Re: [Samba] Samba4 shares slow

Le 21/11/2018 à 12:22, Rowland Penny via samba a écrit :
On Wed, 21 Nov 2018 11:34:40 +0100
Julien TEHERY via samba <samba@xxxxxxxxxxxxxxx> wrote:

DC1 (RHEL7 - samba 4.6.4)
Where did you get the Samba 4.6.4 packages from, they cannot be the
standard RHEL7 ones, as you cannot provision an AD DC using the
standard RHEL Samba packages.

That's right, they have been compiled from source with ads support
Why did you use an EOL version of Samba then ?
I'm gonna upgrade to 4.8.5 on the RHEL DCs

SMB1 (Ubuntu 14 - samba 4.3.11+dfsg-0ubuntu0.14.04.14)
Why have you used Ubuntu 14.04 ?
Not knocking Ubuntu here, but 14.04 goes EOL next April and Samba
4.3.x is already EOL as far as Samba is concerned.
Correct. The fact is that I informed those in charge of the former
domain that they should upgrade their OS first, but sadly they don't
intend to do it for now.
I have to deal with this..
No, they have to deal with this, you have my permission to tell them
that I think they are stupid. From next May, Ubuntu 14.04 will no
longer be supported and with it the support for Samba 4.3.x, as I have
already said, 4.3.x is already EOL as far as Samba is concerned.
Ok then I'll spread the word for you!
I'm gonna test with ubuntu18/ and samba >= 4.7 and will let you know

Your problem could be being caused by your old versions of Samba.


All SMB Servers have the same exact smb.conf:

     workgroup = MYDOMAIN
     security = ADS
     realm = MYDOMAIN.LAN
     netbios name = SMBSERVER1
     encrypt passwords = yes
     winbind separator = +
     idmap config *:backend = tdb
     idmap config *:range = 70001-80000
     idmap config MYDOMAIN:backend  = rid
     idmap config MYDOMAIN:range  = 10000-70000
     winbind enum users = yes
     winbind enum groups = yes
     vfs objects = acl_xattr
     map acl inherit = Yes
     store dos attributes = Yes
     winbind trusted domains only = no
     winbind use default domain = yes
     printcap cache time = 60
     printcap name = cups
     printing = cups
     rpc_server:spoolss = external
     rpc_daemon:spoolssd = fork
     username map = /etc/samba/user.map
     log level = 10

include = /etc/samba/shares.conf
Just a few comments on the smb.conf:

The default domain '*' is meant for the Well Known SID's and users &
groups outside the 'MYDOMAIN' domain. There are less than 200 hundred
Well Known SID's, do you really expect nearly 10000 users from outside
the 'MYDOMAIN' domain to connect ?

the usage of the 'winbind enum' lines can slow things down and are only
required for testing purposes.

You might want to look carefully at the smb.conf, there are duplicate

I removed useless lines and commnted out the enum options, but it's not better

