LinuxQuestions.org - [SOLVED] samba resetting users connections to files

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - samba resetting users connections to files (https://www.linuxquestions.org/questions/linux-server-73/samba-resetting-users-connections-to-files-518179/)

samba resetting users connections to files

I am working on a PDC for our company running Debian Sarge. It has Bind9.2.4, Samba 3.0.14a and exim4.50. All clients are Windows XP SP2 with the Windows firewall disabled. ZoneAlarm is the 3rd party firewall, AV, anti-spam, anti-malware application of choice (for now).

The main problem that we are having right now is a lack of reliable communication with the server's shares. The users are able to connect to the server, open a file (using the applicable editor), save several changes to the file while working on it, all without problems. However, there have been several instances of users who work on files for quite a bit of time (an hour or more) having their work interrupted with a connection error (currently sitting at about a 30% failure rate). These users will be trudging along and suddenly, they receive a message (usually a Windows type error) telling them that the connection to the file has been lost/severed and that they cannot save their changes. They then have to save it locally, re-establish connection to the network share (usually just openning it in Windows Explorer does the trick, but sometimes it does prompt for their username/password) and overwrite the original with the locally saved copy. This generally happens after the first hour of openning the file but has also happened within the first 15 minutes.

ZoneAlarm has been uninstalled from a few users systems with no effect on the problem. I have recompiled to use cifs instead of smbfs for the network shares, but this only seemed to increase the time it takes for the connection to drop. Now it takes 30-90 minutes for the connection to drop, instead of 15-50.

I've gone through the logs and can see no indication of problems with user connections. No resets, no excessibe packet loss, nada. The networking kit is all new NetGear Gigabit (10/100/1000) switches and new Cat5e cable. There is only one system older than 2 years and it is only used for scanning hardcopy. All the rest are new Dell's.

I'm not sure what else to post here to help clarify the problem. If you need more info, I'll be happy to provide whatever answers I can. I'm nowhere near Guru status yet, so forgive me if I ask any dumb questions. Thanks for reading; thanks a bunch for helping.

I don't know if this is your problem but it's worth taking a look at and following any leads that it provides. It's from the smb.conf man page.

Quote:

keepalive (G)

The value of the parameter (an integer) represents the number of seconds between keepalive packets. If this parameter is zero, no keepalive packets will be sent. Keepalive packets, if sent, allow the server to tell whether a client is still present and responding.

Keepalives should, in general, not be needed if the socket has the SO_KEEPALIVE attribute set on it by default. (see socket options). Basically you should only use this option if you strike difficulties.

Default: keepalive = 300

Example: keepalive = 600

Thanks for the reply, xjlittle. As I understand it, if you do not specify a value for keepalive, the default value is used as ..., well ..., the default. I went ahead and specified a keepalive of 600 (10 minutes) in my smb.conf, but it had no effect.

I have read through the man pages for smb.conf and samba already. I've tried messing with the various oplock settings thinking one of them might be the problem, but had no luck with those either. I feel that I'm looking in the wrong place, but haven't got a clue where else to look.

Is there any other info I can provide to clarify the problem?

Hi New2Linux2

Could you post your smb.conf please? My experience tells me that if it is samba it most likely is a configuration error in the smb.conf. If there is nothing there you will need to go back to the workstations.

If it were me I would bring up a totally clean ws without all the av, antispam antiwhatever and see if it experiences the same problem. Give it to a user who seems to have the problem a lot (or screams the loudest :mad: )

Ok. Here you go.

Code:

# Global parameters

[global]

        workgroup = XCOR.COM

        netbios aliases = goddard

        server string = Goddard

        interfaces = eth0

        passdb backend = tdbsam

        pam password change = Yes

        passwd program = /usr/bin/passwd %u

        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .

        username map = /etc/samba/smbusers

        unix password sync = Yes

        log level = 1

        syslog = 0

        log file = /var/log/samba/log.%m

        max log size = 1000

        smb ports = 139

        name resolve order = host wins bcast

        time server = Yes

        add user script = /usr/sbin/useradd -m '%u'

        delete user script = /usr/sbin/userdel -r '%u'

        add group script = /usr/sbin/groupadd '%g'

        delete group script = /usr/sbin/groupdel '%g'

        add user to group script = /usr/sbin/usermod -G '%g' '%u'

        add machine script = /usr/sbin/useradd -s /bin/false -d /tmp '%u'

        shutdown script = /var/lib/samba/scripts/shutdown.sh

        abort shutdown script = /sbin/shutdown -c

        logon script = scripts\logon.bat

        logon path = \\%L\profiles\%U

        logon drive = U:

        logon home = \\%L\profiles\%U

        domain logons = Yes

        preferred master = Yes

        dns proxy = No

        wins support = Yes

        utmp = Yes

        panic action = /usr/share/samba/panic-action %d

        map acl inherit = Yes

        veto oplock files = /*.doc/*.xls/*.mdb



[homes]

        comment = Home Directories

        username = %S

        read only = No

        create mask = 0775

        directory mask = 0775

        browseable = No



[netlogon]

        comment = Network Logon Service

        path = /var/lib/samba/netlogon

        guest ok = Yes

        locking = No

        share modes = No



[profiles]

        comment = Profile Share

        path = /var/lib/samba/profiles

        username = %S

        read only = No

        profile acls = Yes



[Z]

        path = /Z

        username = %S

        read only = No

        create mask = 0755

        fstype = cifs



[X]

        path = /X

        username = %S

        read only = No

        create mask = 0755

        fstype = cifs

Quote:

smb ports = 139

Change this to 137 138 139 445. You probably only need 139 and 445 but for the time being use all of them.

Quote:

interfaces = eth0

If you don't have multiple interfaces comment this.

Quote:

fstype = cifs

For the moment comment this.

Let's start with this and see where it gets us.

Alright. I added those ports and commented the other two lines. I'll post back here if the problem persists. Thanks for the help.

Unfortunately, the problem persists. Anything else to check?

I can think of two other things off hand.
You are using 3.0.14 which is getting old compared to WinXP SP2. MS does a lot of things with the way they communicate with other machines eg. digital signing. I would seriously consider upgrading to the latest version of samba.

Go through the changelogs at http://us1.samba.org/samba/history/samba-3.0.23d.html They are historical so you can work down to your version.

Other than that I would try a clean workstation as I mentioned before w/o all the anti{spyware,virus,etc} stuff. You might even leave off sp2.

Beyond all of that it seems that this a transient thing. It could be a nic going bad and unable to handle a certain load, so app running on the server that causes overload and so on. Keep watching your /var/log/messages. Sooner or later you will spot it and get it fixed.

As this is a production server for a corporate domain, I'm more than a little leary about upgrading something beyond the stable release. I'll go ahead and check through the changes made, just in case.

I will keep an eye on the logs. I'm still hoping that something will pop up that will let me know where to focus my attention. Thanks for your help.

Go here and have a look at the readme.txt. The writer discusses the underlying packages as being available for Debian stable.

http://us1.samba.org/samba/ftp/Binary_Packages/Debian/

hth

I apologize for not addressing this earlier, but I thought that I had. You suggested a couple times that I test with a "clean" machine. I do have two machines that I use for testing purposes that have never had anti-virus, anti-malware, firewall or any other restrictive software installed (except windows, of course). Both of those systems experience the same problems as all the others. I have also removed the anti-whatever suite from my computer and still experienced the same problem. So it doesn't seem to matter if the computer has AV, had it and it was removed or never had it at all.

I still haven't found anything in the logs yet.

Quote:

Originally Posted by xjlittle

Go here and have a look at the readme.txt. The writer discusses the underlying packages as being available for Debian stable.

http://us1.samba.org/samba/ftp/Binary_Packages/Debian/

hth

Thank you. I didn't realize that Debian locked Samba to the version included with the .iso and no further. I'll go ahead and update and post the results.

Hello New2Linux2

I wanted to follow up and see how things are going. Did the upgrade go ok? Did it resolve your problem?

John

Hey John,

The upgrade went very smoothly, but did not solve the problem. It did have a positive effect though. The problems occur much less frequently now. I would say about half as often as they did before the upgrade. Anything else to check?

-Dave