Windows 2008 share times out when accessed from Linux clients after 10 minutes following WannaCry patches and updates

A bit of background

  • We have a Windows 2008 server that users use to store all kinds of data.

  • It has smb share to a specific folder, that needs to be accessed by several Ubunutu servers via cifs.

  • It worked all great until recently we had to patch Windows server against WannaCry attack.
  • Also updated Ubuntu servers ( running Ubuntu 16.04.02 LTS)
  • Except for updates nothing changed - all the configuration is the same, and worked great for several years.
  • No changes on the network

Problem:

Now samba share on Windows 2008 server times out after a few minutes ( about 10), if clients don't access it. (Normally it it happens once every few hours, when either an import or an export needs to be pulled from share or saved to it). To be clear - the share mounts on Ubuntu clients and works as expected, it just times out after a few minutes if no process uses that connection.

Temporary solution: we setup cron tasks, that touch a file on the windows share every 5 minutes to keep connection alive) . - THIS DOESN"T HELP

Ended up setting up a cron task with a sudo user running mount -a every 5 minutes.

I would like to find out a reason for this and come up with a long term solution.

EDIT:

Per comments:

My mount command in /etc/fstab ( replaced sensitive info with caps)

//SERVER.HOST.NAME/apidata /var/www/pai3/shared/data/production/k_drive/data cifs username=USER,password=PASS,iocharset=utf8,sec=ntlm,workgroup=DOMAIN.COM,rw,uid=1000   0  0

Solution 1:

From CIFS and SMB Timeout in Windows

Idle Connection Timer

This is the amount of time that a connection can be idle before being disconnected. An idle connection is defined as a connection which has no existing open handles (no open files, directories, search contexts, etc.), and no pending operation. The Idle Connection Timer is implementation-specific. When the server receives a message, Server.Connection.IdleTime is set to the current time plus Server.AutoDisconnectTimeout [MS-CIFS].

On Windows servers it can be configured through the Autodisconnect registry key [KB297684]. \HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\ Value type: Dword Value name: Autodisconnect Default: 15 (minutes)

The Autodisconnect can also be configured through group policy: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options “Microsoft network server: Amount of idle time required before suspending session”

Maybe the update changed, or resetted, one of these parameters.

I suggest you to first try with the Group Policy and, if that fails, to directly edit the registry.