User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
email@hidden wrote:
...
Our Open Directory Master/PDC is a G5 Xserve with 2 GB RAM. We have
disabled offline folders on our XP clients. On the Xserve, we have
disabled roaming profiles, and have added 'socket options = TCP_NODELAY
SO_KEEPALIVE SO_RCVBUF=64240 SO_SNDBUF=64240 IPTOS_LOWDELAY' to the
[global] section of /etc/smb.conf . Additionally, we have doubled the
allowable thread count (to 128) for lookupd (Apple Kbase Article
107899). An /etc/netlogon/login.bat , defined in the Login Script: field
of Workgroup Manager mounts users' home directories: net use U:
\\c5\%UserName% .
The devil may be in the details here so here are a few questions:
a) how did you disable roaming profiles? (Apple doesn't make this easy)
b) Is the PDC also a WINS server? Do the clients point at it for WINS?
c) Do you have several login.bat files?
The one you show would only ever reference a server named 'c5'
>
Students home directories are stored on four other servers (~1 GHz Power
Mac G4s, >=1.5 GB RAM). Staff home directories are stored on three other
Xserves which serve home directories stored on a >1 TB Xserve RAID
array. All servers run 10.3.5, are 'Connected to a [Open] Directory
System' and are Windows 'Domain Member[s]'.
While we have nearly three thousand users defined in WM, only
twenty-five to fifty Windows users will ever be logged-in at one time.
The eight staff members do not suffer the same issues our students do.
Are all the home directory servers on the same nets?
Are any of them using multiple NICs?
>
At the beginning and end of each period, as students in our Windows labs
login and logout, our Open Directory Master (ODM)/PDC struggles as smbd
daemons are spawned for each login/logout. Through extensive testing, we
have discovered that the failure seems to occur between the hand-off of
students to/from the ODM/PDC to/from the home directory server. For a
while, we resolved the issue by restarting our ODM/PDC. Restarting
Windows services on either/both ODM/PDC or/and home directory server
does not resolve the failure. Only yesterday did we discover that by
restarting the home directory server the issue could (temporarily) be
overcome. So, as any more than five students simultaneously login to or
logout of any particular home server, Windows services on their home
directory server fails. Mac users (mounted over AFP) on failing home
directory servers are fine during these failures. Students and staff
with homes on other home directory servers are able to login/logout
during the failures of one or more home directory servers. The
connections pane in the Windows section of Server Admin will show an
"unknown" connection for each user during these failures. Students get
authenticated by the ODM/PDC, and students see a U: drive in Windows
Explorer; however, students are denied access to U: , even if they type
their username and password as Windows prompts for it (indicating a
failure of the home directory server).
The "unknown" connection is an anonymous guest connection done before
authentication has occurred (Apple specifies that the guest account
be called "unknown").
>
I am now trying to determine what happens between the hand-off to/from
the home directory server, for that seems to be the point of failure.
Has anyone any detailed knowledge of this process?
The "hand-off" is really just a separate share request which you're
generating out of the login.bat. It should be no different from
one entered via a commmandline.
If the students were authed by ODM/PDC then that should be accepted
by the Domain member servers without further prompting so I would
guess that something went wrong earlier with the auth. Did they
have you crank up the Samba log levels to get more detail? Do
the other Xserves show up in WGM's list of Windows Computers?
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
