kerard86 Absent Member.
Absent Member.
2178 views

Troubles with CIFS on OES 2 SP3 NCS

Hello,

I'm having some trouble with the CIFS protocol on a Novell OES 2 SP3 cluster. I'm trying to enable the protocol and its services for our cluster virtual servers, and I am having trouble doing so. I'm no expert on novell-cifs or novell-ncs so the information I have may or may not be relevant.

Before I elaborate further, here are my environment details:


  • All servers in the cluster are OES 2 SP3 Linux
  • 4 servers are present in the cluster (home-svr, data-svr, archive-svr, software-svr)
  • Every server has CIFS installed and running
  • Every server's CIFS service uses a common CIFS user in eDirectory
  • 4 virtual servers exist (home, data, archive, software) and are accessible over AFP and NCP
  • We migrate shares between servers for failover and present them to users using their virtual server names (users map to \\data.myorg.net\data, but the share data may be presented from home-svr)


Here are my observations of the current environment:


  • novell-cifs is running on all servers without problems
  • When accessing the cluster shares by their virtual server names, CIFS doesn't work on 3/4 servers
  • All cluster shares are accessible via their virtual server names when on the server "software-svr" if I migrate them to "software-svr"
  • If the cluster shares are migrated to servers that are not "software-svr", shares become inaccessible over CIFS
  • I cannot add a CIFS share manually to a virtual server with the novcifs command
  • Testing with nbtstat against the virtual server IP fails when the shares are not migrated to "software-svr". The failure is "host not found"
  • All 8 servers objects in eDirectory appear to be fine and are not missing the CIFS schema or attributes


If I attempt to run the novcifs command to manually add a CIFS server I get a success returned:

data-svr:~ # novcifs --add --vserver=.CN=data.OU=server.o=MYORG.T=TREE. --ip-addr=192.168.100.208
Adding a Virtual Server is completed successfully


But I receive the following error:

Sep 16 14:36:11 data-svr CIFS[32554]: EVENT: CLI: AddServer : Adding virtual server FDN .CN=data.OU=server.o=MYORG.T=TREE. with IP 0xd064a8c0
Sep 16 14:36:12 data-svr CIFS[32554]: CRITICAL: BROWSER: Failed to bind to virtual server IP. Error: 98
Sep 16 14:36:12 data-svr CIFS[32554]: EVENT: CLI: AddServer : Successfully added virtual server FDN= .CN=data.OU=server.o=MYORG.T=TREE., netbios= STER_DATA_W,IP= 0xd064a8c0 comment = Cluster Virtual CIFS Server
Sep 16 14:36:12 data-svr CIFS[32673]: EVENT: NBNS: Creating a NBNS listener for ip 192.168.100.208 on UDP port 137
Sep 16 14:36:12 data-svr CIFS[32673]: WARNING: NBNS: Bind failed for virual server ip =192.168.100.208 port 137: System Error No = 98
Sep 16 14:36:12 data-svr CIFS[32673]: CRITICAL: NBNS: Socket creation and binding for virtual server failed


Can anyone offer some pointers on how to get the other 3 servers in my cluster group to present shares using the CIFS protocol, or any other relevant information to gather to further diagnose the problem?

Thanks!
Labels (1)
0 Likes
3 Replies
kerard86 Absent Member.
Absent Member.

Re: Troubles with CIFS on OES 2 SP3 NCS

I have some other info but I can't edit my original post, so I'll put it here in a reply. When starting CIFS on one of the problem servers, the following events are logged in /var/log/cifs/cifs.log:


Sep 16 15:03:58 data-svr CIFS[32554]: WARNING: ENTRY: ************ CIFS server is shut down ************
Sep 16 15:03:58 data-svr CIFS: EVENT: ENTRY: ********** CIFS server started ************
Sep 16 15:03:58 data-svr CIFS[6731]: WARNING: ENTRY: Auditing interface not initialized.
Sep 16 15:03:58 data-svr CIFS[6731]: WARNING: RPC: requestNumber: fadebad1 events: 3ff domainpath /tmp/.ncp2cifs
Sep 16 15:03:59 data-svr CIFS[6731]: ERROR: ENTRY: CIFSNDSReadFromNDS: Error adding a new share (CIFSNDSPutSharePointInfo): 22101
Sep 16 15:03:59 data-svr CIFS[6731]: ERROR: ENTRY: CIFSNDSReadFromNDS: Error adding a new share (CIFSNDSPutSharePointInfo): 22101
Sep 16 15:03:59 data-svr CIFS[6731]: ERROR: ENTRY: CIFSNDSReadFromNDS: Error adding a new share (CIFSNDSPutSharePointInfo): 22101
Sep 16 15:04:00 data-svr CIFS[6731]: WARNING: ENTRY: Interface lo is skipped from populating for name resolution
Sep 16 15:04:00 data-svr CIFS[6731]: WARNING: ENTRY: Interface sit0 is skipped from Populating for name resolution
Sep 16 15:04:00 data-svr CIFS[6731]: WARNING: ENTRY: Interface lo is skipped from populating for name resolution
Sep 16 15:04:00 data-svr CIFS[6731]: WARNING: ENTRY: Interface lo is skipped from populating for name resolution
Sep 16 15:04:00 data-svr CIFS[6731]: EVENT: ENTRY: CIFS context list initialized


I found a TID on the topic (https://www.novell.com/support/kb/doc.php?id=7013095) but haven't started checking anything out in eDirectory.
0 Likes
kerard86 Absent Member.
Absent Member.

Re: Troubles with CIFS on OES 2 SP3 NCS

Fortunately I was able to resolve this alone. I had a few issues to correct on the cluster servers.

I found that not all of the nfapCIFS attributes were set on the virtual server objects in eDirectory, some of the cluster members were not able to reach eDirectory due to ldap misconfigurations, and finally most of the virtual server resource NCS load scripts were missing novcifs commands. In short, I visited the virtual servers in the iManager Cluster interface and removed the CIFS protocol for each resource, re-added it, reloaded novell-ncs, updated the cifsProxyUser password, reconfigured OES LDAP and Novell CIFS via YaST, made sure namcd was updated and referring to the right servers, made sure the correct IP AG certs were in /var/lib/novell-lum, restarted nldap and things started working. Each NCS load/unload script now has the correct novcifs commands within it and I can reach the cluster's virtual servers using nbtstat and can map shares. The TID I cited in my second post in the thread was very helpful in nudging me in the right direction.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Troubles with CIFS on OES 2 SP3 NCS

kerard86;2406572 wrote:
Fortunately I was able to resolve this alone. I had a few issues to correct on the cluster servers.

I found that not all of the nfapCIFS attributes were set on the virtual server objects in eDirectory, some of the cluster members were not able to reach eDirectory due to ldap misconfigurations, and finally most of the virtual server resource NCS load scripts were missing novcifs commands. In short, I visited the virtual servers in the iManager Cluster interface and removed the CIFS protocol for each resource, re-added it, reloaded novell-ncs, updated the cifsProxyUser password, reconfigured OES LDAP and Novell CIFS via YaST, made sure namcd was updated and referring to the right servers, made sure the correct IP AG certs were in /var/lib/novell-lum, restarted nldap and things started working. Each NCS load/unload script now has the correct novcifs commands within it and I can reach the cluster's virtual servers using nbtstat and can map shares. The TID I cited in my second post in the thread was very helpful in nudging me in the right direction.


I was going to ask if you had done this on existing cluster volumes. There's a section in the docs that's easy to miss sometimes, on how to CIFS-enable an already existing Cluster volume, that will adjust the load scripts for you. I have a nice pretty doc done, but looks like you found what you needed.

CIFS relies upon LUM, and LUM relies upon LDAP (among a few other things).
When your 2-year default eDir cert expires, LUM will break, and you'll have to manually fix things (requires a reboot as well) for things to work again. Just an FYI.
--Kevin
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.