Re: [Samba] BDC passwd changes
On Fri, 2010-02-05 at 10:21 +1100, Mike Fabre wrote: Hello I have a network setup with one Samba PDC and two Samba BDCs separated by routers (ref http://www.cybersource.com.au/users/mikef/samba/). In this test environment the Samba servers all use the master OpenLDAP server on the PDC, but the production system will have OpenLDAP servers (using master-slave replication) on all Samba servers. I can't get the Windows XP client to change a password or enroll on the domain when connected to either of the BDC's networks, however both functions work fine when connected directly to the PDC's network. If the XP client is enrolled onto the domain while connected to the PDC's network then it successfully authenticates against the domain on all three networks, incl after being relocated to either BDC network. Anyone got any ideas what my problem might be? What you need to do is either install a central WINS server, and point the various networks at that single server, or (my preference) abuse the separation of 'netbios name space' that your router has created, and make all the Samba DCs PDCs of their own networks. That way, they will all be contacted for password changes, because on each of their local networks, they hold the DOMAIN#1B name. (They need not be read-write OpenLDAP replicas, as Samba happily handles the referral to the master for writes). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] (no subject)
Hi I Have a problem: I'm sharing ~600 folders on my samba server: [SHARE 192.168.0.20] comment = Private share for host 192.168.0.20 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.20 public=yes hosts deny = 192.168. EXCEPT 192.168.0.20 [SHARE 192.168.0.21] comment = Private share for host 192.168.0.21 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.21 public=yes hosts deny = 192.168. EXCEPT 192.168.0.21 . . . But any user can see all shares even those without permissions (each host can see ~600 shares and only one is working for him) I don't know how to hide shares for each host so that he can see only share created for him. For Example host 192.168.0.10 will see only SHARE 192.168.0.10 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] hiding shares for hosts not allowed
Hi I Have a problem: I'm sharing ~600 folders on my samba server: [SHARE 192.168.0.20] comment = Private share for host 192.168.0.20 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.20 public=yes hosts deny = 192.168. EXCEPT 192.168.0.20 [SHARE 192.168.0.21] comment = Private share for host 192.168.0.21 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.21 public=yes hosts deny = 192.168. EXCEPT 192.168.0.21 . . . But any user can see all shares even those without permissions (each host can see ~600 shares and only one is working for him) I don't know how to hide shares for each host so that he can see only share created for him. For Example host 192.168.0.10 will see only SHARE 192.168.0.10 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] (no subject)
2010/2/6 Greg Byshenk sa...@byshenk.net On Sat, Feb 06, 2010 at 11:31:31AM +0100, kornel kornatka wrote: I Have a problem: I'm sharing ~600 folders on my samba server: [SHARE 192.168.0.20] comment = Private share for host 192.168.0.20 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.20 public=yes hosts deny = 192.168. EXCEPT 192.168.0.20 [SHARE 192.168.0.21] comment = Private share for host 192.168.0.21 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.21 public=yes hosts deny = 192.168. EXCEPT 192.168.0.21 . . . But any user can see all shares even those without permissions (each host can see ~600 shares and only one is working for him) I don't know how to hide shares for each host so that he can see only share created for him. For Example host 192.168.0.10 will see only SHARE 192.168.0.10 I'm not a samba expert, but what you're doing seems clumsy to me. Why not create a single share something like this: [privateshare] comment = Private share for local machines browseable = yes writable = yes path = /var/archives/USERS/%I public = yes hosts deny = 192.168. EXCEPT %I This allows every host to see just a single folder of its own -- and also makes for a much simpler smb.conf. -- greg byshenk - gbysh...@byshenk.net - Leiden, NL As you can see I'm beginner with samba. I've changed my conf as you said... it's not working But in my understanding ... : Samba can't know possibilities of %I variable to create shares. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind: only domains option/patch
Thanks Volker! I would like to add my voice to those requesting this enhancement! We have a highly distributed number of domains that all trust each other, but member servers only have access to their local domain controllers. Having the ability to restrict the number of domains that the Samba server tries to contact will be a *very* useful addition. Regards JR From: Volker Lendecke volker.lende...@sernet.de To: Julian Regel julian.re...@yahoo.co.uk Cc: samba@lists.samba.org Sent: Fri, 5 February, 2010 19:30:58 Subject: Re: [Samba] winbind: only domains option/patch On Fri, Feb 05, 2010 at 09:26:20AM -0800, Julian Regel wrote: In January 2009 a patch was sent to this list that introduced the winbind: only domains option to smb.conf (http://lists.samba.org/archive/samba-technical/2009-January/062706.html). This provides the inverse of winbind: ignore domains and the creator of the patch explained that this was more useful (to him) that having to explicitly exclude domains. Can anyone confirm if this patch was accepted, and if so, what version of Samba supports winbind: only domains? If the patch has not been accepted, is there a particular reason why not? Nobody so far has asked loudly enough, that's probably the only real reason. It's in my inbox now again. I had to do a similar patch for an ancient Samba version for a customer recently, but did not get around to put this upstream. So there seems to be real need for it :-) Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] (no subject)
On 6 February 2010 13:05, kornel kornatka ds14.kor...@gmail.com wrote: 2010/2/6 Greg Byshenk sa...@byshenk.net [...] Why not create a single share something like this: [privateshare] comment = Private share for local machines browseable = yes writable = yes path = /var/archives/USERS/%I public = yes hosts deny = 192.168. EXCEPT %I This allows every host to see just a single folder of its own -- and also makes for a much simpler smb.conf. As you can see I'm beginner with samba. I've changed my conf as you said... it's not working But in my understanding ... : Samba can't know possibilities of %I variable to create shares. I agree with Greg. I believe Samba should create the shares on the fly when the user connects, the same way it does for the [homes] share. I have not tried this, though. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] (no subject)
On Sat, Feb 06, 2010 at 11:31:31AM +0100, kornel kornatka wrote: I Have a problem: I'm sharing ~600 folders on my samba server: [SHARE 192.168.0.20] comment = Private share for host 192.168.0.20 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.20 public=yes hosts deny = 192.168. EXCEPT 192.168.0.20 [SHARE 192.168.0.21] comment = Private share for host 192.168.0.21 browseable = yes writable = yes path = /var/archives/USERS/192.168.0.21 public=yes hosts deny = 192.168. EXCEPT 192.168.0.21 . . . But any user can see all shares even those without permissions (each host can see ~600 shares and only one is working for him) I don't know how to hide shares for each host so that he can see only share created for him. For Example host 192.168.0.10 will see only SHARE 192.168.0.10 I'm not a samba expert, but what you're doing seems clumsy to me. Why not create a single share something like this: [privateshare] comment = Private share for local machines browseable = yes writable = yes path = /var/archives/USERS/%I public = yes hosts deny = 192.168. EXCEPT %I This allows every host to see just a single folder of its own -- and also makes for a much simpler smb.conf. -- greg byshenk - gbysh...@byshenk.net - Leiden, NL -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] (no subject)
2010/2/6 Michael Wood esiot...@gmail.com On 6 February 2010 13:05, kornel kornatka ds14.kor...@gmail.com wrote: 2010/2/6 Greg Byshenk sa...@byshenk.net [...] Why not create a single share something like this: [privateshare] comment = Private share for local machines browseable = yes writable = yes path = /var/archives/USERS/%I public = yes hosts deny = 192.168. EXCEPT %I This allows every host to see just a single folder of its own -- and also makes for a much simpler smb.conf. As you can see I'm beginner with samba. I've changed my conf as you said... it's not working But in my understanding ... : Samba can't know possibilities of %I variable to create shares. I agree with Greg. I believe Samba should create the shares on the fly when the user connects, the same way it does for the [homes] share. I have not tried this, though. -- Michael Wood esiot...@gmail.com * * I've tested new configuration [privateshare %I] comment = Private share for local machines browseable = yes writable = yes path = /var/archives/USERS/%I public = yes Works preaty good :) obviously - the hosts allow is no need now (thats why it wasn't working earlier) Thank you for your help! :) Regards Kornel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] shadow_copy2 prob? FSCTL..GET..DATA: max_data_count(114) too small (118) bytes needed!
I have /home as a logical volume. I have snapshots: LV VG Attr LSize Origin Snap% Move Log Copy% Convert 2010.02.05-01.26.19 Home swi-ao 10.00G lvol0 39.81 2010.02.06-02.37.52 Home swi-ao 5.00G lvol00.25 lvol0 Home owi-ao 1.00T and they are mounted: /dev/mapper/Home-2010.02.05--01.26.19 on /home/snapdir/@GMT-2010.02.05-01.26.19 type xfs (ro,nouuid) /dev/mapper/Home-2010.02.06--02.37.52 on /home/snapdir/@GMT-2010.02.06-02.37.52 type xfs (ro,nouuid) My 'home's definitions (I have 3 shares that all resided on /home partition': 'ServHome' (home of user on the server) 'home' (share of the root of the share) and '/homes'(the per-user in Domain share) where their profiles go Each has: vfs objects = recycle readahead shadow_copy2 recycle: keeptree=true shadow:snapdir = /home/snapdir shadow:basedir = /home 01234567890123456789012345678901234567890123456789012345678901234567890123456789 Yet when I go look at files that that have been modified on the 6th, I see no previous versions. In /var/log/samba/clientname.log, I see: linw opened file mail/bind read=Yes write=No (numopen=3) [2010/02/06 03:23:41, 0] smbd/nttrans.c:1970(call_nt_transact_ioctl) FSCTL_GET_SHADOW_COPY_DATA: max_data_count(114) too small (118) bytes needed! [2010/02/06 03:23:57, 2] smbd/close.c:612(close_normal_file) linw closed file mail/bind (numopen=2) NT_STATUS_OK Is the max data count too small the problem? Is there a bug in this version of samba? Is this relevant? Or is there something else wrong I don't see? linux 2.6.27.29 on suse 11.1 samba 3.4.3-12.1 Any insight appreciated Thanks, Linda -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] shadow_copy2 prob? FSCTL..GET..DATA: max_data_count(114) too small (118) bytes needed!
On Sat, Feb 06, 2010 at 03:37:28AM -0800, Linda Walsh wrote: linw opened file mail/bind read=Yes write=No (numopen=3) [2010/02/06 03:23:41, 0] smbd/nttrans.c:1970(call_nt_transact_ioctl) FSCTL_GET_SHADOW_COPY_DATA: max_data_count(114) too small (118) bytes needed! [2010/02/06 03:23:57, 2] smbd/close.c:612(close_normal_file) linw closed file mail/bind (numopen=2) NT_STATUS_OK Is the max data count too small the problem? Is there a bug in this version of samba? Is this relevant? Or is there something else wrong I don't see? linux 2.6.27.29 on suse 11.1 samba 3.4.3-12.1 Looks like samba bug 6850, fixed in 3.4.4. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 4: LookupAccountName fails
Hello, I don't know if this is the right list to discuss this topic. I have a FreeBSD (virtual) machine running Samba 4 alpha 11 which acts as a AD and another (virtual) machine running Windows 2000 which is a domain member. When a program on the W2k machine calls LookupAccountName to translate an user name to the SID this translates roughly to the following steps: - Setup a SMB session with the credentials of the service account - Call bind to create an unsecure channel - Call lsa_OpenPolicy2 to obtain a policy handle - Call bind again to create a secure channel - Call lsa_QueryInfoPolicy to obtain domain info The last call fails because Samba finds the policy handle but the SID stored with the handle (the SID of the system account) does not match the SID of the lsa_QueryInfoPolicy call (S-1-5-7 aka Anonymous). I don't know what a correct behaviour would be: That the handle does not have any SID stored with it because it was obtained via an unauthenticated call or if the credentials of the bind calls shall be used to secure the channel only and the lsa_QueryInfoPolicy call shall have the credentials from the session setup. If necessary I can file a bug report and / or provide a pcap file. -- Best regards, Christoph mailto:theis.n...@gmx.at -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] BDC passwd changes
On Sat, Feb 06, 2010 at 08:18:06PM +1100, Andrew Bartlett wrote: On Fri, 2010-02-05 at 10:21 +1100, Mike Fabre wrote: Hello I have a network setup with one Samba PDC and two Samba BDCs separated by routers (ref http://www.cybersource.com.au/users/mikef/samba/). In this test environment the Samba servers all use the master OpenLDAP server on the PDC, but the production system will have OpenLDAP servers (using master-slave replication) on all Samba servers. I can't get the Windows XP client to change a password or enroll on the domain when connected to either of the BDC's networks, however both functions work fine when connected directly to the PDC's network. If the XP client is enrolled onto the domain while connected to the PDC's network then it successfully authenticates against the domain on all three networks, incl after being relocated to either BDC network. Anyone got any ideas what my problem might be? What you need to do is either install a central WINS server, and point the various networks at that single server, I have got the PDC acting as the WINS server with the BDCs acting as a WINS proxy through to the PDC and then I have the clients use whatever samba server it is connected to as the WINS server. should that get the same result? or (my preference) abuse the separation of 'netbios name space' that your router has created, and make all the Samba DCs PDCs of their own networks. That way, they will all be contacted for password changes, because on each of their local networks, they hold the DOMAIN#1B name. (They need not be read-write OpenLDAP replicas, as Samba happily handles the referral to the master for writes). That could work, is there any downside to doing it this way? -- Mike Fabre -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] shadow_copy2 prob? FSCTL..GET..DATA: max_data_count(114) too small (118) bytes needed!
Volker Lendecke wrote: On Sat, Feb 06, 2010 at 03:37:28AM -0800, Linda Walsh wrote: linw opened file mail/bind read=Yes write=No (numopen=3) [2010/02/06 03:23:41, 0] smbd/nttrans.c:1970(call_nt_transact_ioctl) FSCTL_GET_SHADOW_COPY_DATA: max_data_count(114) too small (118) bytes needed! [2010/02/06 03:23:57, 2] smbd/close.c:612(close_normal_file) linw closed file mail/bind (numopen=2) NT_STATUS_OK Is the max data count too small the problem? Is there a bug in this version of samba? Is this relevant? Or is there something else wrong I don't see? linux 2.6.27.29 on suse 11.1 samba 3.4.3-12.1 Looks like samba bug 6850, fixed in 3.4.4. Volker Bingo! Thanks! We got previous versions! Yeay! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 7 machine account fails to authenticate against samba PDC
Re. the ongoing failure of the windows7 client to authenticate its machine account, I've upped the log level and added an extra debug statement to getpwnam_alloc(). There are a couple of discrepancies which I very much hope someone can explain, or at least point me in the direction of how to resolve! Comparing the output for a winXP client (successful) and the win7 client (unsuccessful), it seems that: 1 - the challenge-response mechanism is different for the win7 machine to that of the winXp machine (and the win7 machine fails this authentication). Can anyone enlighten me as to why the different challenge, and why the client might fail it? This is the trace for the unsuccessful win7 machine: [2010/02/05 22:55:10, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2010/02/05 22:55:10, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: 444EA615F23340F2 [2010/02/05 22:55:10, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : DE62C1B8DCC1E4AD [2010/02/05 22:55:10, 5] libsmb/credentials.c:221(netlogon_creds_server_check) netlogon_creds_server_check: challenge : 2818DBF48BE4EBC0 [2010/02/05 22:55:10, 5] libsmb/credentials.c:222(netlogon_creds_server_check) calculated: EDC837F244BC1EBB [2010/02/05 22:55:10, 2] libsmb/credentials.c:223(netlogon_creds_server_check) netlogon_creds_server_check: credentials check failed. This is the trace for the successful winXP machine: [2010/02/05 23:06:44, 5] libsmb/credentials.c:121(creds_init_64) clnt_chal_in: DF0D76C6D2BF3CDB [2010/02/05 23:06:44, 5] libsmb/credentials.c:122(creds_init_64) srv_chal_in : EE4404370EE4219C [2010/02/05 23:06:44, 5] libsmb/credentials.c:123(creds_init_64) clnt+srv : CD527AFDE0A35E77 [2010/02/05 23:06:44, 5] libsmb/credentials.c:124(creds_init_64) sess_key_out : 6D4885F56283E87B 2 - later, (perhaps as some fallback authentication?) the get_pwnam() is called a number of times for this machine account, initially it succeeds then in a later call fails NOT because the machine account isn't in /etc/passwd, but because it is looked up in UPPER case. Is this a bug? Here's the trace for the failure: [2010/02/05 22:55:18, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/05 22:55:18, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2010/02/05 22:55:18, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2010/02/05 22:55:18, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2010/02/05 22:55:18, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2010/02/05 22:55:18, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2010/02/05 22:55:18, 1] lib/util_pw.c:59(getpwnam_alloc) my extra debug: sys_getpwnam(WIN7HOST$) failed ^ *the name as passed to getpwnam_alloc* [2010/02/05 22:55:18, 1] auth/auth_util.c:577(make_server_info_sam) User WIN7HOST$ in passdb, but getpwnam() fails! rgds, graham. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] BDC passwd changes
On Sun, 2010-02-07 at 00:21 +1100, Mike Fabre wrote: On Sat, Feb 06, 2010 at 08:18:06PM +1100, Andrew Bartlett wrote: On Fri, 2010-02-05 at 10:21 +1100, Mike Fabre wrote: Hello I have a network setup with one Samba PDC and two Samba BDCs separated by routers (ref http://www.cybersource.com.au/users/mikef/samba/). In this test environment the Samba servers all use the master OpenLDAP server on the PDC, but the production system will have OpenLDAP servers (using master-slave replication) on all Samba servers. I can't get the Windows XP client to change a password or enroll on the domain when connected to either of the BDC's networks, however both functions work fine when connected directly to the PDC's network. If the XP client is enrolled onto the domain while connected to the PDC's network then it successfully authenticates against the domain on all three networks, incl after being relocated to either BDC network. Anyone got any ideas what my problem might be? What you need to do is either install a central WINS server, and point the various networks at that single server, I have got the PDC acting as the WINS server with the BDCs acting as a WINS proxy through to the PDC and then I have the clients use whatever samba server it is connected to as the WINS server. should that get the same result? It's better to point the clients at the WINS server directly, but the WINS proxy should work. However, both methods give a single point of failure, unless you have a replicating WINS server. Samba4 contains a replicating WINS server (see also the Samba4WINS product), as does Windows. or (my preference) abuse the separation of 'netbios name space' that your router has created, and make all the Samba DCs PDCs of their own networks. That way, they will all be contacted for password changes, because on each of their local networks, they hold the DOMAIN#1B name. (They need not be read-write OpenLDAP replicas, as Samba happily handles the referral to the master for writes). That could work, is there any downside to doing it this way? As long as the replication between the master and slave LDAP servers is rapid, no (see the smb.conf documentation for 'ldap replication sleep'). It also avoids the need for a replicating WINS server, as you just have one per subnet, which reduces the single point of failure. By setting 'dns proxy = yes', hosts on other networks can still be found, as long as they are in DNS. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Client link utilization
Hello everybody! This is probably going to be a classic question but I cannot find a decent answer on net. I have samba server set up and the following things work flawlessly: - iperf shows 92% link utilization - FTP/SCP/HTTP transfers work in 10MB/s range. However, when I mount samba share with linux client (mount.cifs) the link utilization cannot bypass cca 33%. Transfer speeds constantly stops around 3.8MB/s and will not rise above it no matter what socket and locking options I use. Do you have any ideas about why this is happening and/or FAQ websites to point me to? Thank you very much, b. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Client link utilization
Bostjan Skufca put forth on 2/6/2010 6:14 PM: Hello everybody! This is probably going to be a classic question but I cannot find a decent answer on net. I have samba server set up and the following things work flawlessly: - iperf shows 92% link utilization - FTP/SCP/HTTP transfers work in 10MB/s range. However, when I mount samba share with linux client (mount.cifs) the link utilization cannot bypass cca 33%. Transfer speeds constantly stops around 3.8MB/s and will not rise above it no matter what socket and locking options I use. Do you have any ideas about why this is happening and/or FAQ websites to point me to? I've had a similar thread running for a few weeks without resolution. In my case I can max the wire (100FDX) at 92Mb/s to/from Win2K and WinXP clients using FTP, and smbclient from the server to shares on the workstations maxes the wire (at least GET from the workstations does). I'm running Samba 3.2.5 on Debian Lenny with custom kernel 2.6.31.1. The max smb performance I can get in a single stream to/from smbd is 65Mb/s, or 8.5MB/s. I've now tested Win2K, WinXP, and smbclient on SLED 10 (can't recall version). In all cases, no matter what performance settings I tweak in smb.conf or on the workstations, I can't get wire speed with a single SMB stream---can't get over 65Mb/s. Interestingly, two simultaneous SMB transfer streams (two Windows Explorer file copy operations on the same workstation) will max the wire at 92Mb/s, or 11MB/s. Our symptoms are similar, though we may be fighting different causes, given you can't even get over 4MB/s. I've provided multiple packet captures as instructed, but haven't heard anything back yet. That was over a week ago... -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Client link utilization
Yes, I've forgot to mention that I can also get link saturated with single Win client, therefore it does not appear to be a server issue. BTW: Slack, samba compiled from scratch (v3.4.5) and custom vanilla kernel (but nothing fancy or unusual). b. PS: The funny thing is, as I recall, I did previous samba setup 5 or 6 years ago, and I distinclty remember I was running into the same issue, at more or less the same speed. On 7 February 2010 04:26, Stan Hoeppner s...@hardwarefreak.com wrote: Bostjan Skufca put forth on 2/6/2010 6:14 PM: Hello everybody! This is probably going to be a classic question but I cannot find a decent answer on net. I have samba server set up and the following things work flawlessly: - iperf shows 92% link utilization - FTP/SCP/HTTP transfers work in 10MB/s range. However, when I mount samba share with linux client (mount.cifs) the link utilization cannot bypass cca 33%. Transfer speeds constantly stops around 3.8MB/s and will not rise above it no matter what socket and locking options I use. Do you have any ideas about why this is happening and/or FAQ websites to point me to? I've had a similar thread running for a few weeks without resolution. In my case I can max the wire (100FDX) at 92Mb/s to/from Win2K and WinXP clients using FTP, and smbclient from the server to shares on the workstations maxes the wire (at least GET from the workstations does). I'm running Samba 3.2.5 on Debian Lenny with custom kernel 2.6.31.1. The max smb performance I can get in a single stream to/from smbd is 65Mb/s, or 8.5MB/s. I've now tested Win2K, WinXP, and smbclient on SLED 10 (can't recall version). In all cases, no matter what performance settings I tweak in smb.conf or on the workstations, I can't get wire speed with a single SMB stream---can't get over 65Mb/s. Interestingly, two simultaneous SMB transfer streams (two Windows Explorer file copy operations on the same workstation) will max the wire at 92Mb/s, or 11MB/s. Our symptoms are similar, though we may be fighting different causes, given you can't even get over 4MB/s. I've provided multiple packet captures as instructed, but haven't heard anything back yet. That was over a week ago... -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Client link utilization
On Sat, Feb 06, 2010 at 09:26:32PM -0600, Stan Hoeppner wrote: Bostjan Skufca put forth on 2/6/2010 6:14 PM: Hello everybody! This is probably going to be a classic question but I cannot find a decent answer on net. I have samba server set up and the following things work flawlessly: - iperf shows 92% link utilization - FTP/SCP/HTTP transfers work in 10MB/s range. However, when I mount samba share with linux client (mount.cifs) the link utilization cannot bypass cca 33%. Transfer speeds constantly stops around 3.8MB/s and will not rise above it no matter what socket and locking options I use. Do you have any ideas about why this is happening and/or FAQ websites to point me to? I've had a similar thread running for a few weeks without resolution. In my case I can max the wire (100FDX) at 92Mb/s to/from Win2K and WinXP clients using FTP, and smbclient from the server to shares on the workstations maxes the wire (at least GET from the workstations does). I'm running Samba 3.2.5 on Debian Lenny with custom kernel 2.6.31.1. The max smb performance I can get in a single stream to/from smbd is 65Mb/s, or 8.5MB/s. I've now tested Win2K, WinXP, and smbclient on SLED 10 (can't recall version). In all cases, no matter what performance settings I tweak in smb.conf or on the workstations, I can't get wire speed with a single SMB stream---can't get over 65Mb/s. Interestingly, two simultaneous SMB transfer streams (two Windows Explorer file copy operations on the same workstation) will max the wire at 92Mb/s, or 11MB/s. Hang on a minute, I haven't been paying attention to these emails as yet. Am I correct in saying: smbclient - smbd maxes the wire. smbclient - WinXP maxes the wire. But WinXP - smbd gets 2/3 of the wire speed. And WinXP+WinXP (two streams) - smbd maxes the wire. If this is the case, it's the 64k per read/write limit plus only one outstanding packet per stream issue with the WinXP redirector that's the issue. smbclient sends up to maxmux outstanding packets on read/write and keeps the pipeline full. That's why it can max the wire. The WinXP redirector is just not very good I'm afraid. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 65710da... pam_winbind: Remove a nested if-statement. Bo, please
check!
via 8cb6f7e... pam_winbind: Use strchr instead of strstr for a single
character
from b93f07e... Fix trailing whitespace errors I added (sorry).
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 65710dae847273edb99495241e6d7b7acd303c5f
Author: Volker Lendecke v...@samba.org
Date: Sat Feb 6 12:56:19 2010 +0100
pam_winbind: Remove a nested if-statement. Bo, please check!
commit 8cb6f7ec1bdaa086e77fc865c2226151dcd602a7
Author: Volker Lendecke v...@samba.org
Date: Sat Feb 6 12:55:00 2010 +0100
pam_winbind: Use strchr instead of strstr for a single character
---
Summary of changes:
nsswitch/pam_winbind.c |8 +++-
1 files changed, 3 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 52a8daa..82c8c4d 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -1144,7 +1144,7 @@ static bool winbind_name_list_to_sid_string_list(struct
pwb_context *ctx,
}
search_location = name_list;
- while ((comma = strstr(search_location, ,)) != NULL) {
+ while ((comma = strchr(search_location, ',')) != NULL) {
current_name = strndup(search_location,
comma - search_location);
if (NULL == current_name) {
@@ -1199,10 +1199,8 @@ static bool winbind_name_list_to_sid_string_list(struct
pwb_context *ctx,
* It is malformated parameter here, overwrite the last ','.
*/
len = strlen(sid_list_buffer);
- if (len) {
- if (sid_list_buffer[len - 1] == ',') {
- sid_list_buffer[len - 1] = '\0';
- }
+ if ((len != 0) (sid_list_buffer[len - 1] == ',')) {
+ sid_list_buffer[len - 1] = '\0';
}
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 70534ad... tdb: raise version to 1.2.1 from 65710da... pam_winbind: Remove a nested if-statement. Bo, please check! http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 70534adee10fc6f5bba2d9304668dc6508e5de5a Author: Simo Sorce i...@samba.org Date: Sat Feb 6 10:48:39 2010 -0500 tdb: raise version to 1.2.1 after recent fixes we need to raise the version to 1.2.1 so that we can require also the right patched version. --- Summary of changes: lib/tdb/configure.ac|2 +- source3/configure.in|2 +- source4/min_versions.m4 |2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/configure.ac b/lib/tdb/configure.ac index dac7bb2..3951219 100644 --- a/lib/tdb/configure.ac +++ b/lib/tdb/configure.ac @@ -2,7 +2,7 @@ AC_PREREQ(2.50) AC_DEFUN([SMB_MODULE_DEFAULT], [echo -n ]) AC_DEFUN([SMB_LIBRARY_ENABLE], [echo -n ]) AC_DEFUN([SMB_ENABLE], [echo -n ]) -AC_INIT(tdb, 1.2.0) +AC_INIT(tdb, 1.2.1) AC_CONFIG_SRCDIR([common/tdb.c]) AC_CONFIG_HEADER(include/config.h) AC_LIBREPLACE_ALL_CHECKS diff --git a/source3/configure.in b/source3/configure.in index f3c6ba5..14b57b6 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1965,7 +1965,7 @@ AC_ARG_ENABLE(external_libtdb, if test x$enable_external_libtdb != xno then - PKG_CHECK_MODULES(LIBTDB, tdb = 1.1.7, + PKG_CHECK_MODULES(LIBTDB, tdb = 1.2.1, [ enable_external_libtdb=yes ], [ if test x$enable_external_libtdb = xyes; then diff --git a/source4/min_versions.m4 b/source4/min_versions.m4 index af8c4dd..c134c69 100644 --- a/source4/min_versions.m4 +++ b/source4/min_versions.m4 @@ -1,6 +1,6 @@ # Minimum and exact required versions for various libraries # if we use the ones installed in the system. -define(TDB_MIN_VERSION,1.2.0) +define(TDB_MIN_VERSION,1.2.1) define(TALLOC_MIN_VERSION,2.0.1) define(LDB_REQUIRED_VERSION,0.9.10) define(TEVENT_REQUIRED_VERSION,0.9.8) -- Samba Shared Repository
Build status as of Sun Feb 7 07:00:05 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-02-06 00:00:14.0 -0700 +++ /home/build/master/cache/broken_results.txt 2010-02-07 00:00:06.0 -0700 @@ -1,4 +1,4 @@ -Build status as of Sat Feb 6 07:00:07 2010 +Build status as of Sun Feb 7 07:00:05 2010 Build counts: Tree Total Broken Panic @@ -14,7 +14,7 @@ samba-web0 0 0 samba_3_current 33 32 1 samba_3_master 33 31 5 -samba_3_next 29 29 4 +samba_3_next 29 28 4 samba_4_0_test 35 33 1 talloc 35 12 0 tdb 33 21 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5ab6a8d... s4-registry: fixed byte order assumptions
from 70534ad... tdb: raise version to 1.2.1
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5ab6a8d077712c789bbd245f5f7cac7fc71cba81
Author: Andrew Tridgell tri...@samba.org
Date: Sun Feb 7 18:11:42 2010 +1100
s4-registry: fixed byte order assumptions
the registry tests were broken on big-endian systems
---
Summary of changes:
source4/lib/registry/ldb.c|3 ++-
source4/lib/registry/patchfile_preg.c |4 ++--
source4/lib/registry/regf.c |2 +-
source4/lib/registry/util.c |7 ---
4 files changed, 9 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c
index 033fdcb..d70489a 100644
--- a/source4/lib/registry/ldb.c
+++ b/source4/lib/registry/ldb.c
@@ -80,7 +80,8 @@ static void reg_ldb_unpack_value(TALLOC_CTX *mem_ctx,
case REG_DWORD: {
uint32_t tmp = strtoul((char *)val-data, NULL, 0);
- *data = data_blob_talloc(mem_ctx, tmp, 4);
+ *data = data_blob_talloc(mem_ctx, NULL, 4);
+ SIVAL(data-data, 0, tmp);
}
break;
diff --git a/source4/lib/registry/patchfile_preg.c
b/source4/lib/registry/patchfile_preg.c
index 30a9aea..d7b4bc3 100644
--- a/source4/lib/registry/patchfile_preg.c
+++ b/source4/lib/registry/patchfile_preg.c
@@ -109,7 +109,7 @@ static WERROR reg_preg_diff_del_value(void *_data, const
char *key_name,
val = talloc_asprintf(data-ctx, **Del.%s, value_name);
blob.data = (uint8_t *)talloc(data-ctx, uint32_t);
- *(uint32_t *)blob.data = 0;
+ SIVAL(blob.data, 0, 0);
blob.length = 4;
return reg_preg_diff_set_value(data, key_name, val, REG_DWORD, blob);
}
@@ -120,7 +120,7 @@ static WERROR reg_preg_diff_del_all_values(void *_data,
const char *key_name)
DATA_BLOB blob;
blob.data = (uint8_t *)talloc(data-ctx, uint32_t);
- *(uint32_t *)blob.data = 0;
+ SIVAL(blob.data, 0, 0);
blob.length = 4;
return reg_preg_diff_set_value(data, key_name, **DelVals., REG_DWORD,
blob);
diff --git a/source4/lib/registry/regf.c b/source4/lib/registry/regf.c
index a96c7db..b5b676f 100644
--- a/source4/lib/registry/regf.c
+++ b/source4/lib/registry/regf.c
@@ -1816,7 +1816,7 @@ static WERROR regf_set_value(struct hive_key *key, const
char *name,
vk.data_type = type;
if (type == REG_DWORD) {
vk.data_length |= 0x8000;
- vk.data_offset = *(uint32_t *)data.data;
+ vk.data_offset = IVAL(data.data, 0);
} else {
/* Store data somewhere */
vk.data_offset = hbin_store(regf, data);
diff --git a/source4/lib/registry/util.c b/source4/lib/registry/util.c
index 5d451df..ba739c4 100644
--- a/source4/lib/registry/util.c
+++ b/source4/lib/registry/util.c
@@ -75,11 +75,11 @@ _PUBLIC_ char *reg_val_data_string(TALLOC_CTX *mem_ctx,
ret = data_blob_hex_string_upper(mem_ctx, data);
break;
case REG_DWORD:
- if (*(int *)data.data == 0) {
+ if (IVAL(data.data, 0) == 0) {
ret = talloc_strdup(mem_ctx, 0);
} else {
ret = talloc_asprintf(mem_ctx, 0x%x,
- *(int *)data.data);
+ IVAL(data.data, 0));
}
break;
case REG_NONE:
@@ -147,7 +147,8 @@ _PUBLIC_ bool reg_string_to_val(TALLOC_CTX *mem_ctx,
break;
case REG_DWORD: {
uint32_t tmp = strtol(data_str, NULL, 0);
- *data = data_blob_talloc(mem_ctx, tmp, 4);
+ *data = data_blob_talloc(mem_ctx, NULL, 4);
+ SIVAL(data-data, 0, tmp);
}
break;
case REG_NONE:
--
Samba Shared Repository
