HP CIFS Server and Terminal Server Version 1.06 October, 2007 SNSL Advanced Technology Center E0300 Printed in: U.S.A.
Legal Notices The information in this document is subject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. HewlettPackard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material. Warranty.
Contents Legal Notices ..................................................................................................................2 Chapter 1 Introduction....................................................................................................4 Chapter 2 Samba and Terminal Server Integration.............................................................5 Chapter 3 Samba with TS on Windows NT4/2000/2003 ......................................................7 Chapter 4 Without the Hotfix......
Chapter 1 Introduction Many organizations host file server and print server services on HP CIFS Server and Samba open source servers, usually running on UNIX or Linux operating systems. Client access to these services is typically achieved by direct network connectivity from the client to the server. However, client access can also be hosted and consolidated on a Windows Terminal Server. A Terminal Server can be thought of as a client application and connectivity hub.
Chapter 2 Samba and Terminal Server Integration The fundamental Samba design is to manage each client connection to the server with a discrete user process called a smbd daemon. During the client session setup to the Samba server the father Samba process starts the smbd from an incoming client TCP/IP session connection. Thus, for every client that has mounted one or more shares, there exists a smbd process.
Samba Server father smbd smbd smbd smbd netbios (nmbd) smbd smbd smbd user space kernel space TCP IP Naturally, the expectation of Terminal Server is that the six remote client connections and subsequent share mounts to the Samba server will result in 6 separate TCP/IP connections, resulting in the expected 6 smbd process to service each virtual client. However, Terminal Server does not operate in the expected manner.
Chapter 3 Samba with TS on Windows NT4/2000/2003 Terminal Server on Windows NT4, 2000, and 2003 is configurable to allow the underlying Windows operating system to appropriately handle multiple incoming client connections for Samba (or other) servers.
behavior provides the system resources per client connection that Samba was designed for, and thus Samba performance for Terminal Server connections is consistent with standard client sessions (note that Samba performance does not account for the actual Terminal Server system resources, which may be constrained due to the nature multitasking numerous client connections on one host).
Chapter 4 Without the Hotfix If the Windows Terminal Server is not configurable with the hotfixes listed in Chapter 3, the resulting Terminal Server functionality of no configurable option for multiple TCP transport sessions renders the Samba server default configuration behavior incapable of starting more than one smbd user process. Thus, the single smbd must service all incoming client connections from a particular Terminal Server, resulting in potential performance degradation.
Chapter 5 Terminal Server Workarounds There is no easy way to generate a new TCP/IP connection for every Terminal Server client that connects to a back-end file server. Interestingly, multiplexing numerous discrete connections over a single TCP/IP pipe (the default Windows behavior) has potential reliability issues by itself. Potential workarounds for Samba and Terminal Server integration exist primarily on the Samba platform and name resolution mechanisms. 5.
Prior to Samba version 3.0.2, the Samba code data structure for “netbios aliases =” was 1024 bytes long. Therefore, the total number of aliases that could be defined was limited by the total length of all defined alias names: (Alias1+Alias2+…..AliasN) <= 1024 (Total Aliases) Terminal Server itself defaults to “unlimited connections”, or a maximum number of connections may be specified.
5.1.2 Terminal Server Hosts File Aliases The Windows Terminal Server can be configured with a hosts file that is similar in function to the UNIX/Linux /etc/hosts file. The Terminal Server hosts file can be configured to supply Terminal Server aliases for a back-end Samba file/print server. The resulting behavior is the initiation of a discrete TCP/IP connection for each configured alias, which then starts a separate smbd process on the Samba server associated with the transport connect.
Managing synchronization between the user logon and the Samba share alias could occur via numerous methods in a consolidated fashion on the Terminal Server. 5.1.3 WINS Server NetBIOS Aliases NetBIOS aliases can also be defined on the WINS server, and they operate similarly to the names defined above in the hosts file. The following graphic shows the static mapping option of the WINS management console from a Windows 2003 Enterprise WINS server.
Filtering the WINS display for the Samba server emonster IP address shows the static mapping table for the users that looks similar to the hosts file we created above (except with multiple NetBIOS name suffixes per user). The user can now map their share using the familiar syntax: \\buffy\share. This results in a separate TCP/IP connection per client and a separate smbd process.
5.3 Home Share Configuration Samba allows for considerable customization of user home share definitions. At least one method of home share configuration is not advisable when servicing multiple Terminal Server users per smbd process. The most common home share definition is the Samba [homes] share. Using the [homes] share with or without Terminal Server results in accurate and effective handling of user home shares on the Samba server.
The Terminal Server sees the service name as \\EMONSTER\HOME-SHARE, and not \\emonster\buffy. If the user spike opens a session on the same Terminal Server and mounts the home-share using the same procedure as buffy, Terminal Server will use the same service name as buffy.
Using the [homes] share definition, Terminal Server sees the service name as \\EMONSTER\BUFFY. File access and file locking tasks perform correctly. When configuring Samba for home shares with Terminal Server usage, it is best to avoid defining a share mnemonic with a substitution variable in the path (previous example). The standard Samba [homes] feature is a more reliable option when used with Terminal Server. 5.
When using the Samba “netbios aliases =” workaround or the Terminal Services hosts file for Samba aliases, the MAX_CONNECTIONS issue does not occur (when each Terminal Server user is allocated a separate smbd process). Note: Samba 3.0.2 is enhanced to eliminate the maximum (128) issue. HP CIFS Server A.01.10 was based upon Samba 2.2.8a, and is now obsolete. 5.5 Logging Samba has many smb.conf logfile naming options for the logging feature.
Chapter 6 Summary The default behavior of Terminal Server on Windows is to multiplex all user connections to individual machines (Samba file and print servers) over a single TCP/IP connection, which potentially results in multiple Terminal Server user sessions being serviced by one Samba smbd process. The function of the TCP connection establishment behavior is an operating system limitation, and not due to Terminal Server itself.
