[Samba] samba / ldap problem with cpu load
First of all, I am french. My english is not very good and i am sorry for this ;). One month ago, I have upgrade my server in debian Etch (it was in debian sarge). So now, samba is in 3.0.24 version. My server use samba and ldap. Since this upgrade, i have some problems with cpu loading when the users log on the samba domain (smbd and slapd services). I have take a look at samba log but i don't see anything. After that, i have take a look on the ldap logs in debug level 256. I can see the problem in the logs but i can't explain it, i hope you can help me about it. In the log file, i have this entry thousand of time (2 entry) base="ou=Groups,ou=clg-hugo-gisors,ou=ac-rouen,ou=education,o=gouv,c=fr" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))" thanks for your help, bye -- ~~ Franck MOLLE Animateur de Secteur Relais assistance Tice, Louviers-Vernon ~~ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba + Windows 2003 AD
Hey :) I have now added undervisning.local to my resolv.conf but it is not working anyways :) my new debuglevel # net ads join -U Administrator --debuglevel=10 [2009/01/09 19:12:32, 5] lib/debug.c:debug_dump_status(407) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 [2009/01/09 19:12:32, 3] param/loadparm.c:lp_load_ex(8778) lp_load_ex: refreshing parameters [2009/01/09 19:12:32, 3] param/loadparm.c:init_globals(4621) Initialising global parameters [2009/01/09 19:12:32, 3] param/params.c:pm_process(569) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2009/01/09 19:12:32, 3] param/loadparm.c:do_section(7441) Processing section "[global]" doing parameter dos charset = ASCII [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UCS-2LE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UCS-2LE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UTF-16LE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UTF-16LE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UCS-2BE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UCS-2BE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UTF-16BE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UTF-16BE [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UTF8 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UTF8 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UTF-8 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UTF-8 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset ASCII [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset ASCII [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset 646 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset 646 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset ISO-8859-1 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset ISO-8859-1 [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(104) Attempting to register new charset UCS2-HEX [2009/01/09 19:12:32, 5] lib/iconv.c:smb_register_charset(112) Registered charset UCS2-HEX [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2009/01/09 19:12:32, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE doing parameter display charset = ASCII doing parameter workgroup = UNDERVISNING doing parameter realm = UNDERVISNING.LOCAL doing parameter server string = Debian 4.0 - Samba %v - BDC doing parameter security = ADS doing parameter password server = bgdc.birke-gym.dk doing parameter log level = 10 doing parameter log file = /var/log/samba/UNDERVISNING doing parameter disable netbios = Yes doing parameter name resolve order = wins lmhosts hosts bcast doing parameter os level = 1000 doing parameter preferred master = No doing parameter local master = No doing parameter domain master = No doing parameter wins server = bgdc.birke-gym.dk doing parameter idmap uid
[Samba] Suggestions on group permissions
I have a user community of about 2000 users and a samba server running on AIX that currently hosts a read-only share for the whole company. [Released] path = /mypath guest ok = Yes But now I have been requested to make this share available as read-only for some users and completely inaccessible to everyone else. The number of users who will have access is probably a few hundred and I expect users to be added/removed on a daily basis. Some of the users have unix logins, while others do not. Because of this, I hesitate to mess with user mapping because I would have to manage this every day, unless I do something with a script. Can someone suggest a scheme I can use to deny everyone except for certain users? Someone here in my office suggested we use hosts allow or deny, since the users who will still have access are located on the same subnet. However, there is a distinct possibility that a small number of people on a few other subnets will need access. Is there a way I can specify hosts allow but still allow specific users from other subnets? Forgive me if this question has been asked before. I'm sure it must have been, but I am having trouble doing a search of the archives that will give me advice about this particular problem. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Shared homes in a different samba server
Ah ok you can use UNC on PDC. I failed because I tried to not put at all any profiles or homes directive in pdc and I put them in the other samba. I will use ldap because I am already using it for unix accounts and so I need for samba. I was interested because reading your post it seems that you can put some info in ldap to change behaviour of samba differently for each user. Many thanks again! 2009/1/9 John Drescher > On Fri, Jan 9, 2009 at 9:26 AM, Mario Giammarco > wrote: > > > > > > 2009/1/9 John Drescher > >> > >> We do that (and have that in place for 5 or so years). No data exists > >> on the pdc. The nice thing about that is with this setup we can make a > >> new PDC/BDC in less than 5 minutes and install it on one of our openvz > >> or xen hosts. We do have the profiles folder mounted under nfs to the > >> PDC and our ldap configuration each users profile is specified with > >> the server name of the machine with the user shares. > > > > So you are "cheating": in the PDC samba conf you say that "homes" and > > "profiles" are in a directory of the PDC, but the directory is not > > phisically there, it is a nfs mount on another server right? Very good > idea > > anyway! > > > > I do not understand the part about the ldap configuration, can you please > > explain it better: what can you do with ldap?? > > > If you are not using LDAP for your password security I would not > bother then. You can still make your profiles folder on a second > server in your smb.conf. > > [Profiles] >path = /home/%U/%U.pds >browseable = no >guest ok = yes >profile acls = yes > > # Un-comment the following and create the netlogon directory for Domain > Logons > [netlogon] > comment = Network Logon Service > path = /home/netlogon > readonly = yes > browseable = yes > > Here I have the regular /home which is an nfs mount but you could > instead specify a UNC path. I know I tested this in the past. I would > activate and test this now but I have a meeting in 30 minutes and so > its not good to make any changes with no one running the store... Also > all other shares (user public and private + several dfs mounts) are > mapped with my login script to the appropriate servers. > > John > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Shared homes in a different samba server
On Fri, Jan 9, 2009 at 9:26 AM, Mario Giammarco wrote: > > > 2009/1/9 John Drescher >> >> We do that (and have that in place for 5 or so years). No data exists >> on the pdc. The nice thing about that is with this setup we can make a >> new PDC/BDC in less than 5 minutes and install it on one of our openvz >> or xen hosts. We do have the profiles folder mounted under nfs to the >> PDC and our ldap configuration each users profile is specified with >> the server name of the machine with the user shares. > > So you are "cheating": in the PDC samba conf you say that "homes" and > "profiles" are in a directory of the PDC, but the directory is not > phisically there, it is a nfs mount on another server right? Very good idea > anyway! > > I do not understand the part about the ldap configuration, can you please > explain it better: what can you do with ldap?? > If you are not using LDAP for your password security I would not bother then. You can still make your profiles folder on a second server in your smb.conf. [Profiles] path = /home/%U/%U.pds browseable = no guest ok = yes profile acls = yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /home/netlogon readonly = yes browseable = yes Here I have the regular /home which is an nfs mount but you could instead specify a UNC path. I know I tested this in the past. I would activate and test this now but I have a meeting in 30 minutes and so its not good to make any changes with no one running the store... Also all other shares (user public and private + several dfs mounts) are mapped with my login script to the appropriate servers. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Shared homes in a different samba server
2009/1/9 John Drescher > > We do that (and have that in place for 5 or so years). No data exists > on the pdc. The nice thing about that is with this setup we can make a > new PDC/BDC in less than 5 minutes and install it on one of our openvz > or xen hosts. We do have the profiles folder mounted under nfs to the > PDC and our ldap configuration each users profile is specified with > the server name of the machine with the user shares. > So you are "cheating": in the PDC samba conf you say that "homes" and "profiles" are in a directory of the PDC, but the directory is not phisically there, it is a nfs mount on another server right? Very good idea anyway! I do not understand the part about the ldap configuration, can you please explain it better: what can you do with ldap?? Thanks you very much!!! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Shared homes in a different samba server
On Fri, Jan 9, 2009 at 4:01 AM, Mario Giammarco wrote: > Hello, > I have a pdc with shared homes and roaming profiles. I would like to put the > homes share in openfiler (a samba/san appliance). > > Is it possible? I am asking because I am failing to do it. > We do that (and have that in place for 5 or so years). No data exists on the pdc. The nice thing about that is with this setup we can make a new PDC/BDC in less than 5 minutes and install it on one of our openvz or xen hosts. We do have the profiles folder mounted under nfs to the PDC and our ldap configuration each users profile is specified with the server name of the machine with the user shares. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] cups_async_callback(504) error after upgrade to 3.2.7
On Thurs, Jan 08, 2009 at 19:40:17, Jeremy wrote > [2009/01/07 18:04:05, 5] printing/print_cups.c:cups_async_callback(412) > cups_async_callback: callback received for printer data. fd = 23 > [2009/01/07 18:04:05, 2] printing/print_cups.c:cups_async_callback(504) > cups_async_callback: failed to read a new printer list This log shows no data being transferred back up the async pipe (the send_pcap_info() is never being called). This would happen if the code in cups_cache_reload_async() was unable to fetch any printers from the cups server (ie. tmp_pcap_cache == NULL in the function cups_cache_reload_async()). You'll need to debug from the CUPS side what's happening to the get printers request. I could find nothing in the cups logs but my cups version was pretty old so I updated that to 2.61 but it's still giving me the error. Everything is printing okay so it's not critical. Thanks for the explanation... Ed ... Randomly Generated Quote (39 of 1503): "Be courteous to all, but intimate with few, and let those few be well tried before you give them your confidence. True friendship is a plant of slow growth, and must undergo and withstand the shocks of adversity before it is entitled to the appellation." --George Washington -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba shared homes without roaming profiles
Hello, I would like to put users homes in a central (backupped) server. But I do not want to use roaming profiles, I would like a solution similar to solaris /exports/home. Is it possible with samba? Thanks in advance, Mario -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Shared homes in a different samba server
Hello, I have a pdc with shared homes and roaming profiles. I would like to put the homes share in openfiler (a samba/san appliance). Is it possible? I am asking because I am failing to do it. Thanks in advance for any reply! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba