Re: [Samba] Unknown panic actions
On Thu, Nov 26, 2009 at 01:54:42PM +0100, Ralph Kutschera wrote: > Volker Lendecke schrieb: >> On Tue, Nov 24, 2009 at 04:59:19PM +0100, Ralph Kutschera wrote: >>> Well, after installing logwatch I found the following. Maybe this >>> can help? >> >> What version of Unix and what version of Samba are you >> running? > > # cat /proc/version > Linux version 2.6.18-6-686 (Debian 2.6.18.dfsg.1-26etch1) > (da...@debian.org) (gcc version 4.1.2 20061115 (prerelease) (Debian > 4.1.1-21)) #1 SMP Thu Nov 5 16:28:13 UTC 2009 > > # smbd --version > Version 3.0.24 Any chance you try with a later version? Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] autogen.sh failing over samba share
On Sun, Nov 29, 2009 at 11:45 AM, Volker Lendecke wrote: > On Sun, Nov 29, 2009 at 03:22:26AM +0200, George Sapountzis wrote: >> - configure is not created with +x permission > > Could that be the "create mask" setting? > Yes, using 0744 (default value) for "create mask" sets the x bit for configure bit. However, it also sets the x bit for all(?) new/modified files. This creates other problems. For example the source code is in a mercurial repo, so whenever I do an update/checkout, files are checked out with the x bit set and mercurial spuriously thinks that the files are modified. So, I guess the question is how do I configure samba so that permission bits from the client are set the same as if the operation was performed at the server ? >> - configure creates tmp dirs with self-pointing links that cannot be >> removed on the samba share: >> >> rm: cannot remove directory `conf5057.dir': Directory not empty > > Don't know about that one. I think we'd need logs from the > delete attempt of the symlink. > I attach the log file from the samba server with log level set to 10 for the following operations: $ \rm conf6345.dir/conf6345.file rm: cannot remove `conf6345.dir/conf6345.file': Not a directory $ \rm -rf conf6345.dir/ rm: cannot remove directory `conf6345.dir': Directory not empty thanks, George -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.4.3 DC breaks Windows groups
I consolidated group entries as described in the previous post. By mistake, I initially set same SID for the "Domain Users" and "Domain Guests." So "net rpc user info someuser" would display the wrong output. I fixed this but had to my Samba 3.0.x BDC to get the update to stick. I also zapped all the *cache*.tdb files on that machine, which may have been a mistake. Initially the Samba 3.0.x BDC would not start. smb.conf had the "guest account = nobody" entry, which had worked in the past. However, the error logs that "nobody" no longer existed. I had to create an ldap/samba "smb_nobody" user and group and update smb.conf for "guest account = smb_nobody." At that point samba would start, however, I could not view or access either the samba server in network neighborhood, or access any shares via "net use..." or "smbclient ..." For the moment, I have reverted to the earlier smb.conf and disabled samba 3.4.x. My guess is that samba choked on loading groups that did not have a proper SID. I have about 230 unix/ldap groups and didn't want to have to create an explicit group mapping (SID entry) for each group. On 11/25/09 22:42, Gaiseric Vandal wrote: I think I have found the problem: Samba 3.0.x looks for group mappings in the "ldap group suffix" param. On my systems this is "ldap group suffix = ou=smb_groups." Regular unix groups are just in ou=groups. Initially we had used NIS (then LDAP) for unix groups, and had used tdbsam for the samba account backend. Group mappings were also in tdb. When we moved to ldap backend, group mappings were imported into ou=smb_groups. Samba 3.4.x reads thru the entire ldap tree.Since I have both "cn=Domain Administrators,ou=smb_groups" and "cn=smb_domadmins,ou=group" both with the same gidNumber, group membership processing fails. Therefore I think the solution will be to consolidate entries. For example, Replace cn=smb_domadmins,ou=group" with "cn=Domain Administrators,ou=group" Copy the sambaSID from "cn=Domain Administrators,ou=smb_groups" to "cn=Domain Administrators,ou=group" Repeat for all the other mapped groups Update smb.conf on the 3.0.x servers to use "ldap group suffix = ou=group." This is assuming of course that Solaris doesn't have problems with group names with spaces. -Original Message- From: Gaiseric Vandal [mailto:gaiseric.van...@gmail.com] Sent: Wednesday, November 25, 2009 10:01 PM To: samba@lists.samba.org Subject: RE: [Samba] samba 3.4.3 DC breaks Windows groups I have done the following - Added index for sambaSID and other attributes as per the following http://wiki.samba.org/index.php/2.0:_Configuring_LDAP - replaced the samba 3.0 schema file in my LDAP Server (Sun Directory Server) with the 3.2 version - installed samba 3.4.3 packages from sun freeware to replace those I compiled from from source. - Reindexed with "dsconf reindex -h ldapserver -t sambaSID o=mydomain.com" Unfortunately did not resolve the group membership problem (i.e. a user account only appears to be in its primary group ) Querying the Samba 3.4.x BDC # net rpc user info Administrator -U Administrator -S BDC2 Enter Administrator's password: Domain Users # Querying the Samba 3.0.x PDC # net rpc user info Administrator -U Administrator -S PDC Enter Administrator's password: Domain Admins Domain Users # As far as I can tell from the comments at the top of each ldif file, the only change was the addition of sambaTrustedDomainPassword objectClasses. On 11/25/09 03:41, Jan Wenzel wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gaiseric Vandal schrieb: I assume an index is not an actual LDAP attribute or object like sambaSID but is more like a database index for optimizing searches? You're right :) But in some cases like substring search (samba searches i.e. for sambaSID=S-1-5-32-* to get the local groups) they are needed to get results. I don't know where to configure the indexes exactly in SDS, but I'm sure it is possible. I use Sun's Directory Server (LDAP server) as the backend. I use Apache Directory Studio for managing objects and attributes with in ldap.I should be able to use Sun's web-based console for creating the indexes. Is there something I need to specify in smb.conf to tell Samba to use the index? Samba does not know anything about the configuration details of the LDAP server, it only talks LDAP - so it should instantly show groups when the index is present. I also noticed that if I try to compile samba with Active Directory support, configure fails with configure: error: Active Directory support requires ldap_initialize I would prefer to use the prebuilt linux packages from ftp.sernet.de (if you have a linux system). Since sun has ldap client support included in the OS I do not have openldap installed.I don't need Active Directory but
Re: [Samba] Serious grief with a Samba connection
On Mon, Nov 30, 2009 at 05:37:35PM +, Dan White wrote: > Yes, but this setup DID work up until a month ago. Iit > would be nice to get it working agin with a minimum of > change because it is part of a development environment. Then please also disable all Windows updates and go back to the Windows versions as of, say, 2 months ago. Windows does change, there's not much you can do about it. If you insist on running a Samba version that is many years old, you are forced to run equally old Windows versions. Sorry, Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Deletion of directory symlink via Samba deletes files in original subdirectory on Unix
I just confirmed that this problem exists on all our Samba servers, irregardless of version. Here is an example of how I'm testing it: On Unix SERVER I have a directory called /testdir/kathytest and inside of kathytest are file1, file2, and file3 Testdir is a Samba exported directory on SERVER. I create a soft link in /testdir to point to kathytest: ln -s ./kathytest ./testlink So now if I go to /testdir/testlink it will take me to /testdir/kathytest and I'll see file1, file2, and file3. Now, in Samba I go to \\SERVER\testdir and I see both the softlink testlink and my directory kathytest. Through Samba I delete \\SERVER\testdir\testlink. It then asks me from the Windows side "Are you sure you want to remove the folder `testlink' and all its contents?". I say yes and it deleted the "testlink" symlink and deletes file1, file2, and file3 inside of kathytest. The subdir kathytest does not get deleted, however. This happens on both ext3 and zfs exported filesystems, so it's not just limited to ZFS. On Mon, Nov 30, 2009 at 9:27 AM, Kathy wrote: > Actually, that is only one of our servers. We have multiple Samba > servers running here and it's possible that the folks are pointing at > the 3.0.25a version our Solaris 10 ZFS server. The other possible > server is version 3.0.33 running on RHEL 4. I know for a fact that > the 3.0.25a version does it as I tested it out myself. > > Kathy > > > > On Mon, Nov 30, 2009 at 9:23 AM, Kathy wrote: >> My apologies for not getting back to you until now about this. Was >> out due to the holidays. We are using version 3.2.8 on RHEL 5.2. >> >> Kathy >> >> >What version of Samba ? > >Jeremy This sounds a bit like the problem we (EditShare) discovered and that you patched a few years ago-- in the 3.0.14 days I think. Remember... We discovered a sort of delayed reaction. If you deleted a symlink to a file that some other user had open, when both users finally closed the file the FILE would get deleted rather than the SYMLINK. Could it be related? >>> >>> Maybe, it could *be* that problem, if the version they're running >>> is old enough (which is why I asked :-). >>> >>> Jeremy. >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> >> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem deleting/renaming files
On Fri, Nov 27, 2009 at 04:27:24AM -0700, Jim wrote: > Hi - We have been using a samba configuration file similar to that > listed below for some years without issue. However when carrying it over > to a new server running Samba 3.4.0 (-3ubuntu5.1), we started > experiencing problems deleting files via Windows Explorer; attempts to > do so are resulting in 'Access is denied'. Similarly, attempting to > change the name of a file or directory is resulting in the same 'Access > is denied' message. There are otherwise no problems reading, creating, > or modifying files or directories. > > I found that removing the 'force user' parameter appears to resolve the > issue. The only obvious difference that I saw while examining level 10 > logs is that without 'force user' some of the file opens were shown as > performed by 'DOMAIN+user0', whereas with 'force user' they are shown as > being done by 'user0' (connections to the share are logged in through > the domain user0 account). I also found that changing the unix > permissions of the share directory from 755 to 775, while leaving 'force > user' as is, resolved the issue. However neither of these workarounds is > desirable for our current setup. > > If anyone has any ideas on how I might solve or further diagnose this > problem, I would appreciate your input. Sounds like something we fixed in later versions of 3.4.x (we're now up to 3.4.3). I'd try the later version. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Serious grief with a Samba connection
- Volker Lendecke wrote: > On Mon, Nov 30, 2009 at 01:26:34PM +, Dan White wrote: > > OK, back at work > > > > On the Sun box: > > The suggested commands did not work as suggested, but I did find the proper > > options for this system > > > > "smbd -V" says 2.2.8a > > "testparm -x" says lots of stuff including "encrypt passwords = yes" > > > > I will talk with the network guys about NTLM > > You should also talk with your Solaris people about a newer > Samba version :-) > > Volker Yes, but this setup DID work up until a month ago. Iit would be nice to get it working agin with a minimum of change because it is part of a development environment. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Deletion of directory symlink via Samba deletes files in original subdirectory on Unix
Actually, that is only one of our servers. We have multiple Samba servers running here and it's possible that the folks are pointing at the 3.0.25a version our Solaris 10 ZFS server. The other possible server is version 3.0.33 running on RHEL 4. I know for a fact that the 3.0.25a version does it as I tested it out myself. Kathy On Mon, Nov 30, 2009 at 9:23 AM, Kathy wrote: > My apologies for not getting back to you until now about this. Was > out due to the holidays. We are using version 3.2.8 on RHEL 5.2. > > Kathy > > >>> >What version of Samba ? >>> > >>> >Jeremy >>> This sounds a bit like the problem we (EditShare) discovered and >>> that you patched a few years ago-- in the 3.0.14 days I think. >>> Remember... We discovered a sort of delayed reaction. If you >>> deleted a symlink to a file that some other user had open, when both >>> users finally closed the file the FILE would get deleted rather than >>> the SYMLINK. >>> >>> Could it be related? >> >> Maybe, it could *be* that problem, if the version they're running >> is old enough (which is why I asked :-). >> >> Jeremy. >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Deletion of directory symlink via Samba deletes files in original subdirectory on Unix
My apologies for not getting back to you until now about this. Was out due to the holidays. We are using version 3.2.8 on RHEL 5.2. Kathy >> >What version of Samba ? >> > >> >Jeremy >> This sounds a bit like the problem we (EditShare) discovered and >> that you patched a few years ago-- in the 3.0.14 days I think. >> Remember... We discovered a sort of delayed reaction. If you >> deleted a symlink to a file that some other user had open, when both >> users finally closed the file the FILE would get deleted rather than >> the SYMLINK. >> >> Could it be related? > > Maybe, it could *be* that problem, if the version they're running > is old enough (which is why I asked :-). > > Jeremy. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Serious grief with a Samba connection
On Mon, Nov 30, 2009 at 01:26:34PM +, Dan White wrote: > OK, back at work > > On the Sun box: > The suggested commands did not work as suggested, but I did find the proper > options for this system > > "smbd -V" says 2.2.8a > "testparm -x" says lots of stuff including "encrypt passwords = yes" > > I will talk with the network guys about NTLM You should also talk with your Solaris people about a newer Samba version :-) Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Window can't see Linux share
Thanks, I'll give that a try a soon as I get back to my box. =) Kevin Keane-2 wrote: > > Thanks for including your whole smb.conf and IP address configuration - > that helped! I notice that your global hosts allow statement (and several > others) only allows for a subnet of 192.168.0, but the IP addresses you > list below is in a different subnet. Basically, you are telling Samba > "reject everything from the 192.168.77 subnet". > >> -Original Message- >> From: samba-boun...@lists.samba.org [mailto:samba- >> boun...@lists.samba.org] On Behalf Of wino_pilot >> Sent: Saturday, November 28, 2009 8:15 PM >> To: samba@lists.samba.org >> Subject: [Samba] Window can't see Linux share >> >> >> I have tried every possible configuration suggestion I have found on >> the net, >> but still can't get my windows PC's to see *nix shares (running >> Kubuntu >> 9.04 and Samba 3.3.2 with a Gadmin-Samba GUI 0.2.7) and Win2000 and >> WinXP. >> The *nix box can see and use the shares from the various W-boxes, but >> not >> visaa-versa. Here is my smb.conf: >> [global] >> netbios name = Mercury1 >> server string = Samba file and print server >> workgroup =MNET >> security = user >> hosts allow = 127. 192.168.0. >> interfaces = 127.0.0.1/8 192.168.0.0/24 >> bind interfaces only = yes >> remote announce = 192.168.0.255 >> remote browse sync = 192.168.0.255 >> printcap name = cups >> load printers = yes >> cups options = raw >> printing = cups >> guest account = smbguest >> log file = /var/log/samba/samba.log >> max log size = 1000 >> null passwords = no >> username level = 6 >> password level = 6 >> encrypt passwords = yes >> unix password sync = yes >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >> local master = no >> domain master = no >> preferred master = no >> domain logons = no >> os level = 33 >> logon drive = m: >> logon home = \\%L\homes\%u >> logon path = \\%L\profiles\%u >> logon script = %G.bat >> time server = no >> name resolve order = wins lmhosts bcast >> wins support = no >> wins proxy = no >> dns proxy = no >> preserve case = yes >> short preserve case = yes >> client use spnego = no >> client signing = no >> client schannel = no >> server signing = no >> server schannel = no >> nt pipe support = yes >> nt status support = yes >> allow trusted domains = no >> obey pam restrictions = yes >> enable spoolss = yes >> client plaintext auth = no >> disable netbios = no >> follow symlinks = no >> update encrypted = yes >> pam password change = no >> passwd chat timeout = 120 >> hostname lookups = no >> username map = /etc/samba/smbusers >> smb passwd file = /etc/samba/smbpasswd >> passwd program = /usr/bin/passwd '%u' >> passwd chat = *New*password* %n\n *ReType*new*password* %n\n >> *passwd*changed*\n >> add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User >> Account' -s >> /dev/null '%u' >> add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba >> User >> Account' -s /dev/null -g '%g' '%u' >> add group script = /usr/sbin/groupadd '%g' >> delete user script = /usr/sbin/userdel '%u' >> delete user from group script = /usr/sbin/userdel '%u' '%g' >> delete group script = /usr/sbin/groupdel '%g' >> add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c >> 'Samba Machine Account' -s /dev/null -M '%u' >> machine password timeout = 120 >> idmap uid = 16777216-33554431 >> idmap gid = 16777216-33554431 >> template shell = /dev/null >> winbind use default domain = yes >> winbind separator = @ >> winbind cache time = 360 >> winbind trusted domains only = yes >> winbind nested groups = no >> winbind nss info = no >> winbind refresh tickets = no >> winbind offline logon = no >> >> [homes] >> comment = Home Directories >> path = /home >> read only = no >> available = yes >> browseable = yes >> writable = yes >> guest ok = no >> public = no >> printable = no >> share modes = no >> locking = no >> >> [netlogon] >> comment = Network Logon Service >> path = /home/netlogon >> read only = no >> available = yes >> browseable = yes >> writable = no >> guest ok = no >> public = no >> printable = no >> share modes = no >> locking = no >> >> [profiles] >> comment = User Profiles >> path = /var/samba/profiles >> read only = no >> available = yes >> browseable = no >> writable = yes >> guest ok = no >> public = no >> printable = no >> locking = no >> create mode = 0600 >> directory mask = 0700 >> >> [printers] >> comment = All Printers >> path = /var/spool/samba >> browseable = yes >> writable = no >> guest ok = no >> public = no >> printable = yes >> share modes = no >> locking = no >> >> [pdf-documents] >> path = /home/pdf-documents >> comment = Converted PDF Documents >> available = yes >> browseable = yes >> writeable = yes >> guest ok = yes >> >> [pdf-printer] >> path = /tmp >> comment = PDF Printer Service >> printable = yes >> guest ok = yes >> use client driver = yes >> printing = bsd >> print command = /usr/bin/gadmin-samba-pdf %s %u >> lpq command = >> lpr
Re: [Samba] strange issue with xerox printer: unable to configure driver
Hi, I'm having the same problem w/ samba v3.3.9 and Xerox 7346 drivers. When I try to edit default driver properties I get function errors and operation could not be completed (screenshots attached). I'm currently working with Xerox 2nd level engineering on this. I'll let you know if anything comes of it although I'm not feeling particularly optimistic. regards, Ryan Guillaume Rousse wrote: Hello list. I've a strange issue with a samba 3.4.3 print server. Everything is fine with most printers, meaning drivers are assigned on server side and automatically distributed to the clients as expected. However, I fail to configure a Xerox document center 7435 the same way. When I attempt to assign a driver to the printer, from a windows client with admin privileges, I get an 'unexpected error occured in the print driver, close this windows and retry' error message, twice. More precisely, I can see initial renaming of the printer according to the driver name, then the error occurs, then the printer get renamed to '' (which is a bit painful :P) I previously had a slightly different model (document center pro c2636) which was working fine. The other working printers are not xerox ones. The driver is OK: it works fine when accessing the printer directly, and also when used from a windows print server. Also, I tried other variants (such as PCL driver instead of PS one), without success. When configuring the same printer from a Windows system, I had to configure it with raw socket connection, because IPP connection didn't allowed me to share it at all, and CIFS connection to the print queue caused me some troubles (the printer didn't appeared in the 'fax and printers list' of the server from remote hosts). The underlying printing system, cups, works perfectly. I've tried to switch from IPP to raw socket connection, because of the behaviour changes found with windows server, it didn't change anything. I performed a network capture both on server and client side while triggering the error. The result is available as: http://www.zarb.org/~guillomovitch/server.pcap http://www.zarb.org/~guillomovitch/client.pcap I can see some suspicious messages such as: WINREGOpenKey response, Error: WERR_BADFILE SPOOLSSGetPrinterData response, PrintProcCaps_NT EMF 1.008, File not found (pathname error) SPOOLSSSetPrinterDataEx response, Access denied But nothing really useful. I'm joining my samba configuration file. I'm using mandriva 2009.0 as server, and windows XP enterprise as client. Any hint appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] domain printer issues
I did find that uploading a printer driver to the server from Windows worked okay with point'n'print (well, except that the driver itself was flakey), so perhaps something wrong with Smaba's setdriver RPC call? Yes, I have observed uploading the printer driver works fine. There are two symptoms I have observed: (a) If I disconnect any printer and try to connect again, sometimes, on some computers, it won't connect again. Instead I get the error: The server of the 'HP LaserJet 4100 PCL 5e' printer does not have the correct printer driver installed. If you want to search for the proper driver, click OK. Otherwise click Cancel and contact your network administrator or original equipment manufacturer for the correct printer driver. (b) for the occasional printer where (a) is not a problem, if I print a test page, I get: Test page failed to print. Would you like to view the troubleshooter for assistance? Operation could not be completed. hmm, I'm not seeing this problem. But I decided to upgrade to v3.3.9 from v3.2 instead. some things to try (if you have no other leads): - delete the queue and downloaded drivers from client, delete all the printing tdbs and driver files from server and do a clean upload of drivers to server, try installing queue on client again to see if it fixes the problem in v3.4.x - try v3.3.9 and see if you have better luck (works with windows 7 fine) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Serious grief with a Samba connection
OK, back at work On the Sun box: The suggested commands did not work as suggested, but I did find the proper options for this system "smbd -V" says 2.2.8a "testparm -x" says lots of stuff including "encrypt passwords = yes" I will talk with the network guys about NTLM - sato x wrote: > On Wed, Nov 25, 2009 at 3:21 PM, Gaiseric Vandal > wrote: > > My guess is that they may have required NTLMv2 or something thing > similar on the Win machines. If these machines are part of an Active > Directory domain, it would be relatively easy for this to be done. > > http://www.dennek.com/2009/03/system-error-1240-the-account-is-not- > authorized-to-login-from-this-station/ > > You can use gpedit.msc on XP to check your security settings. > > > "smbd -v" would tell you the samba version. > "testparm -v | more " would let you check the various settings. > > > Are you the sys admin for the solaris box? > > > > On 11/25/09 14:52, Dan White wrote: >> The server is on a Sun box (uname says SunOS 5.8) I do not know what >> version of samba is running >> >> For the last year and a half, I have made a daily connection from a >> Windows XP box with the following command: >> >> new use G: \\server\volume /USER:userid password >> >> This makes a "G" network drive that serves the purpose. >> >> About a month ago, network folks upstream from us spewed a bunch of >> policy updates that caused serious trouble. The worst being mine. >> >> Now, if I try the same command on an XP box, the command executes >> successfully, the G-drive appears and then blinks to say >> "Disconnected Network Drive" >> >> Because some of our team use them, I tried from a Windows 2000 box. >> The same command responds with : >> >> System Error 1240 has occurred. The account is not authorized to log >> in from this station" >> >> I checked the smb.conf file and found that the samba server is >> configured for encrypted passwords. This error makes no sense. >> >> The local network folks are convinced this is a Unix problem. >> >> Any clues out there for this clueless one ? > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP: Changing user's group
On Thu, Nov 19, 2009 at 7:28 PM, davefu wrote: > > Hello fellas. I'm facing this problem today: > > My Samba PDC is using LDAP as a backend, and its working really good. The > problem comes when I change the groups on one of the users. System shows > the > change correctly by using 'getent group' and if I log as that user the > behavior correct when trying the new group permissions. > > OK. > Samba, however, doesn't seem to get those changes immediately (it syncs > hours later, totally random amount of time). I've tried disabling NSCD but > no luck. I've read somewhere that restarting Samba service forces Samba to > refresh the users credentials, but thats not possible to do everytime a > user > needs a change in his groups. I'm wondering if there is some way to refresh > Samba cached credentials. > > Do you mean that you have other samba server (as file server) running and uses LDAP as its backend? When you change the group(s), the changing doesn't affect this file server immediately? If this is the case, I used to reload nscd to refresh its cache, since start-stop or restart nscd brings no effect at all. Hope it can help - and pardon my language. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Migration WIN2003AD to Samba4
Does anybody know how to migrate user,group,organization unit,group policy from WIN2003 Active Directory to Samba4 Alpha8? At Samba4 i was successfuly add new user,group,OU and group policy. Rgds, Henry G -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disable local login check Winbind
Hoogstraten, Ton wrote: Does anybody know how to disable that the local login and ssh check winbind? I'm seeing a delay when trying to login through ssh when Winbind is not cached yet. I'm not using Winbind for local logins so I'd like to disable it. In the past when Winbind would be having a problem I could not logon to the box due to it being checked in the login procedure. Well, look at PAM config in /etc/pam.d/ and remove winbind from sshd... Winbind is used for AD intergration, but should not be used or checked for allowing users to login locally. It depends on your needs. Here we need that users can login with their AD credentials. No shares involved (so smbd isn't running, just winbindd). Too bad I couldn't yet make 'em login by UPN instead of username... -- Diego Zuccato Servizi Informatici Dip. di Astronomia - Università di Bologna Via Ranzani, 1 - 40126 Bologna - Italy tel.: +39 051 20 95786 mail: diego.zucc...@unibo.it -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Disable local login check Winbind
Does anybody know how to disable that the local login and ssh check winbind? I'm seeing a delay when trying to login through ssh when Winbind is not cached yet. I'm not using Winbind for local logins so I'd like to disable it. In the past when Winbind would be having a problem I could not logon to the box due to it being checked in the login procedure. Winbind is used for AD intergration, but should not be used or checked for allowing users to login locally. Kind regards, Ton Hoogstraten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba