Forums

Resolved
0 votes
Hi all,

please note that the update from last night we are not able to connect to our samba shares. The issue exist in Windows, Mac and Linux.
Is anyone having the same issue?
Any hint how I can start the investigation?


smbclient -A .smbcredentials -L //<hostname>

Sharename Type Comment
--------- ---- -------
developer Disk Share for Development
intern Disk Share for Official Company Documents
management Disk Share for Management Documents
team Disk Share for Team Document Exchange
admin Disk Share for Domain Admins
software Disk Software Pool
office_adm Disk For Office Administration only
releases Disk Voipfuture share for SW releases
IPC$ IPC IPC Service (File Server)
christoph Disk Home Directories
SMB1 disabled -- no workgroup available



smbclient -A .smbcredentials //<hostname>/team -c 'ls'
tree connect failed: NT_STATUS_ACCESS_DENIED


When I try to mount I received the following error:

mount /media/team/
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)



Best regards
Christoph
Wednesday, July 15 2020, 08:23 AM
Share this post:
Responses (16)
  • Accepted Answer

    Wednesday, July 15 2020, 02:04 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:
    You may want to grab a copy of the file from a recent configuration backup and compare.


    Hm.....
    This is strange. I checked the oldest backup and I see the same smb.conf in there.

    I enabled all stuff from #others.
    The #winbind and #PDC is still commented as this is causing trouble with our other domain controller.

    The good news is that access with custom groups is working again.

    Really happy and thank you for the great help!!!

    Best regards
    Christoph
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 01:41 PM - #Permalink
    Resolved
    0 votes
    Your config has been changed and is not like the default. Have you used Webmin on this server? You are missing entries and others e.g "idmap config" have been changed. A virgin install in standalone mode has the following smb.conf:
    [global]
    add machine script = /usr/sbin/samba-add-machine "%u"
    domain logons = Yes
    domain master = Yes
    guest account = guest
    interfaces = lo ens6
    ldap admin dn = cn=manager,ou=Internal,dc=system,dc=lan
    ldap connection timeout = 8
    ldap group suffix = ou=Groups,ou=Accounts
    ldap idmap suffix = ou=Idmap
    ldap machine suffix = ou=Computers,ou=Accounts
    ldap ssl = no
    ldap suffix = dc=system,dc=lan
    ldap user suffix = ou=Users,ou=Accounts
    log file = /var/log/samba/%L-%m
    logon drive = U:
    logon home = \\%L\%U
    logon path =
    logon script = logon.cmd
    max log size = 0
    netbios name = LIBVIRTSERVER
    ntlm auth = ntlmv1-permitted
    passdb backend = ldapsam:ldap://127.0.0.1
    passwd chat = *password:* %n\n *password:* %n\n *successfully.*
    passwd chat timeout = 10
    passwd program = /usr/sbin/userpasswd %u
    preferred master = Yes
    printcap name = /etc/printcap
    security = USER
    server string = MyServer
    template homedir = /home/%U
    template shell = /sbin/nologin
    unix password sync = Yes
    username map = /etc/samba/smbusers
    utmp = Yes
    winbind enum groups = Yes
    winbind enum users = Yes
    winbind expand groups = 1
    winbind offline logon = Yes
    winbind separator = +
    winbind use default domain = Yes
    wins support = Yes
    workgroup = CLEARSYSTEM
    idmap config * : ldap_user_dn = cn=manager,ou=Internal,dc=system,dc=lan
    idmap config * : ldap_base_dn = ou=Idmap,dc=system,dc=lan
    idmap config * : ldap_url = ldap://127.0.0.1
    idmap config * : range = 20000000-29999999
    idmap config * : backend = ldap
    include = /etc/samba/flexshare.conf


    You may want to grab a copy of the file from a recent configuration backup and compare.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 01:27 PM - #Permalink
    Resolved
    0 votes
    I also searched in the LDAP and found the groups and the users attached to them.
    Not able to spot a difference.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 01:15 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    What do you get from "testparm -s"


    Here you are.
    I guess something is wrong with LDAP. I will do some searches.


    [root@filer shares]# testparm -s
    Load smb config files from /etc/samba/smb.conf
    NOTE: Service printers is flagged unavailable.
    NOTE: Service print$ is flagged unavailable.
    NOTE: Service netlogon is flagged unavailable.
    NOTE: Service profiles is flagged unavailable.
    Loaded services file OK.
    ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd program' parameter.

    Server role: ROLE_STANDALONE

    # Global parameters
    [global]
    guest account = guest
    interfaces = lo eno1
    ldap admin dn = cn=manager,ou=Internal,dc=domain,dc=com
    ldap connection timeout = 8
    ldap group suffix = ou=Groups,ou=Accounts
    ldap idmap suffix = ou=Idmap
    ldap machine suffix = ou=Computers,ou=Accounts
    ldap ssl = no
    ldap suffix = dc=domain,dc=com
    ldap user suffix = ou=Users,ou=Accounts
    log file = /var/log/samba/%L-%m
    max log size = 0
    ntlm auth = ntlmv1-permitted
    passdb backend = ldapsam:ldap://127.0.0.1
    printcap name = /etc/printcap
    security = USER
    server string = File Server
    unix password sync = Yes
    utmp = Yes
    winbind expand groups = 1
    workgroup = domain
    idmap config * : ldap_user_dn = cn=manager,ou=Internal,dc=domain,dc=com
    idmap config * : ldap_base_dn = ou=Idmap,dc=domain,dc=com
    idmap config * : ldap_url = ldap://127.0.0.1
    idmap config * : backend = tdb
    acl allow execute always = Yes
    include = /etc/samba/flexshare.conf


    [developer]
    comment = Share for Development
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/developer
    read only = No
    valid users = @%D\allusers @allusers
    veto files = /.flexshare*/
    vfs objects = recycle:recycle
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [intern]
    comment = Share for Official Company Documents
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/intern
    read only = No
    valid users = @%D\allusers @allusers
    veto files = /.flexshare*/
    vfs objects = recycle:recycle
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [management]
    comment = Share for Management Documents
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/management
    read only = No
    valid users = @%D\grp_management @grp_management
    veto files = /.flexshare*/
    vfs objects = recycle:recycle
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [team]
    comment = Share for Team Document Exchange
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/team
    read only = No
    valid users = @%D\allusers @allusers
    veto files = /.flexshare*/
    vfs objects = recycle:recycle
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [admin]
    comment = Share for Domain Admins
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/admin
    read only = No
    valid users = @%D\testadmin @testadmin
    veto files = /.flexshare*/
    vfs objects = recycle:recycle
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [software]
    comment = Software Pool
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/software
    read only = No
    valid users = @%D\allusers @allusers
    veto files = /.flexshare*/


    [office_adm]
    comment = For Office Administration only
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/office_adm
    read only = No
    valid users = @%D\grp_office_adm @grp_office_adm
    veto files = /.flexshare*/
    vfs objects = recycle:recycle full_audit:audit
    audit:priority = NOTICE
    audit:facility = LOCAL5
    audit:failure = all
    audit:success = open opendir
    audit:prefix = %u
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [releases]
    comment = domain share for SW releases
    create mask = 0664
    directory mask = 0775
    path = /var/flexshare/shares/releases
    read only = No
    valid users = @%D\allusers @allusers
    veto files = /.flexshare*/
    vfs objects = recycle:recycle full_audit:audit
    audit:priority = NOTICE
    audit:facility = LOCAL5
    audit:failure = all
    audit:success = open opendir
    audit:prefix = %u
    recycle:excludedir = /.trash,/tmp,/temp,/TMP,/TEMP
    recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP,~*.*
    recycle:directory_mode = 0775
    recycle:touch = No
    recycle:keeptree = Yes
    recycle:versions = Yes
    recycle:maxsize = 0
    recycle:repository = .trash/%U


    [homes]
    browseable = No
    comment = Home Directories
    path = /home/%U
    read only = No
    valid users = %D\%S %D+%S %S


    [printers]
    available = No
    browseable = No
    comment = Print Spool
    cups options = raw
    path = /var/spool/samba
    printable = Yes
    read only = No
    use client driver = Yes


    [print$]
    available = No
    browseable = No
    comment = Printer Drivers
    path = /var/samba/drivers
    read only = No


    [netlogon]
    available = No
    browseable = No
    comment = Network Logon Service
    locking = No
    path = /var/samba/netlogon
    read only = No


    [profiles]
    available = No
    browseable = No
    comment = Profile Share
    force directory mode = 02775
    force group = domain_users
    path = /var/samba/profiles
    read only = No
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 01:08 PM - #Permalink
    Resolved
    0 votes
    What do you get from "testparm -s"
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 12:21 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    I still don't understand why you are having problems. For me, my "testgroup" share works, as do all the "allusers" shares


    Yes this is really strange. I just tried to create a new group without "_". But also this does not help.

    The last reboot of the system before today was the 8th of July and until this morning everything was working normal.

    Best regards
    Christoph
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 11:57 AM - #Permalink
    Resolved
    0 votes
    I still don't understand why you are having problems. For me, my "testgroup" share works, as do all the "allusers" shares
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 11:50 AM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    It works for me if I use a group share. Can you check your group still exists and your users belong to it. Also check the folder group ownership is the group. As a last thought, is the folder still enabled for file sharing in the Flexshare app?


    Hi Nick,

    as I wrote the group share is only working if I select the "allusers" group for the access. The custom groups are still looking OK and the group ownership of the folder is changing if I switch the group permission.

    Also the windows filesharing is enabled to the folder. So I really switch only between the custom group and the "allusers" and it is going to work.

    Best regards
    Christoph
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 11:20 AM - #Permalink
    Resolved
    0 votes
    It works for me if I use a group share. Can you check your group still exists and your users belong to it. Also check the folder group ownership is the group. As a last thought, is the folder still enabled for file sharing in the Flexshare app?
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 10:05 AM - #Permalink
    Resolved
    0 votes
    Hey Nick,

    so I found another interesting thing.

    It is working if I select the group allusers for the share.

    It does not work any more if I switch it back to the special group.

    Best regards
    Christoph
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 09:16 AM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    Why do you do that link? Is is through a bind mount or symlink? I don't think it should matter.

    Can you try:
    smbclient -A .smbcredentials  //<hostname>/team -c 'ls'  -U {a_valid_usename_for_the_team_share}
    I don't think you need the "-A .smbcredentials".

    Also is LDAP running?
    systemctl slapd status


    The link is only to make sure that the shares are on the home partition. I also don't think that is related.

    The -A is just because I don't want to type. ;)

    smbclient //filer/team -c 'ls'  -U ctimm
    Enter SAMBA\ctimm's password:
    tree connect failed: NT_STATUS_ACCESS_DENIED



    [root@filer ~]# systemctl status slapd
    ● slapd.service - OpenLDAP Server Daemon
    Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; vendor preset: disabled)
    Active: active (running) since Mi 2020-07-15 09:55:07 CEST; 1h 18min ago
    Docs: man:slapd
    man:slapd-config
    man:slapd-hdb
    man:slapd-mdb
    file:///usr/share/doc/openldap-servers/guide.html
    Process: 1442 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=0/SUCCESS)
    Process: 1229 ExecStartPre=/usr/libexec/openldap/prestart.sh (code=exited, status=0/SUCCESS)
    Main PID: 1519 (slapd)
    CGroup: /system.slice/slapd.service
    └─1519 /usr/sbin/slapd -u ldap -h ldap://127.0.0.1/

    Jul 15 09:55:07 filer prestart.sh[1229]: Configuration directory '/etc/openldap/slapd.d' does not exist.
    Jul 15 09:55:07 filer prestart.sh[1229]: Warning: Usage of a configuration file is obsolete!
    Jul 15 09:55:07 filer runuser[1269]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
    Jul 15 09:55:07 filer runuser[1269]: pam_unix(runuser:session): session closed for user ldap
    Jul 15 09:55:07 filer slapd[1442]: @(#) $OpenLDAP: slapd 2.4.44 (Oct 11 2019 15:35:58) $
    root@build-x86_64-1.orem.clearos.com:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 09:07 AM - #Permalink
    Resolved
    0 votes
    Why do you do that link? Is is through a bind mount or symlink? I don't think it should matter.

    Can you try:
    smbclient -A .smbcredentials  //<hostname>/team -c 'ls'  -U {a_valid_usename_for_the_team_share}
    I don't think you need the "-A .smbcredentials".

    Also is LDAP running?
    systemctl slapd status
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 09:01 AM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    Can you check that the three services are running:
    systemctl status smb nmb winbind -l



    [root@filer ~]# systemctl status smb nmb winbind -l
    ● smb.service - Samba SMB Daemon
    Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled)
    Active: active (running) since Mi 2020-07-15 10:07:10 CEST; 53min ago
    Docs: man:smbd(8)
    man:samba(7)
    man:smb.conf(5)
    Main PID: 3193 (smbd)
    Status: "smbd: ready to serve connections..."
    CGroup: /system.slice/smb.service
    ├─ 3193 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3195 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3196 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3197 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3198 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3199 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3200 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3201 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3202 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3203 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3204 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3205 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3206 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3208 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3209 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3210 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3211 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3212 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3213 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3214 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3215 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3216 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3217 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3218 /usr/sbin/smbd --foreground --no-process-group
    ├─ 3221 /usr/sbin/smbd --foreground --no-process-group
    ├─ 4003 /usr/sbin/smbd --foreground --no-process-group
    ├─ 4066 /usr/sbin/smbd --foreground --no-process-group
    ├─21200 /usr/sbin/smbd --foreground --no-process-group
    ├─21241 /usr/sbin/smbd --foreground --no-process-group
    └─23181 /usr/sbin/smbd --foreground --no-process-group

    Jul 15 10:57:31 filer smbd[22814]: [2020/07/15 10:57:31.935171, 0] ../../source3/passdb/lookup_sid.c:1516(get_primary_group_sid)
    Jul 15 10:57:31 filer smbd[22814]: Failed to find a Unix account for MSBURNS$
    Jul 15 10:57:31 filer smbd[22814]: [2020/07/15 10:57:31.941679, 0] ../../source3/passdb/lookup_sid.c:1516(get_primary_group_sid)
    Jul 15 10:57:31 filer smbd[22814]: Failed to find a Unix account for MSBURNS$
    Jul 15 10:57:31 filer smbd[22814]: [2020/07/15 10:57:31.960713, 0] ../../source3/passdb/lookup_sid.c:1516(get_primary_group_sid)
    Jul 15 10:57:31 filer smbd[22814]: Failed to find a Unix account for MSBURNS$
    Jul 15 10:57:31 filer smbd[22814]: [2020/07/15 10:57:31.966679, 0] ../../source3/passdb/lookup_sid.c:1516(get_primary_group_sid)
    Jul 15 10:57:31 filer smbd[22814]: Failed to find a Unix account for MSBURNS$
    Jul 15 10:57:31 filer smbd[22814]: [2020/07/15 10:57:31.972706, 0] ../../source3/passdb/lookup_sid.c:1516(get_primary_group_sid)
    Jul 15 10:57:31 filer smbd[22814]: Failed to find a Unix account for MSBURNS$

    ● nmb.service - Samba NMB Daemon
    Loaded: loaded (/usr/lib/systemd/system/nmb.service; enabled; vendor preset: disabled)
    Active: active (running) since Mi 2020-07-15 09:55:07 CEST; 1h 5min ago
    Docs: man:nmbd(8)
    man:samba(7)
    man:smb.conf(5)
    Main PID: 1244 (nmbd)
    Status: "nmbd: ready to serve connections..."
    CGroup: /system.slice/nmb.service
    └─1244 /usr/sbin/nmbd --foreground --no-process-group

    Jul 15 10:40:47 filer nmbd[1244]: This response was from IP 192.168.10.1, reporting an IP address of 192.168.10.1.
    Jul 15 10:46:01 filer nmbd[1244]: [2020/07/15 10:46:01.004035, 0] ../../source3/nmbd/nmbd_namequery.c:109(query_name_response)
    Jul 15 10:46:01 filer nmbd[1244]: query_name_response: Multiple (2) responses received for a query on subnet 192.168.10.6 for name VOIPFUTURE<1d>.
    Jul 15 10:46:01 filer nmbd[1244]: This response was from IP 192.168.10.1, reporting an IP address of 192.168.10.1.
    Jul 15 10:50:51 filer nmbd[1244]: [2020/07/15 10:50:51.392102, 0] ../../source3/nmbd/nmbd_namequery.c:109(query_name_response)
    Jul 15 10:50:51 filer nmbd[1244]: query_name_response: Multiple (2) responses received for a query on subnet 192.168.10.6 for name VOIPFUTURE<1d>.
    Jul 15 10:50:51 filer nmbd[1244]: This response was from IP 192.168.10.1, reporting an IP address of 192.168.10.1.
    Jul 15 10:55:51 filer nmbd[1244]: [2020/07/15 10:55:51.013028, 0] ../../source3/nmbd/nmbd_namequery.c:109(query_name_response)
    Jul 15 10:55:51 filer nmbd[1244]: query_name_response: Multiple (2) responses received for a query on subnet 192.168.10.6 for name VOIPFUTURE<1d>.
    Jul 15 10:55:51 filer nmbd[1244]: This response was from IP 192.168.10.1, reporting an IP address of 192.168.10.1.

    ● winbind.service - Samba Winbind Daemon
    Loaded: loaded (/usr/lib/systemd/system/winbind.service; enabled; vendor preset: disabled)
    Active: active (running) since Mi 2020-07-15 09:55:07 CEST; 1h 5min ago
    Docs: man:winbindd(8)
    man:samba(7)
    man:smb.conf(5)
    Main PID: 1664 (winbindd)
    Status: "winbindd: ready to serve connections..."
    CGroup: /system.slice/winbind.service
    ├─1664 /usr/sbin/winbindd --foreground --no-process-group
    ├─1914 /usr/sbin/winbindd --foreground --no-process-group
    ├─2227 /usr/sbin/winbindd --foreground --no-process-group
    └─2231 /usr/sbin/winbindd --foreground --no-process-group

    Jul 15 09:55:07 filer winbindd[1664]: [2020/07/15 09:55:07.597753, 0] ../../source3/winbindd/winbindd_cache.c:3166(initialize_winbindd_cache)
    Jul 15 09:55:07 filer winbindd[1664]: initialize_winbindd_cache: clearing cache and re-creating with version number 2
    Jul 15 09:55:07 filer winbindd[1664]: [2020/07/15 09:55:07.599408, 0] ../../lib/util/become_daemon.c:136(daemon_
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 08:56 AM - #Permalink
    Resolved
    0 votes
    Hi Nick,

    we are running the community edition.
    Yes I saw that there was no relation to samba updated last night.

    This is the yum.log from July.
    Jul 01 06:53:16 Updated: 1:app-base-core-2.9.2-1.v7.noarch
    Jul 01 06:53:16 Updated: 1:app-base-2.9.2-1.v7.noarch
    Jul 01 06:54:05 Updated: ntpdate-4.2.6p5-29.el7.centos.2.x86_64
    Jul 01 06:54:08 Updated: kernel-tools-libs-3.10.0-1127.13.1.el7.x86_64
    Jul 01 06:54:11 Updated: kernel-tools-3.10.0-1127.13.1.el7.x86_64
    Jul 01 06:54:11 Updated: ntp-4.2.6p5-29.el7.centos.2.x86_64
    Jul 01 06:54:23 Updated: 2:microcode_ctl-2.1-61.10.el7_8.x86_64
    Jul 01 06:54:41 Installed: kernel-3.10.0-1127.13.1.el7.x86_64
    Jul 01 06:54:42 Updated: ca-certificates-2020.2.41-70.0.el7_8.noarch
    Jul 01 06:54:42 Updated: rsyslog-8.24.0-52.el7_8.2.x86_64
    Jul 01 06:54:43 Updated: python-perf-3.10.0-1127.13.1.el7.x86_64
    Jul 08 05:46:11 Updated: 1:app-flexshare-core-2.4.19-1.v7.noarch
    Jul 08 05:46:12 Updated: selinux-policy-3.13.1-266.el7_8.1.noarch
    Jul 08 05:46:12 Updated: systemd-libs-219-73.el7_8.8.x86_64
    Jul 08 05:46:16 Updated: systemd-219-73.el7_8.8.x86_64
    Jul 08 05:46:16 Updated: systemd-sysv-219-73.el7_8.8.x86_64
    Jul 08 05:46:30 Updated: selinux-policy-targeted-3.13.1-266.el7_8.1.noarch
    Jul 08 05:46:30 Updated: 1:app-flexshare-2.4.19-1.v7.noarch
    Jul 15 02:46:50 Updated: 1:app-bandwidth-viewer-core-2.3.1-1.v7.noarch
    Jul 15 02:46:50 Updated: webconfig-httpd-tools-2.4.6-93.v7.x86_64
    Jul 15 02:46:52 Updated: webconfig-httpd-2.4.6-93.v7.x86_64
    Jul 15 02:46:52 Updated: 1:webconfig-mod_ssl-2.4.6-93.v7.x86_64
    Jul 15 02:46:54 Updated: clearos-framework-7.6.3-1.v7.noarch
    Jul 15 02:46:54 Updated: 1:app-bandwidth-viewer-2.3.1-1.v7.noarch
    Jul 15 02:46:54 Updated: syswatch-7.4.7-1.v7.noarch


    I'm not aware of any manual changes.

    I just created a new test share which is showing the same issue.

    I'm 100% sure that the issue was not present yesterday. A restart of the server also did not solve it.

    The interesting part is that the home directory could be mounted as before. So it is only related to the flexshare.
    Here is important to know that /var/flexshare/shares is a link to /home/shares/.

    Best regards
    Christoph
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 08:52 AM - #Permalink
    Resolved
    0 votes
    Can you check that the three services are running:
    systemctl status smb nmb winbind -l
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, July 15 2020, 08:38 AM - #Permalink
    Resolved
    0 votes
    What edition of ClearOS? The only change pushed last night to Home/Business took out support for TLS1.1 in the web server, but it happens to use the flexshare app for that part of the code. Community users had the update for a week now with no reported issues. There was no update to samba. All the flexshare definitions would have been regenerated so any manual tinkering you may have done would have been overwritten. Do you do any?
    The reply is currently minimized Show
Your Reply