[Samba] Samba-3-server and MS ADS / MSSFU-schema
Hello, my question is: can I use MS ADS with MSSFU-schema extension together with samba3? We have a MS-ADS with all MSSFU attributes filled, so that nix-client using pam/nss-ldap can use the ADS for authentication and in nss. The nix-clients can also mount MS-shares as their home-directories (pam-cifs). Additionaly, we need to have a linux file server using samba3. No the question is: can the samba server use the ADS as ldapsam? Quite sure, that this is impossible, because samba needs its samba... attributes. I experimented with openldap as a proxy to ADS and mapping some attributes. But I am not sure about what ldap attributes are neccessary for the samba-server. Is there any way to accomplish that? (Using PAM on the samba-server requires clear text passwords enabled and that does not work together with our windows clients). -- Wilhelm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba started asking for a password when trying to access it
Hi, samba has just been updated on my machine, before the update it was work without asking for a password when accessing from a windows machine. Now after the update it is asking for a password which whatever I enter does not seem to work. Samba version: Samba 3.0.24-7.fc5 Config file [global] workgroup = FONTERA server string = MavinDev security = SHARE guest account = apache log file = /var/log/samba/%m.log max log size = 50 load printers = No dns proxy = No guest ok = Yes hosts allow = 192.168.0., 127. [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /usr/spool/samba printable = Yes browseable = No [webroot] comment = Root of Webserver path = /var/www/html read only = No [vhosts] comment = Vhost folders path = /var/www/vhosts read only = No [backup] comment = Root of Webserver path = /var/www/BACKUP read only = No [PHP_lib] comment = Standard lib of php classes that can be used ANY where. (included in the php config) path = /var/www/lib [dev_project] comment = Root of Webserver path = /var/www/vhosts/dev.dotproject read only = No [profiler] comment = Profiler path = /var/www/profiler read only = No [transport] comment = transport path = /opt/xmpppy/ read only = No Kind Regards Wilhelm Ellmann -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Rename to open file doesn't work, why?
Am Montag, 28. Juli 2008 schrieb Jeremy Allison: > On Mon, Jul 28, 2008 at 07:02:52AM +0200, Wilhelm Meier wrote: > > Am Montag, 28. Juli 2008 schrieb Michael Heydon: > > > Wilhelm Meier wrote: > > > > > > > > On a local linux filesystem like ext2/3 one can rename a file > > > > to an existing, already open file. > > > > > > > > But this doesn't work on a cifs-mounted samba-share > > > > > > > > > > The reason this works with ext2 is that as long as you hold an > > > open file descriptor a deleted file is still accessible (rename > > > is essentially a delete and then a move). > > > > > > While it might be theoretically possible for this to work unix > > > to unix, Windows doesn't deal with deleted files the same way > > > (it prevents you from deleting files as long as they are open), > > > and so it's quite possible that SMB/CIFS doesn't understand the > > > concept of having a deleted file open. > > > > Yes, with a windows file server this is impossible. > > > > But I thought the samba unix extensions should make that > > possible. > > > > Otherwise samba/cifs is unusable as e.g. user-homes, since KDE > > tends to use this pattern. > > > > Is there any workaround at the moment? > > Can you log a bug with bugzilla.samba.org so I can > track this. Include everything I need to reproduce > (test code preferably) so I can ensure the UNIX > extensions allow this. I tried some other versions of samba (triggered to the fact, that debian lenny now has feature freeze ...). I found that the problem vanished from Samba 3.0.28 on for the testprogram I posted earlier. I had not enough time to test the newer samba versions as user-homes with KDE, but I'll do that soon. > > Thanks ! > > Jeremy. -- Wilhelm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Rename to open file doesn't work, why?
Am Montag, 28. Juli 2008 schrieb Michael Heydon: > Wilhelm Meier wrote: > > > > On a local linux filesystem like ext2/3 one can rename a file to > > an existing, already open file. > > > > But this doesn't work on a cifs-mounted samba-share > > > > The reason this works with ext2 is that as long as you hold an open > file descriptor a deleted file is still accessible (rename is > essentially a delete and then a move). > > While it might be theoretically possible for this to work unix to > unix, Windows doesn't deal with deleted files the same way (it > prevents you from deleting files as long as they are open), and so > it's quite possible that SMB/CIFS doesn't understand the concept of > having a deleted file open. Yes, with a windows file server this is impossible. But I thought the samba unix extensions should make that possible. Otherwise samba/cifs is unusable as e.g. user-homes, since KDE tends to use this pattern. Is there any workaround at the moment? -- Wilhelm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Rename to open file doesn't work, why?
Hello, this may be a question a thousand times answered but I did not find it ... On a local linux filesystem like ext2/3 one can rename a file to an existing, already open file. But this doesn't work on a cifs-mounted samba-share - or do I miss something in the samba configuration. Attached ist a small test-program that does essentially the same as kmail does when it creates a mail-index file (and crashes ...) Here you can see the versions (from the clients /proc/fs/cifs/): Display Internal CIFS Data Structures for Debugging --- CIFS Version 1.52 Active VFS Requests: 0 Servers: 1) Name: 192.168.32.12 Domain: KMUX Mounts: 1 OS: Unix NOS: Samba 3.0.24 Capability: 0x80f3fd SMB session status: 1 TCP status: 1 Local Users To Server: 1 SecMode: 0x3 Req On Wire: 0 MIDs: Shares: 1) \\192.168.32.12\hugo.tester Uses: 1 Type: NTFS DevInfo: 0x0 Attributes: 0x2b PathComponentMax: 255 Status: 1 type: 0 TIA -- Wilhelm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: interdomain trust between two samba pdc's
I have trusts setup between 3 samba domains. Do you have a specific question regarding setup? Hans Adam Williams wrote: i think you have to create the trusts on both DOMAINS as they only work in one direction. the official samba how to and reference guide briefly touches on the subject. SoUnD WrEcK wrote: So is no one here doing interdomain trusts using two Samba PDC's on two different subnets? I have been struggling with this problem for a long time now, and would like some help with it. Thanks! On Fri, Apr 25, 2008 at 2:54 PM, SoUnD WrEcK <[EMAIL PROTECTED]> wrote: I have been trying off and on for some time now to get an interdomain trust relationship going between two samba pdc machines (DomainA=trusted & DomainB=trusting). Both pdc's are running on Solaris boxes and NIS is involved (I doubt there is a NIS complication just because I can use accounts on DomainA on DomainB's samba, as long as I add them using smbpasswd manually). The situation is this. DomainA hosts most user accounts for my two networks. Therefore DomainA should be trusted and DomainB should be trusting. The documentation is confusing and does not describe this exact scenario (talks about samba with microsoft pdc's). I have tried every combination I can think of, but things still aren't working as they should. I have added an account for DomainB on DomainA. I then type "smbpasswd -a -i DomainB", still working on DomainA. This seems to go through okay. However, when I type "net rpc trustdom list" on DomainA, I get the following: Trusted domains list: none Trusting domains list: Unable to find a suitable server domain controller is not responding DomainB I expect what I see for trusted, but for trusting, should I really be seeing those errors? What do they mean? Is the fact that DomainB is listed mean that it worked and I should ignore the errors? I guess I'll stop here and make sure there is not a problem with this step before I post further information about this process. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain logons w/ LDAP backend
I would advise against using Samba 3.0.28a if you are using domain trusts. I spent weeks trying to configure trusts with 3.0.28a and it didn't work. I went back to samba 3.0.26a and it worked like a charm. John Drescher wrote: On Thu, Apr 3, 2008 at 8:28 PM, Tom Smith <[EMAIL PROTECTED]> wrote: Hi, I have multiple Samba servers working very well using the tdbsam backend. The number of servers is becoming harder to manage now so I began testing an LDAP-based Samba server. Everything works great except when a workstation tries to login to the domain... All users are able to login just fine when accessing network shares. Workstation are able to join the domain. But upon reboot, they're not able to login to the domain. Here's what I'm using: CentOS 4 Samba 3.0.10 OpenLDAP 2.2.13 smbldap-tools-0.9.4 Windows XP Pro The error message I get on the client is: "Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable or because your computer account was not found." This happens on every computer. My server logs are filled with these messages: "[2008/04/01 13:48:22, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected" I've been trying to find a solution to this for (literally) months. I really, really, really need to get this working--I currently have four office that need to be connected under the same Samba domain, the all already have Samba servers installed but under different domains. And we're gearing up for another growth spurt in the next six to twelve months that will add to this number, which makes it even that more important. Any advice or pointers for resolving this will be very much appreciated! Can you please update your samba? That version is > 3 years old. The current samba is 3.0.28a. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Logon Script Management
I recently migrated from Windows NT 4.0 to Samba with a LDAP backend and haven't found a good tool have managing logon scripts for user groups and individual users. What tools are available for managing this? Currently each user is assigned their own script which makes changes painful. Mit freundlichen Grüßen / With kind regards Hans-Wilhelm Heisinger -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Importing Accounts from Windows?
I used a slick migration toolkit: http://sourceforge.net/projects/w2lmt/ Mit freundlichen Grüßen / With kind regards Hans-Wilhelm Heisinger Kyle Schmitt wrote: Is there some automated system to import windows accounts into a samba or a samba ldap situation? I've got a few hundred users on an NT domain, and I'd like to migrate them sometime before the last piece of hardware supported by NT4 rusts. Right now several linux based samba servers are doing all of the heavy lifting (shared files printers etc), but they are all looking at the domain controller for authentication. Considering the multiple vulns for NT, I know I could just run a password cracker against it, then create new accounts for everyone with their old passwords, but I'm reluctant to do that. Is there a way to transfer the account info from the PDC to samba then just shut the old thing off? Thanks, Kyle -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + LDAP cannot get account from NT4
I migrated a few NT domains to Samba using the rpc net vampire command to a tdbsam backend, and then move to a LDAP backend and was successful. I had tried going directly to LDAP using the rpc net vampire command but it failed like yours. However I have come across scripts that do this migration in a book Windows to Linux Migration toolkit. wilson kwok wrote: > Can anyone help me to solve this problem ? > > Thx ! > >> From: [EMAIL PROTECTED]> To: samba@lists.samba.org> Date: Fri, 28 Dec 2007 >> 01:15:58 +0800> Subject: [Samba] Samba + LDAP cannot get account from NT4> > >> > Hello,> > I do a Migration from NT4 to Samba + LDAP, I already join Samba >> to NT4, when I type > net rpc vampire -S NT -U Administrator%nt, the >> following error occur,> > [2007/12/28 00:13:16, 0] >> rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2673) >> cli_rpc_pipe_open_schannel: failed to get schannel session key from server >> NT for domain SFA.[2007/12/28 00:13:16, 0] >> utils/net_rpc.c:run_rpc_command(151) Could not initialise schannel netlogon >> pipe. Error was NT_STATUS_INVALID_NETWORK_RESPONSE> > Thx> >> _> Express >> yourself instantly with MSN Messenger! Download today it's FREE!> >> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/> -- > To >> unsubscribe from this list go to the following URL and read the> >> instructions: https://lists.samba.org/mailman/listinfo/samba >> > _ > Express yourself instantly with MSN Messenger! Download today it's FREE! > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD issue....
Michael, Here is a great How To for AD. http://ubuntuforums.org/showthread.php?t=280702 I had the same issue, and after following the "how to" it was resolve. Mit freundlichen Grüßen Hans-Wilhelm Heisinger Paulo Almeida wrote: Hi Michael, valid users = '@domain users' <<< This will work? Try valid users = "@DOMAIN+Domain Users" or "@DOMAIN\Domain Users", dependig on the your winbind separator statement. Regards, Paulo Almeida -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL changes on Samba NT 4.0 Member Server
Thank you for the advice. I tried the same setup Ubuntu 7.10 and it worked like a charm! Hans Eric Diven wrote: Try samba 3.0.23d. I just built if for Solaris, and it appears to be working beautifully. That's several days of my life I'll never get back. I just did built the "new" version, installed it, copied the libnss_winbind.so to where it lives and restarted samba. No config changes, nothing. ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Diven Sent: Monday, November 05, 2007 12:55 PM To: samba@lists.samba.org Subject: RE: [Samba] ACL changes on Samba NT 4.0 Member Server Not neccessarily, console login is controlled by PAM, not winbind. If you haven't set up PAM (and you shouldn't need to for just setting up a file share), you won't be able to log in at the console (or by ssh, etc). I'm still fighting this on my side as well, for what it's worth. If I figure it out, I'll let you know. When I try to add an entry to the ACL, I get the same error, but in the logs I see an error about not being able to set the access rights into the Unix security model. The error I get is "Too many ACE entries for file to convert to posix perms." If you're seeing that too, we might be on to something. I am seeing it consistently across Solaris and CentOS, so I'm guessing this isn't a platform related issue for either of us. Good luck. ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hans-Wilhelm Heisinger Sent: Monday, November 05, 2007 11:00 AM To: samba@lists.samba.org Subject: Re: [Samba] ACL changes on Samba NT 4.0 Member Server John, I seemed to have pinpointed the problem down to an authentication issue. wbinfo -a CPDOM+admin%password plaintext password authentication succeeded challenge/reponse password authentication succeeded su CPDOM+admin Password: su: incorrect password Any ideas? John Drescher wrote: On 11/2/07, Hans-Wilhelm Heisinger <[EMAIL PROTECTED]> wrote: I'm not really sure what I'm looking for or which log file the error would present it's self in. Anyways below is a my "shot in the dark" This is the right file but I don't see an error. Hopefully someone else can help. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba info/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL changes on Samba NT 4.0 Member Server
John, I seemed to have pinpointed the problem down to an authentication issue. wbinfo -a CPDOM+admin%password plaintext password authentication succeeded challenge/reponse password authentication succeeded su CPDOM+admin Password: su: incorrect password Any ideas? John Drescher wrote: On 11/2/07, Hans-Wilhelm Heisinger <[EMAIL PROTECTED]> wrote: I'm not really sure what I'm looking for or which log file the error would present it's self in. Anyways below is a my "shot in the dark" This is the right file but I don't see an error. Hopefully someone else can help. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL changes on Samba NT 4.0 Member Server
John, I seemed to have pinpointed the problem down to an authentication issue. wbinfo -a CPDOM+admin%password plaintext password authentication succeeded challenge/reponse password authentication succeeded su CPDOM+admin Password: su: incorrect password Any ideas? John Drescher wrote: On 11/2/07, Hans-Wilhelm Heisinger <[EMAIL PROTECTED]> wrote: I'm not really sure what I'm looking for or which log file the error would present it's self in. Anyways below is a my "shot in the dark" This is the right file but I don't see an error. Hopefully someone else can help. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL changes on Samba NT 4.0 Member Server
I'm not really sure what I'm looking for or which log file the error would present it's self in. Anyways below is a my "shot in the dark" [2007/11/02 06:13:29, 5] rpc_parse/parse_prs.c:prs_ntstatus(763) 0018 status: NT_STATUS_OK [2007/11/02 06:13:29, 10] nsswitch/winbindd_rpc.c:sequence_number(848) domain_sequence_number: for domain CPDOM is 29539 [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400) store_cache_seqnum: success [CPDOM][29539 @ 1194002009] [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459) refresh_sequence_number: CPDOM seq number is now 29539 [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:centry_expired(501) centry_expired: Key TRUSTDOMS/CPDOM for domain CPDOM is good. [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:wcache_fetch(588) wcache_fetch: returning entry TRUSTDOMS/CPDOM for domain CPDOM [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:trusted_domains(1741) trusted_domains: [Cached] - cached info for domain CPDOM (2 trusts) status: NT_STATUS_OK [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:cache_store_response(1966) Storing response for pid 2464, len 3337 [2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:cache_store_response(1980) Storing extra data: len=97 [2007/11/02 06:13:35, 4] nsswitch/winbindd_dual.c:fork_domain_child(809) child daemon request 13 [2007/11/02 06:13:35, 10] nsswitch/winbindd_dual.c:child_process_request(395) process_request: request fn AUTH_CRAP [2007/11/02 06:13:35, 3] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1460) [ 2453]: pam auth crap domain: CPDOM user: ADMIN [2007/11/02 06:13:35, 8] lib/util.c:is_myname(2065) is_myname("CPDOM") returns 0 [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(148) sequence = 0x472b046c [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(150) seed:6A478DD1D50C5B54 [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(155) seed+seq D64BB818D50C5B54 [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(159) CLIENT 39C2447FE6E06DDE [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(164) seed+seq+1 D74BB818D50C5B54 [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(168) SERVER AFDE89BB3E2F0393 [2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_reseed(238) cred_reseed: seed D74BB818D50C5B54 John Drescher wrote: On 11/1/07, Hans-Wilhelm Heisinger <[EMAIL PROTECTED]> wrote: John, Thank you for the reply. Below is the output from mount and ls -al. Yes I can login as CPDOM+admin and create files, but connecting to the share as CPDOM+admin doesn't work. Hans [EMAIL PROTECTED] ~]# mount /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/hda1 on /boot type ext3 (rw,acl) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) [EMAIL PROTECTED] ~]# ls -al /files total 5196 drwxrwxrwx 3 root root4096 Nov 1 10:17 . drwxr-xr-x 26 root root4096 Nov 1 05:25 .. -rwxrw-rw- 1 root root 413 Feb 24 2006 AS400.WS -rwxrw-rw- 1 root root 398 Jul 27 14:13 dnsb.txt -rwxrw-rw- 1 root root 3100432 May 22 2006 Dsclient.exe drwxrwxrwx 2 root root4096 Apr 7 2005 Fonts -rwxrw-rw- 1 root root1411 Aug 15 08:09 hans.txt -rwxrw-rw- 1 root root 61440 Sep 14 08:57 IDTag.exe -rwxrw-rw- 1 root root 262727 Apr 21 2003 keyfinder.exe -rwxrw-rw- 1 root root 25088 Mar 22 2007 Label6x4 layout with text.doc -rwxrw-rw- 1 root root 60416 Jun 6 09:41 Label proposal II.xls -rwxrw-rw- 1 root root 90112 May 9 2006 OfficeTime.exe -rwxrw-rw- 1 root root 317 Jul 3 07:51 OutputsLisec.txt -rwxrw-rw- 1 root root 173231 May 4 1999 REPLICA.HLP -rwxrw-rw- 1 root root1101 Apr 25 2005 Salesreport.dtf -rw-rw-rw- 1 root root 481 Nov 1 08:42 smb.conf -rwxrw-rw- 1 root root 69632 Mar 4 2004 system.mdw -rwxrw-rw- 1 root root 491008 May 10 13:20 TSClient.doc -rwxrw-rw- 1 root root 782848 Jun 30 2006 WIP LOCATIONS.xls -rwxrw-rw- 1 root root5632 Aug 4 2004 wmi.dll -rwxrw-rw- 1 root root 16930 May 31 1994 XCOPY.EXE It is possible the problem is that the owner and group of the share are both root. I never do that for any of my working samba shares. The owner can be a user or possibly root but the group is always a group that the users I want to change acls. I see from the docs that dos filemode is supposed to fix that so maybe this is not the case. Can you set a log level of 10 and see if there are any errors caused when you try to change the acls? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL changes on Samba NT 4.0 Member Server
John, Thank you for the reply. Below is the output from mount and ls -al. Yes I can login as CPDOM+admin and create files, but connecting to the share as CPDOM+admin doesn't work. Hans [EMAIL PROTECTED] ~]# mount /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/hda1 on /boot type ext3 (rw,acl) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) [EMAIL PROTECTED] ~]# ls -al /files total 5196 drwxrwxrwx 3 root root4096 Nov 1 10:17 . drwxr-xr-x 26 root root4096 Nov 1 05:25 .. -rwxrw-rw- 1 root root 413 Feb 24 2006 AS400.WS -rwxrw-rw- 1 root root 398 Jul 27 14:13 dnsb.txt -rwxrw-rw- 1 root root 3100432 May 22 2006 Dsclient.exe drwxrwxrwx 2 root root4096 Apr 7 2005 Fonts -rwxrw-rw- 1 root root1411 Aug 15 08:09 hans.txt -rwxrw-rw- 1 root root 61440 Sep 14 08:57 IDTag.exe -rwxrw-rw- 1 root root 262727 Apr 21 2003 keyfinder.exe -rwxrw-rw- 1 root root 25088 Mar 22 2007 Label6x4 layout with text.doc -rwxrw-rw- 1 root root 60416 Jun 6 09:41 Label proposal II.xls -rwxrw-rw- 1 root root 90112 May 9 2006 OfficeTime.exe -rwxrw-rw- 1 root root 317 Jul 3 07:51 OutputsLisec.txt -rwxrw-rw- 1 root root 173231 May 4 1999 REPLICA.HLP -rwxrw-rw- 1 root root1101 Apr 25 2005 Salesreport.dtf -rw-rw-rw- 1 root root 481 Nov 1 08:42 smb.conf -rwxrw-rw- 1 root root 69632 Mar 4 2004 system.mdw -rwxrw-rw- 1 root root 491008 May 10 13:20 TSClient.doc -rwxrw-rw- 1 root root 782848 Jun 30 2006 WIP LOCATIONS.xls -rwxrw-rw- 1 root root5632 Aug 4 2004 wmi.dll -rwxrw-rw- 1 root root 16930 May 31 1994 XCOPY.EXE John Drescher wrote: On 11/1/07, Hans-Wilhelm Heisinger <[EMAIL PROTECTED]> wrote: I have a Samba 3.0.24-7 on Fedora 6 as a member of an Windows NT 4.0 domain, with a simple share setup with ACLs. The permissions on the share from Windows XP Pro Security tab shows Everyone, and root (Unix Group\root) without any Permissions. When trying to add permissions from XP while logged on as CPDOM+admin the error is display "Unable to save permission changes on "share name" on "server name" Access is denied. Files can be copied to the share but can't be opened. Below is the smb.conf. I believe ACLs would work if I add access. I tried setting the ACLs using setfacl and then the permissions show full control from XP, but I'm still unable to change permissions or open files. [global] winbind separator = + idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes winbind use default domain = no security = domain workgroup = CPDOM netbios name = FILE_SRV password server = XSERVER server string = [data] comment = FILES path = /files guest ok = yes create mask = 0777 writeable = yes nt acl support = yes oplocks = no browseable = yes dos filemode = yes admin users = Your smb.conf file looks fine. Can CPDOM+admin log into the unix system and create files? You are mounting your unix filesystem with acls enabled? Also can you post an ls -al on /files -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ACL changes on Samba NT 4.0 Member Server
I have a Samba 3.0.24-7 on Fedora 6 as a member of an Windows NT 4.0 domain, with a simple share setup with ACLs. The permissions on the share from Windows XP Pro Security tab shows Everyone, and root (Unix Group\root) without any Permissions. When trying to add permissions from XP while logged on as CPDOM+admin the error is display "Unable to save permission changes on "share name" on "server name" Access is denied. Files can be copied to the share but can't be opened. Below is the smb.conf. I believe ACLs would work if I add access. I tried setting the ACLs using setfacl and then the permissions show full control from XP, but I'm still unable to change permissions or open files. [global] winbind separator = + idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes winbind use default domain = no security = domain workgroup = CPDOM netbios name = FILE_SRV password server = XSERVER server string = [data] comment = FILES path = /files guest ok = yes create mask = 0777 writeable = yes nt acl support = yes oplocks = no browseable = yes dos filemode = yes admin users = CPDOM+admin Hans -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't see or change ACLs on Windows
Eric, I was experiencing the same problem, this link help me view the ACLs. I still can't change them. http://kbase.redhat.com/faq/FAQ_79_4760.shtm Hans Eric Diven wrote: Whoops, meant to go to the list, sorry. ~Eric -Original Message- From: Eric Diven Sent: Tuesday, October 30, 2007 11:29 AM To: '[EMAIL PROTECTED]' Subject: RE: [Samba] Can't see or change ACLs on Windows On Tue, Oct 30, 2007 at 10:59:41AM -0400, Eric Diven wrote: Okay, here's what I've figured out from trying to do what you suggested: Well, so far we haven't seen any debug logs. Volker So far, neither have I. I'm getting nothing in the logs on either CentOS or Solaris when I do anything from the windows client. Neither the mtimes nor the file sizes on the logs that get generated at startup are changing, and I'm not getting any new logfiles for client machines that log on: "Annoyingly, I'm not getting any logging for clients. Why, I don't know. I see start-up messages correctly in the log.smbd file, including those at log level 10, but not ones from clients. Here are the logging-related lines from smbd.conf # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50" ^ From yesterday ^ If I could trouble you with a really stupid question: Do I need to jack the logging up on nmbd to 10 as well? I'm working under the assumption that this is an smbd problem, so that's where I've turned up the logging. We all know of course what happens when you assume ;-) ~Eric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Abwesenheitsnotiz: Hi
Sehr geehrter Mailpartner, danke für Ihre Nachricht. Ich bin leider nicht im Haus. Ihre Nachricht wird an Herrn Johann Bauer weitergeleitet. Während meiner Abwesenheit betreuen Sie Frau Manuela Lentner oder Herr Johann Bauer. Frau Lentner ist direkt erreichbar unter Tel.: 08552-41-293, Fax: 08552-41-255 oder per E-Mail: [EMAIL PROTECTED] Herrn Bauer können Sie tel. unter der Durchwahl -258, per Fax: -255 oder per E-Mail: [EMAIL PROTECTED] erreichen. Persönlich können Sie mich wieder ab 02. Februar 2004 erreichen. Freundliche Grüße i.A. Karin Wilhelm -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba