On 05/25/2010 08:08 AM, Steve Snyder wrote: > In the course of upgrading from CentOS 5.4 to CentOS 5.5 I changed from > using the samba (v3.0.x) packages to the samba3x (v3.3.8) packages, > mostly because the newer version was said to better support Win7. The > Samba server services Linux, WinXP, and Win7 clients. > > Now I get many, many errors logged to the Samba logs shortly after 3:00 > AM, but only from the Win7 clients. I get roughly 430 sets of these > messages in a twenty-second (!) period: > > [2010/05/25 03:17:36, 1] smbd/service.c:make_connection_snum(748) > create_connection_server_info failed: NT_STATUS_ACCESS_DENIED > > These errors are never seen in the Samba logs that track the Linux and > WinXP clients, only the Win7 clients. I don't run virus scans or > anything else (that I know of) on the Win7 machines in the middle of the > night, but I do have the usual cron jobs running on the CentOS server > around that time. Could be related to log rotation or something like that? > > I haven't seen a loss of connectivity, but then I don't use the client > machines at 3:15AM. If there is a brief connection failure I wouldn't > know it. > > I used my old (Samba 3.0.x) config file, user definitions and password > database when I made the switch to the new (Samba 3.3.8) server and the > newer code didn't seem to have any complaints with them. The client > shares seem to work without any problems. > > Any thoughts on what could be generating all these errors? > > Thanks. Sorry for replying to my own post, but I want to report the resolution for those who will experience the same problem. My Win7 clients each have several connected network drives, shares exported by Samba. Of these all have Samba "guest ok" configurations except one, the user's home directory. This is the source of the problem. On Win7 "Windows Defender" by default runs a daily scan for viruses, etc. It runs this scheduled task as user SYSTEM. All is well with SYSTEM accessing the "guest ok" shares, but roughly 430 errors are generated when attempting to scan the user's home share. With Samba logging cranked up to level 2 the full errors look like this: [2010/06/22 09:00:25, 2] lib/access.c:check_access(406) Allowed connection from 192.168.0.6 (192.168.0.6) [2010/06/22 09:00:25, 2] smbd/service.c:create_connection_server_info(656) guest user (from session setup) not permitted to access this share (nancy) [2010/06/22 09:00:25, 1] smbd/service.c:make_connection_snum(748) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED That "nancy" is the name of the user's home directory. No other shares generate Samba errors, though all are scanned by Windows Defender. Win7 runs this daily task as SYSTEM so that it may run regardless of which (or any) user is logged in. I'm fine with just disabling the scheduled scan, but others may want to try playing with the user account used to run the scan. FYI.