[Samba] Password Overview
I wonder if anyone would mind explaining Samba Password organisation for the hard of Samba? I understand that we have/etc/passwd and /etc/samba/smbpassword I use /usr/sbin/adduser to add a new Linux user I use smbpasswd username:username to add a new Samba user In particular my questions are: How do I avoid having to enter both Linux AND Samba passwords when we have a new user? How can a windows user change their password? What password system should we use if we have more than 1 Linux box (ie 1 for email/web services and 1 for file share)? Why is LDAP so hard to do! TIA Simon -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3, Win2K, and MIT KDC -- possible?
After setting up Samba 3 I noticed the Windows 2000 box was requesting a ticket from the KDC for HOST/NETBIOS NAME@MYREALM.COM when it tried to connect to the Samba server. I presume that W2K is sending the ticket it is granted along to the Samba server. If that presumption is correct, is it possible to make Samba authenticate the user with the Kerberos ticket they present? If so, how do I need to configure Samba and supporting software? I've got an MIT KDC set up in Linux along with OpenLDAP. Linux (Red Hat 8.0) is quite happily doing Kerberos authentication and using nss_ldap. I've got a Windows 2000 workstation that is in a workgroup -- not in a domain of any sorts. It is authenticating against the same MIT KDC on Linux (set up with KSETUP.EXE). There is no Active Directory server on my network. I don't really want any of the typical domain functionality; I don't mind having to create local user accounts for each user on the Windows machines, etc. I can supply log output, install strange software, CVS, more information on my environment, etc. I've seen mentions in CVS of Andrew Tridgell connecting to smbd with smbclient and an MIT KDC in the middle, but no mention of whether this is possible with W2K in place of smbclient. Any help greatly appreciated. Thanks in advance, darkness -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Password Overview
How do I avoid having to enter both Linux AND Samba passwords when we have a new user? Create a little expect script when adding a user to your system. How can a windows user change their password? See my post: Subject: [Samba] Samba PDC passwd update to NIS server (Date: Thu, 2 Jan 2003 17:12:31 +0100) What password system should we use if we have more than 1 Linux box (ie 1 for email/web services and 1 for file share)? I use NIS for this and keep both in sync via a little script on your NIS master script as shown in the above post. Leroy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] conenction refused
Hi, i always get error conenction refused when i try to start swat with redhat 8.0 i did all teh change in the servie file and xindet.d any guess thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Users
Sir, My samba is connecting Linux and MSWin . Can I know how many users(with read and write rights) can access at a time. What is the maximum user limit. Regards, Rajsundar.
[Samba] Error attempt_netbios_session_request
Hella List, regularily I get Syslog Messages of following form: Jan 24 03:39:03 venezuela smbd-ldap[9175]: attempt_netbios_session_request: WINXPHOME rejected the session for name *SMBSERVER with error Not listening on called name Jan 24 03:39:03 venezuela smbd-ldap[9175]: connect_to_client: machine WINXPHOME rejected the NetBIOS session request. My Server called "venezuela" ist PDC and configured to use LDAP as you can see. The system is running very stable, but sometimes - not every time - I have extreme Login-/Logout Times at my Windows Client "WINXPHOME" running Windows XP. In my opinion, this is no DNS problem. Im running Roaming Profiles at der PDC and Linux is the WINS Server (wins support = dns proxy = yes, name resolve order = hosts bcast). Others is standard - there is no complex network architecture involved. Any suggestions? Thanks, Thorsten.
[Samba] Trouble with connecting on/from W98 share using usermap file.
All is fine with my Debian/Samba 2.2.7a configuration NT domain master controler. I'm using the usermap file so I can logon with long name in W98 while in Linux login have always 8 caracters. I 've created on a W98 workstation a share and as I've choosen to get the list of the users from NT Domain in my neibourghood properties and to logon on a NT Domain. Getting the list of users from Samba when configuring the share is OK (of course I see the 8 car. login). But when I want to connect to that share from another W98 workstation loged on with the longname I can see the share I can also connect a network drive but I can't move in. I think that the declared in the usermap file don't operate in this case but what can I do ? Thanks a lot -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] win98 samba file server
Hello everybody, it's a few minutes that i've subscribed in your mailing list. nice to meat all of you. I have samba on redhat 8 as a file server for a couple of win98 winXP's.It work's for my XP OS's but I don't know how to join the win98 's in. please help me thanks payam. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Windows XP and Samba 2.2.7a Print drivers--they upload fine, but driver list for printers is emtpy.
D. Aaron McCaleb [EMAIL PROTECTED] wrote in message 000e01c2b8cb$7184b6b0$511b10ac@AMCCALEB">news:000e01c2b8cb$7184b6b0$511b10ac@AMCCALEB... I am logged on as a domain admin and printer admin. I have created and assigned the correct rights to /srv/printers and have created W32X86 and WIN40 subdirectories. I was able to go into server properties and upload all the necessary drivers. When I right click on the printer and say No. to Printer driver not installed, do you want to install the driver now? the drivers list in the Advanced tab is empty. I can't choose from the printer drivers I've uploaded. snip Any ideas what's wrong? Is this an XP Thang? And if so, other than setting up an NT box (which really isn't an option), is there a suitable workaround? Thanks! Hi! I witnessed the same behaviour as you describe. The drivers list drop down box in the 'advanced' tab is empty on XP clients. When I tried the same on a W2K client, it worked fine. This is not really helping you of course, but it does seem to point in the direction of this problem being an XP Thang. :) Regards, Benny -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help quick answer
help quick answer I just discover to see correct characters of windows I use this option: smbmount //SERVER/public /server/public/ -o codepage=cp850 but I i Try one 2ª option second option doesn't work like this smbmount //SERVER/public /server/public/ -o codepage=cp850 -o guest ask me for passwod but smbmount //SERVER/public /server/public/ -o guest don't so the question is simple how can I give 2 or more option to smbmount I had read the man page and my OS in REdhat 7.3 updated. thanks in advance -- Sérgio Basto Technology Project Manager onevision design studios Rua Prof. Mota Pinto 42F-S2.30 4100-353 PORTO tel. + 351 22 532 0300 fax. + 351 22 616 0182 email: [EMAIL PROTECTED] web: http://www.onevision-design.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon script client configuration?
i have two clients, connecting to the same domain, both are w2k sp3, one is running the logon script, the other not. Both users have same permissions? Try using the NETLOGON share to see if your logon script can be started manualy. Turn up the debug level temp to see any hints there.. Goodluck, Leroy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] win98 samba file server
Payam, How is Samba configured? (If you could cut and paste or attach your smb.conf file in a reply, we can help you out much better.) Is Samba setup to act as a Domain Controller or a simple workgroup configuration? Have you run any updates on the Windows 98 machines? Are the windows 98 machines in the same workgroup as the workgroup you set in your smb.conf file? Regards, Robert Adkins II IT Manager/Buyer Impel Industries, Inc. Ph. 586-254-5800 Fx. 586-254-5804 -Original Message- From: payam [mailto:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 3:10 PM To: [EMAIL PROTECTED]; Robert Adkins Subject: [Samba] win98 samba file server Hello everybody, it's a few minutes that i've subscribed in your mailing list. nice to meat all of you. I have samba on redhat 8 as a file server for a couple of win98 winXP's.It work's for my XP OS's but I don't know how to join the win98 's in. please help me thanks payam. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printer take long time to print
137 and 139, I believe. cat /etc/services | grep -i bios Joel On Fri, Jan 24, 2003 at 11:17:05AM +0100, Alaa Mail wrote: which port do samba use -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] win98 samba file server
thanks Robert -I attached my smb.conf for you -I have not installed any updates on the win98's -my samba server has a domain name as werc.sharif.edu thanks alot,thanks alot thanks alot. payam [global] workgroup = werc.sharif.edu netbios name = werc server string = 81.31.169.51 Samba server #interfaces = lo 127.0.0.1 eth0 81.31.169.0/255.255.255.0 encrypt passwords = Yes map to guest = Bad User null passwords = Yes log level = 1 log file = /var/log/samba/log.%m security = domain nt acl support = Yes time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 #printcap name = /etc/printcap #domain groups = ce domain logons = Yes os level = 165 preferred master = Yes domain master = Yes #inaa ro man yes kardam wins proxy = Yes wins support = Yes comment = 81.31.169.51 Samba Server create mask = 0744 add user script = /usr/sbin/useradd -d /dev/null -g 1 -s /bin/false -M %u remote announce = 81.31.169.255/werc.sharif.edu #logon drive = z: logon home =m logon path = m #logon home = \\%L\home\%G\%U #logon path = \\%L\home\%G\%U\profile logon script = smblogin.bat %G %U #logon script = users\%u.bat %G %U homedir map = amd.map hosts allow = 81.31.169.42 81.31.169.0/255.255.255.0 127.0.0.1 unix password sync = yes ## passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *tokens* smb passwd file = /etc/samba/smbpasswd ## deadtime = 15 getwd cache = yes lpq cache time =45 bind interfaces only = true create mask = 0644 #oplocks = true #level2 oplocks = true read raw = yes ## domain admin group = root administrator payam admin #lock directory = /etc/samba/lock [netlogon] path = /home/netlogon comment = not for you browseable = No writeable = no guest ok = no [cdrom] comment = The shared cdrom path = /mnt/cdrom admin users = root guest ok = Yes #[printers] # path = /var/spool/samba # browseable = no # printable = yes [home] guest ok = no path = /home comment = Your home directory read only = no create mask = 0600 directory mask = 0700 #oplocks = false #locking = no #[Khorjin] # comment = File Archive! # path = /mnt/cabinet/hdb1/khorjin # read only = yes # security_level.txt for details. # guest ok = Yes
RE: [Samba] win98 samba file server
Payam, You should definitely pick up a copy of O'Reilly's Using Samba book. The book is immeasurably useful, even though it is slightly out of date, due to its explanation of how the SMB protocol works and the section regarding setting up a Samba PDC for the various MS Operating Systems. What I believe to be your issue right now, is that you need to have an LMHOSTS file setup and also have your Samba server acting as a WINS server. Once you have that configured, it is a simple matter of pointing each Windows 98 based machine to the Samba server as the WINS server. At that point, you should be able to join the domain. There is a good deal of information that you need to write into the LMHOSTS file for Windows 98 machines to see and understand what your Domain Controller is. One thing you need to do is add the line 'wins server = ip address of your server' into your smb.conf file. Once that is done, you need to create an LMHOSTS file. This file needs to have a small number of lines detailing the IP Address of your server then resource identifiers, like server/domain name along with a resource type... For example; 192.168.254.22 super#1b 192.168.254.22 batman#1d 192.168.254.22 batman#20 192.168.254.22 batman#1c Line one states that the machine at IP Address 192.168.254.22 is the Domain Controller for the 'super' domain. The line with '1d' in it states that the server is a Master Browser. The next line with '20' in it makes the server broadcast it is a fileserver. The '1c' designates the server as a logon server. Once you have all that in place, those Windows 98 machines should be fine with connecting to your domain. Note: The above resource names are NetBIOS names. So, the Windows machines will require the NetBIOS protocol be installed on them as well. Hopefully that will take care of your issue. Regards, Robert Adkins II IT Manager/Buyer Impel Industries, Inc. Ph. 586-254-5800 Fx. 586-254-5804 -Original Message- From: payam [mailto:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 5:06 PM To: Robert Adkins Cc: [EMAIL PROTECTED] Subject: RE: [Samba] win98 samba file server thanks Robert -I attached my smb.conf for you -I have not installed any updates on the win98's -my samba server has a domain name as werc.sharif.edu thanks alot,thanks alot thanks alot. payam -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: New Debian Packages?
: You can try this: : add the line : : deb ftp://de.samba.org/samba.org/Binary_Packages/Debian/ stable main : : to your /etc/apt/sources.list then apt-get update, apt-get dist-upgrade. : This should update Samba to 2.2.7a. : : this appears to be offline... : : once it's working again it might be nice to submit it to www.apt-get.org : : brad : -- : Bradley W. Langhorst [EMAIL PROTECTED] : : Brad, tried it a few minutes ago. apt-get update shows: ... Hit http://non-us.debian.org stable/non-US/non-free Release Hit ftp://de.samba.org stable/main Packages Get:2 ftp://de.samba.org stable/main Release Hit ftp://ftp.de.debian.org stable/main Packages Ign ftp://de.samba.org stable/main Release ... I don't know much about Debian but I got the same messages right before updating 2.2.3 from the standard Debian stable to Version 2.2.7a published by the Samba-team on their mirrors. I don't know why the output shows Get 2 and Ign for de.samba.org but it did work. I'm using the german mirror. Perhaps you can try another one. # dpkg -s samba shows: Package: samba Status: install ok installed Priority: optional Section: net Installed-Size: 5820 Maintainer: Simo Sorce [EMAIL PROTECTED] Version: 2.2.7a-0.1 ... Perhaps Simo can give more information. The information should be reliable before it will be submited to apt-get.org. Martin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] help quick answer
like this smbmount //SERVER/public /server/public/ -o codepage=cp850 -o guest ask me for passwod but smbmount //SERVER/public /server/public/ -o guest don't smbmount //s/p /s/p -o guest,codepage=cp850 (pardon the abbreviation to avoid line wrap) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Who and When
you're going to have to write a little code hash up users and times you may also want to look at utmp brad On Fri, 2003-01-24 at 05:50, Jim LaSalle wrote: This only tells what machine. We are a school. Perhaps 6 or 7 different students a day use the same computer in one lab. Also, the students could login from differents workstations in the building. Seemed like a simple request when my boss asked. :) Bradley W. Langhorst wrote: On Thu, 2003-01-23 at 18:14, [EMAIL PROTECTED] wrote: How can I tell who and when users logged in to a Samba server? The clients are a mixture of Win9x computers. I want to compile a chart of computer use by user. you could break up the logs by machines with %m and examine the size of the log files to estimate usage. brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Beginner with a beginner's question..
I've never worked with SuSE, but does locate DIAGNOSIS.txt file turn up anything? It's a very good start. a: I have modifed the samba sonfi file at /etc/samba/smb.config to include my workgroup called MJB but could not see any other changes needed (or don't understand what else to change..) Did you give your samba machine a netbios name? I guess in your case you'd pick something like netbios name = webserver c: with smbclient -L LAPTOP3 (LAPTOP3 is a laptop in the work group with Win 98 on it) I can enter its password and see its shares (NT computers can not be accessed with their passwords though, but they do allow a password attempt to be made). Can't help you here. e: I try to start SAMBA using smbd -D and then nmbd -D (or rcsmb start, which I assume is some sort of script delivered with the Linux installation to do this simpler - instructed in the user's handbook). There is a message to say that things have been started. Does a ps ax|grep [sn]mbd return anything? This will list running processes name smbd or nmbd. If there's nothing returned, then the processes are dieing. Does a netstat -tln|grep ':139 ' return anything? This lists -t (tcp) -l (listening) -n (number ports), and shows any listening on that port. e: From Windows PCs I can not find the Linux PC in the network (it is called Webserver in the hope that it will one day really be be able to run a web server..). I get the impression that there is no difference before or after starting Samba (assuming that I have really started it). Between ps and netstat, you should be able to find out if it stays running. I have sifted through FAQs and other help docs but can't seem to find anything to steer me past this first hurdle. DIAGNOSIS.txt PS I originally tried editing the config file from the console (with root password) by simply typing edit smb.conf. An editor stared as well, but I don't know how to use it and also not how to close it ! I have now a console open in editor mode which I can not manage to closed.. stupid eh ? This is probably either vi or emacs. If a Ctrl-x does not seem to do much except beep, it's vi. If it's vi, press escape a few times to get back to command mode (after a beep you're good), enter :w to write your changes (if you want to save the file) and then :q to quit. :q! quits without saving changes. If Ctrl-x doesn't beep at you it is probably emacs, after you pressed Ctrl-x press Ctrl-c to quit. You be prompted about saving changes, etc. You should look at editors and pick one that sounds like it's for you. Learn it. Until you do (and even after), consider using SWAT to manage your smb.conf file. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: New Debian Packages?
On Fri, 2003-01-24 at 09:30, Martin Thomas wrote: Brad, tried it a few minutes ago. apt-get update shows: looks good to me now too... I'm using the german mirror. Perhaps you can try another one. i just tried the us mirrors but ncftp ftp://us2.samba.org/samba.org/Binary_Packages/Debian/ says that those files don't exist... maybe it's only on the german mirror? Perhaps Simo can give more information. The information should be reliable before it will be submited to apt-get.org. I agree - Whomever set it up should submit it to apt-get.org. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] UWAGA!!! Znaleziono wirusa w li¶cie do Ciebie!
U¿ytkownik [EMAIL PROTECTED] przys³a³ Ci list zawieraj±cy wrusa. --- Raport z dezynfekcji: --- $AVPANSWER --- Ten komunikat zosta³ wys³any równie¿ do: [EMAIL PROTECTED] ---BeginMessage--- prohost.c Description: Binary data ---End Message---
[Samba] linux server completely hangs copying files with samba
hi, i'm experiencying a strange problem with a mandrake 9.0 machine, kernel 2.4.19, samba (different versions, including latest). when I copy large amount of data from any win98 machine to a share directory on linux, after a random time the linux machine hangs; not responding even to ctrl-alt-canc, only possibility is to reset. I was using a realtek 8139 (driver 8139too) which I know sometime giving problems; I tried a Dlink (always 8139too), same problem; reading around it could be a driver problem so I managed to have a good 3com905c (driver 3c59x); big surprise: same problem!!! i noticed that trasferring from the laptop which has a 10 Mit/s card doesn't give the error, so probably it happens with large bandwith usage on the server. nothing appears on any log, as if nothing appened. anybody experienced similar problems? especially anybody solved it? regards david -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: New Debian Packages?
: tried it a few minutes ago. apt-get update shows: : : looks good to me now too... : I'm using the german mirror. Perhaps you can try another one. : i just tried the us mirrors but : ncftp ftp://us2.samba.org/samba.org/Binary_Packages/Debian/ : says that those files don't exist... : : maybe it's only on the german mirror? : : Perhaps Simo can give more information. The information should be : reliable before it will be submited to apt-get.org. : I agree - Whomever set it up should submit it to apt-get.org. : The directory structure is a little different. To use the mirror us2.samba.org the line in /etc/apt/sources.list should be: deb ftp://us2.samba.org/pub/samba/Binary_Packages/Debian stable main I did not test it with apt-get, but Samba 2.2.7a for Debian stable is there. Martin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Workstation Trust Accounts
On Fri, Jan 24, 2003 at 05:51:49PM +0100, Nicki Messerschmidt, Linksystem Muenchen GmbH wrote: Steve Langasek wrote: Let me guess. If I do it this way samba acts as a pdc but the clients do not try to update their accounts? Are there any drawbacks using this technique? That makes them act as BDCs instead of all trying to be a PDC. Trying to deploy multiple PDCs in an NT4 domain and syncing between them will introduce nasty race conditions that should be avoided. But we don't have multiple PDCs in _one_ domain. We have five PDCs in _five_ domains plus one master server which acts as administrative Server where all Useraccounts are entered but which has no samba running. Does it still work then, if I let the now PDCs be BDCs? Then I don't understand what problem you're having. What isn't working in this scenario? Are you trying to synchronize the machine accounts between the domains? (If you're doing that, *why* do you have separate domains?) -- Steve Langasek postmodern programmer msg12917/pgp0.pgp Description: PGP signature
Re: [Samba] Samba Users
On Fri, 2003-01-24 at 04:52, [EMAIL PROTECTED] wrote: Sir, My samba is connecting Linux and MSWin . Can I know how many users(with read and write rights) can access at a time. What is the maximum user limit. the number of users is controlled by your hardware... i've heard of 100s of simultaneous users on big hardware. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: New Debian Packages?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin Thomas wrote: You can try this: add the line deb ftp://de.samba.org/samba.org/Binary_Packages/Debian/ stable main to your /etc/apt/sources.list then apt-get update, apt-get dist-upgrade. This should update Samba to 2.2.7a. tried it a few minutes ago. apt-get update shows: ... Hit http://non-us.debian.org stable/non-US/non-free Release Hit ftp://de.samba.org stable/main Packages Get:2 ftp://de.samba.org stable/main Release Hit ftp://ftp.de.debian.org stable/main Packages Ign ftp://de.samba.org stable/main Release ... I don't know much about Debian but I got the same messages right before updating 2.2.3 from the standard Debian stable to Version 2.2.7a published by the Samba-team on their mirrors. I don't know why the output shows Get 2 and Ign for de.samba.org but it did work. I'm using the german mirror. Perhaps you can try another one. The problem here is that the Release file is missing on the server. And the effect is that the apt utility can't check to which release the packages are belonging. The Release file has the following format (copied from [1]): Origin: Debian Label: Debian Suite: stable Version: 3.0r1a Codename: woody Date: Mon, 16 Dec 2002 18:45:37 UTC Architectures: alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc Components: main contrib non-free Description: Debian 3.0r1a Released 16th December 2002 MD5Sum: 678eab2d1d603992726f697765dadf33 3208 main/disks-alpha/current/md5sum.txt 678eab2d1d603992726f697765dadf33 3208 main/disks-alpha/3.0.23-2002-05-21/md5sum.txt !--StartFragment--SHA1: c6127040c645338c14d6983a568ad6c608417374 3208 main/disks-alpha/current/md5sum.txt c6127040c645338c14d6983a568ad6c608417374 3208 main/disks-alpha/3.0.23-2002-05-21/md5sum.txt 7652d2dab0d0fa416635e03d7b065d4848585c86 6244592 main/binary-alpha/Packages 77da3f08bd05101746e79d03ee95b5c6f35abb28 1700954 main/binary-alpha/Packages.gz Would it be possible that any of the samba-mirror maintainers generates a file like this? [1] ftp://ftp.de.debian.org/debian/dists/woody/Release/ Cheers Nicki - -- Linksystem Muenchen GmbH [EMAIL PROTECTED] Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Get my key at: https://www.link-m.de/pgp/n.messerschmidt.asc iQA/AwUBPjFuSOs1nPm17iBDEQJjTgCfX+jVDbYwt2YaNRW339gu33aljuMAoKP/ /B49lNH3UYjPFsxVyQy/xeB3 =3+nv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Workstation Trust Accounts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Langasek wrote: Nicki Messerschmidt wrote: Steve Langasek wrote: Let me guess. If I do it this way samba acts as a pdc but the clients do not try to update their accounts? Are there any drawbacks using this technique? That makes them act as BDCs instead of all trying to be a PDC. Trying to deploy multiple PDCs in an NT4 domain and syncing between them will introduce nasty race conditions that should be avoided. But we don't have multiple PDCs in _one_ domain. We have five PDCs in _five_ domains plus one master server which acts as administrative Server where all Useraccounts are entered but which has no samba running. Does it still work then, if I let the now PDCs be BDCs? Then I don't understand what problem you're having. What isn't working in this scenario? Are you trying to synchronize the machine accounts between the domains? (If you're doing that, *why* do you have separate domains?) There are seperate domain because it is a company which consinsts of many companys and is geographicaly spread via town. There is one boss who wants to be able to create useraccounts on one machine via webmin (don't ask why). And the problem is that if user A changes his password via nt it gets distributed to all other servers which in turn forget the changed workstation trust account passwords. But I think, that I just have to disable this feature on every machine... Or is there an equivalent to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters \RefusePasswordChange=1 in smb.conf? Cheers and thanks Nicki - -- Linksystem Muenchen GmbH [EMAIL PROTECTED] Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Get my key at: https://www.link-m.de/pgp/n.messerschmidt.asc iQA/AwUBPjFwEus1nPm17iBDEQKE/wCgrW263IvCG3irq9z49cBRFwniGiQAoMxc Sb2o+G/1fiebevTm/RIYtmpM =wQ+t -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: New Debian Packages?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin Thomas wrote: You can try this: add the line deb ftp://de.samba.org/samba.org/Binary_Packages/Debian/ stable main to your /etc/apt/sources.list then apt-get update, apt-get dist-upgrade. This should update Samba to 2.2.7a. tried it a few minutes ago. apt-get update shows: ... Hit http://non-us.debian.org stable/non-US/non-free Release Hit ftp://de.samba.org stable/main Packages Get:2 ftp://de.samba.org stable/main Release Hit ftp://ftp.de.debian.org stable/main Packages Ign ftp://de.samba.org stable/main Release ... I don't know much about Debian but I got the same messages right before updating 2.2.3 from the standard Debian stable to Version 2.2.7a published by the Samba-team on their mirrors. I don't know why the output shows Get 2 and Ign for de.samba.org but it did work. I'm using the german mirror. Perhaps you can try another one. The problem here is that the Release file is missing on the server. And the effect is that the apt utility can't check to which release the packages are belonging. The Release file has the following format (copied from [1]): Origin: Debian Label: Debian Suite: stable Version: 3.0r1a Codename: woody Date: Mon, 16 Dec 2002 18:45:37 UTC Architectures: alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc Components: main contrib non-free Description: Debian 3.0r1a Released 16th December 2002 MD5Sum: 678eab2d1d603992726f697765dadf33 3208 main/disks-alpha/current/md5sum.txt 678eab2d1d603992726f697765dadf33 3208 main/disks-alpha/3.0.23-2002-05-21/md5sum.txt !--StartFragment--SHA1: c6127040c645338c14d6983a568ad6c608417374 3208 main/disks-alpha/current/md5sum.txt c6127040c645338c14d6983a568ad6c608417374 3208 main/disks-alpha/3.0.23-2002-05-21/md5sum.txt 7652d2dab0d0fa416635e03d7b065d4848585c86 6244592 main/binary-alpha/Packages 77da3f08bd05101746e79d03ee95b5c6f35abb28 1700954 main/binary-alpha/Packages.gz Would it be possible that any of the samba-mirror maintainers generates a file like this? [1] ftp://ftp.de.debian.org/debian/dists/woody/Release/ Cheers Nicki - -- Linksystem Muenchen GmbH [EMAIL PROTECTED] Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Get my key at: https://www.link-m.de/pgp/n.messerschmidt.asc iQA/AwUBPjFwl+s1nPm17iBDEQLsIACg/CD0qRiuGN+H645jS6Jq/KHXhuEAoMDR Icuj1Y7B0Rfn0HYtFr9S+NaW =Y1Aq -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Workstation Trust Accounts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Langasek wrote: Nicki Messerschmidt wrote: Steve Langasek wrote: Let me guess. If I do it this way samba acts as a pdc but the clients do not try to update their accounts? Are there any drawbacks using this technique? That makes them act as BDCs instead of all trying to be a PDC. Trying to deploy multiple PDCs in an NT4 domain and syncing between them will introduce nasty race conditions that should be avoided. But we don't have multiple PDCs in _one_ domain. We have five PDCs in _five_ domains plus one master server which acts as administrative Server where all Useraccounts are entered but which has no samba running. Does it still work then, if I let the now PDCs be BDCs? Then I don't understand what problem you're having. What isn't working in this scenario? Are you trying to synchronize the machine accounts between the domains? (If you're doing that, *why* do you have separate domains?) There are seperate domain because it is a company which consinsts of many companys and is geographicaly spread via town. There is one boss who wants to be able to create useraccounts on one machine via webmin (don't ask why). And the problem is that if user A changes his password via nt it gets distributed to all other servers which in turn forget the changed workstation trust account passwords. But I think, that I just have to disable this feature on every machine... Or is there an equivalent to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters \RefusePasswordChange=1 in smb.conf? Cheers and thanks Nicki - -- Linksystem Muenchen GmbH [EMAIL PROTECTED] Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Get my key at: https://www.link-m.de/pgp/n.messerschmidt.asc iQA/AwUBPjFwtOs1nPm17iBDEQK2OQCglbBVWCwAl875x7HYBJlsdnLDpoIAnj12 l2LbOaMUVYCcrjeNlYENmlVu =5Ldj -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Users
At my previous job as a Network Admin for a university, we had around 3000 users connected via Samba at any one time. Because of this, we broke up sections of the campus into zones, and gave each zone it's own Samba PDC that verified logins against a centralized NIS+ user database. I think we had 12 different samba machines to handle the load. I hope this gives you a better idea of how well it can handle a large number of users. -Gabe Bradley W. Langhorst wrote: On Fri, 2003-01-24 at 04:52, [EMAIL PROTECTED] wrote: Sir, My samba is connecting Linux and MSWin . Can I know how many users(with read and write rights) can access at a time. What is the maximum user limit. the number of users is controlled by your hardware... i've heard of 100s of simultaneous users on big hardware. brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] redhat and windows smb
Hi Guys: How do I use pam to authenticate my (redhat and Suse) Linux users to windows 2000, Nt or samba server. Where do i find a "HowTo" for this. I want my users to login to their workstation with the same username and password they use on windows domain. Thanks. Leo Leo Emesue.vcf Description: Binary data
[Samba] user shares
Hello, I've a question about the configuration of samba. The apache webserver can be configured so that every user can set its own wegpage online by creating a public_html directory in his home directory. Is it possible to configure samba in the same way? So that every user can create his own share? Arnout -- Arnout Boelens Voldersgracht 4a 2611 ET Delft 015-2136222 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows 2000 Domain Controller Security Setting
Title: Windows 2000 Domain Controller Security Setting I sent an email last night regarding a security issue we were having with our Windows 2000 domain controllers and Samba's interaction with them. It turns out part of the issue is that security settings don't propagate to the domain controllers without rebooting them all. But, slightly contrary to my previous email: The application to view these settings is (on a domain controller): Start - Program Files - Administrative Tools - Domain Controller Security Policy The settings in question are: (1) Windows Settings - Security Settings - Account Policies - Kerberos Policy - Enforce user logon restrictions and (2) Windows Settings - Security Settings - Local Policies - Security Options - Additional restrictions for anonymous connections Now, contrary to my previous email, (1) actually appears to have *nothing* to do with the issues (drives not wanting to be mapped from a Samba server). (2) However, appears to be the key. There are three possible settings for this: (A) None. Rely on default permissions (B) Do not allow enumeration of SAM accounts and shares (C) No access without explicit anonymous permissions In our testing this morning (because the problem reoccured), we've discovered that (A) and (B) don't cause a problem (though I've heard that there is evidence that (B) doesn't do what it says it does). When (C) is selected (and the domain controllers are rebooted to put it into effect), Samba servers using security = domain will not be able to pass through the authentication, and hence, won't allow shares to be accessed. However, in Samba's defense on this issue, Windows NT 4.0 Workstations don't even let people log on with (C) set. And yes, we still run a few of those. So, in summary: (C) is a desired setting for (2), to stop people from getting a list of Domain usernames from Domain Controllers. Once that list is obtained, some tools apparently throw the dictionary at accounts. If account lockout policies have been defined, accounts start getting locked out when the dictionary attacks are attempted. However, with these settings, NT 4.0 Workstations cannot be logged in (not your problem), and Samba servers will not allow shares to be mapped when security = domain (not really a problem I guess, but if it's fixable, it would be a big plus in Samba's court). Unless you know of some way to tell 2000 DC's to explicitly allow Samba servers to have anonymous access, this is an (admittedly minor) issue that might be worth looking at. Eric Stewart - Network Admin, USF Tampa Campus Library - [EMAIL PROTECTED] Sysadmins are like epic heroes invested with supreme powers and arcane lore, duty-bound to protect their users from villains, fires, and themselves. - Feen, Benjy: Origin of Sysadmins, http://www.monkeybagel.com/sysadmin.html
RE: [Samba] Joining WinXp to Samba PDC
Ah, thats done it. The uid's didn't match. All is working now. Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 23 January 2003 22:44 To: [EMAIL PROTECTED] Subject: Re: [Samba] Joining WinXp to Samba PDC Looks like the same problem as i had a feww moments ago. i tried to rejoin my domain, but received the same errors as you did. the problem was the machine account for my workstation. 1. check if the machine account exists (clientname$) as unix user. - /etc/passwd 2. check if the samba machine account exists. - /etc/samba/smbpasswd 3. if both exist, check for the uid, should be the same. 4. check if another account exists, with the same id - /etc/samba/smbpasswd 5. if yes, remove the duplicate id. (be sure not to remove a valid user!) - /etc/samba/smbpasswd smbpasswd -x duplicate 6. try again. 7. if it doesn't work remove both (unix+samba) accounts and recreate them with the following script: #!/bin/bash #script creates an machine account #the group machines must exist adduser -g machines -s /bin/false -c NT Machine Account $1\$ smbpasswd -m -a $1\$ 8. try again. hope this helps, Joachim. - Original Message - From: Roland Thompson [EMAIL PROTECTED] To: 'Bradley W. Langhorst' [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, January 23, 2003 8:55 PM Subject: RE: [Samba] Joining WinXp to Samba PDC Thanks, but I'm a bit confused. Where did Administrator come from? Is it a built in account in Samba, and whats the default password? I've tried using Administrator with no password ( and with my root password), but it keeps saying : Unknown username or bad password any other samba account I try just return : The specified user does not exist Any help appreciated Roland -Original Message- From: Bradley W. Langhorst [mailto:[EMAIL PROTECTED]] Sent: 23 January 2003 19:32 To: [EMAIL PROTECTED] Subject: Re: [Samba] Joining WinXp to Samba PDC On Thu, 2003-01-23 at 14:27, Roland Thompson wrote: After trying to get WinXP (Pro) to try and find my domain so I can log on I've finally done it, but now when I try and join my WinXP client to the domain, windows asks me to enter the username and password of an account with permission to join the domain. Now which account would this be?? root doesn't work, neither do my other samba users. it's Administrator (which you may want to map to root with smbusers) brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] still not working
Hi and sorry to bother you again, I've been trying to get this going, and now i'm able to access my server, but not the shares. When i try and access a share it says, you might not have permission, network path was not found. As i'm going through the diagnosis.txt, i get the same error on steps 3 and 7. That error is session setup failed: NT_STATUS_LOGON_FAILURE. Once again here is my smb.conf [global] netbios name = jasonsdt guest ok = yes log file = /var/log/samba/%m.log load printers = yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 wins server = Enterprise encrypt passwords = yes dns proxy = no server string = Samba Server printing = lprng password server = Enterprise unix password sync = Yes workgroup = Trinitynet printcap name = /etc/printcap security = domain log level = 5 [download] path = /home/jason/downloads read only = No [music] path = /home/jason/music read only = No again, any help will be greatly appreciated. thank you, jason _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows 2000 Domain Controller Security Setting
On Fri, 2003-01-24 at 11:12, Stewart, Eric wrote: Unless you know of some way to tell 2000 DC's to explicitly allow Samba servers to have anonymous access, this is an (admittedly minor) issue that might be worth looking at. Eric, check out the -A (not -a) parm to wbinfo. It allows you to get around this restriction, by providing a userid and password that will be used to make the connections. So it's not really letting samba have anonymous access, but it gets you past where NT can go... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] winbind
Greetings from Brazil,I installed winbind and everything seems good, but i have kde installed andi'm trying to run windowmaker.. if i choose 'failsafe' or log into the blackterminal it runs ok.. but when i try to log into the windowmaker.. it doesnot log in... what should i do ?other question.. is there a way to log with the local accounts when winbindis runnning ? i can only login with the Win 2k server account.. localaccounts as 'root' and others.. can't be logged.. what should i change andwhere ?Thanx in advance...Igor Debacker[EMAIL PROTECTED]
[Samba] how i added it to the domain
after changing to su i typed smbpasswd -j Domain name -U appropriate name then i added the password and it said welcome to domain _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Filter Problem
I was wondering if anyone could help me with this one. I am having trouble getting LDAP and samba working properly on my Debian Woody box. I am using OpenLDAP 2.0.27-3 and the unsable packaged Samba version 2.999+3.0 and am using the samba.schema for my LDAP database. Whenever I try to join the network using either W2K or smbclient the LDAP debug log shows that the following filter is being used: Jan 24 12:32:01 boo slapd[14586]: filter: ((objectClass=posixAccount)(uid=ELUCIDATION\5CROOT)) So the problem is that the domain name is being prefixed to the userid but my LDAP database only wants a userid. I thought the ldap filter parm in smb.conf might allow me to change this, but it doesn't seem to do anything. Does anyone have any suggestions?? Thanks in advance. John [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] still not working
Make sure you have a linux user setup, either a generic one or one for each user. if
it's win2k/xp you will need to look at the man page for encrypted passwords.
Hope this helps
Cheers
-
Kristyan Osborne - IT Technician
Longhill High School
01273 391672
-Original Message-
From: Jason Kirschenmann [mailto:[EMAIL PROTECTED]]
Sent: Fri 24/01/2003 19:27
To: [EMAIL PROTECTED]
Cc:
Subject: [Samba] still not working
Hi and sorry to bother you again,
I've been trying to get this going, and now i'm able to access my server,
but not the shares. When i try and access a share it says, you might not
have permission, network path was not found. As i'm going through the
diagnosis.txt, i get the same error on steps 3 and 7. That error is
session setup failed: NT_STATUS_LOGON_FAILURE. Once again here is my
smb.conf
[global]
netbios name = jasonsdt
guest ok = yes
log file = /var/log/samba/%m.log
load printers = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
SO_RCVBUF=8192
SO_SNDBUF=8192
wins server = Enterprise
encrypt passwords = yes
dns proxy = no
server string = Samba Server
printing = lprng
password server = Enterprise
unix password sync = Yes
workgroup = Trinitynet
printcap name = /etc/printcap
security = domain
log level = 5
[download]
path = /home/jason/downloads
read only = No
[music]
path = /home/jason/music
read only = No
again, any help will be greatly appreciated.
thank you,
jason
_
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
èº{.nÇ+·®+%Ë`¢Ú-
çèZ0xD¶§v·vØ^{-®ç-ìÛiÿùb²Û,jfÚ¢¸?¨¥©ÿ+-wèþƦm
Re: [Samba] still not working
On Fri, 2003-01-24 at 14:27, Jason Kirschenmann wrote: Hi and sorry to bother you again, I've been trying to get this going, and now i'm able to access my server, but not the shares. When i try and access a share it says, you might not have permission, network path was not found. As i'm going through the diagnosis.txt, i get the same error on steps 3 and 7. That error is session setup failed: NT_STATUS_LOGON_FAILURE. Once again here is my smb.conf you're getting there does your user have permission on those shares in unix? what do the logs say? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Solaris, Active Directory, and Samba 2.2.7a or 3a21
Does anyone use Samba -- either 2.2.7a or 3a21 -- on Solaris 8 to serve shares (but not printers) with users authenticaed against Active Directory? I have some questions about just what it took to get this running. -wde -- Will Enestvedt UNIX System Administrator Johnson Wales University -- Providence, RI -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT ACL's
I have been playing with samba for about 3 months. I have not been able to find a way to setup acl's efficiently. I would like to be able to set permissions for one person one way and three others all with different permissions. Then to also add 4 to 5 groups with all with different permissions the same way you would in windows. I am new to linux so I have a hard time fully understanding the Linux permissions. Any help would be appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Good Pam how-to??
Title: Message I'm looking for a good Pam how-to/tutorial. Does anyone have any links?? I'm a TOTAL incompetent when it comes to Pam (I cook with Crisco! sorry...couldn't help that :-) I need a real beginners guide Thanks! Dan
RE: [Samba] LDAP Filter Problem
Title: RE: [Samba] LDAP Filter Problem I am sure there are some extraneous parameters in it from all the things I've tried, but here it is # Samba config file created using SWAT # from 192.168.1.8 (192.168.1.8) # Date: 2003/01/20 21:34:50 # Global parameters [global] realm = ELUCIDATION workgroup = ELUCIDATION netbios name = Boo server string = %h server (Samba %v) security = USER obey pam restrictions = Yes guest account = guest passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u passwd chat = *new*password* %n\n *new*password* %n\n *successfully* unix password sync = Yes encrypt passwords = Yes log level = 5 log file = /var/log/samba/%m.log max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain logons = No logon script = startup.bat os level = 80 preferred master = Yes domain master = Yes local master = Yes dns proxy = No wins support = Yes ldap suffix = dc=ELUCIDATION ldap machine suffix = dc=ELUCIDATION ldap user suffix = dc=ELUCIDATION ldap admin dn = cn=Manager,dc=ELUCIDATION ldap ssl = Yes ldap filter = ((uid=%u)(objectclass=ixAccount)) printing = lprng add user script = /usr/local/sbin/smbldap-useradd.pl -w %u panic action = "" %d invalid users = root hosts allow = 192.168.1.0/255.255.255.0 logon drive = H: logon home = \\boo\%u domain admin group = @Domain Admins [homes] comment = Home Directories valid users = %S read only = No create mask = 0664 directory mask = 0775 browseable = No [netlogon] comment = Network Logon Service path = /opt/samba/netlogon guest ok = Yes [doc] path=/usr/share/doc public=yes writable=no read only=no create mask = 0750 guest ok = Yes [profiles] path = /opt/samba/profiles read only = Yes create mask = 0644 directory mask = 0775 guest ok = Yes browseable = No [printers] comment = All Printers path = /tmp create mask = 0700 printable = Yes browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes ~-~-~-~-~-~-~-~-~-~-~-~-~-~ John Peak Revenue Cycle Solutions McKesson Corp. [EMAIL PROTECTED] 404.338.2701 -Original Message- From: Bradley W. Langhorst [mailto:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 4:16 PM To: Peak, John Cc: [EMAIL PROTECTED] Subject: Re: [Samba] LDAP Filter Problem On Fri, 2003-01-24 at 13:15, Samba Newsgroups wrote: I was wondering if anyone could help me with this one. I am having trouble getting LDAP and samba working properly on my Debian Woody box. I am using OpenLDAP 2.0.27-3 and the unsable packaged Samba version 2.999+3.0 and am using the samba.schema for my LDAP database. Whenever I try to join the network using either W2K or smbclient the LDAP debug log shows that the following filter is being used: Jan 24 12:32:01 boo slapd[14586]: filter: ((objectClass=posixAccount)(uid=ELUCIDATION\5CROOT)) you'd better show your smb.conf... brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: [Samba] NT ACL's
On Fri, 2003-01-24 at 16:23, [EMAIL PROTECTED] wrote: I have been playing with samba for about 3 months. I have not been able to find a way to setup acl's efficiently. I would like to be able to set permissions for one person one way and three others all with different permissions. Then to also add 4 to 5 groups with all with different permissions the same way you would in windows. I am new to linux so I have a hard time fully understanding the Linux permissions. Any help would be appreciated. If you're talking about files on the client then you need domain groups - samba2 only has domain users and domain admins (samba3 has whatever you want). If you're talking about permissions on the server you can probably do whatever you want with unix groups. You'll have to understand unix permissions to do this try this article http://www.tldp.org/linuxfocus/English/January1999/article77.html brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Good Pam how-to??
On Fri, 2003-01-24 at 16:31, LaSusa, Dan wrote: I'm looking for a good Pam how-to/tutorial. Does anyone have any links?? I'm a TOTAL incompetent when it comes to Pam (I cook with Crisco! sorry...couldn't help that :-) I need a real beginners guide http://www.tldp.org/HOWTO/User-Authentication-HOWTO/ covers pam brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] LDAP Filter Problem
On Fri, 2003-01-24 at 16:32, Peak, John wrote: I am sure there are some extraneous parameters in it from all the things I've tried, but here it is ... # Global parameters [global] realm = ELUCIDATION what's this doing here? ldap filter = ((uid=%u)(objectclass=ixAccount)) i think this should be ldap filter = ((uid=%u)(objectclass=sambaAccount)) unless you've done something unusual brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Disabling symlink following client side?
Is there any way to specify in smb.conf that you don't want to follow symbolic links, or to somehow disable this in smbclient? I have an smb file indexer, and whenever it hits a linux box with a symlink pointing to the current directory, it creates thousands of extra entries. I'd like to be able to simply not follow symbolic links, as I have no way of disabling the follow symlinks option on the server. Thanks, Brendan msg12944/pgp0.pgp Description: PGP signature
[Samba] 2.2.7a and 64-bit AIX
Can anyone think of an issue with 2.2.7a compiled on IBM's 64-bit compiler running on the 64-bit kernel? I've confirmed that everything appears to be in order on the AIX 5.1 system. We are running it successfully and it is screaming fast! I just wanted to know if there is potential for disaster that I've not thought of... On a related note 2.2.7a is running perfectly with both oplocks and level2 oplocks on our other AIX 5.1 boxes in 32-bit mode and we have been very excited about the performace. Thanks Samba Team! Thanks a bunch! Bill -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] libsmbclient::smbc_getdents-lotta unknown type entries..
Hi, installed libsmbclient 2.2.3a-12 at debian 2.4.20, get great percentage of entries of unknown type, smbc_dirent.sbmc_type is not in range 1-9... e.g: WORKGROUP -- WORKGROUP XXX -- WORKGROUP ^666^ -- WORKGROUP -- UNKNOWN -- UNKNOWN -- UNKNOWN -- UNKNOWN -- unknown when not in 1-9 range master browser of the group is samba 2.2.3a-6 any ideas ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] winbind
i'm tryin to make a suse-linux box to log into an windows 2k server i trying.. using winbind.. coz i don't know other way... i took a look at samba.org home page.. and i readed a how to which explains what to do.. but 2 of the '.so' files which i need to set at /etc/pam.d/login .. does not exists.. pam_stack.so pam_console.so thanx in advance Igor ps. i just sent this mail to [EMAIL PROTECTED].. how can i subscribe to read the answers and other guys questions ?
RE: [Samba] Disabling symlink following client side?
share-level scope: follow symlinks = false -- Christopher Barry Manager of Information Systems InfiniCon Systems http://www.infiniconsys.com office:610.233.ISIS (4747) direct:610.233.4870 cell:267.879.8321 -Original Message- From: Brendan F. Dolan-Gavitt [mailto:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 4:57 PM To: [EMAIL PROTECTED] Subject: [Samba] Disabling symlink following client side? Is there any way to specify in smb.conf that you don't want to follow symbolic links, or to somehow disable this in smbclient? I have an smb file indexer, and whenever it hits a linux box with a symlink pointing to the current directory, it creates thousands of extra entries. I'd like to be able to simply not follow symbolic links, as I have no way of disabling the follow symlinks option on the server. Thanks, Brendan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NT ACL's
Bradley W. Langhorst wrote: On Fri, 2003-01-24 at 16:23, [EMAIL PROTECTED] wrote: I have been playing with samba for about 3 months. I have not been able to find a way to setup acl's efficiently. I would like to be able to set permissions for one person one way and three others all with different permissions. Then to also add 4 to 5 groups with all with different permissions the same way you would in windows. I am new to linux so I have a hard time fully understanding the Linux permissions. Any help would be appreciated. if you want a full set of permissions like on windows, you'd better install acl support on an xfs filesystem for instance. Distros like Mandrake (Redhat?) come with these tools already. xfs+acl support has to be compiled in the kernel or as modules, and a few other tools can be installed to get/set acls on the command line. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] test
test -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SuSE 8.1 start SMB at boot
On 2003-01-21 at 13:29 +1100 Les Russell sent off: Does anyone happen to know how to configure SuSE 8.1 to start SMB at boot? I know how to do it by adding sym links in /etc/init.d/rc?.d, but I wanted to know if there is a standard way of doing it through YAST2. insserv nmb insserv smb Bjoern -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] libsmbclient:smbc_getdents-a lot of unknown entries
Hi,
{dunno if previous version of this post arrived :-(, sorry for reposting}
installed libsmbclient 2.2.3a-12 at debian 2.4.20, get great percentage of
entries of unknown type, i.e smbc_dirent.sbmc_type is not in range 1-9...
e.g:
url was : smb://
WORKGROUP -- WORKGROUP
YET_ANOTHER -- WORKGROUP
ANOTHER -- WORKGROUP
-- UNKNOWN
-- UNKNOWN
-- UNKNOWN
-- UNKNOWN -- unknown when not in 1-9 range
master browser of the group is samba 2.2.3a-6
any ideas how to get only clear entries ?
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Strange behaviour with M$ WORD 97 under Win 2K
Check the permissions on the file under linux. also check your share in the smb.conf file, make sure it hasn't got writable=no etc. Cheers Kristyan Osborne - IT Technician Longhill High School 01273 391672 -Original Message- From: Jean-Paul ARGUDO [mailto:[EMAIL PROTECTED]] Sent: Fri 24/01/2003 13:45 To: [EMAIL PROTECTED] Cc: Subject: [Samba] Strange behaviour with M$ WORD 97 under Win 2K Hi all, I searched thru excellent http://marc.theaimsgroup.com/?l=sambar=1w=2 (samba ML archive...) answer to my questions. I asked Google too. Both doesnt know about my problem. That's why I finaly decided to polute samba ML :-( Here's the environment: a Linux Box under Debian Woody (stable, nothing compiled by hand EXCEPT KERNEL (aacraid issue..)): master:~# uname -a Linux master 2.4.20 #2 SMP Mon Dec 2 18:49:26 CET 2002 i686 unknown master:~# smbd -V Version 2.2.3a-12 for Debian The server is a DELL PowerEdge 1650 with Raid Mirror on two 18Gb disks. Clients : DELL Inspiron 4150 under windows 2000 SP2 M$ OFFICE 97 (Word, Excel only) M$ EURO PATCH applied (fonts with EURO symbol...) All works fine with Samba except: (1) profile and netlogon directories are stil in user homes. *I KNOW* I have to re-read the samba howto collection, the soluce is in. Will be fixed in a few. I already have netlogon ant profile shares enabled, but client just dont use it ... You'll see this in my smb.conf above... (2) _the real topic of this mail_ : My users work with M$ Office 97, Word and Excel, only. With Word 97, frequently, when a user tries to open a file in the public share (see smb.conf above), he has a message telling him he is on READ ONLY mode. With smbstatus, I clearly see the user is on RDONLY mode on this file. The problem is that nobody is using this file |-( except him. I really suspect Word 97 (client side then) to be the origin of the problem. I noticed Word 97 creates a temp file on opening, It is surely used to notice others users the file is accessed?.. *but* when the file is opened, this temp file isn't there?.. So?? Whats up??? Why a such message? really Dunno. I think I'll have to dig around samba caching issue? or any timeout issue?? I'll really be glad if you could help me in any way. Thanks a lot! Here's smb.conf, where you'll notice I disabled oplocks, because of data corruption (filled a report in samba's bugtrack a month ago) with excel/word files... : [global] netbios name=MASTER workgroup=CPTA security=user encrypt passwords=Yes domain logons=yes logon script=logon.bat os level=64 domain master=yes local master=yes preferred master=yes wins support = yes name resolve order = wins hosts lmhosts bcast oplocks=no #interfaces=127.0.0.1 eth0 #bind interfaces only=Yes #invalid users=root hosts allow=192.168.0. 192.168.1. log level=1 #guest account=nobody printer driver file=/home/public/driver/printers.def server string=Controleur du domaine CPTA [netlogon] --dunno why unused :-( RTFM: Samba HOWTO Collection path=/var/samba/netlogon read only=yes public=no [profiles] --dunno why unused :-( RTFM: Samba HOWTO Collection path=/var/samba/profiles read only=no create mask = 0600 directory mask = 0700 [homes] browseable=No writeable=Yes guest ok=no comment=Repertoire personnel --means personal home in fr create mask = 0600 directory mask = 0700 valid users = %S [public] --share where read only word issues occurs path=/home/public browseable=Yes writeable=Yes guest ok=yes read only=no -- redundant with writeable=yes, I know :-) force user=nobody comment=Repertoire commun --means public home in fr [pdf] path=/tmp printable=yes guest ok=yes print command=/usr/bin/printpdf %s lpq command= lprm
[Samba] Samba 3alpha21
Hi there, I want to build a RPM for the SuSE 8.1 and get following error: aclocal: configure.in: 2097: macro `AM_PATH_MYSQL' not found in library Any clues. It's something about LDAP using MySQL and the new passdb/pdbedit - tool. Thanks Sascha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind
On Fri, 2003-01-24 at 16:15, Igor Debacker wrote: i'm tryin to make a suse-linux box to log into an windows 2k server i trying.. using winbind.. coz i don't know other way... i took a look at samba.org home page.. and i readed a how to which explains what to do.. but 2 of the '.so' files which i need to set at /etc/pam.d/login .. does not exists.. pam_stack.so pam_console.so your distribution doesn't use those - don't worry about it... be sure you understand pam before you start messing about with it... pam is great way to lock yourself out of your machine. ps. i just sent this mail to [EMAIL PROTECTED] how can i subscribe to read the answers and other guys questions ? look at the list options at samba.org http://lists.samba.org/mailman/listinfo/samba -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT_STATUS_ACCESS_DENIED opening remote file
Am having trouble getting samba to work properly it seems. Setup went smooth, the processes are running. Can log in with smbclient no problem. Can 'get' files no problem, but whenever I try to 'put' a file I get the following error: NT_STATUS_ACCESS_DENIED opening remote file '/filename'. Anyone else run into this error. I have found help on this error relating to login problems but not to file problems. Any help would be appreciated. The following is what is in my smb.conf file. Thanks. [global] netbios name = POGO workgroup=POGOSAMBA security=user [share-files] path = /home/share readonly=no Ben thanks again for any input
[Samba] limit login.
Hi all, how can i limit the number of connections of users (Samba). i need to left only one connection per user. thank ...
[Samba] Dependency problem with RPM
Hello, I searched for a solution with this but found none, hopefully you can address this. I just downloaded the samba-2.2.7a-1.i386.rpm and attempted to install it on my Redhat 7 Linux system (ver 2.2.16-22) and it failed due to the following failed dependencies: libc.so.6(GLIBC_2.3) libreadline.so.4 perl(strict) perl(vars) When I look through my system I find all of the files: /lib/libc.so.6 /usr/lib/libreadline.so.4 /usr/lib/perl5/5.6.0/strict.pm /usr/lib/perl5/5.6.0/var.pm How do I point the samba rpm to these locations? Are these the valid locations? When I enter rom -q perl the following is returned: perl-5.6.0-9 so I would think that the *.pm files would be found, unless the samba rpm is NOT looking for the *.pm files. Any pointers are greatly appreciated. Sincerely, Jeff Biss -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printing problems
Disappearing print jobs are often a driver issue. I don't use cups, so: Is your print command correct? lpr-cups? Does the job get transferred to your /var/spool/samba directory? Does the job get removed? I don't see a rm %s command in your print command. If the job gets transferred but not printed, can you print it out with the same command you use in your printing share? The samba logs might be useful. What do your printing logs show? Does you guest user have the rights to use your printing software? BTW, I don't see a guest user defined in your smb.conf. Joel /n Fri, Jan 24, 2003 at 05:29:54PM +1100, Colin Jenkins wrote: not sure what Iv'e messed up here, but I did have my mandrake 9 server sharing it's printer to my windows boxes with samba. I reinstalled linus on the server, and replaced winxp with mandrake 9 on one workstation. the linux workstation and server each have a printer connected and both machines can use each others printers. I have been trying for a week to get the windows boxes to use the printers to no avail. The printers are found and installed, but the print jobs disappearno errors. any ideas? oh yeah, below is part of my smb.conf #== Global Settings = [global] workgroup = CURRICULUM netbios name = hal load printers = yes security = server server string = Samba Server %v passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n printing = cups default = home password server = 192.168.0.1 update encrypted = no encrypt passwords = no passwd program = /usr/bin/passwd %u domain logons = no wins server = 192.168.0.1 local master = yes preferred master = No domain master = No socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Share Definitions === [printers] comment = All Printers path = /var/spool/samba read only = No create mask = 0700 guest ok = yes hosts allow = 192.168. printable = Yes printing = cups use client driver = yes print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpstat -o %p lprm command = cancel %p-%j browseable = yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Win2k Sp3 and Samba 2.2.4
When win2k go to enter in Domain I receive this message: Don't Have mapping between account names and security identification thanks for any help! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] netlogon sometimes works (corrected with smb.confattached)
Jason, Apologies for the dealy, I was at LinuxWorld Expo New York all week and just got home. You should use a network sniffer (like Ethereal) to capture a trace of a logon that works correctly and one that does not. Then examine the differences to find what went wrong. It should tell you where things broke down. If timing is the issue t hen your authentication server may be problematic. In this case you would need to either isolate the problem, or move the authentication (netlogon) service to another machine that is more responsive. - John T. On Wed, 22 Jan 2003 [EMAIL PROTECTED] wrote: John, thanks for your help thus far. I switched switches that the PDC is plugged into and it almost had me believing that it worked, I managed to log in three times in quick succession and each time it executed the netlogon script. Alas, inconsistency reared its ugly head once more and now I either get a successful logon (netlogon script runs) or a plain logon (validates my password, creates my profile share (z drive), but fails to run the netlogon share). Which brings me to ask the question, is the netlogon share affected by network acvtivity? The PDC server is running fileservices, domino, and other items. Password validation isn't a problem, but getting samba to process the netlogon, is a pain. Everything that did run on the NT server has been migrated to the solaris machine and works better and faster than before. The PDC is the last item left, I'm wondering if Samba needs a more dedicated host to invoke netlogon? Domino can be quite intensive on network activity when replicating between sites, so would this network deluge put samba off from the 'less critical' execution of the netlogon share? FYI our NT server is an old Pentium, 64Mb RAM, 10M network card. our solaris PDC server is a dual PIII, 1Gb RAM, 100M network card. Jason Walton Nomad Software Ltd 186 Regent Street London W1B 5TN Tel. +44 (20) 7292 2459 Fax. +44 (20) 7292 2401 www.nomadsoft.com John H Terpstra [EMAIL PROTECTED] 21/01/2003 03:46 To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject:Re: [Samba] netlogon sometimes works (corrected with smb.conf attached) Jason, We have gone over a few things already. You are using WINS, that means your MS Windows clients should not have any trouble finding your samba server and the services that run on it. The only time I have seen similar behaviour, given that everything is correctly configured from a Samba and MS Windows networking perspective, has been where there has been a jabbering network card or a defective HUB. Have you tried replacing the NICs in a client and the server? Have you tried a cross-over cable between the two to validate that you the network login process correctly completes EVERY time. If with known working NICs and a cross-over cable you can reproduce the failure to execute the network logon process correctly, then it might be time to turn back to blaming the Samba or MS Windows configuration. - John T. On Mon, 20 Jan 2003 [EMAIL PROTECTED] wrote: Could anybody please help? I have tried all sorts and nothing will fix the problem permamently. I have a samba PDC which on occasion happily logs a user on and processes the NETLOGON share. However, it doesn't always run this service. I have placed preexec commands in both the profiles and netlogon shares, only the profiles preexec is executed. Reboots don't make any difference, only determed logout / logins will eventually get the netlogon share executed. I have included the full smb.conf file, samba is now running 2.2.7a, each upgrade results in the same problem. We have two domains, one controlled by an old NT PDC (this is to be retired) and one by a new samba PDC (to be the main PDC for all machines, once they are migrated). I have noticed that trying to join the samba domain over a VPN is impossible, whereas joining the NT domain, works first time. I don't know if this last bit is relevant to the problem or not. # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command testparm # to check that you have not many any basic syntactic errors. # #=== Global Settings = [global] ## ## Basic Server Settings ## netbios name = PDC netbios aliases = FILESERVER # netbios name = PDCM # workgroup =
[Samba] TDB Backups?
Do tdb files need to be backed up the tdbbackup tool or will tar do the job? Also is there any documentation out there on these tdb files? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Samba Users
Sir, My samba is connecting Linux and MSWin . Can I know how many users(with read and write rights) can access at a time. What is the maximum user limit. Regards, Rajsundar.
Winbind reconnect failures
Hi,
since quite some time I was observing an intermittant (thus
annoying) problem. Winbindd apparently loses connections to DCs
now and then. As multiple winbind instances are affected
simultanously, I suppose the reason for connections dying is
external. But they all fail to reconnect, then. Winbindd restart
always fixed it, but this can't be the solution.
Digged into it (after learning how to disconnect a TCP link
without killing the process owning the socket on HP-UX :).
The reason seems to be, that the retry code in
cm_get_lsa_handle()
cm_get_sam_handle()
in winbindd_cm.c does not actually get executed. After a
connection died, but before an actual read or write is attempted,
the cached handle is still ok for policy_handle_is_valid(), and
the functions above return with success, without trying to write
to the corresponding pipe.
As a result, functions in winbindd_rpc.c do fail on subsequent
rpc calls, but without retrying.
A solution - if we don't want cm_get_*_handle() to probe pipes
on every invocation - would be to move retry triggers to their
callers.
Did so. Attached patch is for 2.2. If I have seen correctly
in CVS, however, 3.0 should suffer from the same problem.
Adds a lot of stupid code, unfortunately, as every caller needs
to be equipped individually. Maybe there is a more elegant way?
But it seems to work fine here.
(The retry code in cm_get_*_handle() seems redundant with the
patch applied, but it doesn't hurt. Didn't change it.)
Cheers!
Michael
Index: source/nsswitch/winbindd_rpc.c
===
RCS file: /cvsroot/samba/source/nsswitch/winbindd_rpc.c,v
retrieving revision 1.22.2.13
diff -u -r1.22.2.13 winbindd_rpc.c
--- source/nsswitch/winbindd_rpc.c 6 Jan 2003 07:33:13 - 1.22.2.13
+++ source/nsswitch/winbindd_rpc.c 24 Jan 2003 09:51:22 -
@@ -52,12 +52,16 @@
CLI_POLICY_HND *hnd;
NTSTATUS result;
POLICY_HND dom_pol;
- BOOL got_dom_pol = False;
+ BOOL got_dom_pol;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
int i;
+ BOOL do_retry = True;
+ retry:
+ hnd = NULL;
*num_entries = 0;
*info = NULL;
+ got_dom_pol = False;
/* Get sam handle */
@@ -132,6 +136,14 @@
if (got_dom_pol)
cli_samr_close(hnd-cli, mem_ctx, dom_pol);
+ if (!NT_STATUS_IS_OK(result) do_retry
+ hnd hnd-cli hnd-cli-fd == -1) {
+ DEBUG(3, (Failed with %s for domain %s, retrying\n,
+ nt_errstr(result), domain));
+ do_retry = False;
+ goto retry;
+ }
+
return result;
}
@@ -147,18 +159,21 @@
POLICY_HND dom_pol;
NTSTATUS result;
uint32 start = 0;
+ BOOL do_retry = True;
+ retry:
+ hnd = NULL;
*num_entries = 0;
*info = NULL;
if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain-name, hnd)))
- return result;
+ goto done;
result = cli_samr_open_domain(hnd-cli, mem_ctx,
hnd-pol, des_access, domain-sid, dom_pol);
if (!NT_STATUS_IS_OK(result))
- return result;
+ goto done;
do {
struct acct_info *info2 = NULL;
@@ -193,6 +208,16 @@
cli_samr_close(hnd-cli, mem_ctx, dom_pol);
+ done:
+
+ if (!NT_STATUS_IS_OK(result) do_retry
+ hnd hnd-cli hnd-cli-fd == -1) {
+ DEBUG(3, (Failed with %s for domain %s, retrying\n,
+ nt_errstr(result), domain));
+ do_retry = False;
+ goto retry;
+ }
+
return result;
}
@@ -205,26 +230,32 @@
TALLOC_CTX *mem_ctx;
CLI_POLICY_HND *hnd;
NTSTATUS result;
- DOM_SID *sids = NULL;
- uint32 *types = NULL;
+ DOM_SID *sids;
+ uint32 *types;
const char *full_name;
+ BOOL do_retry = True;
if (!(mem_ctx = talloc_init_named(name_to_sid[rpc] for [%s]\\[%s],
domain-name, name))) {
DEBUG(0, (talloc_init failed!\n));
return NT_STATUS_NO_MEMORY;
}
+ retry:
+ hnd = NULL;
+ sids = NULL;
+ types = NULL;
+
if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain-name, hnd))) {
- talloc_destroy(mem_ctx);
- return NT_STATUS_UNSUCCESSFUL;
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
}
full_name = talloc_asprintf(mem_ctx, %s\\%s, domain-name, name);
if (!full_name) {
DEBUG(0, (talloc_asprintf failed!\n));
- talloc_destroy(mem_ctx);
- return NT_STATUS_NO_MEMORY;
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
}
result = cli_lsa_lookup_names(hnd-cli, mem_ctx, hnd-pol, 1,
@@
Printer Driver Donwload with Win9X (Adobe driver/cupsaddsmb) cups-1.1.18,samba-2.2.7]
Hi, printer driver download with W2000/Xp (samba-2.2.7 and cups-1.1.18) and the Adobe PS Driver works fine for our location. But when I try to download a driver with W9X the driver installation widzard starts. Samba logs the following messages... (Cant determine number of printer driver files...) (see second apandix) The installation of the driver works with no error. (see first apendix) Has anyone successfully installed the W9X Adobe Driver? Thank you very much Hansjörg Running command: smbclient //localhost/print\$ -N -U'root%XXX%' -c 'mkdir W32X86;put /var/spool/cups/tmp/3e256bfa5c7d8 W32X86/hp2250.PPD;put /usr/share/cups/drivers/ADOBEPS5.DLL W32X86/ADOBEPS5.DLL;put /usr/share/cups/drivers/ADOBEPSU.DLL W32X86/ADOBEPSU.DLL;put /usr/share/cups/drivers/ADOBEPSU.HLP W32X86/ADOBEPSU.HLP' added interface ip=129.247.181.169 bcast=129.247.181.255 nmask=255.255.255.0 added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 Domain=[NTROBOTIC] OS=[Unix] Server=[Samba 2.2.7] NT_STATUS_OBJECT_NAME_COLLISION making remote directory \W32X86 putting file /var/spool/cups/tmp/3e256bfa5c7d8 as \W32X86/hp2250.PPD (787.4 kb/s) (average 787.4 kb/s) putting file /usr/share/cups/drivers/ADOBEPS5.DLL as \W32X86/ADOBEPS5.DLL (1732.1 kb/s) (average 1597.1 kb/s) putting file /usr/share/cups/drivers/ADOBEPSU.DLL as \W32X86/ADOBEPSU.DLL (1965.0 kb/s) (average 1688.9 kb/s) putting file /usr/share/cups/drivers/ADOBEPSU.HLP as \W32X86/ADOBEPSU.HLP (265.5 kb/s) (average 1467.1 kb/s) Running command: rpcclient localhost -N -U'root%XXX%' -c 'adddriver Windows NT x86 hp2250:ADOBEPS5.DLL:hp2250.PPD:ADOBEPSU.DLL:ADOBEPSU.HLP:NULL:RAW:NULL' cmd = adddriver Windows NT x86 hp2250:ADOBEPS5.DLL:hp2250.PPD:ADOBEPSU.DLL:ADOBEPSU.HLP:NULL:RAW:NULL Printer Driver hp2250 successfully installed. Running command: smbclient //localhost/print\$ -N -U'root%XXX%' -c 'mkdir WIN40;put /var/spool/cups/tmp/3e256bfa5c7d8 WIN40/hp2250.PPD;put /usr/share/cups/drivers/ADFONTS.MFM WIN40/ADFONTS.MFM;put /usr/share/cups/drivers/ADOBEPS4.DRV WIN40/ADOBEPS4.DRV;put /usr/share/cups/drivers/ADOBEPS4.HLP WIN40/ADOBEPS4.HLP;put /usr/share/cups/drivers/DEFPRTR2.PPD WIN40/DEFPRTR2.PPD;put /usr/share/cups/drivers/ICONLIB.DLL WIN40/ICONLIB.DLL;put /usr/share/cups/drivers/PSMON.DLL WIN40/PSMON.DLL;' added interface ip=129.247.181.169 bcast=129.247.181.255 nmask=255.255.255.0 added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 Domain=[NTROBOTIC] OS=[Unix] Server=[Samba 2.2.7] NT_STATUS_OBJECT_NAME_COLLISION making remote directory \WIN40 putting file /var/spool/cups/tmp/3e256bfa5c7d8 as \WIN40/hp2250.PPD (691.0 kb/s) (average 691.0 kb/s) putting file /usr/share/cups/drivers/ADFONTS.MFM as \WIN40/ADFONTS.MFM (1437.6 kb/s) (average 1354.4 kb/s) putting file /usr/share/cups/drivers/ADOBEPS4.DRV as \WIN40/ADOBEPS4.DRV (1449.5 kb/s) (average 1417.7 kb/s) putting file /usr/share/cups/drivers/ADOBEPS4.HLP as \WIN40/ADOBEPS4.HLP (1199.4 kb/s) (average 1390.1 kb/s) putting file /usr/share/cups/drivers/DEFPRTR2.PPD as \WIN40/DEFPRTR2.PPD (280.4 kb/s) (average 1356.5 kb/s) putting file /usr/share/cups/drivers/ICONLIB.DLL as \WIN40/ICONLIB.DLL (1955.2 kb/s) (average 1378.4 kb/s) putting file /usr/share/cups/drivers/PSMON.DLL as \WIN40/PSMON.DLL (602.1 kb/s) (average 1336.0 kb/s) Running command: rpcclient localhost -N -U'root%XXX%' -c 'adddriver Windows 4.0 hp2250:ADOBEPS4.DRV:hp2250.PPD:NULL:ADOBEPS4.HLP:PSMON.DLL:RAW:ADOBEPS4.DRV,hp2250.PPD,ADOBEPS4.HLP,PSMON.DLL,ADFONTS.MFM,DEFPRTR2.PPD,ICONLIB.DLL' cmd = adddriver Windows 4.0 hp2250:ADOBEPS4.DRV:hp2250.PPD:NULL:ADOBEPS4.HLP:PSMON.DLL:RAW:ADOBEPS4.DRV,hp2250.PPD,ADOBEPS4.HLP,PSMON.DLL,ADFONTS.MFM,DEFPRTR2.PPD,ICONLIB.DLL Printer Driver hp2250 successfully installed. [2003/01/15 15:17:08, 3] smbd/lanman.c:api_DosPrintQGetInfo(884) api_DosPrintQGetInfo: uLevel=52 name=HP2250 [2003/01/15 15:17:08, 3] smbd/lanman.c:get_printerdrivernumber(836) Can't determine number of printer driver files [2003/01/15 15:17:08, 3] smbd/lanman.c:api_DosPrintQGetInfo(918) api_DosPrintQGetInfo: Driver files count: 0 [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(656) printerdriver:hp2250: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(657) Driver:ADOBEPS4.DRV: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(658) Data File:hp2250.PPD: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(659) Language Monitor:PSMON.DLL: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(661) lp_driverlocation:\\PRINTSERVER2\print$\WIN40\0: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(664) Data Type:RAW: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(665) Help File:ADOBEPS4.HLP: [2003/01/15 15:17:08, 3] smbd/lanman.c:fill_printq_info_52(679) fill_printq_info on hp2250 gave 0 entries [2003/01/15 15:17:09, 3] smbd/process.c:process_smb(878) Transaction 16 of length 39 root at wertach:/usr/local/samba/printers/WIN40# ll
ACL support 2.2.7a
Client: Windows XP Server: Samba 2.2.2, 2.2.5 - Solaris 2.6, 8 Security: Domain, NT PDC We have the same problem a you but with XP not NT. Have your resolved it? ACL's can be modified from the security tab from windows XP but not added. Using NT it works. Users and groups are listed as: MACHINE\user MACHINE\group but when you try to add a user / group the only thing XP accept is: DOMAIN\user and DOMAIN\group and when you apply the rights they disappear. Usernames are the same in NIS and the NT domain. Regards, Johannes - I used the following environment: - Samba 2.2.7a - AIX 5.2 - PDC on NT Operations that work: - Change a manually added, with acledit, acl user or group entry from NT - Remove a manually, added, with acledit, acl user or group entry from NT Operations that does not work: - Add acl user or group entry from NT (the user can manually add acl entries with acledit on the file) This worked on AIX 5.1 with Samba 2.2.5 (tested with users). Maybe the acl structures has been changed in AIX 5.2? Logfile shows that chacl() sets errno 2 (ENOENT) indicating that the file does not exist: ... Starting AIX sys_acl_set_permset entry-ace_access = 448 Ending AIX sys_acl_set_permset user_obj=1, group_obj=1, other_obj=1 Entering sys_acl_set_file File name is testit.txt errno is 2 return code is 0 Exiting the sys_acl_set_file ... ls -l testit.txt: total 1 -rwxrwxrwx 1 aaa a24 Jan 21 14:42 testit.txt aclget testit.txt: attributes: base permissions owner(aaa): rwx group(a): rwx others: rwx extended permissions enabled
Re: Winbind reconnect failures
Celebrated too early. In sequence_number() hnd was not
initialized, and its value not tested when checking
whether to retry.
Result: bus error when querying a non-existent domain. Grr...
Corrected patch is attached. Sorry!
Michael
Index: source/nsswitch/winbindd_rpc.c
===
RCS file: /cvsroot/samba/source/nsswitch/winbindd_rpc.c,v
retrieving revision 1.22.2.13
diff -u -r1.22.2.13 winbindd_rpc.c
--- source/nsswitch/winbindd_rpc.c 6 Jan 2003 07:33:13 - 1.22.2.13
+++ source/nsswitch/winbindd_rpc.c 24 Jan 2003 16:23:33 -
@@ -52,12 +52,16 @@
CLI_POLICY_HND *hnd;
NTSTATUS result;
POLICY_HND dom_pol;
- BOOL got_dom_pol = False;
+ BOOL got_dom_pol;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
int i;
+ BOOL do_retry = True;
+ retry:
+ hnd = NULL;
*num_entries = 0;
*info = NULL;
+ got_dom_pol = False;
/* Get sam handle */
@@ -132,6 +136,14 @@
if (got_dom_pol)
cli_samr_close(hnd-cli, mem_ctx, dom_pol);
+ if (!NT_STATUS_IS_OK(result) do_retry
+ hnd hnd-cli hnd-cli-fd == -1) {
+ DEBUG(3, (Failed with %s for domain %s, retrying\n,
+ nt_errstr(result), domain));
+ do_retry = False;
+ goto retry;
+ }
+
return result;
}
@@ -147,18 +159,21 @@
POLICY_HND dom_pol;
NTSTATUS result;
uint32 start = 0;
+ BOOL do_retry = True;
+ retry:
+ hnd = NULL;
*num_entries = 0;
*info = NULL;
if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain-name, hnd)))
- return result;
+ goto done;
result = cli_samr_open_domain(hnd-cli, mem_ctx,
hnd-pol, des_access, domain-sid, dom_pol);
if (!NT_STATUS_IS_OK(result))
- return result;
+ goto done;
do {
struct acct_info *info2 = NULL;
@@ -193,6 +208,16 @@
cli_samr_close(hnd-cli, mem_ctx, dom_pol);
+ done:
+
+ if (!NT_STATUS_IS_OK(result) do_retry
+ hnd hnd-cli hnd-cli-fd == -1) {
+ DEBUG(3, (Failed with %s for domain %s, retrying\n,
+ nt_errstr(result), domain));
+ do_retry = False;
+ goto retry;
+ }
+
return result;
}
@@ -205,26 +230,32 @@
TALLOC_CTX *mem_ctx;
CLI_POLICY_HND *hnd;
NTSTATUS result;
- DOM_SID *sids = NULL;
- uint32 *types = NULL;
+ DOM_SID *sids;
+ uint32 *types;
const char *full_name;
+ BOOL do_retry = True;
if (!(mem_ctx = talloc_init_named(name_to_sid[rpc] for [%s]\\[%s],
domain-name, name))) {
DEBUG(0, (talloc_init failed!\n));
return NT_STATUS_NO_MEMORY;
}
+ retry:
+ hnd = NULL;
+ sids = NULL;
+ types = NULL;
+
if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain-name, hnd))) {
- talloc_destroy(mem_ctx);
- return NT_STATUS_UNSUCCESSFUL;
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
}
full_name = talloc_asprintf(mem_ctx, %s\\%s, domain-name, name);
if (!full_name) {
DEBUG(0, (talloc_asprintf failed!\n));
- talloc_destroy(mem_ctx);
- return NT_STATUS_NO_MEMORY;
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
}
result = cli_lsa_lookup_names(hnd-cli, mem_ctx, hnd-pol, 1,
@@ -237,6 +268,16 @@
*type = types[0];
}
+ done:
+
+ if (!NT_STATUS_IS_OK(result) do_retry
+ hnd hnd-cli hnd-cli-fd == -1) {
+ DEBUG(3, (Failed with %s for domain %s, retrying\n,
+ nt_errstr(result), domain));
+ do_retry = False;
+ goto retry;
+ }
+
talloc_destroy(mem_ctx);
return result;
}
@@ -255,9 +296,15 @@
char **names;
uint32 *types;
NTSTATUS result;
+ BOOL do_retry = True;
- if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain-name, hnd)))
- return NT_STATUS_UNSUCCESSFUL;
+ retry:
+ hnd = NULL;
+
+ if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain-name, hnd))) {
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
result = cli_lsa_lookup_sids(hnd-cli, mem_ctx, hnd-pol,
1, sid, domains, names, types);
@@ -270,10 +317,21 @@
/* Paranoia */
if (strcasecmp(domain-name, domains[0]) != 0) {
DEBUG(1, (domain name from domain param and PDC lookup return
differ! (%s vs %s)\n, domain-name, domains[0]));
-
pdbedit on alpha21
The pdbedit segfault problem on alpha21 is on the call poptGetArg when
the user_name == NULL was checked. I have debugged it and from the trace
I've seen that in :
if (user_name == NULL) {
user_name = strdup(poptGetArg(pc));
}
the poptGetArg(pc) return a NULL pointer, so the strdup got segfault.
This is true for both popt library from system or from the samba build.
I'd like to have the patch to fix the problem.
best regards,
Jianlian Lu
Tiesse s.p.a
email: [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: Limitations of Samba-2.2.x as a domain member talking to an AD domain controller
Tim Potter wrote: On Thu, Jan 23, 2003 at 10:54:19AM -0800, Richard Sharpe wrote: Can anyone point me at documentation on the limitations of a downlevel server being a member server in an AD network? The specific case I am thinking of is a Samba-2.2.x-based server. I don't have any documentation but I can tell you that you should have no problems if you install your domain controller with permissions compatible with pre-Windows 2000 machines. As far as I can work out this just adds the Everyone SID to the builtin Pre-Windows 2000 Compatible Access group. If this sid isn't present you'll have all sorts of weird problems to do with anonymous access to the LSA and SAM rpc pipes. Tim. Tim, Could you expound on this issue more or point me to some documentation on this subject? I run version 2.2.6 Samba file and print servers in a mixed AD network. I'm anxiously awaiting the production release of 3.0 because we are rapidly moving toward a native mode AD network in which my Samba servers won't authenticate. Right now my Samba servers are set up for Domain security and we have a local BDC for machine accounts. When I add a new server to our network, I first create a machine account on the BDC and then join the domain. However, in our move to a native mode AD network the local BDC will go away. Is the any way for our pre 3.0 Samba servers to participate in AD and how do you set it up? -- Jerry Damian - My opinions != Ford's opinions or policy Ford Motor Co, 1116 SRL, MD 1074, 2101 Village Road, Dearborn, MI 48124 USA Planet Earth, Milky Way Galaxy, Virgo Supercluster, Observable Universe Phone: 313 323 8347 Fax: 313 390 4865 Email: [EMAIL PROTECTED]
PIPE BUSY
Has anyone been able to send a DCE-RPC PDU fragment via SMBTrans? I seem to be getting PIPE BUSY as the SMB response from the Win2K server I'm testing against. (I'm writing a DCE-RPC over SMB Named Pipes fuzzer for SPIKE) -dave
Re: Limitations of Samba-2.2.x as a domain member talking to an AD domaincontroller
I run version 2.2.6 Samba file and print servers in a mixed AD network. I'm anxiously awaiting the production release of 3.0 because we are rapidly moving toward a native mode AD network in which my Samba servers won't authenticate. Damian, can you go into more detail about my Samba servers won't authenticate? Native Mode should be OK, but you'll need to go into the built-in groups, and find the Pre-Windows 2000 Compatibility (or something like that) group. You'll need to add the Everyone built-in group to it. Just add it like you would add any other group into it. Once you've done this, you should be able to authenticate. Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA [EMAIL PROTECTED] [EMAIL PROTECTED] Phone: (207) 885-5565 IBM tie-line: 776-9984
possible memory leak
Hi,
I seem to find some possible memory leaks in Samba
code. The patch is attached, Could you guys have a
look to check whether it is correct?
Thanks a lot.
Leo
--- samba-2.2.7a/source/lib/util.c.old Fri Jan 24
12:06:46 2003
+++ samba-2.2.7a/source/lib/util.c Fri Jan 24 12:07:50
2003
@@ -1284,10 +1284,13 @@ routine to free a namearray.
void free_namearray(name_compare_entry *name_array)
{
+ int i;
if(name_array == NULL)
return;
- SAFE_FREE(name_array-name);
+ for(i=0; name_array[i].name!=NULL; i++)
+SAFE_FREE(name_array[i].name);
+
SAFE_FREE(name_array);
}
--- samba-2.2.7a/source/smbd/posix_acls.c.old Fri Jan
24 12:06:31 2003
+++ samba-2.2.7a/source/smbd/posix_acls.c Fri Jan 24
12:11:49 2003
@@ -912,9 +912,10 @@ Deny entry after Allow entry.
Failing to
free_canon_ace_list(dir_ace);
return False;
}
-
+ SAFE_FREE(current_ace);
current_ace = dup_ace;
} else {
+ SAFE_FREE(current_ace);
current_ace = NULL;
}
}
@@ -949,6 +950,7 @@ Deny entry after Allow entry.
Failing to
print_canon_ace( current_ace, 0);
}
all_aces_are_inherit_only = False;
+ SAFE_FREE(current_ace);
current_ace = NULL;
}
@@ -1096,6 +1098,7 @@ static void process_deny_list(
canon_ace
/* Deny nothing entry - delete. */
DLIST_REMOVE(ace_list, curr_ace);
+ SAFE_FREE(curr_ace);
continue;
}
@@ -1141,6 +1144,7 @@ static void process_deny_list(
canon_ace
*/
DLIST_REMOVE(ace_list, curr_ace);
+ SAFE_FREE(curr_ace);
}
/* Pass 2 above - deal with deny user entries. */
@@ -2306,6 +2310,7 @@ BOOL set_nt_acl(files_struct
*fsp, uint3
if (conn-vfs_ops.sys_acl_delete_def_file(conn,
dos_to_unix_static(fsp-fsp_name)) == -1) {
DEBUG(3,(set_nt_acl:
conn-vfs_ops.sys_acl_delete_def_file failed (%s)\n,
strerror(errno)));
free_canon_ace_list(file_ace_list);
+ free_canon_ace_list(dir_ace_list);
return False;
}
}
__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
Re: Limitations of Samba-2.2.x as a domain member talking to an AD domain controller
I had this similar question too. Apparently a Domain local group in the ADS does not show up on my Samba 2.2.5. Not sure what else would be. If nobody knows all of it, perhaps those who ever encountered any problem with this situation can just contribute, then we can assemble a list. Chere --- On Thu, Jan 23, 2003 at 10:54:19AM -0800, Richard Sharpe wrote: Can anyone point me at documentation on the limitations of a downlevel server being a member server in an AD network? The specific case I am thinking of is a Samba-2.2.x-based server. I don't have any documentation but I can tell you that you should have no problems if you install your domain controller with permissions compatible with pre-Windows 2000 machines. As far as I can work out this just adds the Everyone SID to the builtin Pre-Windows 2000 Compatible Access group. If this sid isn't present you'll have all sorts of weird problems to do with anonymous access to the LSA and SAM rpc pipes. Tim.
Re: PIPE BUSY
I guess I should have been more complete - I can send ONE fragment just fine, but when I send the next fragment (for a multy fragment request) I get back an SMB error that says PIPE_BUSY. (According to netmon). Does anyone know a rpcclient request that sends enough data to generate a multi-pdu request? (I'd use 3.0 but I can't get it compiled. :) Also looking for an example of Samba doing an RPC request via WriteX. -dave On Sat, 25 Jan 2003 09:14:51 +1100 Tim Potter [EMAIL PROTECTED] wrote: On Fri, Jan 24, 2003 at 12:34:44PM -0500, Dave Aitel wrote: Has anyone been able to send a DCE-RPC PDU fragment via SMBTrans? I seem to be getting PIPE BUSY as the SMB response from the Win2K server I'm testing against. Samba does it all the time! (-: Look in rpc_client/cli_pipe.c and/or in Luke's book, DCE/RPC over SMB: Samba and Windows NT Domain Internals ISBN 1578701503. Tim.
Re: Limitations of Samba-2.2.x as a domain member talking to an AD domain controller
On Fri, Jan 24, 2003 at 09:02:41AM -0500, Damian, G. C. (Gerald) wrote: [...] Is the any way for our pre 3.0 Samba servers to participate in AD and how do you set it up? Tridge has written a HOWTO which should be up to date with the latest Samba code. Look at the file ADS-HOWTO.txt in the Samba distribution. Executive summary: Samba 3.0 works nicely in a native mode AD environment using kerberos and LDAP. Tim.
Re: Limitations of Samba-2.2.x as a domain member talking to an ADdomain controller
On Sat, 25 Jan 2003, Tim Potter wrote: On Fri, Jan 24, 2003 at 09:02:41AM -0500, Damian, G. C. (Gerald) wrote: [...] Is the any way for our pre 3.0 Samba servers to participate in AD and how do you set it up? Tridge has written a HOWTO which should be up to date with the latest Samba code. Look at the file ADS-HOWTO.txt in the Samba distribution. Hmmm, that is not how I interpreted that question. For me, the phrase 'pre 3.0 Samba' suggested Samba 2.2.x. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Limitations of Samba-2.2.x as a domain member talking to an AD domain controller
On Fri, Jan 24, 2003 at 02:54:19PM -0800, Richard Sharpe wrote: Is the any way for our pre 3.0 Samba servers to participate in AD and how do you set it up? Tridge has written a HOWTO which should be up to date with the latest Samba code. Look at the file ADS-HOWTO.txt in the Samba distribution. Hmmm, that is not how I interpreted that question. For me, the phrase 'pre 3.0 Samba' suggested Samba 2.2.x. Oops - that was a bit silly. I think the answer is in fact you should be able to use pre-3.0 Samba as long as you create the machine account as pre-Windows 2000 and configure your domain to have permissions compatible with pre-Windows 2000 machines. This means basically having the Everyone SID in the pre-Windows 2000 Compatible Access builtin group. Tim.
Re: Samba-VMS 2.2.4 performance tuning?
About the poor performance if you compared it to Pathworks. A Samba server on Unix is also 4 times faster thea Samba OpenVMS Server. It is also Twice as fast to Export your Disk with NFS to a Unix Samba Server and then access it from Windows. And I'm talking about 2.2.7a There is room for performance improvment. Sylvain Plante Administrateur de système System Administrator Centre d'information topographique Center for Topographic Information Ressources Naturelles Canada Natural Ressources Canada 2144, rue King Ouest, bureau 010 2144, King Street West, suite 010 Sherbrooke (Québec) Sherbrooke (Québec) J1J 2E8 J1J 2E8 courriel: [EMAIL PROTECTED] email: [EMAIL PROTECTED] téléphone: (819) 564-5600 poste 228 phone: (819) 564-5600 ext. 228 télécopieur: (819) 564-5698 fax: (819) 564-5698
CVS update: samba/source/lib
Date: Fri Jan 24 16:34:54 2003 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv21120 Modified Files: Tag: SAMBA_3_0 sendfile.c Log Message: merging [un]signed declaration Revisions: sendfile.c 1.10.2.4 = 1.10.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/sendfile.c?r1=1.10.2.4r2=1.10.2.5
CVS update: samba/source/include
Date: Fri Jan 24 18:35:22 2003 Author: sharpe Update of /data/cvs/samba/source/include In directory dp.samba.org:/tmp/cvs-serv2429/include Modified Files: config.h.in Log Message: At the prompting, start to add infrastructure to detect the presence of getdirentries. We would also detect getdents if present. This has some rudimentary support already. Revisions: config.h.in 1.199 = 1.200 http://www.samba.org/cgi-bin/cvsweb/samba/source/include/config.h.in?r1=1.199r2=1.200
CVS update: samba/source
Date: Fri Jan 24 18:58:52 2003 Author: sharpe Update of /data/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv4755 Modified Files: configure configure.in Log Message: Commit just a little more infrastructure for HAVE_GETDIRENTRIES Revisions: configure 1.369 = 1.370 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure?r1=1.369r2=1.370 configure.in1.391 = 1.392 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure.in?r1=1.391r2=1.392
CVS update: samba/source/include
Date: Fri Jan 24 18:58:52 2003 Author: sharpe Update of /data/cvs/samba/source/include In directory dp.samba.org:/tmp/cvs-serv4755/include Modified Files: config.h.in Log Message: Commit just a little more infrastructure for HAVE_GETDIRENTRIES Revisions: config.h.in 1.200 = 1.201 http://www.samba.org/cgi-bin/cvsweb/samba/source/include/config.h.in?r1=1.200r2=1.201
CVS update: samba/source/lib
Date: Fri Jan 24 19:17:39 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv6728/lib Modified Files: Tag: APPLIANCE_HEAD util.c Log Message: Memory leak fix from Leo Qiu [EMAIL PROTECTED]. No CR#. Jeremy. Revisions: util.c 1.287.2.19 = 1.287.2.20 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/util.c?r1=1.287.2.19r2=1.287.2.20
CVS update: samba/source/lib
Date: Fri Jan 24 19:19:25 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv7091/lib Modified Files: Tag: SAMBA_3_0 util.c Log Message: Memory leak fix from Leo Qiu [EMAIL PROTECTED]. Jeremy. Revisions: util.c 1.358.2.10 = 1.358.2.11 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/util.c?r1=1.358.2.10r2=1.358.2.11
CVS update: samba/source/lib
Date: Fri Jan 24 21:20:31 2003 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv19211/lib Modified Files: Tag: SAMBA_3_0 gencache.c Log Message: masking an assert error in Tim's wins server checking code; needs a proper fix after I talk to tpot Revisions: gencache.c 1.1.2.4 = 1.1.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/gencache.c?r1=1.1.2.4r2=1.1.2.5
