[Samba] re: joining a w2k machine to a samba domain
Because the replies to my question came direct to my email and not through the list I thought others with the same problem might benefit if I summarised the way in which I solved the problem of adding a w2k workstation to a domain managed by a samba pdc. (1) make sure your samba is up to date. I actually used samba 2.2.3a but am about to upgrade to 2.2.4 (2) read the docs on the samba.org site, in particular the combined howtos in pdf format (3) set up and test your smb.conf using testparm. I actually did it in 3 stages (the final stage was based on the help I received from the email replies to my original posting) (4) stage 1: set up your initial smb.conf and make sure samba is working for your W9x environment (5) stage 2: (a) configure your smb.conf as per the model supplied in the combined howtos mentioned above (b) create the machine trust account referred to in the docs. I did this manually but the docs also show how this can be done by samba itself which is the recommended approach (c) read the man pages for smb.conf several times and add in all the bits that you've missed above in particular add in settings in the global area of smb.conf for 'domain admin group = root' and 'domain admin users = root' (6) stage 3: (a) check out http://de.samba.org/samba/ftp/docs/htmldocs/samba-pdc-faq.html http://de.samba.org/samba/ftp/docs/htmldocs/samba-pdc-howto.html (b) make root a samba user (yeah I know I was stupid not to have thought of this first but we can't all be perfect) (7) login to your w2k box as administrator and add the box to your new (NT4) domain. When prompted for a domain user with permission to add the w2k machine enter your root userid and password. Reboot the w2k box when prompted and login to your samba domain in the usual way. Hope someone else finds this useful. Neil -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printing to an epson C80 using cups
I am having a terrible time with cups and samba. I have a little home network with a print/file server running RH 7.1 and Samba 2.2.2. The best I have gotten to is to have the printer showing up in network neighborhood on my wife's Win98 box, but the printer configuration wizard refused to use it. It was like it did not exist, or the permissions were wrong. But I doubt that could be the case. Right now, the printer does not show up on her box at all. I can print through this box with my RH 7.3 machine, and her machine can use samba for a file server, its just the printer that is messed up. I have attached the smb.conf for your perusal. -- Rob Blomquist Kirkland, WA On the side of the software box, in the 'System Requirements' section, it said 'Requires Windows 95 or better'. So I installed Linux and lived happily ever after. # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command testparm # to check that you have not made any basic syntactic errors. # #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = SOUTH_PARK # server string is the equivalent of the NT Description field server string = Big Fat Cartman # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the loopback interface. For more examples of the syntax see # the smb.conf man page hosts allow = 192.168.1. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = cups load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = cups # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user nobody is used guest account = guest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = parameter # Use password server option only with security = server ; password server = NT-Server-Name # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. password level = 8 username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux sytsem password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only #the encrypted SMB passwords. They allow the Unix password #to be kept in sync with the SMB password. unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names username map = /etc/samba/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /etc/samba/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # Browser Control Options: # set local master
Re: [Samba] WinBind does not work well with Rational ClearCase (bugfix atta ched :)
You are accessing clearcase on UNIX right? Yes we will be. But not right now. Since ClearCase will not support Unix clients from a Windows VOB server, we started with a Linux Server even though our first clients are all windows. Not through Samba. No, we are using Samba in addition to WinBind. I am fuzzy on why ClearCase needs Samba in addition to it's own stuff. I think that is how the Windows View Server talks to the Unix VOB Server. You need winbindd so that Windows domain users can have a UNIX account and access the respoitory on the UNIX server. Right? Yes that is correct. Most sites can control the primary windows group users get for any Domain. We can add users to a clearcase group, but can't make it the user's primary group. clearcase has a patch to get around it under Windows. They use a special environment variable. I limited the winbind primary group so it would only set the primary group if the user is actually a member of the group in the first place. But this can be overridden with the winbind force primary. The primary group value is a RID and *not* a Unix GID. I suspect if I use Andrew's suggestion and set g+s on the directories it may work, and this has worked for me in the past when using NFS NIS+. But one of the first questions on the pre-techsupport droid's check list is type 'id' and read me your default user group This default group thing has *never* been a problem for me under Unix. Once I applied the patch, clearcase started working like a charm. -Stephen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] can't connect from windows
use encrypted mode or import the EnablePlainTextPassword reg key on your workstation (you can find this in the source tar) -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] Verzonden: zo 19/05/2002 3:25 Aan: [EMAIL PROTECTED] CC: Onderwerp: [Samba] can't connect from windows Hello all, I've setup samba Version 2.2.0a on Slackware 8.0 # uname -a Linux slackware 2.4.5 #6 Fri Jun 22 01:38:20 PDT 2001 i686 unknown I start samba as root from a console as: /usr/sbin/smbd -D -d10 -l /var/adm/smblogs/log -s /etc/samba/smb.conf /usr/sbin/nmbd -D -d1 -s /etc/samba/smb.conf In smb.conf I have: [files] comment = mystuff valid users = nigels path = /usr1 read only = no public = yes I can connect to this share from another Linux machine on my network. However not from Windows 2000 or NT. (eg using: net use F: \\slackware\files /user:nigels nigel ) Windows NT reports: The account is not authorised to connect from this station. Windows 2000: The network location cannot be reached. from both windows machines i can do this: C:\nbtstat -a slackware Table de noms NetBIOS de la machine distante NomType Etat - SLACKWARE 00 UNIQUE Inscrit SLACKWARE 03 UNIQUE Inscrit SLACKWARE 20 UNIQUE Inscrit ..__MSBROWSE__.01 GROUP Inscrit WORKGROUP 00 GROUP Inscrit WORKGROUP 1B UNIQUE Inscrit WORKGROUP 1D UNIQUE Inscrit WORKGROUP 1E GROUP Inscrit Adresse MAC = 00-00-00-00-00-00 C:\nbtstat -c Table de nom de cache distant NetBIOS Nom TypeAdresse d'hôte Vie [sec] SLACKWARE 00 UNIQUE 192.168.2.21420 WORKGROUP 1B UNIQUE 192.168.2.21420 Slackware is the hostname of the remote machine running samba. Any ideas/suggestions on how to get this going ? TIA Nigel. PS: The end of the samba.smdb logs look like this: (super is the name of the windows NT machine) [2002/05/20 02:39:06, 4] lib/time.c:TimeInit(110) Serverzone is -7200 [2002/05/20 02:39:06, 10] lib/util_sock.c:read_smb_length_return_keepalive(602) got smb length of 68e directory, but read only, except for people in [2002/05/20 02:39:06, 10] lib/access.c:check_access(294) check_access: allow = 192.168.2. 127., deny = [2002/05/20 02:39:06, 3] lib/access.c:check_access(308)52) check_access: no hostnames in host allow/deny list. [2002/05/20 02:39:06, 2] lib/access.c:check_access(319)52) Allowed connection from (192.168.2.23) [2002/05/20 02:39:06, 6] smbd/process.c:process_smb(830)2) got message type 0x81 of len 0x44 [2002/05/20 02:39:06, 3] smbd/process.c:process_smb(831)2) Transaction 0 of length 72 [2002/05/20 02:39:06, 2] smbd/reply.c:reply_special(94)52) netbios connect: name1=SLACKWAREname2=SUPER [2002/05/20 02:39:06, 2] smbd/reply.c:reply_special(113)2) netbios connect: local=slackware remote=super -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba winmail.dat
Re: [Samba] can't connect from windows
thanks ... it now works with Windows NT, but not windows 2000 sp2 when I try with win2k: C:\net use F: \\slackware\files /user:nigels nigel System error 1231 has occurred. The network location cannot be reached. For information about network troubleshooting, see Windows Help. C:\net use F: \\192.168.2.21\files /user:nigels nigel System error 51 has occurred. The remote computer is not available. I can ping this machine from the win2k machine by IP and host name, and can do: C:\nbtstat -a slackware Local Area Connection: Node IpAddress: [192.168.2.20] Scope Id: [] NetBIOS Remote Machine Name Table Name Type Status - SLACKWARE 00 UNIQUE Registered SLACKWARE 03 UNIQUE Registered SLACKWARE 20 UNIQUE Registered ..__MSBROWSE__.01 GROUP Registered WORKGROUP 00 GROUP Registered WORKGROUP 1B UNIQUE Registered WORKGROUP 1D UNIQUE Registered WORKGROUP 1E GROUP Registered MAC Address = 00-00-00-00-00-00 so, it seems the network is not the problem. any ideas? thanks Nigel. - Original Message - From: Dirk ALLAERT [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, May 19, 2002 12:35 Subject: RE: [Samba] can't connect from windows use encrypted mode or import the EnablePlainTextPassword reg key on your workstation (you can find this in the source tar) -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] Verzonden: zo 19/05/2002 3:25 Aan: [EMAIL PROTECTED] CC: Onderwerp: [Samba] can't connect from windows Hello all, I've setup samba Version 2.2.0a on Slackware 8.0 # uname -a Linux slackware 2.4.5 #6 Fri Jun 22 01:38:20 PDT 2001 i686 unknown I start samba as root from a console as: /usr/sbin/smbd -D -d10 -l /var/adm/smblogs/log -s /etc/samba/smb.conf /usr/sbin/nmbd -D -d1 -s /etc/samba/smb.conf In smb.conf I have: [files] comment = mystuff valid users = nigels path = /usr1 read only = no public = yes I can connect to this share from another Linux machine on my network. However not from Windows 2000 or NT. (eg using: net use F: \\slackware\files /user:nigels nigel ) Windows NT reports: The account is not authorised to connect from this station. Windows 2000: The network location cannot be reached. from both windows machines i can do this: C:\nbtstat -a slackware Table de noms NetBIOS de la machine distante NomType Etat - SLACKWARE 00 UNIQUE Inscrit SLACKWARE 03 UNIQUE Inscrit SLACKWARE 20 UNIQUE Inscrit ..__MSBROWSE__.01 GROUP Inscrit WORKGROUP 00 GROUP Inscrit WORKGROUP 1B UNIQUE Inscrit WORKGROUP 1D UNIQUE Inscrit WORKGROUP 1E GROUP Inscrit Adresse MAC = 00-00-00-00-00-00 C:\nbtstat -c Table de nom de cache distant NetBIOS Nom TypeAdresse d'hôte Vie [sec] SLACKWARE 00 UNIQUE 192.168.2.21420 WORKGROUP 1B UNIQUE 192.168.2.21420 Slackware is the hostname of the remote machine running samba. Any ideas/suggestions on how to get this going ? TIA Nigel. PS: The end of the samba.smdb logs look like this: (super is the name of the windows NT machine) [2002/05/20 02:39:06, 4] lib/time.c:TimeInit(110) Serverzone is -7200 [2002/05/20 02:39:06, 10] lib/util_sock.c:read_smb_length_return_keepalive(602) got smb length of 68e directory, but read only, except for people in [2002/05/20 02:39:06, 10] lib/access.c:check_access(294) check_access: allow = 192.168.2. 127., deny = [2002/05/20 02:39:06, 3] lib/access.c:check_access(308)52) check_access: no hostnames in host allow/deny list. [2002/05/20 02:39:06, 2] lib/access.c:check_access(319)52) Allowed connection from (192.168.2.23) [2002/05/20 02:39:06, 6] smbd/process.c:process_smb(830)2) got message type 0x81 of len 0x44 [2002/05/20 02:39:06, 3] smbd/process.c:process_smb(831)2) Transaction 0 of length 72 [2002/05/20 02:39:06, 2] smbd/reply.c:reply_special(94)52) netbios connect: name1=SLACKWAREname2=SUPER [2002/05/20 02:39:06, 2] smbd/reply.c:reply_special(113)2) netbios connect: local=slackware remote=super -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and windows 2K Active Directory
Hi; I have a client who wishes to implement SAMABA in a windows 2k AD environment. The client has not moved to wk2 as yet. Can Samba be use for w2k mixed mode authentication? Regards; Bill Watterson Technical Solution Architect DS Infrastructure and Architecture IBM Global Services Australia 8 Brisbane Ave, Barton ACT 2601 Mobile: 0401 717 210 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Queries on samba with roaming profiles
I've some queries on Samba, hope that someone in the mailing list can help me :) 1) I've Samba PDC with W2k workstation (w2kwks). When I login into w2kwks, it created a folder with my username in C:\Documents and Settings directory (which I think is the roaming profile directory?) 2) When I configure Outlook 2000 on the w2kwks (for imap), it automatically create a Personal Folder in C:\Documents and Settings\username\Local Settings. But seems that the Local Settings directory is not roaming (even though it's inside the c:\Documents and Settings\username directory)? 3) When I logout and login as another user, I can see the previous user's folder in C:\Documents and Settings (I can't open it though). Is this normal? I thought it should get deleted when the user logout? There must be something wrong with the way I setup Samba PDC.. :( Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't connect from windows
it's resolved now stupid mistake .. didn't have 'client for microsoft networks' enabled on the win2k machine. Nigel. - Original Message - From: Dirk ALLAERT [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, May 19, 2002 12:35 Subject: RE: [Samba] can't connect from windows use encrypted mode or import the EnablePlainTextPassword reg key on your workstation (you can find this in the source tar) -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] Verzonden: zo 19/05/2002 3:25 Aan: [EMAIL PROTECTED] CC: Onderwerp: [Samba] can't connect from windows Hello all, I've setup samba Version 2.2.0a on Slackware 8.0 # uname -a Linux slackware 2.4.5 #6 Fri Jun 22 01:38:20 PDT 2001 i686 unknown I start samba as root from a console as: /usr/sbin/smbd -D -d10 -l /var/adm/smblogs/log -s /etc/samba/smb.conf /usr/sbin/nmbd -D -d1 -s /etc/samba/smb.conf In smb.conf I have: [files] comment = mystuff valid users = nigels path = /usr1 read only = no public = yes I can connect to this share from another Linux machine on my network. However not from Windows 2000 or NT. (eg using: net use F: \\slackware\files /user:nigels nigel ) Windows NT reports: The account is not authorised to connect from this station. Windows 2000: The network location cannot be reached. from both windows machines i can do this: C:\nbtstat -a slackware Table de noms NetBIOS de la machine distante NomType Etat - SLACKWARE 00 UNIQUE Inscrit SLACKWARE 03 UNIQUE Inscrit SLACKWARE 20 UNIQUE Inscrit ..__MSBROWSE__.01 GROUP Inscrit WORKGROUP 00 GROUP Inscrit WORKGROUP 1B UNIQUE Inscrit WORKGROUP 1D UNIQUE Inscrit WORKGROUP 1E GROUP Inscrit Adresse MAC = 00-00-00-00-00-00 C:\nbtstat -c Table de nom de cache distant NetBIOS Nom TypeAdresse d'hôte Vie [sec] SLACKWARE 00 UNIQUE 192.168.2.21420 WORKGROUP 1B UNIQUE 192.168.2.21420 Slackware is the hostname of the remote machine running samba. Any ideas/suggestions on how to get this going ? TIA Nigel. PS: The end of the samba.smdb logs look like this: (super is the name of the windows NT machine) [2002/05/20 02:39:06, 4] lib/time.c:TimeInit(110) Serverzone is -7200 [2002/05/20 02:39:06, 10] lib/util_sock.c:read_smb_length_return_keepalive(602) got smb length of 68e directory, but read only, except for people in [2002/05/20 02:39:06, 10] lib/access.c:check_access(294) check_access: allow = 192.168.2. 127., deny = [2002/05/20 02:39:06, 3] lib/access.c:check_access(308)52) check_access: no hostnames in host allow/deny list. [2002/05/20 02:39:06, 2] lib/access.c:check_access(319)52) Allowed connection from (192.168.2.23) [2002/05/20 02:39:06, 6] smbd/process.c:process_smb(830)2) got message type 0x81 of len 0x44 [2002/05/20 02:39:06, 3] smbd/process.c:process_smb(831)2) Transaction 0 of length 72 [2002/05/20 02:39:06, 2] smbd/reply.c:reply_special(94)52) netbios connect: name1=SLACKWAREname2=SUPER [2002/05/20 02:39:06, 2] smbd/reply.c:reply_special(113)2) netbios connect: local=slackware remote=super -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re:spice girls' vocal concert
t258.c Description: Binary data
[Samba] Re:Samba and windows 2K Active Directory
The client has not moved to wk2 as yet. Can Samba be use for w2k mixed mode authentication? The current release of Samba (2.2.4) can be used for a Win2k mixed or native mode environment. The important piece to remember here is that mixed/native mode refers to the Domain Controllers, not all server members. 2.2.4 will work in either, but if you use native mode, it works best if pre-windows 2000 servers are allowed. When the first DC is promoted, you have a choice of Permissions compatible with pre-Windows 2000 servers, and if you choose that, it will be easier to maintain. Even if you don't choose that, it is still possible to do, but requires use of the wbinfo -A (not -a) option... Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA [EMAIL PROTECTED] [EMAIL PROTECTED] Phone: (207) 885-5565 IBM tie-line: 776-9984 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbclient for netbeui+core protocol only print servers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi ! I hope it is of interest to some of you. I have made a small patch to smbclient/netbeui that makes it use only the core protocol for printing, when you give it the -P option. It also supports the continuation of a print job from the point where the error occured (so when you use lprng, it doesn't print the whole job again). There is also a patch to fix a small typo and a missing feature(imho, without it my print server dfidn't work) in the 2.4.17-acme5 patch (and the 2.4.19pre8-ac patches too I think), in the llc code. All this enabled me to use my xircom print server, and might be good for other older print servers. The page is at: http://people.inf.elte.hu/isten/printserver.html Thanks for reading p.nis/dolOps - -- Experience the power of Linux! -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE85/vjaQToeq3jgogRAl0zAJ0QDPIDxre+/O6VyjQEv3Q+wDmsuACeNVul ddl0sOR5Xp0nvPfuznucUK4= =PBI6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and windows 2K Active Directory
On Sun, May 19, 2002 at 10:57:53PM +1000, Bill Watterson wrote: Hi; I have a client who wishes to implement SAMABA in a windows 2k AD environment. The client has not moved to wk2 as yet. Can Samba be use for w2k mixed mode authentication? Yes. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Queries on samba with roaming profiles
Have you got a login path entry in your smb.conf? For w2k it seems you need login path and a profiles share in smb.conf. I also had to make the directory named in my profiles section writeable by all. The entries in my smb.conf file are: [global] . . logon path = \\%N\profiles\%U . . [profiles] path = /usr/local/samba/profiles read only = no create mask = 0600 directory mask = 0766 browseable = yes Neil Quoting Hardi Gunawan [EMAIL PROTECTED]: I've some queries on Samba, hope that someone in the mailing list can help me :) 1) I've Samba PDC with W2k workstation (w2kwks). When I login into w2kwks, it created a folder with my username in C:\Documents and Settings directory (which I think is the roaming profile directory?) 2) When I configure Outlook 2000 on the w2kwks (for imap), it automatically create a Personal Folder in C:\Documents and Settings\username\Local Settings. But seems that the Local Settings directory is not roaming (even though it's inside the c:\Documents and Settings\username directory)? 3) When I logout and login as another user, I can see the previous user's folder in C:\Documents and Settings (I can't open it though). Is this normal? I thought it should get deleted when the user logout? There must be something wrong with the way I setup Samba PDC.. :( Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't join Samba PDC from Win2k
On Sun, May 19, 2002 at 03:47:53PM -0700, Brian Lavender wrote: I am trying to make my Samba server act as a domain controller, but I can't join the domain. When I go into Windows 2k and I right click the computer, the properties button, and try to make it a part of the domain, it asks me for a user account, and a password. I am not sure what user account to type in here. What user account do I type in? Here's more info on the error I am getting when I try to join the Domain. It asks me: Enter the name and password of an account with permission to join the domain user: brian password: password Click Ok It pauses for a few moments, and here is the error I get: The following error occurred attempting to join the domain cheddar The account used is a computer account. Use your global user account or local user account to access this server. I have a user account on the cheddar domain. What am I doing wrong? brian -- Brian Lavender http://www.brie.com/brian/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't join Samba PDC from Win2k
I forgot to add that to join the domain from w2k I didn't use the wizard. Instead I went to the properties button on the system-identity notebook page and clicked the domain radio button, typed in the domain I wanted the machine to join and then clicked the ok button. W2K prompts for some machine information and then a userid and pasword of someone authorised to join the machine to the domain. This is where I entered root and the root password. Everthing worked fine after that. Neil Quoting Neil Muller [EMAIL PROTECTED]: I went through exactly the same thing over the weekend and after help from this list I got it all working. What I had to do was add settings for domain admin group and domain admin users to my smb.conf global section (both items were set to root) and I also made root a samba user. If you have done all this and its still not working make sure the machine trust account is being created correctly (check smbpasswd and /etc/passwd for entries with your w2k machine name with a $ appended. Neil Quoting Brian Lavender [EMAIL PROTECTED]: I am trying to make my Samba server act as a domain controller, but I can't join the domain. When I go into Windows 2k and I right click the computer, the properties button, and try to make it a part of the domain, it asks me for a user account, and a password. I am not sure what user account to type in here. What user account do I type in? Below is my smb.conf file. I followed the howto from ftp://us6.samba.org/pub/samba/docs/htmldocs/Samba-PDC-HOWTO.html and you can see where I put the adduser in my global configuration so a machine is added automatically. # from linux.local (127.0.0.2) # Date: 2002/05/18 21:55:34 # Global parameters [global] netbios name = DASERVER workgroup = CHEDDAR map to guest = Bad User socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY character set = ISO8859-15 os level = 64 preferred master = yes domain master = yes local master = yes security = user encrypt passwords = Yes domain logons = yes logon path = \\%N\profiles\%u logon drive = H: logon home = \\%N\%U logon script = logon.cmd printing = lprng veto files = /*.eml/*.nws/riched20.dll/*.{*}/ add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [homes] comment = Home Directories read only = No create mask = 0640 directory mask = 0750 browseable = No [printers] comment = All Printers path = /var/tmp create mask = 0600 printable = Yes browseable = No ;DOMAIN SPECIFIC INFO [netlogon] comment = NETLOGON service path = /home/netlogon read only = yes write list = ntadmin [profiles] path = /home/profiles read only = no create mask = 0600 directory mask = 0700 -- Brian Lavender http://www.brie.com/brian/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinBind does not work well with Rational ClearCase (bugfix atta ched :)
Stephen Jazdzewski wrote: You are accessing clearcase on UNIX right? Yes we will be. But not right now. Since ClearCase will not support Unix clients from a Windows VOB server, we started with a Linux Server even though our first clients are all windows. Not through Samba. No, we are using Samba in addition to WinBind. I am fuzzy on why ClearCase needs Samba in addition to it's own stuff. I think that is how the Windows View Server talks to the Unix VOB Server. You need winbindd so that Windows domain users can have a UNIX account and access the respoitory on the UNIX server. Right? Yes that is correct. What type of DC? ADS or NT4? Most sites can control the primary windows group users get for any Domain. We can add users to a clearcase group, but can't make it the user's primary group. clearcase has a patch to get around it under Windows. They use a special environment variable. I limited the winbind primary group so it would only set the primary group if the user is actually a member of the group in the first place. But this can be overridden with the winbind force primary. The primary group value is a RID and *not* a Unix GID. Assuming this is a problem only for access *via* samba, and that you *can* change the windows primary group (I'm not sure this applies in your case, but I'll detail the solution anyway) we can fix this. I'm doing some work in HEAD for this kind of thing, and I'll be changing the code so that the users' Windows primary group (as specified by the returned NET_USER_INFO3) becomes their unix primary group for Samba's internal stuff. Currently we do a getpwnam(), which returnes Domain Users for all NT4 based users (or all users for 2.2). (At least I think we do that for getpwnam, we certainly do it for getpwent()). I'll be chaning it so that it simply does a sid-gid on the Users primary group sid, and uses that. This will have the same effect as a normal 'force group' directive, but be 'general' to the problem, rather than a hack workaround... I suspect if I use Andrew's suggestion and set g+s on the directories it may work, and this has worked for me in the past when using NFS NIS+. But one of the first questions on the pre-techsupport droid's check list is type 'id' and read me your default user group This should work better with HEAD and an ADS backend. We don't have to fudge the primary group in that case. This default group thing has *never* been a problem for me under Unix. Once I applied the patch, clearcase started working like a charm. -Stephen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and FreeBSD
Robert Collins wrote: Has anyone gotten, and/or can point me to some documentation that talks about, getting winbind running on FreeBSD? Preferably without linux-compat enabled. While winbind should work fine under FreeBSD, the bit you probably want (that actually gives you the functionality) is winbind_nss and relies on FreeBSD supporting nsswitch. My understanding is that currently it doesn't. They have a nsswitch.conf, but you can only select from the libc backends - not an aribitary .so. So, you are free to use it for PAM, NTLM-and-apache/squid, but not for the normal 'get my unix users' stuff. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT_STATUS_INVALID_DOMAIN_ROLE
Hello samba, here is my config: [global] netbios name = tech-server workgroup = SAGAPROJECT security = domain password server = SERVER encrypt passwords = yes machine SERVER is accessible and works ATTEMPT #1 lion@tech-server:/usr/local/etc# smbpasswd -D 3 -j SAGAPROJECT -r server -Ujoker Initialising global parameters params.c:pm_process() - Processing configuration file /usr/local/etc/smb.conf Processing section [global] added interface ip=172.16.1.9 bcast=172.16.1.255 nmask=255.255.255.0 Password: resolve_lmhosts: Attempting lmhosts lookup for name server0x20 resolve_hosts: Attempting host lookup for name server0x20 Connecting to 172.16.1.10 at port 445 error connecting to 172.16.1.10:445 (Invalid argument) Connecting to 172.16.1.10 at port 139 failed session request Error connecting to server Unable to join domain SAGAPROJECT. ATTEMPT #2 lion@tech-server:/usr/local/etc# smbpasswd -D 3 -j SAGAPROJECT -Ujoker Initialising global parameters params.c:pm_process() - Processing configuration file /usr/local/etc/smb.conf Processing section [global] added interface ip=172.16.1.9 bcast=172.16.1.255 nmask=255.255.255.0 Password: resolve_lmhosts: Attempting lmhosts lookup for name SERVER0x20 resolve_hosts: Attempting host lookup for name SERVER0x20 bind succeeded on port 0 Connecting to 172.16.1.10 at port 445 error connecting to 172.16.1.10:445 (Invalid argument) Connecting to 172.16.1.10 at port 139 session setup ok Domain=[SAGAPROJECT] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] lsa_io_sec_qos: length c does not match size 8 error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE Unable to join domain SAGAPROJECT. what's wrong? -- Best regards, Sergey mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Queries on samba with roaming profiles
Yes, I do have logon path and a profiles share, with it set writable. In fact, when I add a IE favorite, it is roaming (when I login to another desktop, the favorites are mine). I got to correct my previous statement. Outlook didn't create the personal folder file in C:\Documents and Settings\username\Local Settings\ .. It is looking for the personal folder in that directory and it is nowhere to be found. So my steps are: 1) login into wks1 for the first time with username1 and setup outlook 2000 (never ask where to put the personal folder files). And I add a Favorite just for testing whether roaming profiles is working 2) logout from wks1 and login into wks2 for the first time with username1 3) Open up Outlook in wks2, and the error of not finding the personal folder.pst file in c:\documents and settings\username\Local Settings\ appears. But IE's favorite is there. So I guess the roaming profiles works? 4) logout from wks2 and login into wks1 again, but with username2 5) I can see c:\documents and settings\username1 and username2. But I can't open username1 directory (that's a relief!). But I was wondering why does the folder even be there? I thought it would be removed once the user logout? Does that mean the roaming profiles doesn't work? :) This is getting confusing On Monday 20 May 2002 6:07 am, Neil Muller wrote: Have you got a login path entry in your smb.conf? For w2k it seems you need login path and a profiles share in smb.conf. I also had to make the directory named in my profiles section writeable by all. The entries in my smb.conf file are: [global] . . logon path = \\%N\profiles\%U . . [profiles] path = /usr/local/samba/profiles read only = no create mask = 0600 directory mask = 0766 browseable = yes Neil Quoting Hardi Gunawan [EMAIL PROTECTED]: I've some queries on Samba, hope that someone in the mailing list can help me :) 1) I've Samba PDC with W2k workstation (w2kwks). When I login into w2kwks, it created a folder with my username in C:\Documents and Settings directory (which I think is the roaming profile directory?) 2) When I configure Outlook 2000 on the w2kwks (for imap), it automatically create a Personal Folder in C:\Documents and Settings\username\Local Settings. But seems that the Local Settings directory is not roaming (even though it's inside the c:\Documents and Settings\username directory)? 3) When I logout and login as another user, I can see the previous user's folder in C:\Documents and Settings (I can't open it though). Is this normal? I thought it should get deleted when the user logout? There must be something wrong with the way I setup Samba PDC.. :( Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Attachments - Re: [PATCH] winbind id assignment module
John E. Malmberg wrote: Andrew Bartlett wrote: Mike Gerdts wrote: I am confused on list etiquette... I thought that samba-technical was one that everyone complained about attachments 'cause it screwed up the -digest version. I think that was just 'samba' BTW. This list has always taken all this stuff. They complain about binary attachments, and html mail. Patches havn't caused an issue as far as I know. Works best if you can convince your mailer to attach it (as yours did) in a 'text/...' format, as then it doesn't get encoded etc. Mozilla .99 is not handling the last attachment well, but that is it's problem. It is continuously trying to reformat it to fit the preview window. One of the problem with attachments is that many e-mail clients can not control what format the attachment is encoded with. IMHO, it is better to post inline, and send an attachment as a personal E-mail on request. The problem with inline is that some e-mail programs eat it... Isn't there a separate mailing list for patches? Not a mailing list, but a jitterbug setup. As I'm not attached to the automatic e-mail setup on it, I find it a pain to deal with - its just *much* easier to do stuff on the list, particularly with small patches. Larger patches should be a link, possibly to the samba-patches URL. In that case, it is better to discuss the patch and it's implications here, but send the patch to the appropriate patch mailing list. Users of that list are probably more likely to use a mail client that deals with attachments. The problem is, the patch and the discussion need to be in the same place. Sending the patch (unless very large) to another place just makes it harder for me to process it. I refer here to the start of this thread, where I said 'that looks ok' to the general concepts, because the patch was a little difficult to find (inside a tarball, on a website). It turned out, when I finally looked at the patch that it needed some serious work. Thats why the two need to stay together. The main use for samba-patches is to keep track of patches over time (so they don't drop to the bottom of the inbox etc). The problem with that is that people have to be reading samba-patches... Is there a FAQ entry to point people at? I'm not sure, but what we do have hasn't been maintained in *years*. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
Re: [PATCH]Make VFS modules work under Solaris and AIX
Am Montag, 20. Mai 2002 00:56 schrieb Juergen Hasch: Hi, attached is a patch and a few new files to make VFS modules work under Solaris and AIX. I have tested it with Solaris 8 using gcc and Sun Workshop cc. For AIX I tested it with gcc and xlc_r. Linux still works, too :-) samba_core.patch changes configure.in and Makefile.in in the samba source directory. The patch is needed to access symbols within smbd from a VFS module. The files configure.in and Makefile.in go to the examples/VFS directory. After running autoconf you can execute configure to create a new Makefile which will have the correct settings for Linux, AIX and Solaris. Oops, actually I only wanted to save the message to my drafts folder and send it after some sleep. But here is the patch anyway... I applies to SAMBA_2_2 CVS. --- Makefile.in.orig Fri May 3 03:02:26 2002 +++ Makefile.in Sat May 18 21:08:58 2002 -14,6 +14,7 CFLAGS=@CFLAGS CPPFLAGS=@CPPFLAGS LDFLAGS=@LDFLAGS +SMBD_LDFLAGS=@SMBD_LDFLAGS AWK=@AWK DYNEXP=@DYNEXP -505,7 +506,7 bin/smbd: $(SMBD_OBJ) bin/.dummy echo Linking $ - $(CC) $(FLAGS) -o $ $(SMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) + $(CC) $(FLAGS) -o $ $(SMBD_OBJ) $(SMBD_LDFLAGS) $(LDFLAGS) $(DYNEXP) $(LIBS) bin/nmbd: $(NMBD_OBJ) bin/.dummy echo Linking $ --- configure.in.orig Sat May 18 22:48:59 2002 +++ configure.in Mon May 20 01:00:52 2002 -152,6 +152,7 AC_SUBST(RUNPROG) AC_SUBST(MPROGS) AC_SUBST(LDSHFLAGS) +AC_SUBST(SMBD_LDFLAGS) AC_SUBST(SONAMEFLAG) AC_SUBST(SHLD) AC_SUBST(HOST_OS) -831,6 +832,7 # these are the defaults, good for lots of systems HOST_OS=$host_os LDSHFLAGS=-shared +SMBD_LDFLAGS= SONAMEFLAG=# SHLD=\${CC} PICFLAG= -855,6 +857,7 LDSHFLAGS=-G SONAMEFLAG=-h if test ${GCC} = yes; then +SMBD_LDFLAGS=-Wl,-E PICFLAG=-fPIC else PICFLAG=-KPIC -866,8 +869,12 *sunos*) AC_DEFINE(SUNOS4) BLDSHARED=true LDSHFLAGS=-G + if test ${GCC} = yes; then +PICFLAG=-fPIC -DPIC + else +PICFLAG=-KPIC + fi SONAMEFLAG=-Wl,-h, - PICFLAG=-KPIC # Is this correct for SunOS ;; *bsd*) BLDSHARED=true LDSHFLAGS=-shared -896,7 +903,13 *aix*) AC_DEFINE(AIX) BLDSHARED=true LDSHFLAGS=-Wl,-bexpall,-bM:SRE,-bnoentry - PICFLAG=-O2 -qmaxmem=6000 + SMBD_LDFLAGS=-Wl,-brtl,-bexpall + if test ${GCC} = yes; then +PICFLAG=-O2 + else +PICFLAG=-O2 -qmaxmem=6000 + fi + AC_DEFINE(STAT_ST_BLOCKSIZE,DEV_BSIZE) ;; *hpux*) AC_DEFINE(HPUX) -950,6 +963,8 AC_MSG_RESULT($BLDSHARED) AC_MSG_CHECKING([linker flags for shared libraries]) AC_MSG_RESULT([$LDSHFLAGS]) +AC_MSG_CHECKING([linker flags for smbd]) +AC_MSG_RESULT([$SMBD_LDFLAGS]) AC_MSG_CHECKING([compiler flags for position-independent code]) AC_MSG_RESULT([$PICFLAGS]) -2649,6 +2664,9 *hpux11*) HAVE_WINBIND=yes WINBIND_NSS_EXTRA_OBJS=nsswitch/winbind_nss_solaris.o + ;; + *aix4*) + HAVE_WINBIND=yes ;; *) HAVE_WINBIND=no ## # Makefile.in for Samba VFS modules ### CC=@CC LIBTOOL=@LIBTOOL CFLAGS=@CFLAGS LDFLAGS=@LDFLAGS VFS_OBJS=audit.so skel.so recycle.so SHELL=/bin/sh default: $(VFS_OBJS) # Pattern rules %.so: %.lo $(LIBTOOL) --mode=link $(CC) -o $ $ $(LDFLAGS) %.lo: %.c $(LIBTOOL) --mode=compile $(CC) $(CPPFLAGS) $(CFLAGS) -c $ # Misc targets clean: rm -rf .libs rm -f core *~ *% *.bak \ $(VFS_OBJS) $(VFS_OBJS:.so=.o) $(VFS_OBJS:.so=.lo) dnl Samba VFS Modules AC_INIT uname=`uname` dnl Check programs needed AC_PROG_CC dnl ensure libtool is installed AC_PATH_PROG(LIBTOOL, libtool,,) if test $LIBTOOL = ; then echo echo 'FATAL ERROR: libtool does not seem to be installed.' echo $pkg_name cannot be built without a working libtool installation. exit 1 fi # # Config CFLAGS settings # CFLAGS=-Wall case $uname in AIX) if test ${GCC} = yes; then CFLAGS=$CFLAGS -I/usr/include -D_LINUX_SOURCE_COMPAT else CFLAGS=-D_LINUX_SOURCE_COMPAT fi ;; SunOS) if test ${GCC} = yes; then CFLAGS=$CFLAGS else CFLAGS= fi ;; # Linux) # CFLAGS=-Wall # ;; esac # # Config LDLAGS settings # LDFLAGS=-shared case $uname in AIX) LDFLAGS=-Wl,-G,-bexpall,-bnoentry ;; SunOS) LDFLAGS=-G ;; # Linux) # echo Linux found # LDFLAGS=-shared # ;; esac # # Check to see if we should use the included popt AC_ARG_WITH(included-popt, [ --with-included-poptuse bundled popt library, not from system], [