Re: [Samba] Samba, LDAP and replica
On 26/12/2012 22:33, Andrew Bartlett wrote: On Wed, 2012-12-26 at 08:36 -0200, TI wrote: Hi Guys, I have six Linux Servers running Samba 3 as PDC of our domain, in different locations. They are integrated through LDAP (which is configured to replicate over our VPN) and all responds to the same domain. So, wherever the user is, he will log in the same domain name. Now I'am planning to migrate to Samba 4. As Samba 4 manages it´s LDAP internally, what is the best approach to keep the same design I have today? Samba 4.0 can continue as-is, using your existing LDAP configuration, if you wish to maintain a 'classic' domain. To upgrade to an AD domain, you will need of course to use our internal LDAP. This is naturally multi-master replicated, so it should 'just work'. https://wiki.samba.org/index.php/Samba4/HOWTO#Migrating_an_Existing_Samba3_Domain_to_Samba4 https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC The main thing to watch out is just as with Samba classic domains, the [netlogon] share (and [sysvol] in the AD case) is not replicated by Samba - you have to sync any changes around manually (eg rsync). We do have some support for the concept of Sites, but it isn't totally complete. So, you may wish to investigate closely to ensure it does enough to avoid swamping your VPN links. I wish you the very best with your upgrade. Feel free to come back with any issues you may have. Hi Andrew, We use the same kind of setup. We do extensively use ldap for sudo, automount, lemonldap, ... a bunch of services. Can we basically keep our LDAP directory without altering the schema and still benefit of samba4 features ? If this is completely ruled out, is there a smooth migration path to keep all those info in a LDAP directory (wether samba internal or external) ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Migrating from 32 to 64 bit with TDB sam
Hi, I'm using a TDB sam and will migrate our server from 32 to 64 bit in the next few days. I wonder if the TDB databases can be copied from 32bit arch to 64bit. If not, what is the best way ? Thanks Laurent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] speed and connection problems after samba upgrade - RH 5 - RH 5.1, samba 3.0.23c - 3.0.25b
Götz Reinicke wrote: Hi, recently we upgraded a central RHEL 5 fileserver to the latest RH EL 5.1 rpms, including samba. (samba-3.0.23c-2.el5.2 update to samba-3.0.25b-1.el5_1.4) Now some users have the problem, that opening a word or excel file saved on a samba share takes up to 30 seconds. Today I could verify this on the users desktop XP PC. This problem occures only from time to time, so it may be also a problem on the client side or the networkswitch, so I did a test download from an ftp server (ftp-stud.fht-esslingen.de) and I can download files with up to 6MBytes(!) - that's o.k. Copying files from the server (e.g. an 600MB iso) takes about 60 seconds - that's also o.k. But opening smal files on the server takes sometimes that long ... My question is: Could it be, that the update includes some changes in timeouts or locking funtions? Which options may I check? Or are there some cachefiles to be checked? The logfile has no obvious hints for me right now... Thanks for any hints and tips! Best regards Götz Hi, Did you check duplex, speed and autoneg on the switch and on the nic ? Laurent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple homedir entries in smb.conf ?
J. Strohschnitter wrote: What about mounting with the bind option all the /home/$SERVER/home/$USERNAME dirs in /home/$USERNAME Hi don't know about bind-option. What is meant with bind-option ? Is it an option for the smbfstab ? Ok I have read the manpages fpr mount. So I tried out: Existing mounts: //server01/home on /server/server01 //server02/home on /server/server02 So I tried to mount via: # mount --bind /server/server02 /server/server01 But now in /server/server01 I see only the content of server02. What do I wrong ? what about: mount --bind /server/server02/home/$USER /home/$USER -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple homedir entries in smb.conf ?
J. Strohschnitter wrote:
ok, UnionFS is one solution - but it takes several days to configure. Is there
no change to add more than one homedir template to the smb.conf (just like using
variables) ?
What about mounting with the bind option all the
/home/$SERVER/home/$USERNAME dirs in /home/$USERNAME
Hi
don't know about bind-option. What is meant with bind-option ? Is it an option
for the smbfstab ?
for i in /home/server{1..3}/home/*
do
cd /home mkdir basename $i
mount --bind $i /home/`basename $i`
done
This script strictly untested.
you can try mount --bind directly by using
mount --bind /home/server1/home/myuser /home/myuser
Laurent
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple homedir entries in smb.conf ?
J. Strohschnitter wrote: ok, UnionFS is one solution - but it takes several days to configure. Is there no change to add more than one homedir template to the smb.conf (just like using variables) ? What about mounting with the bind option all the /home/$SERVER/home/$USERNAME dirs in /home/$USERNAME -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple homedir entries in smb.conf ?
J. Strohschnitter wrote: Hi list, is it possible to add multiple homedir templates to smb.conf ? I have a running linuxsystem where homefilesets are mounted from different windows-servers to subdirs like: /home/server01/home/USERNAME /home/server02/home/USERNAME /home/server03/home/USERNAME The users come via winbind. In the smb.conf the entry for the homedir: template homedir = /home/%U So how is it possible to add /home/serverXX/home/%U to the smb.conf ? Hi, What about mounting with the bind option all the /home/$SERVER/home/$USERNAME dirs in /home/$USERNAME Laurent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain logon ctrl+alt+suppr
Hi, I have set up samba (pdc) + ldap fine My main concers is how to make all domain members to allow user logon without pressing ctrl + alt + suppr. I know it is possible to do it on all computers, but i do NOT want to do it on all machines. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.5 - Can't change password
Hello, I upgraded samba to 3.0.5 (debian sid) in the hope of getting windows password change to work, but had no success. The password is changed (fortunately), but the computer still displays a message saying the old password is incorrect. Do you know how to fix it? Thanks L.CARON -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: v3.0.4-5 (Debian Sid) not Samba 3.0.5 - Can't change password
Greg Folkert wrote: On Mon, 2004-06-14 at 03:21, Laurent CARON wrote: Hello, I upgraded samba to 3.0.5 (debian sid) in the hope of getting windows password change to work, but had no success. [EMAIL PROTECTED]:greg]$ apt-show-versions -a samba-common samba-common3.0.4-5 install ok installed samba-common3.0.2a-1testing samba-common3.0.4-5 unstable samba-common/unstable uptodate 3.0.4-5 I am sorry, but you have 3.0.4-5 installed. The password is changed (fortunately), but the computer still displays a message saying the old password is incorrect. Do you know how to fix it? Do you have a proper password chat setup? Are you using PAM to change the passwords? You really need to give us more info. I'm using 3.0.4-5 (sorry for the mistake), password chat is correct, but since microsoft patch, the problem didn't disappear. Laurent -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: v3.0.4-5 (Debian Sid) not Samba 3.0.5 - Can't change password
Greg Folkert wrote: On Mon, 2004-06-14 at 03:21, Laurent CARON wrote: Hello, I upgraded samba to 3.0.5 (debian sid) in the hope of getting windows password change to work, but had no success. [EMAIL PROTECTED]:greg]$ apt-show-versions -a samba-common samba-common3.0.4-5 install ok installed samba-common3.0.2a-1testing samba-common3.0.4-5 unstable samba-common/unstable uptodate 3.0.4-5 I am sorry, but you have 3.0.4-5 installed. The password is changed (fortunately), but the computer still displays a message saying the old password is incorrect. Do you know how to fix it? Do you have a proper password chat setup? Are you using PAM to change the passwords? You really need to give us more info. Here are the parts of smb.conf - passwd program = /usr/local/sbin/smbldap-passwd.pl %u add machine script = /usr/local/sbin/smbldap-useradd.pl -w -d /dev/null -s /bin/false %u add user script = /usr/local/sbin/smbldap-useradd.pl -a -s /bin/false -m %u add group script = /usr/local/sbin/smbldap-groupadd.pl %g add user to group script = /usr/local/sbin/smbldap-usermod.pl -G %g %u passdb backend = ldapsam:ldap://127.0.0.1; unix password sync = yes security = user domain master = yes domain logons = yes preferred master = yes os level = 65 - Laurent -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: v3.0.4-5 (Debian Sid) not Samba 3.0.5 - Can't change password
Greg Folkert wrote: I had a very similar problem. My only fix I could actually find was to completely remove all of the generated samba files (the .tbd files and such) with samba and winbind not running. Then removing all the machine accounts out of /etc/passwd, basically cleaning up to look just like just installed and never run yet Then starting joining the machines again, then using a script to generate the samba users from /etc/passwd... setting policies proper and since then (two weeks ago) haven't had any problems. Unfortunately it is a live environment I can't remove the accounts :( I'll try on a test environment -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] High CPU utilization
Matthias Spork wrote: Gary MacKay schrieb: Apparently nobody has a suggestion to why smbd process all of a sudden starts sucking CPU like crazy? Restarted samba and then restarting the entire server does not fix it. Searching the archives shows I'm not the only one with this problem. The archives do not show what to do about it yet. Grr... Redhat 9.0 Samba 3.04 ( I have 2.2.7 servers that have done this to me also) Hello, i had the same problem. Check your groups and bmembers in there. The problem comes, when you have more groupmembers the users., or if you have a groupmember who is deleted user. matze or ntop running on the samba server -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Charset conversion
Hi, I recently migrated a samba server but forgot to use the charset option to ISO-8859-1. Is there a shell script (I have seen one months ago) to translate those characters to ISO-8859-1 ? Thanks -- [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can I reconfigure Samba share without restart smb service?
maorui wrote: Everytime I add or remove some samba shares, I must restart smb service to take effect. Is there anyway to reconfig it without restart? just reload it /etc/init.d/samba reload -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Admins cannot change folder ownership
ww m-pubsyssamba wrote: Hi All, how can I allow an administrator to have permission to change folder ownership from windows explorer? The Samba server is an AD domain member server and I'm using group mapping not winbind for users and groups in Samba, I've tried mapping both the Administrators and Domain Admins groups to UNIX groups of which my test user is a member of but I always get a permission denied error when attempting to change the ownership of a folder. Anyone like to explain this to me? thanks in advance, cheers Andy. did you enable ACLs on the file system ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Strange message while trying to change pass from windows XP
Hi I configured samba as a PDC of my domain (LDAP backend). Everything is working flawlessy except the password change (with ctrl+alt+suppr) under winXP. When I try to change pass, the system complains about incorrect password (case) although the password is effectively modified Any clue to make this ugly message not to appear? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to change password from winXP
[EMAIL PROTECTED] wrote: Try to set pam password change = yes in you smb.conf We had the same problem with Samba 2.2.7 - 3.0.1 + OpenLDAP. Best regards Michal It didn't work Here is the smb.conf [global] load printers = yes #Ldap Defs ldap suffix = dc=pipo, dc=net ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap admin dn = cn=admin, dc=pipo, dc=net #guest account = nobody passwd program = /usr/local/sbin/smbldap-passwd.pl %u #domain admin users = Administrator #rmv lc test ldap password sync = yes unix password sync = yes pam password change = no #passwd program = /usr/local/sbin/smbldap-passwd.pl %u #passwd chat = Changing*password*for* \\n *New*password* %n\\n *Retype*new*password %n\n #passwd chat = *new*password* %n\n *new*password %n\n *successfully* passdb backend = ldapsam #ldap ssl = off workgroup = Samba_ldap netbios name = smbldap comment = Linux Apartia security = user #null passwords = Yes encrypt passwords = true # uncoment for HEAD code #use spnego=no logon drive = U: logon path = \\%N\profiles\%U domain master = yes domain logons = yes preferred master = yes os level = 65 log file = /tmp/samba.log passwd chat debug = yes debuglevel = 1 ; necessary share for domain controller #[netlogon] #path = /var/lib/samba/netlogon #locking = no #read only = yes #write list = ntadmin ; share for storing user profiles [profiles] path = /var/lib/samba/profiles read only = no writeable = yes profile acls = yes create mask = 0600 directory mask = 0700 [pipo] browseable = yes writable = no path = /tmp public = yes [homes] comment = Home Directories browseable = yes readonly = no create mask = 0700 directory mask = 0700 logon home = \\%N\%U [printers] browseable=yes path=/tmp printable=yes public=yes writable=no guest ok=yes create mode = 0700 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to change password from winXP
Hi I configured samba as a PDC of my domain (LDAP backend). Everything is working flawlessy except the password change (with ctrl+alt+suppr) under winXP. When I try to change pass, the system complains about incorrect password (case) although the password is effectively modified Any clue to make this ugly message not to appear? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
