5.x to
> allow it to run correctly on a box with "bind interfaces only"
> set. Can you post your smb.conf ?

Here it is:
=====================================================
[global]
name resolve order = host wins bcast
enable privileges = Yes
strict locking = No
host msdfs = no
show add printer wizard = Yes
time server = Yes
passwd program = /usr/bin/passwd %u
msdfs root = no
cups options = raw
netbios name = BIONAME
printing = cups
max wins ttl = 86400
logon script = scripts\agents.bat
local master = Yes
workgroup = WRKGRP
os level = 32
printcap name = cups
security = user
add machine script = /usr/sbin/useradd -d /dev/null -g
'nofiles' -c 'Machine Account' -s /bin/false '%u'
min wins ttl = 3600
max log size = 1000
log level = 2 passdb:2 auth:2 winbind:0
log file = /var/log/samba/%m
smb ports = 445 139
map acl inherit = Yes
logon drive = h:
deadtime = 3
username map = /etc/samba/smbusers
interfaces = eth0, 127.0.0.1
bind interfaces only = Yes
domain master = Yes
preferred master = Yes
logon home = \\%N\%U
passdb backend = tdbsam
ea support = yes
wins support = true
unix password sync = Yes
max ttl = 43200
logon path =
use sendfile = Yes
add user script = /usr/sbin/useradd -g "users" -G "agent" -m
-k "/etc/skelnul" -s /bin/false '%u'
syslog = 0
domain logons = Yes
passwd chat = *New*password* %n\n *Retype*new*password*%n\n
*password*updated*succesfully*
pam password change = Yes
=====================================================
The rest is netlogon, printer & file shares - if you want it no problem.

Also notice that after the failure if I edit the init script to
restart _just_ the nmbd daemon (leave smbd up and running) it seems to
run - if I restart both daemons it fails quickly.

Thanks,

Chris
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Jeremy Allison on 10 Mar 2010 13:30
On Tue, Mar 09, 2010 at 11:27:33PM -0500, Chris Smith wrote:
> On Tue, Mar 9, 2010 at 11:09 PM, Jeremy Allison <jra(a)samba.org> wrote:
> > There were some changes that went into nmbd in 3.5.x to
> > allow it to run correctly on a box with "bind interfaces only"
> > set. Can you post your smb.conf ?

So you are setting:

> interfaces = eth0, 127.0.0.1
> bind interfaces only = Yes

Can you try removing these and seeing if the problem persists ?
Is there a specific reason for excluding any other interfaces ?

Jeremy
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Chris Smith on 10 Mar 2010 13:40
On Wed, Mar 10, 2010 at 1:27 PM, Jeremy Allison <jra(a)samba.org> wrote:
> So you are setting:
>
>>         interfaces = eth0, 127.0.0.1
>>         bind interfaces only = Yes
>
> Can you try removing these and seeing if the problem persists ?
> Is there a specific reason for excluding any other interfaces ?

I will certainly test tonight if that makes a difference. And, yes,
there is an eth1 that I don't want Samba running on.

Will post results.

Thank you,

Chris
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Chris Smith on 11 Mar 2010 18:00
Decided to re-compile and re-install Samba last night and with or
without the interfaces (and bind interfaces only) parameters enabled I
could not get the PDC to pass the "nmblookup -M testgroup" test and at
first it was even failing the "nmblookup -B BIGSERVER __SAMBA__".

Weird thing though, is that a Samba member server would publish
correct results to the "nmblookup -M testgroup" test - even though PDC
itself could not. Last thing I tried was setting "interfaces =
192.168.1.4 127.0.0.1" and "nmblookup -B BIGSERVER __SAMBA__" started
working. And finally some time later (I didn't check it every five
minutes so I can't say exactly when - but it wasn't within the first
15 minutes) the PDC started to produce proper results for "nmblookup
-M testgroup".

I get this odd stuff in the nmbd log:
===============================================
Doing a node status request to the domain master browser
for workgroup WRKGRP at IP 127.0.0.2 failed.
Cannot sync browser lists.
[2010/03/11 17:28:47.992433, 0]
nmbd/nmbd_become_dmb.c:337(become_domain_master_browser_wins)
become_domain_master_browser_wins:
Attempting to become domain master browser on workgroup WRKGRP,
subnet UNICAST_SUBNET.
[2010/03/11 17:28:47.992562, 0]
nmbd/nmbd_become_dmb.c:351(become_domain_master_browser_wins)
become_domain_master_browser_wins: querying WINS server from IP
127.0.0.1 for domain master browser name WRKGRP<1b> on workgroup
WRKGRP
[2010/03/11 17:28:47.992719, 0]
nmbd/nmbd_become_dmb.c:235(become_domain_master_query_success)
become_domain_master_query_success:
There is already a domain master browser at IP 127.0.0.2 for
workgroup WRKGRP registered on subnet UNICAST_SUBNET.
[2010/03/11 17:34:02.583418, 0]
nmbd/nmbd_become_dmb.c:337(become_domain_master_browser_wins)
become_domain_master_browser_wins:
Attempting to become domain master browser on workgroup WRKGRP,
subnet UNICAST_SUBNET.
[2010/03/11 17:34:02.583538, 0]
nmbd/nmbd_become_dmb.c:351(become_domain_master_browser_wins)
become_domain_master_browser_wins: querying WINS server from IP
127.0.0.1 for domain master browser name WRKGRP<1b> on workgroup
WRKGRP
[2010/03/11 17:34:02.588884, 0]
nmbd/nmbd_become_dmb.c:235(become_domain_master_query_success)
become_domain_master_query_success:
There is already a domain master browser at IP 127.0.0.2 for
workgroup WRKGRP registered on subnet UNICAST_SUBNET.
===============================================

It doesn't seem to like the fact that I have a secondary address on lo:
===============================================
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
===============================================

There is no name associated with secondary lo address as it was set
with iproute2 (ifconfig does not report the address at all).

Guide me wise Jedi master.

Chris
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
 |  Next  |  Last
Pages: 1 2
Prev: [Samba] major upgrade to 3.5.1, major problem
Next: [Probably OT]: Samba LDAP data migration