the following does not (yet?) affect functionality, but it is something we were not able to figure out.
We are running two systems, one UCS DC Master and one Backup, still on version 4.1-4. Samba 4.5.1 is running on the Backup. For every move or rename operation on a file the following log entries are created:
/var/log/samba/log.smbd 2017/06/28 10:37:26.815401, 1, ../source3/smbd/service.c:502(make_connection_snum) create_connection_session_info failed: NT_STATUS_ACCESS_DENIED
/var/log/auth.log Jun 28 10:37:26 sambaserver PAM-univentionsambadomain: continuing as user MEIN-PC$ Jun 28 10:37:26 sambaserver smbd: pam_unix(samba:session): session opened for user MEIN-PC$ by (uid=0) Jun 28 10:37:26 sambaserver smbd: pam_unix(samba:session): session closed for user DOMAIN+MEIN-PC$
Due to this behaviour moving and renaming of files occurs at a speed of few objects/second. I see that PAM-univentionsambadomain strips the domainname from the authentication information, but why does samba perform authentication for every single operation?
Thanks for hints,