[Samba] RE: Profile creation
Should you be deleting the user profile completely from the server, including the user credentials. The problem you encounter, looks like, windows is not able to find the directory. So, if you want to simulate a new user, do it in style. Create a new user the right way and do it. I think it should work. - Navneet -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nathaniel N.Petersen (CNS Student Support) Sent: Friday, May 31, 2002 4:56 AM To: Samba Technical Mailing List; Samba General Information List Subject: Profile creation SAMBA VERSION: 2.2.4 ERROR(S): Profile Creation I have recently been assigned to create a Samba PDC. Earlier in the week, I thought I was successful. I was able to log in, load (or create) the test user's .ntprofile, etc. Went home that night, happy as could be. Came back the next day - and nothing was working correctly. The systems could not find the domain. The domain was not reporting any errors in the logs (including, and most importantly, log.nmbd and log.smbd). I reported this to my supervisor, and he asked what version of Samba I was using. I told him version 2.2.3a. Well, he says that I shouldn't use an alpha version of Samba. So I nuke samba off the system (after making backups of smb.conf and other vital files). So I download and compile from the source. I included the needed --with options in Configure. Came back after a cup of coffee to test the install. Here is were things get bad. I set up my smb.conf file, recreate my smbpasswd, etc. I start to add computers using the blind method. All things seem good (was able to add all the computers I wanted). I was able to log on using my test account, and my profile was loaded properly for WinNT4, Win2K, and WinXP. (Note: this .ntprofile/ was saved back when things worked fine.) So as a final test, I back up my .ntprofile/ and then delete it to simulate the creation for a new user. I go to log on with the WinNT4 system, and get the error: A domain controller for your domain could not be contacted. You have been logged on using cached account information. Changes to your profile since you last logged on may not be availible. The funny thing is that it creates the profile and lets me use the system as if it worked fine. I verified the newly created .ntprofile/ and it is as it should be. Then, after logging off, I tried logging in again, and the same error is given. So I rm -r .ntprofile/ and restore from the backup. Same error, but it loads the profile fine (there is a visible difference between the two, so I can visually verify that the .ntprofile/ is being loaded correctly. So I move on the Win2K system. This one is even worse. Here is the error that I receive when I try to log on: Your roaming profile is not available. You are logged on with the locally stored profile. Changes to the profile will not be propagated to the server. Contact your network administrator. DETAIL - The system cannot find the path specified. I THINK it tries to create the profile, but instead I get a folder called ? (\242) or . To make matters worse, it acts perfectly fine from the .ntprofile/ backup. No error, nothing. It simply can't make the profile. I have not been able to test with XP (made the mistake of starting this email from the only system that has XP loaded on it). However, I am confident that it will behave in the same manner as Win2K (...minus the candy collored shell). I have attached my smb.conf file. I did not attach my logs because they are at level 5 and are figgin' huge. I will mail upon request. Nathaniel N. Petersen CNS Computing University of Northern Iowa --[smb.conf]-- [global] workgroup = CNS_TESTING netbios name = TEST_SMB_SERVER client code page = 437 log level = 5 hosts allow = xxx.xxx.xxx security = DOMAIN os level = 64 preferred master = yes domain master = yes local master = no encrypt passwords = yes domain logons = yes logon path = \\student\%u\.ntprofile logon drive = Z: logon home = \\student\%u admin users = root cthulu [netlogon] path = /usr/local/samba/lib/netlogon writeable = no write list = ntadmin [homes] guest ok = no writable = yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] About password length in solaris 8 and samba 2.2.4
Hello You wrote as below in samba-list: Message: 19 Date: Tue, 28 May 2002 22:13:35 -0500 (CDT) From: Gerald (Jerry) Carter [EMAIL PROTECTED] To: Carl Vincent [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Password Length Conundrum On Fri, 24 May 2002, Carl Vincent wrote: I've jsut installed Samba-2.2.4, from source on a Solaris 2.6 box. I'm looking to upgrade from some 2.0.x versions I'm running. I've createed a password entry using smbpasswd -a and added my password. My password has 9 characters in it. Using smbclient on the Solaris box, I can access the share, but I can't from Win95 or Win2000 clients (encryption is on). If I try to access using only the first 8 characters from my password (without changing the password on the server) it works on all three platforms. Probably Solaris' getpass() routine or something we use. I'll add it to my list of stuff to look at when I can. ... Have you found any solution to problem above? I have the same problem. We change our smb-passwords in solaris 8 / samba 2.2.4 machine and now when users authenticate themselves to our domain it accepts only first 8 characters of the password. It happens also in authentication server where we have solaris 2.6 and samba 2.0.5a... only that we allways change our domain passwords in solaris 8/samba 2.2.4 machine. So I thing there is something wrong with changeing passwords with smbpasswd command??? -- - :=) Terja Antola, Univercity of Turku Puhelin: 02 333 6516, Telefax: 02 333 6040 Internet: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 2.2.3a as a WINS server for a multisubnet network
Hello, samba list! I need to set up Samba so that a network of 5 subnets (192.168.X.0, where X is 1..5) consisting of Windows systems communicate through smb and see each other in Network Neighbourhood. The samba server is located on one of the subnets (192.168.1.2) and the subnets communicate with each other through routers that incapsulate packets through the internet. (each subnet is in another town) Until now I've set up Samba as explained in the documentation, configured as a WINS server and it all works fine only for Win9x subnets. If there is one WIndows2000 computer on one of the subnets, the computers on that subnet disappear from the network neighbourhood of all the other subnets. The computers are accessible if the computer name is specified in the address bar. All the computers have the WINS server set up as 192.168.1.2, but it still doesn't work. Can you please help me out with this? Siderite -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind, again...
Here is the log showing the winbind daemon starting and an unsuccessful wbinfo -u command My domain is GASA and the PDC is called FUEGO. Help Please!! Christian - Original Message - From: Christian [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, May 30, 2002 8:52 PM Subject: [Samba] Winbind, again... I recently posted a mail about problems with winbind... I'll try to be more specific: I have Redat 7.3 Followed those steps: Compiled samba 2.2.4 Configured nsswitch.conf and the winbind libraries Configured smb.conf: winbind uid = 1-2 winbind gid = 1-2 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes username map = /etc/samba/smbusers (smbusers file contains: root = administrator) domain admin group = root Joined the SAMBA server to the PDC domain Started successfully the winbindd daemon Started smbd daemon Problems: 1.- Can't run wbinfo -u, the error is error looking up domain users 2.- When adding a user permission in the security tab to a folder from a win2k client connected like administrator I have: [2002/05/29 18:16:13, 0] smbd/posix_acls.c:create_canon_ace_lists(774) create_canon_ace_lists: unable to map SID S-1-5-21-2025429265-1580818891-682003330-1109 to uid or gid. By the way, before I compiled samba I used the package that came installed with Redhat 7.3 (samba 2.2.3, I think), with the same problem. If this is a problem with the winbind database, how may I fix it? Another idea? Thanks, Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba winbind.log.gz Description: Binary data
[Samba] samba server creates server entrys
Om the local network (all server NT4) i have a single linux box with samba (2.2.4). For this box is in the NT4 domain a computer (workstation) account created, so that shares on samba can be used with auth. from the domain. The weird thing is that samba also is creating accounts for itself that is a server, which may validate users for the domain. It create secure channels to the PDC. And this for all the netbios alliases that samba has. What causes this? Lennard -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] SWAT
Been there, done that, checked all ports are set correct i.e. swat tcp 901 swat utp 901 ect and checked ect and checked etc. and checked that's why I gave up. but now ive put mandrake 8.2 on another machine ( my swat not working was on a 8.1,but samba was) as a default install and samba wont even run, complains about not being able to open database files.Ar at least it will keep me busy for a couple of years, cant say that about a console game :o) but what's even sadder, you do get moving images on a games console. if only kids of today new the pleasure of that flashing command prompt curser., not to mention the [ ok ] in greenYes -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Joseph LooSent: 29 May 2002 2:48 PMTo: samba listSubject: Re: [Samba] SWATBut did you have an entry on your pam.d directory?You need a file samba in /etc/pam.d with at least the following:auth required /lib/security/pam_stack.so service=system-authaccount required /lib/security/pam_stack.so service=system-authI could not get mine working until I placed the entry in. I am not sure if it is required to reboot the machine or restart pam. It has been too long since I played with it.Ken Walker wrote: [EMAIL PROTECTED] type="cite">change Disable = yes to Disable = noI've been trying to get SWAT working on Mandrake 8.1, looked everywhere,done everything everybody suggested. Gave up, now do it all in vi.GOOD LUCKsuppose its like doom on Linux...some people can get it to work, lots can't.-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]OnBehalf Of Joel HammerSent: 27 May 2002 9:21 PMTo: Benjamin Folayan; [EMAIL PROTECTED]Subject: Re: [Samba] SWATThis is my swat file from RH 7.1. This is the default swat file.Joel# default: off# description: SWAT is the Samba Web Admin Tool. Use swat \# to con figure your Samba server. To use SWAT, \# connect to port 901 with your favorite web browser.service swat{port= 901socket_type = streamwait= noonly_from = 127.0.0.1user= rootserver = /usr/sbin/swatlog_on_failure += USERIDdisable = yesOn Mon, May 27, 2002 at 03:49:31PM -0400, Benjamin Folayan wrote: Hello, My name is Benjamin Folayan. I am currently configuring Linux RedHat 7.2. I wanted to use swat but one of the files I am suppose to adjust,the /etc/xinetd.d/swat file does not exist. I am suppose to change the"disable line". What can I do to set this configuration. I have triedreinstalling and that file still is not there. Is the line somewhere else.What steps should I follow to get SWAT to work. Thanks, In Advance.Benjamin Folayan-- Joseph Loo [EMAIL PROTECTED]
[Samba] RE: INFORMAZIONE
Hi, Best you discuss this with your HP support people - cifsmount is a part of the CIFSCLIENT software (based on Sharity client), NOT samba. Sorry, Don -Original Message- From: Simo Sorce [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 4:19 To: Manuel Clericuzio Cc: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject: Re: INFORMAZIONE From samba-technical. On Fri, 2002-05-31 at 09:58, Manuel Clericuzio wrote: Buongiorno, mi hanno chiesto di montare un filesystem NT (macchina win2000) su una macchina con Unix HP (release 11.11). Ho provato a fare dei tentativi con il comando cifsmount ma non riesco. Spero che voi mi potiate aiutare. Grazie e buona giornata Manuel Better you write in english Manuel and on the users support list not the technical one! I will translate this time only to benefit of the list and the user: Good morning, I've been requested to mount a filesystem shared by a win2k server on a HP-UX (11.11) machine. I tried to mount it with the cifsmount command but failed. Is there anyone that can help me. Thank you. -- Simo Sorce -- Una scelta di liberta': Software Libero. A choice of freedom: Free Software. http://www.softwarelibero.it -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Will rpcclient ever get better?
Thanks very much - that clarifies things a lot. Thomas Klopf MMS - Gulf Region (ACS-GS contractor) -Original Message- From: Tim Potter [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 6:44 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] Will rpcclient ever get better? On Thu, May 30, 2002 at 08:28:43AM -0600, [EMAIL PROTECTED] wrote: Thanks very much for the response. I was a little confused by the different development trees for samba, though. As far as I could tell, there's the standard samba (is this head?) and then there's TNG. Could you tell me where to get the HEAD version of rpcclient exactly? So the standard samba is really the latest released version of 2.2. Most new development takes place in the HEAD branch and is eventually ported into 2.2 or will become Samba 3.0. TNG is different again. They are more focussed on being a DCE/RPC server rather than a file and print server. If you want to try out some of the development code, download the nightly tarball from ftp://ftp.samba.org/pub/unpacked/tarballs/samba-head-snapshot.tar.gz Having unpacked it, do: cd source ./configure make bin/rpcclient Then if you like copy bin/rpcclient somewhere like /usr/local/bin/rpcclient-head if you find it useful. If you are using a packaged binary version of Samba you may need to muck around with some options to configure to tell rpcclient where to find your smb.conf file. Regards, Tim. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Profile creation
On Fri, May 31, 2002 at 12:09:25PM +0530, Navneet Karnani wrote: Should you be deleting the user profile completely from the server, including the user credentials. The problem you encounter, looks like, windows is not able to find the directory. So, if you want to simulate a new user, do it in style. Create a new user the right way and do it. I think it should work. - Navneet While you are correct on the point of creating a new user in style, it is still important to find a solution to corrupted profile creation. Consider: User logs in using an NT system. The *cough* idiot downloads an infected email, or better yet, just found this nifty program called regedit. When the user logs off, this corrupted registry information is saved to the PDC. I get a complaint a few hours later that the user can't log in again. The obvious fix is to back up his/her profile info and then delete it. Next time the user logs on, the profile is recreated (without reg errors). Then all I have to do is copy over the users favorites, My Documents, etc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows won't send passwd to samba server
Hello I cannot get my Windows98 machines to connect to my Samba server(2.2.4) shares. It appears that my Win machines are not transmitting the password. The Samba server looks OK. On the server machine, smbclient -L server -U user1 prompts me for a passwd, then, after authentication, displays the shares. When I attempt to map a share from my Win machines, the samba log file shows ... smbd/reply.c:reply_sesssetup_and_X(973) Defaulting to Lanman password for user1 smbd/password.c:password_ok(593) Null passwords not allowed. smbd/reply.c:reply_sesssetup_and_X(989) Rejecting user 'user1': authentication failed smbd/error.c:error_packet(91) error string = No such file or directory ... I verified the null passwd being sent from the Win machines by turning on the sniffer(ethereal) on the samba server and looking at the packets coming through. In packets labeled by the sniffer Session Setup AndX Request, I can see the account name, and primary domain name, but when it comes to the password, the length is set to '1' and the password is set to '00'. I am using the same login and passwords for both my Linux and Win98 machines. What am I missing? I would appreciate any info or insight as to what will help me solve my problem. CJ Ferguson [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows won't send passwd to samba server
am running samba-2.0.7 on solaris6 today am observing smbd is taking up lot of memory like for each connection 48M of which 45 mg is its using for heap any idea, this not normal thanks Javid -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows won't send passwd to samba server
Hi CJ, are you using UNENCRYPTED passwords? (ie if you do testparm|grep encrypt pass does it come back and say encrypt passwords = no) If so, then this is normal windows client behavior (for later clients like win2k) - they can successfully negotiate cleartext passwords, but will not actually SEND a cleartext password across the wire until you respond to a prompt that asks for username password again. The first time, it sends a null password (as you see in the trace), and then when it fails, should ask you for a username and password. If you type in the correct username and password then, it should work... Hope this helps, Don -Original Message- From: CJ ferguson [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 1:13 To: [EMAIL PROTECTED] Subject: [Samba] Windows won't send passwd to samba server Hello I cannot get my Windows98 machines to connect to my Samba server(2.2.4) shares. It appears that my Win machines are not transmitting the password. The Samba server looks OK. On the server machine, smbclient -L server -U user1 prompts me for a passwd, then, after authentication, displays the shares. When I attempt to map a share from my Win machines, the samba log file shows ... smbd/reply.c:reply_sesssetup_and_X(973) Defaulting to Lanman password for user1 smbd/password.c:password_ok(593) Null passwords not allowed. smbd/reply.c:reply_sesssetup_and_X(989) Rejecting user 'user1': authentication failed smbd/error.c:error_packet(91) error string = No such file or directory ... I verified the null passwd being sent from the Win machines by turning on the sniffer(ethereal) on the samba server and looking at the packets coming through. In packets labeled by the sniffer Session Setup AndX Request, I can see the account name, and primary domain name, but when it comes to the password, the length is set to '1' and the password is set to '00'. I am using the same login and passwords for both my Linux and Win98 machines. What am I missing? I would appreciate any info or insight as to what will help me solve my problem. CJ Ferguson [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Read-only users opening files in DENY_DOS vs DENY_NONE mode
Occasionally, when read-only users (via Unix permissions) open an Excel file, the file is opened with a Deny Mode of DENY_DOS, instead of (what I take should happen) DENY_NONE mode. Of course, this then prevents my read/write users (again, Unix permissions) from updating the file, and then I get a call asking to track the read-only user down. We're running Samba 2.2.4 now, but this happened on 2.2.3a (and possibly other older versions as well). TIA, Ken McCord -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows won't send passwd to samba server
Sorry about the double email Mr McCall Yes, I am using unencrypted passwords. When my Win98 machine attempts to access a share, I get prompted for a password. I enter the correct password but it doesn't get tranmitted. I have also tried different usernames to no avail. --- MCCALL,DON (HP-USA,ex1) [EMAIL PROTECTED] wrote: Hi CJ, are you using UNENCRYPTED passwords? (ie if you do testparm|grep encrypt pass does it come back and say encrypt passwords = no) If so, then this is normal windows client behavior (for later clients like win2k) - they can successfully negotiate cleartext passwords, but will not actually SEND a cleartext password across the wire until you respond to a prompt that asks for username password again. The first time, it sends a null password (as you see in the trace), and then when it fails, should ask you for a username and password. If you type in the correct username and password then, it should work... Hope this helps, Don -Original Message- From: CJ ferguson [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 1:13 To: [EMAIL PROTECTED] Subject: [Samba] Windows won't send passwd to samba server Hello I cannot get my Windows98 machines to connect to my Samba server(2.2.4) shares. It appears that my Win machines are not transmitting the password. The Samba server looks OK. On the server machine, smbclient -L server -U user1 prompts me for a passwd, then, after authentication, displays the shares. When I attempt to map a share from my Win machines, the samba log file shows ... smbd/reply.c:reply_sesssetup_and_X(973) Defaulting to Lanman password for user1 smbd/password.c:password_ok(593) Null passwords not allowed. smbd/reply.c:reply_sesssetup_and_X(989) Rejecting user 'user1': authentication failed smbd/error.c:error_packet(91) error string = No such file or directory ... I verified the null passwd being sent from the Win machines by turning on the sniffer(ethereal) on the samba server and looking at the packets coming through. In packets labeled by the sniffer Session Setup AndX Request, I can see the account name, and primary domain name, but when it comes to the password, the length is set to '1' and the password is set to '00'. I am using the same login and passwords for both my Linux and Win98 machines. What am I missing? I would appreciate any info or insight as to what will help me solve my problem. CJ Ferguson [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win98 not transmitting passwd to samba server
Sorry about the double post folks; Won't happen again... --- CJ ferguson [EMAIL PROTECTED] wrote: Hello I cannot get my Windows98 machines to connect to my Samba server(2.2.4) shares. It appears that my Win machines are not transmitting the password. The Samba server looks OK. On the server machine, smbclient -L server -U user1 prompts me for a passwd, then, after authentication, displays the shares. When I attempt to map a share from my Win machines, the samba log file shows ... smbd/reply.c:reply_sesssetup_and_X(973) Defaulting to Lanman password for user1 smbd/password.c:password_ok(593) Null passwords not allowed. smbd/reply.c:reply_sesssetup_and_X(989) Rejecting user 'user1': authentication failed smbd/error.c:error_packet(91) error string = No such file or directory ... I verified the null passwd being sent from the Win machines by turning on the sniffer(ethereal) on the samba server and looking at the packets coming through. In packets labeled by the sniffer Session Setup AndX Request, I can see the account name, and primary domain name, but when it comes to the password, the length is set to '1' and the password is set to '00'. I am using the same login and passwords for both my Linux and Win98 machines. No encrypted passwords on any machine. Both Win98 and server security are set to 'user'. What am I missing? I would appreciate any info or insight as to what will help me solve my problem. CJ Ferguson [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Oplock problem
We are continually getting the following messages in the logfile, which consistently results in corrupted files. Mainly MSOffice 2000 files as well as FileMaker Pro DB corruption. error message: [2002/05/30 14:30:10, 0] smbd/oplock.c:oplock_break(761) oplock_break: receive_smb timed out after 30 seconds. oplock_break failed for file user/dnitzahn/Expense reports/More May travel 3.xls (dev = 7441, inode = 18166407, file_id = 64). [2002/05/30 14:30:10, 0] smbd/oplock.c:oplock_break(833) oplock_break: client failure in oplock break in file user/dnitzahn/Expense reports/More May travel 3.xls reply_lockingX: Error : oplock break from client for fnum = 13268 and no oplock granted on this file (user/dnitzahn/Expense reports/More May travel 3.xls).e: -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] auto client updates
Hi, I'm running a samba PDC, with all users logging onto the domain. I want to be able to update the clients when new updates/hotfixes/patches are released, but not sure how. The users often dont logon/off so a login script wont really work. Also, as far as I can see M$ has two type of update, either for individual users to install (no silent/cmd line install available) or by using the msiexec system (which needs a windows server). What is the 'usual' way of updating clients? Thanks, John __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Stupid Newbie: can't connect localhost:901 - help
I've installed the rpm's and everything seems to be set up fine. I've been through many documents (even the one on redhat that says i must change localhost to 127.0.0.1 in one of the config files (/etc/xinetd.d/swat). When i direct mozilla to http://localhost:901 I get, The connection was refused when attempting to contact localhost:901 I think maybe that something is not properly setup in my browser, but i've tried: no proxy for: localhost //added by me to see if it would make any difference...but it didn't I'm sure there is something really small and stupid that i've forgotten, and i'll feel like an idiot when someone tells me, but i've spent WAY TOO LONG trying to figure this out on my own. Thanks in advance Carl __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can read but not write to samba server
Hello all, I'm relatively new to linux, and an absolute neophyte to Samba. I have installed the Samba server (samba-2.2.4-2) on my linux box and have it networked to a pc running Windows98. (this is where my development environement resides) I can transfers any files from my Linux box (share=ptpl) to my Windows pc, however when I try to to transfer files the other way (a write to the Linux Box), an error dialog box pops up on my windows98 machine: Error Copying File: Can not copy file filename: Access is denied Make sure the disc is not full or write protected and that the file is not currently in use The disc is not full and I believe Samba does not have it write protected (writable = Yes). I am including smb.conf. Could someone please guide me on where to look next. Thank you in advance, Patrick Philbin # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2002/05/21 16:11:17 # Global parameters [global] writable = yes dns proxy = No security = share workgroup = TWG server string = Samba Server socket options = TCP_NODELABUF=8192 SO_SNDBUF=8192 guest ok = Yes log file = /var/log/samba/log.%m load printers = yes default = global max log size = 50 locking = no [homes] comment = Home Directories writable = yes [printers] comment = All Printers path = amba read only = Yes guest ok = No printable = Yes browseable = Yes [ptpl] path = / writable = yes browseable = yes security = share public = Yes
Re: [Samba] can read but not write to samba server
Hi Patrick, Looks like you are sharing your entire root directory (bad idea), and the permissions on the root directory would prevent any normal user from writing to it. Good Luck, Jason Stewart At 12:44 PM 5/31/2002 -0400, you wrote: Hello all, I'm relatively new to linux, and an absolute neophyte to Samba. I have installed the Samba server (samba-2.2.4-2) on my linux box and have it networked to a pc running Windows98. (this is where my development environement resides) I can transfers any files from my Linux box (share=ptpl) to my Windows pc, however when I try to to transfer files the other way (a write to the Linux Box), an error dialog box pops up on my windows98 machine: Error Copying File: Can not copy file filename: Access is denied Make sure the disc is not full or write protected and that the file is not currently in use The disc is not full and I believe Samba does not have it write protected (writable = Yes). I am including smb.conf. Could someone please guide me on where to look next. Thank you in advance, Patrick Philbin # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2002/05/21 16:11:17 # Global parameters [global] writable = yes dns proxy = No security = share workgroup = TWG server string = Samba Server socket options = TCP_NODELABUF=8192 SO_SNDBUF=8192 guest ok = Yes log file = /var/log/samba/log.%m load printers = yes default = global max log size = 50 locking = no [homes] comment = Home Directories writable = yes [printers] comment = All Printers path = amba read only = Yes guest ok = No printable = Yes browseable = Yes [ptpl] path = / writable = yes browseable = yes security = share public = Yes Jason Stewart Systems Administrator/Programmer Right to Life of Michigan Tel: (616)532-2300 Fax: (616)532-3461 To find out where Michigan Gubernatorial Candidate Jennifer Granholm really stands, please visit http://www.granholmgarble.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Stupid Newbie: can't connect localhost:901 - help
I changed disable to no as you suggested and restarted xinetd...still nothing Mozilla is set to Direct Connection to the Internet I also looked in hosts.allow and hosts.deny and there were no entries in either of these. I tried adding: localhost to hosts.allow, then I logged out since I didn't know how to make sure that this took affect. And this did nothing. I'm not sure that logging out was good enough , maybe i should try rebooting...or if there is a command that will do this then great. I hope this helps someone help me. Thanks Carl --- Yannick Tousignant [EMAIL PROTECTED] wrote: Check your /etc/xinetd.d/swat file, make sure disable = no restart xinetd : /etc/init.d/xinetd restart totally disable your proxy in ie... ie is sensitive when adding a port, try http://localhost:901/ If it doesn't work, check out your hosts.allow, hosts.deny or maybe ipchains/iptables... good luck! Yannick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Carl Larson Sent: Friday, May 31, 2002 12:44 PM To: [EMAIL PROTECTED] Subject: [Samba] Stupid Newbie: can't connect localhost:901 - help I've installed the rpm's and everything seems to be set up fine. I've been through many documents (even the one on redhat that says i must change localhost to 127.0.0.1 in one of the config files (/etc/xinetd.d/swat). When i direct mozilla to http://localhost:901 I get, The connection was refused when attempting to contact localhost:901 I think maybe that something is not properly setup in my browser, but i've tried: no proxy for: localhost //added by me to see if it would make any difference...but it didn't I'm sure there is something really small and stupid that i've forgotten, and i'll feel like an idiot when someone tells me, but i've spent WAY TOO LONG trying to figure this out on my own. Thanks in advance Carl __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Stupid Newbie: can't connect localhost:901 - help
Hi, Carl Larson wrote: I've installed the rpm's and everything seems to be set up fine. I've been through many documents (even the one on redhat that says i must change localhost to 127.0.0.1 in one of the config files (/etc/xinetd.d/swat). When i direct mozilla to http://localhost:901 I get, The connection was refused when attempting to contact localhost:901 I think maybe that something is not properly setup in my browser, but i've tried: no proxy for: localhost //added by me to see if it would make any difference...but it didn't I'm sure there is something really small and stupid that i've forgotten, and i'll feel like an idiot when someone tells me, but i've spent WAY TOO LONG trying to figure this out on my own. Thanks in advance Carl what's the output of fuser -n tcp 901 Here's what happens on my server : 486dx66:/ # fuser -n tcp 901 901/tcp: 1843 486dx66:/ # It shows, that the serer is running. I'm using Netscape 4.79 and i do the following with proxies: In the Inputbox no proxies for domains beginning with i have the entry server.mydomain.xy:901 example: server.test.net:901 Try this with your hostname. greets Harry -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Stupid Newbie: can't connect localhost:901 - help
-Original Message- From: Yannick Tousignant [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 1:07 PM To: Carl Larson Subject: RE: [Samba] Stupid Newbie: can't connect localhost:901 - help Check your /etc/xinetd.d/swat file, make sure disable = no restart xinetd : /etc/init.d/xinetd restart totally disable your proxy in ie... ie is sensitive when adding a port, try http://localhost:901/ If it doesn't work, check out your hosts.allow, hosts.deny or maybe ipchains/iptables... good luck! Yannick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Carl Larson Sent: Friday, May 31, 2002 12:44 PM To: [EMAIL PROTECTED] Subject: [Samba] Stupid Newbie: can't connect localhost:901 - help I've installed the rpm's and everything seems to be set up fine. I've been through many documents (even the one on redhat that says i must change localhost to 127.0.0.1 in one of the config files (/etc/xinetd.d/swat). When i direct mozilla to http://localhost:901 I get, The connection was refused when attempting to contact localhost:901 I think maybe that something is not properly setup in my browser, but i've tried: no proxy for: localhost //added by me to see if it would make any difference...but it didn't I'm sure there is something really small and stupid that i've forgotten, and i'll feel like an idiot when someone tells me, but i've spent WAY TOO LONG trying to figure this out on my own. Thanks in advance Carl __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] I will pay you $10US (via Paypal) out of my own pocket if you cansolve this CUPS Samba problem.
Seriously. I can't afford to be down much longer or I'm going to be in serious trouble. Running Redhat 7.2. Here's the scoop: Cups is installed and running. Samba is installed and running and is sharing files properly to 100+ people. I can print a test page from the Cups web-interface. I can print a test page by "cat foo | lpr" or "cat foo | lpr.cups" no problem. Swat sees the printer that exists in /etc/printcap. A print$ share has been created: [print$] path = /usr/share/cups/model/ guest ok = Yes /usr/share/cups/model/ contains a bunch of PPD printer drivers inside a directory called foomatic, created by a cups-drivers rpm. I have also tried having the drivers I need directly in the /usr/share/cups/model directory with no success. ...when I am on a windows box and try to install the printer that is listed (via the Printers control panel or by browsing to the Printers share via Network Neighbourhood), I get a "The server on which the printer resides does not have the correct printer driver installed. If you want to install the driver on your local computer, click OK". I really need to get this up and running. Please help. Greg Webster
[Samba] How do i get SambaFax to register Owner from Windows client
I'm using sambafax with Hylafax on my linux server and i print to the sambaprinter from windows but i can't get samba to get the owner name on the printfile. Anyone that knows how i can get this to work? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem.
Nope, doesn't work, and I need the drivers to be available and read from the linux server. The PPD files do contain one which is specific to my printer and has worked on another machine. -Original Message-From: Blake Patton [mailto:[EMAIL PROTECTED]]Sent: May 31, 2002 11:32 AMTo: WEBSTER, GregSubject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. that looks ok, simply click ok and load the printer driver from whichever os version you are using. ie go get the latest drivers for the printer you want to use and the os you have on the workstation. simpy those printer drivers and it should work. Blake PattonSpots InterConnect Inc.[EMAIL PROTECTED](403) 571-7768 -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of WEBSTER, GregSent: Friday, May 31, 2002 12:27 PMTo: [EMAIL PROTECTED]Subject: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. Seriously. I can't afford to be down much longer or I'm going to be in serious trouble. Running Redhat 7.2. Here's the scoop: Cups is installed and running. Samba is installed and running and is sharing files properly to 100+ people. I can print a test page from the Cups web-interface. I can print a test page by "cat foo | lpr" or "cat foo | lpr.cups" no problem. Swat sees the printer that exists in /etc/printcap. A print$ share has been created: [print$] path = /usr/share/cups/model/ guest ok = Yes /usr/share/cups/model/ contains a bunch of PPD printer drivers inside a directory called foomatic, created by a cups-drivers rpm. I have also tried having the drivers I need directly in the /usr/share/cups/model directory with no success. ...when I am on a windows box and try to install the printer that is listed (via the Printers control panel or by browsing to the Printers share via Network Neighbourhood), I get a "The server on which the printer resides does not have the correct printer driver installed. If you want to install the driver on your local computer, click OK". I really need to get this up and running. Please help. Greg Webster
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem.
[root@waifer root]# cupsaddsmb -a Warning: No PPD file for printer PSYSTEMS! What I'm guessing at this point is that Cups is having a hell of a time reaching the PPD files. There definitely is one for my printer (HP 5000) on the system. Thanks, but no cigar :) Greg -Original Message- From: Jason Stewart [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 11:43 AM To: WEBSTER, Greg Subject: Re: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. try cupsaddsmb -a. If not successful, you will get an error. I had a difficult time getting this to work also, so I definitely sympathize with you! The cupsaddsmb drivers worked for me, but the downside is that you will not get the duplexing and other features that the manufacturer supports. For the usage instructions for cupsaddsmb, see the cups docs. Good Luck, Jason At 11:26 AM 5/31/2002 -0700, you wrote: Seriously. I can't afford to be down much longer or I'm going to be in serious trouble. Running Redhat 7.2. Here's the scoop: Cups is installed and running. Samba is installed and running and is sharing files properly to 100+ people. I can print a test page from the Cups web-interface. I can print a test page by cat foo | lpr or cat foo | lpr.cups no problem. Swat sees the printer that exists in /etc/printcap. A print$ share has been created: [print$] path = /usr/share/cups/model/ guest ok = Yes /usr/share/cups/model/ contains a bunch of PPD printer drivers inside a directory called foomatic, created by a cups-drivers rpm. I have also tried having the drivers I need directly in the /usr/share/cups/model directory with no success. ...when I am on a windows box and try to install the printer that is listed (via the Printers control panel or by browsing to the Printers share via Network Neighbourhood), I get a The server on which the printer resides does not have the correct printer driver installed. If you want to install the driver on your local computer, click OK. I really need to get this up and running. Please help. Greg Webster Jason Stewart Systems Administrator/Programmer Right to Life of Michigan Tel: (616)532-2300 Fax: (616)532-3461 To find out where Michigan Gubernatorial Candidate Jennifer Granholm really stands, please visit http://www.granholmgarble.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] I will pay you $10US (via Paypal) out of my own pocketif you can solve this CUPS Samba problem.
-[ [EMAIL PROTECTED] wrote on 05/31/02 11:26:53 AM -0700 ]- -- the Printers share via Network Neighbourhood), I get a The server on -- which the printer resides does not have the correct printer driver -- installed. If you want to install the driver on your local computer, -- click OK. Greg, In order to get my server to automagically install the drivers, I had to use a Win2K machine to load the drivers into the server. Samba needs to build an internal database of what drivers it has and what machines the drivers are for. Just copying the specific driver files into a dir on the linux box does not work ( I tried that too ) :] You can try to cli the drivers in using the rpcclient ( not the recommended way, at least not by me ) or on an NT machine. ( I used Win2K, I imagine XP would work too ) Just browse to the server. Then double click on the printers folder. Now you should see all of your printers listed with little blue sharing icons on them. Goto File--Server Properties. There is a drivers tab in there which will show you what drivers are on the machine and what OS they are for. There should be an add button on that tab. Use this to upload the drivers into the samba server. I got my drivers from the manufactures, and then unzipped them into a dir on the win2k machine. The add driver dialogue will ask for a printer driver file. Browse to the folder where you unzipped the driver and hit OK. The driver should begin to upload to the samba server. Mine always stopped and asked for another file off of the Win2000 server cd. I just truncated the extra path info off of the end of the pre-filled path ( it had something like C:\Winnt\something\\more stuff ). I cut it off at the '\\' and then hit OK. This allowed the driver to finish loading. After it all goes in, you return to the drivers tab and there should be a listing for the driver that you just installed. Note, there are a number of drivers which will not be loaded into the server. These are the printers that Windows includes 'native' drivers for. So you have printers now? And connected clients can print? Once you get the drivers worked out, things will be great. Good luck. --Ben-- --- Ben Griffith [EMAIL PROTECTED] --- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem.
Hi Greg, You do have these files in the /usr/share/cups/drivers directory, and they are readable and all uppercase? ADFONTS.MFM ADOBEPS4.DRV ADOBEPS4.HLP ADOBEPS5.DLL ADOBEPSU.DLL ADOBEPSU.HLP DEFPRTR2.PPD ICONLIB.DLL PSMON.DLL If you do not have these files, you can get them from www.adobe.com with a postscript driver bundle. Good Luck again, Jason At 11:52 AM 5/31/2002 -0700, WEBSTER, Greg wrote: [root@waifer root]# cupsaddsmb -a Warning: No PPD file for printer PSYSTEMS! What I'm guessing at this point is that Cups is having a hell of a time reaching the PPD files. There definitely is one for my printer (HP 5000) on the system. Thanks, but no cigar :) Greg -Original Message- From: Jason Stewart [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 11:43 AM To: WEBSTER, Greg Subject: Re: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. try cupsaddsmb -a. If not successful, you will get an error. I had a difficult time getting this to work also, so I definitely sympathize with you! The cupsaddsmb drivers worked for me, but the downside is that you will not get the duplexing and other features that the manufacturer supports. For the usage instructions for cupsaddsmb, see the cups docs. Good Luck, Jason At 11:26 AM 5/31/2002 -0700, you wrote: Seriously. I can't afford to be down much longer or I'm going to be in serious trouble. Running Redhat 7.2. Here's the scoop: Cups is installed and running. Samba is installed and running and is sharing files properly to 100+ people. I can print a test page from the Cups web-interface. I can print a test page by cat foo | lpr or cat foo | lpr.cups no problem. Swat sees the printer that exists in /etc/printcap. A print$ share has been created: [print$] path = /usr/share/cups/model/ guest ok = Yes /usr/share/cups/model/ contains a bunch of PPD printer drivers inside a directory called foomatic, created by a cups-drivers rpm. I have also tried having the drivers I need directly in the /usr/share/cups/model directory with no success. ...when I am on a windows box and try to install the printer that is listed (via the Printers control panel or by browsing to the Printers share via Network Neighbourhood), I get a The server on which the printer resides does not have the correct printer driver installed. If you want to install the driver on your local computer, click OK. I really need to get this up and running. Please help. Greg Webster Jason Stewart Systems Administrator/Programmer Right to Life of Michigan Tel: (616)532-2300 Fax: (616)532-3461 To find out where Michigan Gubernatorial Candidate Jennifer Granholm really stands, please visit http://www.granholmgarble.com/ Jason Stewart Systems Administrator/Programmer Right to Life of Michigan Tel: (616)532-2300 Fax: (616)532-3461 To find out where Michigan Gubernatorial Candidate Jennifer Granholm really stands, please visit http://www.granholmgarble.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem.
Unfortunately I really do need the drivers to come from Samba (ie the print$ share)...I've got hundreds of machines that I'd have to do this on. Greg -Original Message- From: Alfredo Cole [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 12:02 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have always installed the appropriate printer driver on the Win box. Try it and it should work. It works for me. El Vie 31 May 2002 12:26, escribiste: Seriously. I can't afford to be down much longer or I'm going to be in serious trouble. Running Redhat 7.2. Here's the scoop: Cups is installed and running. Samba is installed and running and is sharing files properly to 100+ people. I can print a test page from the Cups web-interface. I can print a test page by cat foo | lpr or cat foo | lpr.cups no problem. Swat sees the printer that exists in /etc/printcap. A print$ share has been created: [print$] path = /usr/share/cups/model/ guest ok = Yes /usr/share/cups/model/ contains a bunch of PPD printer drivers inside a directory called foomatic, created by a cups-drivers rpm. I have also tried having the drivers I need directly in the /usr/share/cups/model directory with no success. ...when I am on a windows box and try to install the printer that is listed (via the Printers control panel or by browsing to the Printers share via Network Neighbourhood), I get a The server on which the printer resides does not have the correct printer driver installed. If you want to install the driver on your local computer, click OK. I really need to get this up and running. Please help. Greg Webster - -- Alfredo J. Cole http://www.acyc.com (Accounting Systems) http://www.clshonduras.com (Linux Hardware) PGP Key available from certserver.pgp.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE898iUu5DxuPWE298RAsIfAKCC2cYB6BQTrWSm8X2u5UgessnEoQCfZZb6 4vQ6ycXSYCoNN4p0G0gVM6s= =OqPD -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Profile creation - thanks for the (lack) of help
On Fri, 2002-05-31 at 15:15, Nathaniel N.Petersen wrote: Note that from the client's point of view security = domain is the same as security = user . It only affects how the server deals with the authentication, it does not in any way affect what the client sees. Since the systems are able to authenticate, this is not an issue. I have yet not understood if your server is a PDC or not. If it is, these 4 parameters MUST be set this way: domain logons = yes domain master = yes security = user encrypt password = yes try a path with no leading '.' logon path = \\student\homes\%u\ntprofile Even if you were correct, it worked before (and still is working elsewhere), it should work now. I think this is not a problem. I thought about dealing with this diplomaticly - but enough is enough. There is nothing wrong with using the homes directories like I do. The lines refered to in the man pages simply don't recommend it. Well, if you have ever worked for a University, you would understand the amount of overhead involved. Creating essentially two account locations for evey user is ridiculous. I have an my setup involved a simple [profile] share with 1777 permissions on it, and that's not a lot of work to do (I had more than 1000 users). Recommendations exist for a purpose ... it's up to you to decide if they match your case. thinking a bit more in this case I think you may have 2 combined problems: 1. the use of the home directory to store profiles 2. the use of letter Z to map the home directory unfortunately I do not have handing any url, but I remember clearly that with later clients (w2k, XP) there are problems with the Z drive. In fact it is not available to be mapped until the user logged in and at that point the profile thing is yet over! It is not a samba problem, Microsoft changed it this way (can't remember why). So I would advice you do 2 things: change the home drive letter or setup a profile share and change the logon path directive. Furthermore, this PDC is set to local master = no for a reason. Election. I have 14 other colleges at this university that are NOT running Linux (yes, there are still people out there that use Windows). Windows PDC's have fits when this is set to yes. They lose out on elections. If set to false then nmbd will not attempt to become a local master browser on a subnet and will also lose in all browsing elections. With a class B subnet, this is a GOOD THING. a class B NOT subnetted to C classes? That's should be a broadcast nightmare ... (if your server is not a PDc you should NOT made it be a domain master!, local master should be ok, and would be better to use a wins server) And finally, as far as that whole '.a = patch' thing goes - NO SH!T. REALLY? Well, I'll be... I thought only M$ released patches. Seriously, I was trying (appearantly not hard enough) to make light of my supervisor's lack of knowledge about Samba (AND all the extra work it forced me to do). sarcasmLord knows I would much rather be seen a fool by the Samba community./sarcasm This should never have been an issue. ?? you are stressed, take a breath I want to appologize to those of you who work tirelessly on the Samba project. I also want to thank the attempts at trying to help me. But, they were of ZERO aid. Nit-picking at these minor issues does not help me with the big picture. Just answer me this - If the windows systems are able to verify the domain and authenticate, why does the w2k system right corrupt profile data? If the NT system is able to create a profile, why can't it us it? That's it. ok, let's try to stay tune and find the roots of your problems! I do not know what you have made before and how much you get frustrated, but 90% of users that ask for help generally have simple (!?) configuration problems so the way I personally answered is my standard first stage answer, no insulting were intended, and if so I apologize. Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 signature.asc Description: This is a digitally signed message part
[Samba] Appology
After talking this over with a friend, I realize that I have made a mistake. I should never have responded in the manner that I did. I was the one who asked for help. You don't know the situation, and you are correct in that most people who do have problems either didn't read the existing information, or didn't understand what they read. I should not have taken the standard responses so personally. I'm sorry. I inicially wrote in because I thought the errors I was receiving were rather unique. My past problems with Samba were never this bad. They WERE solved most times by just doing a quite search on google or reading other individual's posts. But this time, with authentication working fine, I was perplexed. Why the corrupt write from the W2K client? Why did the NT machine write a profile but not use it? Or more precisely, why did it use it but say it didn't? Again, my frustration exists more from my lack of progress than from the comments I received. I humbly submit my whole-hearted appologies to those I may have angered and/or offended. -Nathaniel N. Petersen PS - I will look into the 'Z' drive issue as well as the location of the profile. Thank you for giving me some direction to research. On Fri, May 31, 2002 at 04:02:35PM +0200, Simo Sorce wrote: On Fri, 2002-05-31 at 15:15, Nathaniel N.Petersen wrote: Note that from the client's point of view security = domain is the same as security = user . It only affects how the server deals with the authentication, it does not in any way affect what the client sees. Since the systems are able to authenticate, this is not an issue. I have yet not understood if your server is a PDC or not. If it is, these 4 parameters MUST be set this way: domain logons = yes domain master = yes security = user encrypt password = yes try a path with no leading '.' logon path = \\student\homes\%u\ntprofile Even if you were correct, it worked before (and still is working elsewhere), it should work now. I think this is not a problem. I thought about dealing with this diplomaticly - but enough is enough. There is nothing wrong with using the homes directories like I do. The lines refered to in the man pages simply don't recommend it. Well, if you have ever worked for a University, you would understand the amount of overhead involved. Creating essentially two account locations for evey user is ridiculous. I have an my setup involved a simple [profile] share with 1777 permissions on it, and that's not a lot of work to do (I had more than 1000 users). Recommendations exist for a purpose ... it's up to you to decide if they match your case. thinking a bit more in this case I think you may have 2 combined problems: 1. the use of the home directory to store profiles 2. the use of letter Z to map the home directory unfortunately I do not have handing any url, but I remember clearly that with later clients (w2k, XP) there are problems with the Z drive. In fact it is not available to be mapped until the user logged in and at that point the profile thing is yet over! It is not a samba problem, Microsoft changed it this way (can't remember why). So I would advice you do 2 things: change the home drive letter or setup a profile share and change the logon path directive. Furthermore, this PDC is set to local master = no for a reason. Election. I have 14 other colleges at this university that are NOT running Linux (yes, there are still people out there that use Windows). Windows PDC's have fits when this is set to yes. They lose out on elections. If set to false then nmbd will not attempt to become a local master browser on a subnet and will also lose in all browsing elections. With a class B subnet, this is a GOOD THING. a class B NOT subnetted to C classes? That's should be a broadcast nightmare ... (if your server is not a PDc you should NOT made it be a domain master!, local master should be ok, and would be better to use a wins server) And finally, as far as that whole '.a = patch' thing goes - NO SH!T. REALLY? Well, I'll be... I thought only M$ released patches. Seriously, I was trying (appearantly not hard enough) to make light of my supervisor's lack of knowledge about Samba (AND all the extra work it forced me to do). sarcasmLord knows I would much rather be seen a fool by the Samba community./sarcasm This should never have been an issue. ?? you are stressed, take a breath I want to appologize to those of you who work tirelessly on the Samba project. I also want to thank the attempts at trying to help me. But, they were of ZERO aid. Nit-picking at these minor issues does not help me with the big picture. Just answer me this - If the windows systems are able to verify the domain and authenticate, why does the w2k system right corrupt profile data? If the NT system is able to create a profile, why can't it
Re: [Samba] Logon scripting for W95/98
This is how I do it. I come from supporting Novell servers and I needed a way to nest groups and various permissions. It's not pretty, but it works. This could be a pain if you are dealing with lots of users. [global] logon script = %U.bat (user's name).bat - @ECHO OFF SET USERNAME=User SET STAFF=YES SET ADMIN=NO SET LOCALPR=NO @CALL \\Server\netlogon\net-log.bat net-log.bat - @ECHO OFF REM SET USERNAME=Name REM SET STAFF=YES REM SET ADMIN=NO REM SET LOCALPR=NO ECHO Welcome %USERNAME%. NET USE * /DEL /YES NET TIME \\Server /SET /YES ECHO Are you Admin? IF %ADMIN% == YES GOTO Admin GOTO NotAdmin :Admin NET USE F: \\Server\netlogon :NotAdmin ECHO Mapping home directory NET USE G: \\Server\Public NET USE H: \\Server\Home NET USE K: \\Server\Prgs NET USE S: \\Server\CDROM NET USE Z: \\Server\ZIP :Printers ECHO Mapping network printers IF %LOCALPR% == YES GOTO NotLocal NET USE LPT2: \\Server\HP990 GOTO End :NotLocal NET USE LPT1: \\Server\HP990 :End I hope this helps. Paul Espinosa ([EMAIL PROTECTED]) wrote*: All, As some of have no doubt found out, scripting is subtly different on 95/98 machines and NT machines. I have a logon script called by: logon script = \main.bat %G %U that works great for NT boxen. However it does absolutely nothing, no execution of main.bat at all for a W98 client. If I remove the parameters so it is: logon script = \main.bat it executes on the W98 box, obviously not correctly for any commands requiring the parameters. What this is used for is a generic logon script for everyone, modified with special mounts etc. by group and user if defined. Works great with NT. Not so good with W98 My questions is, does anyone know how to pass parameters for a logon script for W95/98 box. Thanks, -- Bob Crandell Assured Computing When you need to be sure. Cell 541-914-3985 FAX 240-371-7237 [EMAIL PROTECTED] www.assuredcomp.com Eugene, Or. 97402 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem.
On Fri, May 31, 2002 at 12:09:26PM -0700, WEBSTER, Greg wrote: Unfortunately I really do need the drivers to come from Samba (ie the print$ share)...I've got hundreds of machines that I'd have to do this on. Yes, what's being said is that you install the drivers from one workstation to the server then the rest of them can fetch them. -- David W. Chapman Jr. [EMAIL PROTECTED] Raintree Network Services, Inc. www.inethouston.net [EMAIL PROTECTED] FreeBSD Committer www.FreeBSD.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem.
Ok, tried that...no success. I can follow through the steps of adding the driver for the printer on my machine, then I can use it. However once I delete the printer and try to add it again I have to go through the same steps. The drivers are not copied up to the server, they are just installed on my local machine. -Original Message- From: David W. Chapman Jr. [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 12:37 PM To: WEBSTER, Greg Cc: 'Alfredo Cole'; [EMAIL PROTECTED] Subject: Re: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. On Fri, May 31, 2002 at 12:09:26PM -0700, WEBSTER, Greg wrote: Unfortunately I really do need the drivers to come from Samba (ie the print$ share)...I've got hundreds of machines that I'd have to do this on. Yes, what's being said is that you install the drivers from one workstation to the server then the rest of them can fetch them. -- David W. Chapman Jr. [EMAIL PROTECTED] Raintree Network Services, Inc. www.inethouston.net [EMAIL PROTECTED] FreeBSD Committer www.FreeBSD.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon scripting for W95/98
On Fri, May 31, 2002 at 08:16:54PM +, Bob Crandell wrote: This is how I do it. I come from supporting Novell servers and I needed a way to nest groups and various permissions. It's not pretty, but it works. This could be a pain if you are dealing with lots of users. IIRC there was a logon script parser a few years back that supported groups and what not. -- David W. Chapman Jr. [EMAIL PROTECTED] Raintree Network Services, Inc. www.inethouston.net [EMAIL PROTECTED] FreeBSD Committer www.FreeBSD.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Slightly OT: Conference this year?
On Fri, May 31, 2002 at 08:46:38AM -0500, Sam Barasch wrote: Hi. Our department at the university has been using samba since at least 1996. We love it. Is there another conference scheduled for this year? Know where it will be? How did the last one go? The SambaXP conference was wonderful - very well attended (better than the Microsoft/NetApp sponsored CIFS conferences). I keep meaning to write up a conference report and post it on Samba.org (but no time yet). We're hoping the SerNet will sponsor and run the next one (as they did such a good job this year). It'll be in Germany though. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Authentication failure for Windows XP clients
I have configured samba to use security = user, encrypt passwords = yes and I have added a user using smbpassword. smbclient from a unix host works fine. However, when I try to access a share from a Windows XP box, I get the following in the logs: [2002/05/31 17:28:50, 2] smbd/reply.c:(110) netbios connect: local=atgdet09 remote=pc5 [2002/05/31 17:28:50, 2] smbd/password.c:(575) pass_check_smb failed - invalid password for user [jweage] [2002/05/31 17:28:50, 2] smbd/reply.c:(963) NT Password did not match for user 'jweage'! [2002/05/31 17:28:50, 2] smbd/reply.c:(973) Defaulting to Lanman password for jweage [2002/05/31 17:28:50, 2] smbd/password.c:(575) pass_check_smb failed - invalid password for user [jweage] [2002/05/31 17:28:50, 1] smbd/reply.c:(989) Rejecting user 'jweage': authentication failed [2002/05/31 17:28:50, 2] smbd/server.c:(461) Closing connections Any ideas what is going wrong here? Thanks, Josh = -- -- http://origin.me.gatech.edu/~weage-- -- http://members.xoom.com/joshua_weage -- -- http://weage.freeservers.com/ -- __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem.
So where do I send the $10 :) GregW -Original Message- From: Manuel Gomez [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 1:49 PM To: 'WEBSTER, Greg' Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. Greg, I had a heck of a time getting Samba and CUPS up and running together, but here are a couple of pointers. If you are serving Windows clients, and a Windows driver is available for your printer (not hard to imagine), you are probably best off setting up a RAW print queue in CUPS, and installing the printer drivers on your Samba server using the Add/Remove Printers Wizard. The documentation for setting that up is, in my opinion, a little vague, but it certainly can be done. The most simple way to setup it up (in my mind) is as follows: 1) Make sure you have a 'printer admin = ???' directive in your smb.conf, where '???' is a comma-separated list of Unix users and/or groups who will be able to manage printer settings. Group designations in smb.conf need an '@' prefix (like '@group'). 2) For testing, I would set 'read only = no' on the [print$] share, and when it's working, you could either set 'read only = yes' and 'write list = ???' where ??? is another comma separated list of Unix users and/or groups, these being the users who will be able to upload drivers to the server. Alternately, you could just leave 'read only = no', just make sure you understand the implications. 3) Make sure the file system permissions will allow you to create files and directories under the path of your [print$] share. I would put it elsewhere than /usr/share/cups/model, because these aren't going to hold CUPS drivers, but Windows binary drivers. Then, create directories under that path for each Windows version you want to support. These are 'W32X86' for WinNT Win2K clients, 'WIN40' for Win9x, and I can't remember the others. 4) If samba is picking up your printers from your printcap, you can skip this, but otherwise you'll have to set up a share for each printer you want to share. 5) Browse, from a Windows PC, to the Red Hat server in explorer. Double-click 'Printers'. Depending on your windows version, the following may be different. I'm using Win2K, and this is how it goes: Right click in the white space of the window, and select 'Server properties' from the context menu. Select the 'Drivers' tab. Click 'Add...' then go through the wizard. If 'Add...' is unselectable (greyed-out), then the server is not seeing you as a member of the 'printer admins' list that you set up in step 1, so start your troubleshooting there. 6) Once you've got the drivers uploaded onto the server, you need to associate them with a given printer, which you do by right-clicking the appropriate printer and selecting 'Properties', then clicking on the 'Advanced' tab (I think this step is slightly different under NT). In the drop-down box marked 'Driver:', select the appropriate driver (probably the one you just uploaded). 7) Now, on the client machines, install the printer normally, and the drivers should automatically download with the connection. Let me know if that helps at all. Manuel Gomez -Original Message- From: WEBSTER, Greg [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 11:35 AM To: 'Blake Patton' Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. Nope, doesn't work, and I need the drivers to be available and read from the linux server. The PPD files do contain one which is specific to my printer and has worked on another machine. -Original Message- From: Blake Patton [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 11:32 AM To: WEBSTER, Greg Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. that looks ok, simply click ok and load the printer driver from whichever os version you are using. ie go get the latest drivers for the printer you want to use and the os you have on the workstation. simpy those printer drivers and it should work. Blake Patton Spots InterConnect Inc. [EMAIL PROTECTED] (403) 571-7768 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of WEBSTER, Greg Sent: Friday, May 31, 2002 12:27 PM To: [EMAIL PROTECTED] Subject: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. Seriously. I can't afford to be down much longer or I'm going to be in serious trouble. Running Redhat 7.2. Here's the scoop: Cups is installed and running. Samba is installed and running and is sharing files properly to 100+ people. I can print a test page from the Cups
Re: [Samba] Browsing
Alle 06:41, giovedì 30 maggio 2002, Martin Burheim Tingstad ha scritto: I cannot see any of the computers in my workgroup from windows, looking them up from freebsd works, even querying the subnet for masterbrowser works (from the samba-server (bsd)). Why does this happen? Greetings, Martin. There is very little information here. I could not help you I think, even if it was there. I am facing the same problem as you, the network knows what is its master browser but it fails to display the neighborhood. My suspects are that there is a problem in name resolution (digging the doc I have found that if name resolution do not work then browsing do not work too). I have been a bit busy lately so I have to check it better. Let me know what was your problem if you find it. Praise -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] printing with samba with NT clients
Has any had success using Samba as a PRINT SERVER and having there drivers automatically installed on their NT 4 clients. Any input would be appreciated, Thx Gene Wise -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinXP joining a samba PDC
Hi folks, I've latetly searching for a solution of a problem of mine when I suddenly stuck on this msg. In fact, I've just got the same problem with WinXP on a Samba 2.2.3 server. I've followed the same procedure Fernando did but, unfortunately, got a message concerning a RPC failure. My Windows is in Portuguese and I've got no idea of what should it be in english, but I supose it's something like Remote Procedure Failure. If somebody's got any other idea of what could this problem be, please drop me a reply. Thank you inadvance. Regards, Sérgio Gusmão IT Consultant [EMAIL PROTECTED] [EMAIL PROTECTED] I have been added a WinXP machine to a Samba PDC following the steps bellow: 1. Make sure that your smb.conf file contains domain logons = yes 2. Is a good practice create a group only for computer accounts using: group -g 201 machines 3. Add the machine account to you /etc/passwd using the following command: useradd -g machines -d /dev/null -c machine id machine_name\$ Don't forgot the \$! Otherwise, Samba will not recognize the account. 4. Lock the password to the machine account using: passwd -l machine_name$ 5. Add the machine account to your smbpasswd file using the command: smbpasswd -a -m machine_name Without \$!!! 6. Apply the registry patch in your XP machine. Using regedit, make sure to patch all the control sets. The .reg file only patch Current Control Set, may be there are 2 or 3 Control Sets more. You have to parch all of them manually. 7. Using the Network Identification Wizard, try to jouin your XP machine to the Samba domain. You have to do this proccess using an username with admin rights in your Linux machine (like root for example). Otherwise, it will not work. And... if all is ok... Voila! Machine added! :) Hope this help. I send my smb.conf file, is working well with all my XP clients. Good Luck! Fernando Kevin Pratt wrote: I am running it to a problem adding a WinXP Computer to my samba PDC. It is coming up with an error about the trust accounts. I have tried the registry patch with no success. Any suggestions? Kevin ;basic server settings workgroup = FAMILIA netbios name = SERVIDOR server string = Servidor Linux socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 kernel oplocks = no ;PDC and master browser settings os level = 64 preferred master = yes local master = yes domain master = yes domain logons = yes ;security and logging settings security = user encrypt passwords = yes wins support = yes log file = /var/log/samba/log.%m log level = 2 max log size = 50 hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0 socket address = 192.168.1.1 ;user profiles and home directory logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U logon script = netlogon.bat ; shares [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no write list = root [Mi Musica] comment = Archivos MP3 path = /musica read only = yes write list = root fmaidana browseable = yes guest ok = yes _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Logon scripting for W95/98
Has anyone tried using Kixtart from a Samba PDC? http://www.kixtart.org/ Brett -Original Message- From: Paul Espinosa [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 3:37 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] Logon scripting for W95/98 Unfortunately not, That's what I don't want to do, is to create individual .bat files for 200+ users. I can get that to work fine. Just be a pain. And I may have to. I may just make a perl script to create the .bat files from the passwd file... Thanks though, .[ Bob Crandell wrote on Fri, 31 May 2002 20:16:54 + ] | | |This is how I do it. I come from supporting Novell servers and I |needed a way to nest groups and various permissions. It's not pretty, |but it works. This could be a pain if you are dealing with lots of |users. | |[global] |logon script = %U.bat | SNIP --Paul Espinosa -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mounting an NT share on Linux Server
I forgot to add the error message for the problem.sorry I get wins-srv-died(): WINS server 130.253.166.42 appears to be down. Connection to Fac-Staff failed But, as I mentioned before, I can connect fine from my workstation. Thanks Tom Ansley On Friday 31 May 2002 05:13 pm, Tom Ansley wrote: Hi all, I'm trying to connect to a share on an NT server from a Redhat Linux 7.2 server with the following command: smbmount //Fac-Staff/tansley$ /home/tomansley/law_share -o username=LAW\\tansley,password=realpassword The same command works from my linux workstation!!! Anybody got any clue as to what might be holding me up? I was thinking maybe my firewall but am not sure. Any help most appreciated Cheers Tom Ansley -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ASSISTANCE NEEDED
On Friday 31 May 2002 06:47 pm, mariam zanab ishatu wrote: ATTN: CEO/PRESIDENT. l am DR. MRS MARIAM ABACHA, wife of the late Nigeria Head of State, General Sanni Abacha who died on the 8th of June, 1998 while still on active duty. l currently have within my reach the sum of Twenty Eight Million US Dollars (US$28,000,000.00) cash which l intend to use for investment, like Real Estate Development specifically in your country. This money came as a payback contract deal between my late husband and a Russian Firm on our countries multi-billion dollars Ajaokuta Steel Plant. [clip] I can't resist these great offers another minute! I'm gonna grab the money and run!!! (Weird she would pick the samba list, though?) -- Wendell Craig [EMAIL PROTECTED] http://anncrman.com Information is not knowledge, Knowledge is not wisdom, Wisdom is not truth, Truth is not beauty, Beauty is not love, Love is not music and Music is THE BEST. -- FRANK ZAPPA, 1949-1993 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ASSISTANCE NEEDED
-Original Message- From: mariam zanab ishatu [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 3:47 PM To: [EMAIL PROTECTED] Subject: [Samba] ASSISTANCE NEEDED SPELLCHECKER IS NOT TO BE WORKING!!! ATTN: CEO/PRESIDENT. I was a lowly computer jockey; now I'm a CEO/PRESIDENT... thanks for the promotion! Where's the money? l am sorry for the embarrassment this my letter might cause you as we have not had any correspondence before this letter. l got your address through Embarrassment isn't what your letter caused my newphew who works with Nigeria Chamber of Commerce lndustry and Minning during my research for a reliable and trustworthy partner who l can do business with though l did not disclose the nature of the business l intend to do with whoever he recommend for me. l am DR. MRS MARIAM ABACHA, wife of the late Nigeria Head of State, General Sanni Abacha who died on the 8th of June, 1998 while still on active duty. l am contacting you in view of the fact that we will be of great assistance to each other likeness developing a cordial relationship. l currently have within my reach the sum of Twenty Eight Million US Dollars (US$28,000,000.00) cash which l intend to use for investment, like Real Estate Development specifically in your country. This money came as a payback contract deal between my late husband and a Russian Firm on our countries multi-billion dollars Ajaokuta Steel Plant. The Russian Partners returned my husband's share of USD$28,000,000.00 after the death of my husband and lodged in my husband's security company of which l am director right now, the new Civilian Government have intensified their probe on my husband's financial and oil company. ln view of these, l acted fast to withdraw the US$28,000,000.00 from the company's vault and deposited it in a West African Security Company in Accra-Ghana. l have since declared the Security Company bankrupt. No record ever existed concerning the money traceable by the government because there is no documentation showing that we received the money from the Russian. You deposited it in another country, then declared the foreign company bankrupt...and you have no evidence the money existed. How ever are you to get your nonexistent money back from this bankrupt company, located in another country? What does this have to do with Samba? Are you going to use Samba to get your nonexistent USD$28,000,000.00 back? Please forward a copy of the magical smbclient command you will be using to accomplish this, so other list users may get their own USD$28,000,000.00! Due to the current situation int the country concerning government attitude towards my family, it has become quite impossible for me to make use of this money within. Let me refer you to the front page of thisday newspapers of 10th March, 2001. You can check it through their website www.thisdayonline.com. The pressent government in Nigeria had frozen and seized all our bank accounts both here in Nigeria andabroad. Thus consent l shall expect you to contact me urgently to enable us discuss in detail about this transaction. Bearing in mind that your assistance is needed to transfer this fund, l proposed a percentage of 30% of the total sum to you for the expected service and assistance, 15% for offsetting minor expenses incurred in the course of this transaction. Your urgent response is highly needed as to stop further contacts. You can stop contact immediately. I never, ever, EVER want to hear from you and yours again. All correspondence must be by the email address above. l will give you my tel/fax numbers where you can contact me when l hear from you. l must use this opportunity to implore you to exercise the utmost indulgence to keep this matter extraordinarily confidential whatever your decision while await your prompt response. NB: Because of the security being mounted on the members of my family,l have decided that this transaction exist between you and my Nephew, MUSA AHMED. Remember to include your private tel/fax or mobile number If I gave it to him, it wouldn't be private, would it? MUSA AHMED: does your Aunt know you sent this message? Didn't she tell you to stop spamming mail lists? You're a naughty boy! GO AWAY! Don't bother us again. If you have questions about Samba, we'll let you talk to us. If not, go find something else to do. for easy communication. ALL YOUR BASE ARE BELONG TO US. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem.
Greg, If those instructions really helped you get Samba CUPS up and running together, I don't want the $10US. I nearly pulled my hair out trying to figure it out, and just knowing that somebody else didn't have to go quite as crazy trying is enough reward. :) So send it to the Samba Team. Cheers, Manuel Gomez -Original Message- From: WEBSTER, Greg [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 3:35 PM To: 'Manuel Gomez'; WEBSTER, Greg Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. So where do I send the $10 :) GregW -Original Message- From: Manuel Gomez [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 1:49 PM To: 'WEBSTER, Greg' Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. Greg, I had a heck of a time getting Samba and CUPS up and running together, but here are a couple of pointers. If you are serving Windows clients, and a Windows driver is available for your printer (not hard to imagine), you are probably best off setting up a RAW print queue in CUPS, and installing the printer drivers on your Samba server using the Add/Remove Printers Wizard. The documentation for setting that up is, in my opinion, a little vague, but it certainly can be done. The most simple way to setup it up (in my mind) is as follows: 1) Make sure you have a 'printer admin = ???' directive in your smb.conf, where '???' is a comma-separated list of Unix users and/or groups who will be able to manage printer settings. Group designations in smb.conf need an '@' prefix (like '@group'). 2) For testing, I would set 'read only = no' on the [print$] share, and when it's working, you could either set 'read only = yes' and 'write list = ???' where ??? is another comma separated list of Unix users and/or groups, these being the users who will be able to upload drivers to the server. Alternately, you could just leave 'read only = no', just make sure you understand the implications. 3) Make sure the file system permissions will allow you to create files and directories under the path of your [print$] share. I would put it elsewhere than /usr/share/cups/model, because these aren't going to hold CUPS drivers, but Windows binary drivers. Then, create directories under that path for each Windows version you want to support. These are 'W32X86' for WinNT Win2K clients, 'WIN40' for Win9x, and I can't remember the others. 4) If samba is picking up your printers from your printcap, you can skip this, but otherwise you'll have to set up a share for each printer you want to share. 5) Browse, from a Windows PC, to the Red Hat server in explorer. Double-click 'Printers'. Depending on your windows version, the following may be different. I'm using Win2K, and this is how it goes: Right click in the white space of the window, and select 'Server properties' from the context menu. Select the 'Drivers' tab. Click 'Add...' then go through the wizard. If 'Add...' is unselectable (greyed-out), then the server is not seeing you as a member of the 'printer admins' list that you set up in step 1, so start your troubleshooting there. 6) Once you've got the drivers uploaded onto the server, you need to associate them with a given printer, which you do by right-clicking the appropriate printer and selecting 'Properties', then clicking on the 'Advanced' tab (I think this step is slightly different under NT). In the drop-down box marked 'Driver:', select the appropriate driver (probably the one you just uploaded). 7) Now, on the client machines, install the printer normally, and the drivers should automatically download with the connection. Let me know if that helps at all. Manuel Gomez -Original Message- From: WEBSTER, Greg [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 11:35 AM To: 'Blake Patton' Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. Nope, doesn't work, and I need the drivers to be available and read from the linux server. The PPD files do contain one which is specific to my printer and has worked on another machine. -Original Message- From: Blake Patton [mailto:[EMAIL PROTECTED]] Sent: May 31, 2002 11:32 AM To: WEBSTER, Greg Subject: RE: [Samba] I will pay you $10US (via Paypal) out of my own pocket if you can solve this CUPS Samba problem. that looks ok, simply click ok and load the printer driver from whichever os version you are using. ie go get the latest drivers for the printer you want to use and the os you have on the workstation. simpy those printer drivers and it should work. Blake Patton Spots InterConnect Inc. [EMAIL
[Samba] Empty share
Just compiled samba 3, alpha 17, and thie empty share appears. It has no name, and no content, what is this? Yours sincerely, Martin. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printing with samba with NT clients
Gene, See the message thread below for an excellent explanation... RE: [Samba] I will pay you $10US (via Paypal) out of my own pocke t if you can solve this CUPS Samba problem. James -- - Original Message - From: Wise, Gene [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 31, 2002 4:53 PM Subject: [Samba] printing with samba with NT clients Has any had success using Samba as a PRINT SERVER and having there drivers automatically installed on their NT 4 clients. Any input would be appreciated, Thx Gene Wise -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error log entry (due to trying to configure a CUPS printer?)
[2002/05/31 11:15:58, 0] lib/util_sock.c:read_socket_data(478) read_socket_data: recv failure for 4. Error = No route to host I have no idea what this could mean. Any gurus able to step up to the plate? -- Rob Blomquist Kirkland, WA On the side of the software box, in the 'System Requirements' section, it said 'Requires Windows 95 or better'. So I installed Linux and lived happily ever after. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Profile creation
On Fri, 2002-05-31 at 01:26, Nathaniel N.Petersen wrote: SAMBA VERSION: 2.2.4 ERROR(S): Profile Creation I reported this to my supervisor, and he asked what version of Samba I was using. I told him version 2.2.3a. Well, he says that I shouldn't use an alpha version of Samba. the 'a' means patch level 1, it is a bugfix against the stable version 2.2.3 no alpha! os level = 64 preferred master = yes domain master = yes local master = no why you made it domain master but not local master ? encrypt passwords = yes domain logons = yes logon path = \\student\%u\.ntprofile from smb.conf: Windows clients can sometimes maintain a connection to the [homes] share, even though there is no user logged in. Therefore, it is vital that the logon path does not include a reference to the homes share (i.e. setting this parameter to \%N\%U\pro file_path will cause problems). so, 1. it is better you use a separate directory and share for profiles (I saw that setting the directory 1777 is a nice solution as everyone can write/create a profile, but only owners will be able to use/modify it) 2. better you use %U (uppercase) logon drive = Z: logon home = \\student\%u Simo. -- Simo Sorce -- Una scelta di liberta': Software Libero. A choice of freedom: Free Software. http://www.softwarelibero.it
Re: Profile creation
At 18:26 30.05.2002 -0500, Nathaniel N.Petersen (CNS Student Support) wrote: SAMBA VERSION: 2.2.4 ERROR(S): Profile Creation I have recently been assigned to create a Samba PDC. Earlier in the --[smb.conf]-- [global] workgroup = CNS_TESTING netbios name = TEST_SMB_SERVER client code page = 437 log level = 5 hosts allow = xxx.xxx.xxx security = DOMAIN If you want to be a PDC set 'security = User' , this means that samba uses it's own smbpasswd( or tdb or ldap...) as SAM Database, read 'man smb.conf' !!! I don't now if this fix your problem!? os level = 64 preferred master = yes domain master = yes local master = no encrypt passwords = yes domain logons = yes logon path = \\student\%u\.ntprofile try a path with no leading '.' logon path = \\student\homes\%u\ntprofile I'm not really sure, but try it! I remember this solves my problems on this. I seems that NT doesn't like this. And read Simo's comments on this parameter... logon drive = Z: logon home = \\student\%u admin users = root cthulu [netlogon] path = /usr/local/samba/lib/netlogon writeable = no write list = ntadmin [homes] guest ok = no writable = yes metze - Stefan metze Metzmacher [EMAIL PROTECTED]
Re: known BUG multi-byte character set in usernames
Juergen Hasch wrote: Hi Guenther, Am Donnerstag, 30. Mai 2002 16:17 schrieb Guenther Deschner: hello, smb.conf-manpage of 2.2.5pre and HEAD states the bug of multi-byte character sets in usernames: -8--snip--8-- BUG: There is currently a bug in the implementation of security = domain with respect to multi-byte character set usernames. The communication with a Domain Controller must be done in UNICODE and Samba currently does not widen multi-byte user names to UNICODE correctly, thus a multi- byte username will not be recognized correctly at the Domain Controller. This issue will be addressed in a future release. -8--snap--8-- This is a different issue. We force non-alphanumeric chars to _ in the login code, for security. This is what is causing the issue here. This may not be what the manpage was originally on about, but is what it means now ;-) Now the correct usernames and groups are shown. I only added a few conversions, the correct approach would be to check all unistr2_to_ascii calls and add dos_to_unix where neccessary. I will generate a complete patch if the Samba team thinks it's worth considering and I am not completely on the wrong track :-) What the heck are you trying here? Can you resend me the patch you were doing for HEAD, and I'll try to get that in. In the meantime, this looks bogus. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
[PATCH] store SID's in SAM_ACCOUNT
Hi Andrew and Simo, this patches are only for discussion,( not completely ready) please take look at it the Patch for Makefile.in should be cleaner but I don't know how to do this... So it would be nice if someoneelse could do that. The reason for changing Makefile.in is that the global_sam_sid should be get with the function get_global_sam_sid(), witch is in passdb/machine_sid.c and depends code from passdb/secrets.c libsmb/smbencrypt.c libsmb/smbdes.c code Patch - diff -Nur HEAD/source/groupdb/mapping.c HEAD-fix/source/groupdb/mapping.c --- HEAD/source/groupdb/mapping.c Mon Apr 29 08:26:39 2002 +++ HEAD-fix/source/groupdb/mapping.c Fri May 31 10:19:42 2002 @@ -21,7 +21,6 @@ #include includes.h -extern DOM_SID global_sam_sid; static TDB_CONTEXT *tdb; /* used for driver files */ @@ -186,17 +185,17 @@ /* Add the defaults domain groups */ - sid_copy(sid_admins, global_sam_sid); + sid_copy(sid_admins, get_global_sam_sid()); sid_append_rid(sid_admins, DOMAIN_GROUP_RID_ADMINS); sid_to_string(str_admins, sid_admins); add_initial_entry(-1, str_admins, SID_NAME_DOM_GRP, Domain Admins, , privilege_all, PR_ACCESS_FROM_NETWORK|PR_LOG_ON_LOCALLY); - sid_copy(sid_users, global_sam_sid); + sid_copy(sid_users, get_global_sam_sid()); sid_append_rid(sid_users, DOMAIN_GROUP_RID_USERS); sid_to_string(str_users, sid_users); add_initial_entry(-1, str_users, SID_NAME_DOM_GRP, Domain Users, , privilege_none, PR_ACCESS_FROM_NETWORK|PR_LOG_ON_LOCALLY); - sid_copy(sid_guests, global_sam_sid); + sid_copy(sid_guests, get_global_sam_sid()); sid_append_rid(sid_guests, DOMAIN_GROUP_RID_GUESTS); sid_to_string(str_guests, sid_guests); add_initial_entry(-1, str_guests, SID_NAME_DOM_GRP, Domain Guests, , privilege_none, PR_ACCESS_FROM_NETWORK); @@ -987,7 +986,9 @@ * make one based on the unix information */ uint32 alias_rid; - sid_peek_rid(sid, alias_rid); + if(!sid_peek_rid(NULL,sid, alias_rid)) + return False; + map-gid=pdb_group_rid_to_gid(alias_rid); if ((grp=getgrgid(map-gid)) == NULL) @@ -1070,7 +1071,7 @@ /* interim solution until we have a last RID allocated */ - sid_copy(map-sid, global_sam_sid); + sid_copy(map-sid, get_global_sam_sid()); sid_append_rid(map-sid, pdb_gid_to_group_rid(gid)); fstrcpy(map-nt_name, grp-gr_name); diff -Nur HEAD/source/include/sids.h HEAD-fix/source/include/sids.h --- HEAD/source/include/sids.h Wed Jan 30 07:08:15 2002 +++ HEAD-fix/source/include/sids.h Wed May 29 14:27:26 2002 @@ -23,7 +23,7 @@ #ifndef _SIDS_H #define _SIDS_H -extern DOM_SID global_sam_sid; +extern DOM_SID *global_sam_sid; extern fstring global_sam_name; extern DOM_SID global_member_sid; diff -Nur HEAD/source/include/smb.h HEAD-fix/source/include/smb.h --- HEAD/source/include/smb.h Tue May 21 14:07:13 2002 +++ HEAD-fix/source/include/smb.h Mon May 27 11:28:59 2002 @@ -624,8 +624,8 @@ uid_t uid; /* this is a unix uid_t */ gid_t gid; /* this is a unix gid_t */ - uint32 user_rid;/* Primary User ID */ - uint32 group_rid; /* Primary Group ID */ + DOM_SID user_sid;/* Primary User SID */ + DOM_SID group_sid; /* Primary Group SID */ DATA_BLOB lm_pw; /* .data is Null if no password */ DATA_BLOB nt_pw; /* .data is Null if no password */ diff -Nur HEAD/source/lib/util_sid.c HEAD-fix/source/lib/util_sid.c --- HEAD/source/lib/util_sid.c Mon Apr 15 10:32:58 2002 +++ HEAD-fix/source/lib/util_sid.c Wed May 29 14:43:41 2002 @@ -4,6 +4,7 @@ Copyright (C) Andrew Tridgell 1992-1998 Copyright (C) Luke Kenneth Caseson Leighton 1998-1999 Copyright (C) Jeremy Allison 1999 + Copyright (C) Stefan (metze) Metzmacher 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -25,7 +26,7 @@ /* NOTE! the global_sam_sid is the SID of our local SAM. This is only equal to the domain SID when we are a DC, otherwise its our workstation SID */ -DOM_SID global_sam_sid; +DOM_SID *global_sam_sid=NULL; extern pstring global_myname; extern fstring global_myworkgroup; @@ -120,17 +121,17 @@ if ((lp_security() == SEC_USER) lp_domain_logons()) { - sid_name_map[i].sid = global_sam_sid; + sid_name_map[i].sid = get_global_sam_sid(); sid_name_map[i].name = global_myworkgroup; sid_name_map[i].known_users = NULL; i++; - sid_name_map[i].sid = global_sam_sid;
Re: [PATCH] store SID's in SAM_ACCOUNT
On Fri, 2002-05-31 at 12:39, Simo Sorce wrote: On Fri, 2002-05-31 at 12:20, [EMAIL PROTECTED] wrote: the above piece is wrong! wrong seem to be the original code. (an unjustified pdb_free_sam ?) I'll check it. Sorry looking at the whole code the free is ok! Wrong is the patch! Why have you got out get_lsa_policy_samr_sid() ? The code here creates the SID form the info that come from the remote, while instead you are creating a user SID from the RID only. but I sitll think that the code that replaces the orignal is not ok. Simo. -- Simo Sorce -- Una scelta di liberta': Software Libero. A choice of freedom: Free Software. http://www.softwarelibero.it
Re: known BUG multi-byte character set in usernames
Am Freitag, 31. Mai 2002 11:58 schrieb Andrew Bartlett: Juergen Hasch wrote: I will generate a complete patch if the Samba team thinks it's worth considering and I am not completely on the wrong track :-) What the heck are you trying here? The problem is like this: Without patch: hasch@tower:~ getent passwd ... DOMAIN\juhasch:x:10004:1:Jrgen Hasch:/home/DOMAIN/juhasch:/bin/false ... with patch: hasch@tower:~ getent passwd ... DOMAIN\juhasch:x:10004:1:Jürgen Hasch:/home/DOMAIN/juhasch:/bin/false ... i.e. I get the full user name including umlaute. This also shows up in the windows client's security settings correct now. Now I never would have brought this up because I don't care to much for 2.2 and I was just curious when I made the patches. But since someone asked :-) The names/groups are transferred by rpc and converted from unicode like this: unistr2_to_ascii(t, info1.str[j].uni_acct_name, sizeof(pstring)); Adding the line dos_to_unix(t); makes the umlaute appear. Now the charset conversion may be totally wrong there, I believed it to be *easiest* patch. Can you resend me the patch you were doing for HEAD, and I'll try to get that in. In the meantime, this looks bogus. In a few minutes. ...Juergen
corrupt tdb?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! Someone came to me with the following log message. To me it looks like a corrupt tdb. The system is running Linux 2.2.19 with adaptec RAID (dpt_io driver), LVM and the tdb's on ext2. The rest of the file system is reiser. Samba is 2.2.3a. I don't remember tdb corruption fixes towards 2.2.4. Or did I miss any? Volker [2002/05/30 15:47:41, 0, pid=4508] tdb/tdbutil.c:tdb_log(475) tdb(/sambalocks/PRR0226/sessionid.tdb): tdb_oob len 976499000 beyond eof at 32768 [2002/05/30 15:47:41, 0, pid=4066] tdb/tdbutil.c:tdb_log(475) [2002/05/30 15:47:41, 0, pid=4508] tdb/tdbutil.c:tdb_log(475) tdb(/sambalocks/PRR0226/sessionid.tdb): tdb_oob len 808465011 beyond eof at 32768 [2002/05/30 15:47:41, 1, pid=4508] smbd/session.c:session_claim(88) session_claim: out of session IDs (max is 3000) tdb(/sambalocks/PRR0226/sessionid.tdb): tdb_oob len 1768185734 beyond eof at 32768 [2002/05/30 15:47:41, 1, pid=4508] smbd/password.c:register_vuid(337) Failed to claim session for vuid=100 [2002/05/30 15:47:41, 0, pid=4066] tdb/tdbutil.c:tdb_log(475) tdb(/sambalocks/PRR0226/sessionid.tdb): tdb_oob len 808465011 beyond eof at 32768 [2002/05/30 15:47:41, 0, pid=4066] tdb/tdbutil.c:tdb_log(475) -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Fingerprint available: phone +49 551 370 iD8DBQE892yEZeeQha3jd9gRAmHPAJ46N/5D8NkiCnvuQXgcf1l4TavMLwCfR16L r71eUQDbBIi7k6ERQR1/a0U= =1Ajq -END PGP SIGNATURE-
RE: INFORMAZIONE
Hi, Best you discuss this with your HP support people - cifsmount is a part of the CIFSCLIENT software (based on Sharity client), NOT samba. Sorry, Don -Original Message- From: Simo Sorce [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 4:19 To: Manuel Clericuzio Cc: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject: Re: INFORMAZIONE From samba-technical. On Fri, 2002-05-31 at 09:58, Manuel Clericuzio wrote: Buongiorno, mi hanno chiesto di montare un filesystem NT (macchina win2000) su una macchina con Unix HP (release 11.11). Ho provato a fare dei tentativi con il comando cifsmount ma non riesco. Spero che voi mi potiate aiutare. Grazie e buona giornata Manuel Better you write in english Manuel and on the users support list not the technical one! I will translate this time only to benefit of the list and the user: Good morning, I've been requested to mount a filesystem shared by a win2k server on a HP-UX (11.11) machine. I tried to mount it with the cifsmount command but failed. Is there anyone that can help me. Thank you. -- Simo Sorce -- Una scelta di liberta': Software Libero. A choice of freedom: Free Software. http://www.softwarelibero.it
Re: hash2 mangling alghorithm
on 31-05-2002 12:21, Simo Sorce at [EMAIL PROTECTED] wrote: I just want to warn people that want to use the new hashing algorithm for mangled names. And that note should also be put in the man page IMO. You must understand that changing the hashing algorithm on a production server may have unwanted side effects (this is why we maintain by default hash and not hash2 and why it was not back ported to 2.2 initially). Just as a note, it might be useful to add an UPGRADE file to the release in which we discuss just these kind of problems that might occur with upgrading production servers. Windows clients may save all around (registry, config files, ecc..) mangled paths to files need for programs to work correctly. If you change the hash algorithm these paths will become unusable as the new mangled name will be different. I would advice to use the new hashing algorithm in new installations and switch to the new one for old ones only if really necessary to make things work (lot of conflicts), and in this case be prepared to reinstall some app or manually change some registry/config file to reflect the new mangled names. So do not just try this option, plan to use it carefully. Simo. --- Universiteit Twente --- Derk-Jan 'The DJ' Hartman ICQnr: 10111559 Mail: mailto:[EMAIL PROTECTED] WWW: http://home.student.utwente.nl/d.hartman/ Goto: http://xamba.sourceforge.net
RE: hash2 mangling alghorithm
No, sorry it is not as simple. When you use mangled names you must assure they will always be mangled the same way during the same connection. So if a file gets deleted and then recreated it must be mangled back the same way! This will make things overly complex and oblige us to keep 2 separate caches at a time and switch between 2 algorithms adding too much complexity and needing a complete retest of the mangling code. That would made it too much work and would be available in time for 2.2.5 The back port have been made only for special cases (people that have programs generating lot of similarly named files in a single directory). The new algorithm will be the default on samba 3 and thats the best balance IMO. /simo who hates html mail ;) On Fri, 2002-05-31 at 14:47, Esh, Andrew wrote: Why not just use a different hash character for the new code, and keep the old unhashing code? Old hashed names can still be read, and new hashed names can still be stored and read. No confusion would take place. -- Simo Sorce -- Una scelta di liberta': Software Libero. A choice of freedom: Free Software. http://www.softwarelibero.it
Re: Profile creation
On Fri, May 31, 2002 at 12:09:25PM +0530, Navneet Karnani wrote: Should you be deleting the user profile completely from the server, including the user credentials. The problem you encounter, looks like, windows is not able to find the directory. So, if you want to simulate a new user, do it in style. Create a new user the right way and do it. I think it should work. - Navneet While you are correct on the point of creating a new user in style, it is still important to find a solution to corrupted profile creation. Consider: User logs in using an NT system. The *cough* idiot downloads an infected email, or better yet, just found this nifty program called regedit. When the user logs off, this corrupted registry information is saved to the PDC. I get a complaint a few hours later that the user can't log in again. The obvious fix is to back up his/her profile info and then delete it. Next time the user logs on, the profile is recreated (without reg errors). Then all I have to do is copy over the users favorites, My Documents, etc.
Re: Disable spoolss
On Thu, 30 May 2002, Lapers Stefan wrote: Due to quite some problems with the RPC printing code in samba (landscape, paper size), I would like to disable the spoolss functionality and use the old code. However I will probably need Active Directory support in the near future, so reverting to samba 2.0 is no option. Happy me, there is the disable spoolss option in the smb.conf file. I'm using 2.2.4 compiled on Intel RH 7.3, but samba seems to ignore the disable spoolss = yes option for Win2K and WinXP clients. NT 4 seems to be ok. I know I fixed this recently, but I can't remember if it was pre or post 2.2.4 release. I'll have to check. cheers, jerry - Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org --http://www.plainjoe.org Sam's Teach Yourself Samba in 24 Hours 2ed. ISBN 0-672-32269-2 --I never saved anything for the swim back. Ethan Hawk in Gattaca--
Re: Profile creation
From: Nathaniel N.Petersen (CNS Student Support) [EMAIL PROTECTED] Date: Fri, 31 May 2002 08:15:07 -0500 There is nothing wrong with using the homes directories like I do. The lines refered to in the man pages simply don't recommend it. Well, if you have ever worked for a University, you would understand the amount of overhead involved. Creating essentially two account locations for evey user is ridiculous. I was able to put profile storage outside on home directories without much problem. We have 80,000 student accounts. We have profile storage on the same host as home directories, but in a different place. We have a separate filesystem for profiles, /export/profiles. This allows us to have 500 MB quotas for home dirs, and 15 MB quotas for profiles (10 MB quota in policy). Profile share is setup as: [profiles] path = /export/profiles/%H ... We just changed our unix account creation so that when it creates the home directory (/home/hostname/x/username) it also creates /export/profiles/home/hostname/x/username. Besides being simple to implement, we have a profile directory tree, instead of one directory with 40,000 entries. On the domain controller, all accounts have profile path = \\hostname\profiles Clients are Win XP. My Documents is redirected to users home directory. The domain controller is currently a Win 2000 box. We are looking into replacing with samba server as the next step. Andrew Thomas Manager of Instructional Servers Instructional Computing Services, Purdue University
RE: Using linux trustee 2.8 rights in samba
If you're talking about Vyacheslav Zavadsky's Linux Trustees patches (http://trustees.sourceforge.net/), you must write a backend to integrate it with Samba as the interface is totally different from Linux's Posix ACL. I looked into this a while ago, but sadly couldn't find the time to work on it. regards /Jesper -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Gerald Carter Sent: den 31 maj 2002 17:00 To: Nieminen, Jooel Cc: '[EMAIL PROTECTED]' Subject: Re: Using linux trustee 2.8 rights in samba On Fri, 31 May 2002, Nieminen, Jooel wrote: I'm using samba I installed from the RPM package made for RH7.2 on fileserver and it works allright. So does winbind. but then I came up problems with file security and patched my kernel with trustee 2.8 package. well, trustee works fine, but samba does not care about it. as in security tab on windows I can see unix rights. Did you recompile Samba to include --with-acl-support? the question, what is they to go with this? I've asked elsewhere and ppl are saying that it shouldn't do that, but no answers to the problem. as an example, I have file which is in unix rights marked as read-only for all, but with trustee's aclfs are unix file security overwritten and given full rights. when logged on trough console as me rm does not ask nothing, it just deletes the file. samba is different, it reads itself the file security and sais access denied. I'm getting mad with this and have no clue which way to go, do you, anybody? I'm not familar with that package, but you may need to write a mapping backend from Samba's internal POSIX acl representation to the trustee aclfs model. This is how it works for Solaris ACLs and Linux's POSIX ACL support. cheers, jerry - Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org --http://www.plainjoe.org Sam's Teach Yourself Samba in 24 Hours 2ed. ISBN 0-672-32269-2 --I never saved anything for the swim back. Ethan Hawk in Gattaca--
Re: bug in smbclient
On Fri, 31 May 2002, Sergey Ivanov wrote: Hello There are a couple of problems with smbclient connected with the socket timeout in the select operation. The default value of the timeout in smblib is about 20 seconds. Smbclient does not override this value. So, when a file is big enought, the checking procedure by antivirus can be more that 20 seconds, so samba does not send to smbclient anything and a timeout happens. Hmmm, I have seen such problems as well, and they annoy me ... The problem is that the library takes unilateral decisions about this and does not give the upper layer a chance to do anything about it. It should be possible to change the time out and to tell the lower layers to simply not time out at all. At one stage I added some code to the lower later routines to allow you to pass a -ve number as the timeout, which meant, time out but ignore it. Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Appology
After talking this over with a friend, I realize that I have made a mistake. I should never have responded in the manner that I did. I was the one who asked for help. You don't know the situation, and you are correct in that most people who do have problems either didn't read the existing information, or didn't understand what they read. I should not have taken the standard responses so personally. I'm sorry. I inicially wrote in because I thought the errors I was receiving were rather unique. My past problems with Samba were never this bad. They WERE solved most times by just doing a quite search on google or reading other individual's posts. But this time, with authentication working fine, I was perplexed. Why the corrupt write from the W2K client? Why did the NT machine write a profile but not use it? Or more precisely, why did it use it but say it didn't? Again, my frustration exists more from my lack of progress than from the comments I received. I humbly submit my whole-hearted appologies to those I may have angered and/or offended. -Nathaniel N. Petersen PS - I will look into the 'Z' drive issue as well as the location of the profile. Thank you for giving me some direction to research. On Fri, May 31, 2002 at 04:02:35PM +0200, Simo Sorce wrote: On Fri, 2002-05-31 at 15:15, Nathaniel N.Petersen wrote: Note that from the client's point of view security = domain is the same as security = user . It only affects how the server deals with the authentication, it does not in any way affect what the client sees. Since the systems are able to authenticate, this is not an issue. I have yet not understood if your server is a PDC or not. If it is, these 4 parameters MUST be set this way: domain logons = yes domain master = yes security = user encrypt password = yes try a path with no leading '.' logon path = \\student\homes\%u\ntprofile Even if you were correct, it worked before (and still is working elsewhere), it should work now. I think this is not a problem. I thought about dealing with this diplomaticly - but enough is enough. There is nothing wrong with using the homes directories like I do. The lines refered to in the man pages simply don't recommend it. Well, if you have ever worked for a University, you would understand the amount of overhead involved. Creating essentially two account locations for evey user is ridiculous. I have an my setup involved a simple [profile] share with 1777 permissions on it, and that's not a lot of work to do (I had more than 1000 users). Recommendations exist for a purpose ... it's up to you to decide if they match your case. thinking a bit more in this case I think you may have 2 combined problems: 1. the use of the home directory to store profiles 2. the use of letter Z to map the home directory unfortunately I do not have handing any url, but I remember clearly that with later clients (w2k, XP) there are problems with the Z drive. In fact it is not available to be mapped until the user logged in and at that point the profile thing is yet over! It is not a samba problem, Microsoft changed it this way (can't remember why). So I would advice you do 2 things: change the home drive letter or setup a profile share and change the logon path directive. Furthermore, this PDC is set to local master = no for a reason. Election. I have 14 other colleges at this university that are NOT running Linux (yes, there are still people out there that use Windows). Windows PDC's have fits when this is set to yes. They lose out on elections. If set to false then nmbd will not attempt to become a local master browser on a subnet and will also lose in all browsing elections. With a class B subnet, this is a GOOD THING. a class B NOT subnetted to C classes? That's should be a broadcast nightmare ... (if your server is not a PDc you should NOT made it be a domain master!, local master should be ok, and would be better to use a wins server) And finally, as far as that whole '.a = patch' thing goes - NO SH!T. REALLY? Well, I'll be... I thought only M$ released patches. Seriously, I was trying (appearantly not hard enough) to make light of my supervisor's lack of knowledge about Samba (AND all the extra work it forced me to do). sarcasmLord knows I would much rather be seen a fool by the Samba community./sarcasm This should never have been an issue. ?? you are stressed, take a breath I want to appologize to those of you who work tirelessly on the Samba project. I also want to thank the attempts at trying to help me. But, they were of ZERO aid. Nit-picking at these minor issues does not help me with the big picture. Just answer me this - If the windows systems are able to verify the domain and authenticate, why does the w2k system right corrupt profile data? If the NT system is able to create a profile, why can't it
Access control to SAM / _samr_query_sec_obj
Hi, currently, as far as I can see, the access control to the SAM database is only based upon file access to the db-files. On normal installations therefore only the root user can change, delete or add things instead of the entire administrators group. As this is IMHO rather unhelpfull, especially if you are trying to administer your samba-server from windows machines, I'm thinking about implementing a more NT-like access control to the SAM-db. Is there currently anybody else working in that region? I've started off with implementing default Security Descriptors for the global SAM object, the domain object and the alias objects (only SD for user objects were available till now), which are needed in the later to come se_access_check()s of the open/connect RPCs. These default SDs are based upon the SDs I received from my Win2k pro workstation. I don't have access to a Windows PDC, so I couldn't do it for global domain groups. :( The new _samr_query_sec_obj() can destinguish between the domain SID, SID S-0-0 that seems to represent the SAM-object and SIDs with appended RID. However I don't know how to find out if those SIDs represent Users, Groups, or Alliases, so SDs for useres are still always created in this case instead of the correct ones. Does anybody know an easy way to figure out which is correct? Any comments or improvements are appreciated Kai --- ./samba/source/rpc_server/srv_samr_nt.c Sun May 26 21:11:52 2002 +++ ./samba/source/rpc_server/srv_samr_nt.c Fri May 31 19:51:43 2002 -402,11 +402,90 return r_u-status; } + +/*** + samr_make_sam_obj_sd + / + +static NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t +*sd_size) +{ + extern DOM_SID global_sid_World; + DOM_SID adm_sid; + DOM_SID act_sid; + + SEC_ACE ace[3]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + + sid_copy(adm_sid, global_sid_Builtin); + sid_append_rid(adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + sid_copy(act_sid, global_sid_Builtin); + sid_append_rid(act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + + //basic access for every one + init_sec_access(mask, 0x20031); + init_sec_ace(ace[0], global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + //full access for builtin aliases Administrators and Account Operators + init_sec_access(mask, 0xf003f); + init_sec_ace(ace[1], adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(ace[2], act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) + return NT_STATUS_NO_MEMORY; + + if((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == +NULL) + return NT_STATUS_NO_MEMORY; + + return NT_STATUS_OK; +} + +/*** + samr_make_dom_obj_sd + / + +static NTSTATUS samr_make_dom_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t +*sd_size) +{ + extern DOM_SID global_sid_World; + DOM_SID adm_sid; + DOM_SID act_sid; + + SEC_ACE ace[3]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + + sid_copy(adm_sid, global_sid_Builtin); + sid_append_rid(adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + sid_copy(act_sid, global_sid_Builtin); + sid_append_rid(act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + + //basic access for every one + init_sec_access(mask, 0x20385); + init_sec_ace(ace[0], global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + //full access for builtin aliases Administrators and Account Operators + init_sec_access(mask, 0xf07ff); + init_sec_ace(ace[1], adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(ace[2], act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) + return NT_STATUS_NO_MEMORY; + + if((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == +NULL) + return NT_STATUS_NO_MEMORY; + + return NT_STATUS_OK; +} + /*** samr_make_usr_obj_sd / -static NTSTATUS samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC_BUF **buf, DOM_SID *usr_sid) +static NTSTATUS samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t +*sd_size, DOM_SID *usr_sid) { extern DOM_SID global_sid_World; DOM_SID adm_sid; -416,8 +495,6 SEC_ACCESS mask; SEC_ACL *psa = NULL; - SEC_DESC *psd = NULL; - size_t sd_size; sid_copy(adm_sid, global_sid_Builtin); sid_append_rid(adm_sid, BUILTIN_ALIAS_RID_ADMINS); -425,23 +502,62 sid_copy(act_sid, global_sid_Builtin); sid_append_rid(act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + //basic access for every one init_sec_access(mask,
Re: Access control to SAM / _samr_query_sec_obj
On Sat, Jun 01, 2002 at 12:17:19AM +0200, Kai Krueger wrote: currently, as far as I can see, the access control to the SAM database is only based upon file access to the db-files. On normal installations therefore only the root user can change, delete or add things instead of the entire administrators group. As this is IMHO rather unhelpfull, especially if you are trying to administer your samba-server from windows machines, I'm thinking about implementing a more NT-like access control to the SAM-db. Is there currently anybody else working in that region? I'm thinking more seriously about it, but will probably end up only putting hacks in 2.2 instead. (-: I've started off with implementing default Security Descriptors for the global SAM object, the domain object and the alias objects (only SD for user objects were available till now), which are needed in the later to come Is there more than one SD for the SAM system? I thought there was only a global one. se_access_check()s of the open/connect RPCs. These default SDs are based upon the SDs I received from my Win2k pro workstation. I don't have access to a Windows PDC, so I couldn't do it for global domain groups. :( How did you display these? I'm curious now. However I don't know how to find out if those SIDs represent Users, Groups, or Alliases, so SDs for useres are still always created in this case instead of the correct ones. Does anybody know an easy way to figure out which is correct? I think it's impossible to tell the type of a sid without doing a sid to name lookup. Tim.
VFS modules - how do you referrence prev fd from open on first write
VFS - modlues I want to check the fd on my first write call to see if it just got opened by write call or is a susequent write call. The purpose is to preform a backup only if the user actually write data to thefile. I have been study the vfs.h, smb.h, skel.c to figure this out fsp-prev-fd cause the VFS module to crash! I'm new to c and to write samba code I have been study the vfs.h, smb.h, skel.c to figure this out can someone direct me to some additional info and/or docs on this subject or anyother helpful insights thanks
[PATCH] Clean up samba-3.0 for POSIX-96
The attached set of patches cleans up samba-3.0-alpha17 for systems such as Stratus VOS that implement POSIX-1996 but do not provide full Unix compatibility. I would be most grateful if this patch could be applied against samba-3.0. I can supply a version of this patch for samba-2.2 if/when anyone cares. Summary of changes by module: source/configure.in check for non-POSIX headers syslog.h and sys/file.h (and alphabetize list) source/include/includes.h conditionally include syslog.h and sys/file.h source/lib/interfaces.c conditionally include sys/time.h and sys/sockio.h (autoconf macros already exist) source/lib/util_sock.c change memcmp use of (caddr_t) type to (void *); removes only use of nonstandard caddr_t type. source/libsmb/clifile.c fix bug that references uint not uint32, fix bug that references S_ISVTX not S_ISUID. source/nsswitch/winbind_nss_config.hconditionally include sys/select.h (autoconf macro already exists) source/pam_smbpass/general.hconditionally include syslog.h source/rpc_server/srv_spoolss_nt.c change 'FALSE' to 'False' (Samba defines 'False' in smb.h; POSIX-96 does not admit to FALSE) source/rpcclient/cmd_reg.c declare optarg and optind (many other Samba source files explicitly declare these names) source/smbd/chgpasswd.c conditionally reference ONLCR macro (not in POSIX-96) source/smbd/trans2.cfix bug that references S_ISVTX not S_ISUID source/smbd/vfs-wrap.c conditionally reference fchown (autoconf HAVE_FCHOWN macro already exists) source/smbd/utils/smbcontrol.c declare optarg (many other Samba source files explicitly declare this name) Patch is against samba-3.0-alpha17. Tested by successfully rebuilding all of samba-3.0-alpha17 here on Stratus VOS. I actually needed a few other changes, but I'm not submitting them at this time. I am only submitting the changes that I am 100% sure of. Oh, and my official email address is [EMAIL PROTECTED] This odd addresss ([EMAIL PROTECTED]) is a secondary address. I use it because it is not Outlook and won't mess up the formatting of the text. ### START OF PATCH ### diff -urp oldsamba3/source/configure.in newsamba3/source/configure.in --- oldsamba3/source/configure.in Fri May 31 13:54:22 2002 +++ newsamba3/source/configure.in Fri May 31 13:54:28 2002 @@ -278,8 +278,9 @@ AC_HEADER_SYS_WAIT AC_CHECK_HEADERS(arpa/inet.h sys/fcntl.h sys/select.h fcntl.h sys/time.h sys/unistd.h) AC_CHECK_HEADERS(unistd.h utime.h grp.h sys/id.h limits.h memory.h net/if.h) AC_CHECK_HEADERS(compat.h rpc/rpc.h rpcsvc/nis.h rpcsvc/yp_prot.h rpcsvc/ypclnt.h) +AC_CHECK_HEADERS(stdlib.h string.h strings.h syslog.h sys/file.h) AC_CHECK_HEADERS(sys/param.h ctype.h sys/wait.h sys/resource.h sys/ioctl.h sys/ipc.h sys/mode.h) -AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h sys/shm.h string.h strings.h stdlib.h sys/socket.h) +AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h sys/shm.h sys/socket.h) AC_CHECK_HEADERS(sys/mount.h sys/vfs.h sys/fs/s5param.h sys/filsys.h termios.h termio.h) AC_CHECK_HEADERS(sys/termio.h sys/statfs.h sys/dustat.h sys/statvfs.h stdarg.h sys/sockio.h) AC_CHECK_HEADERS(security/pam_modules.h security/_pam_macros.h ldap.h lber.h) diff -urp oldsamba3/source/include/includes.h newsamba3/source/include/includes.h --- oldsamba3/source/include/includes.h Fri May 31 13:08:57 2002 +++ newsamba3/source/include/includes.h Fri May 31 13:55:27 2002 @@ -216,8 +216,14 @@ #include netinet/in.h #include arpa/inet.h #include netdb.h -/* #include syslog.h */ -/* #include sys/file.h */ + +#ifdef HAVE_SYSLOG_H +#include syslog.h +#endif + +#ifdef HAVE_SYS_FILE_H +#include sys/file.h +#endif #ifdef HAVE_NETINET_TCP_H #include netinet/tcp.h diff -urp oldsamba3/source/lib/interfaces.c newsamba3/source/lib/interfaces.c --- oldsamba3/source/lib/interfaces.c Fri May 31 13:09:54 2002 +++ newsamba3/source/lib/interfaces.c Fri May 31 13:10:13 2002 @@ -38,11 +38,15 @@ #include arpa/inet.h #include netdb.h #include sys/ioctl.h +#ifdef HAVE_SYS_TIME_H #include sys/time.h +#endif #include net/if.h #ifndef SIOCGIFCONF +#ifdef HAVE_SYS_SOCKIO_H #include sys/sockio.h +#endif #endif #ifdef AUTOCONF_TEST diff -urp oldsamba3/source/lib/util_sock.c newsamba3/source/lib/util_sock.c --- oldsamba3/source/lib/util_sock.cFri May 31 13:09:55 2002 +++ newsamba3/source/lib/util_sock.cFri May 31 13:10:21 2002 @@ -1020,7 +1020,7 @@ static BOOL matchname(char *remotehost,s /* Look up the host address in the address list we just got. */ for (i = 0; hp-h_addr_list[i]; i++) { - if (memcmp(hp-h_addr_list[i], (caddr_t) addr, sizeof(addr)) == 0) + if (memcmp(hp-h_addr_list[i], (void *) addr, sizeof(addr)) == 0) return True; } diff -urp oldsamba3/source/libsmb/clifile.c newsamba3/source/libsmb/clifile.c
Re: [PATCH] Clean up samba-3.0 for POSIX-96
On Fri, May 31, 2002 at 06:47:00PM -0400, [EMAIL PROTECTED] wrote: The attached set of patches cleans up samba-3.0-alpha17 for systems such as Stratus VOS that implement POSIX-1996 but do not provide full Unix compatibility. I would be most grateful if this patch could be applied against samba-3.0. I can supply a version of this patch for samba-2.2 if/when anyone cares. Please send a SAMBA_2_2 version as well, I'll ensure it gets into 2.2.5. Thanks, Jeremy.
RE: Thanks for fixing oplock.c for Linux 2.0 in 2_2 CVS
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] The only thing would be to completely disallow connection timeouts for Win9x clients - I'm not sure this is what we want. Perhaps timeouts could be prevented for a 9x client when an oplock is present? Or have two timeouts: a shorter (soft) timeout when an oplock is not present and a longer (hard) timeout even when an oplock is present?