[Samba] wbinfo: full name of nt user

2003-02-20 Thread Rothermel Wolfgang 
Hi,

is there a way to not only get the nt account user name (wbinfo -u) but also
the full name of a nt user account ?

Regards
Wolfgang
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] How to join a linux machine to a pure ActiveDirectoryDomain using Samba 3.0alpha21?

2003-02-20 Thread Alexander Skwar 
[EMAIL PROTECTED] schrieb:

 So it would appear that Kurt was correct

Wrong.

Please read the link Glenn send to the list:

http://www.experts-exchange.com/Operating_Systems/WinXP/Q_20461281.html#1

However, I don't care about XP Home.  I asked:

No, I haven't yet setup kerberos.

Will net ads join prompt me for the AD to join, or does it somehow
automagically figure out which AD to join?


Alexander Skwar
-- 
panic(Unable to find empty mailbox for aha1542.
);
2.2.16 /usr/src/linux/drivers/scsi/aha1542.c

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] explorer.exe crashing at login

2003-02-20 Thread Kristyan Osborne 
Hi,

Reading your email, are u implying that the default user settings are updated in the 
SP3. If this is the case if you have a Default User directory under the netlogin share 
does this mean it will have to updated. If this is the case then our highly modified 
NTUSER.dat will need to be updated from SP3 then all the mods will need to be 
reapplied. Is this the case???

Cheers

-
Kristyan Osborne IT Technician
Longhill High School
01273 391672

--
Computers are like airconditioners: They stop working properly if you open windows.
Win95:   A 32-bit patch for a 16-bit GUI shell running on top of an
 8-bit operating system written for a 4-bit processor by a
 2-bit company who cannot stand 1 bit of competition.


-Original Message-
From: Sam Hart [mailto:[EMAIL PROTECTED]]
Sent: 19 February 2003 16:54
To: Orion Poplawski
Cc: [EMAIL PROTECTED]
Subject: Re: [Samba] explorer.exe crashing at login


I don't think I'll be able to help solve your problem completely, but I 
may be able to send you in the right direction. We recently had this 
problem as well, and found that giving the users higher priviledges on 
their local client machines solved the problem (which, for our users, was 
not a desirable solution).

It turns out in our situation it had nothing to do with samba being 
configured incorrectly, but in the fact that the ntuser.* files in their 
profile directories had older (now incorrect) information in them (after 
the upgrade).

The way I had to solve it was to log in the users (non-priviledged) with 
out having their profiles roaming (so that Windows created a new profile 
for them) and then manually copy their new ntuser.* (uh... ntuser.dat, 
ntuser.dat.log and ntuser.ini, I think) files from the new profile back 
into their old profile (and then setting them back up to access their old 
profile) Doing this kludge solved the problem you are talking about in our 
system.

I am guessing (and this is just a shot in the dark) that in our case, the 
upgrade caused Winwoes (W2K) to think the domain had changed, and that 
this caused the previous profile information on the client machine to be 
lost (at least, when viewing ownership on the client machine, the user 
name was replaced with a long string of garbage).

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Joining Samba 3.0 to a pure Active Directory

2003-02-20 Thread Alexander Skwar 
Hello.

I'd like to join a Samba 3.0 alpha 21 server running on RedHat 8.0 to an
Active Directory.  This AD does NOT support Windows NT 4.0 Domains.

In a previous mail, I've been asked if I already have Kerberos setup and
tested.  I don't.  How do I test if Kerberos is working correctly for me?

If everything is working fine, I'd like the Samba server to join the AD
europe.delphiauto.net.  For this, I should type net ads join.  How
do I specify, which AD is to be joined?

And if this is also working, I'd like to be able to login to the Samba
server with a username/password which is ONLY in the AD.  Do I need any
special privileges in the AD for the server?

When this is also working, I'd like offer shares.  However, not every
user should be allowed to mount every share - IOW: restriction should
be done on a per user basis.  If I maintain a local smbpasswd, I know
that this shouldn't be a problem - but what if I use AD to do the
authentication?

Thanks a lot for all your help,
Alexander Skwar
-- 
#ifdef STUPIDLY_TRUST_BROKEN_PCMD_ENA_BIT
2.4.0-test2 /usr/src/linux/drivers/ide/cmd640.c

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Groups with Samba domain controler or domain member

2003-02-20 Thread bgforum2002 


Update again:
glibc-2.3.1-46 _did_ break alot of things.  I
downgraded back to the one that came on the RedHat 8.0
CD.

You could downgrade to RedHat 7.3 (run up2date!) to
fix this problem, or work around it as I described.  I
hadn't tested that workaround, so your only option
could be going back to 7.3.


Well, I tried to change the ownership to the numeric gid, it worked, but 
afterwards it doesn't show the group name, only the gid. So I'm not sure 
it is actually working. However, it is not so important for me by now, I 
will leave it as is by now; it would be more pain to mess wth glibc, 
than create some additional groups:)

__
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] domain users in local groups with Winbind/Samba/Redhat

2003-02-20 Thread Matthias Rutzki 
Hello again,

at the beginning thank you for your support.Today I had the time to test the
various proposals.Finally the gpasswd thing works in that way that I can
add any user to local groups.Even domain users...
Unfortunately the group members still can not access the shares. 

I have done it in this way:
1. stop smbd  nmbd 
2. add winbind use default domain = yes to the smb.conf 
3. create a testgroup with groupadd test1 
4. add my domain user (without the domain (domain+)) to this group with
gpasswd -a rutzki.matthias test1 
5. create a share called testshare with valid users = @test1 in smb
6. start smbd nmbd
7. logged in domain on a WIN98 System
8. try to access the testshare
9. System asks me for a password.

So, it seems that the samba does not find my user.Same failure when I add my
user with 
gpasswd -a west3+rutzki.matthias test1 to the local group.
Here is my winbind log:

#access to testshare with valid users = west3+rutzki.matthias (this works
perfect):
...
[ 8690]: getgroups west3+rutzki.matthias
[ 8690]: gid to sid 10250
[ 8690]: gid to sid 11001
[ 8690]: gid to sid 11255
[ 8690]: gid to sid 11257 
...

#access to testshare with valid users = @test1 or valid users =
+test1(ends in password request):
...
[ 8690]: getgroups west3+rutzki.matthias
[ 8690]: gid to sid 10250
[ 8690]: gid to sid 11001
[ 8690]: gid to sid 11255
[ 8690]: gid to sid 11257 
[ 8690]: getgroups west3+rutzki.matthias
[ 8690]: getgroups west3+rutzki.matthias
[ 8690]: getgroups west3+rutzki.matthias...(approx.: 30 times this message)
...

Has anyone an idea what winbind is doing there? Perhaps you need some other
winbind related configuration data:

/etc/nsswitch.conf:

passwd: files winbind 
shadow: files winbind
group:  files winbind 

/etc/samba/smb.conf:
...
security = domain 
...
winbind separator = +
winbind uid = 1-2
winbind gid = 1-2
winbind use default domain = yes
winbind cache time = 10
winbind enum users = no #(large domain)
winbind enum groups = no #(large domain)
template shell = /bin/bash
...
[testshare]
path = /1
guest ok = no 
writable = no 
browseable = yes
valid users = @test1 
write list = @test1 

/etc/pam.d/system-auth:
auth required   /lib/security/pam_env.so
auth sufficient   /lib/security/pam_winbind.so
auth sufficient  /lib/security/pam_unix.so likeauth
use_first_pass nullok
auth required   /lib/security/pam_deny.so
accountrequired   /lib/security/pam_winbind.so
password  required  /lib/security/pam_cracklib.so retry=3 type=
password  sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow
passwordrequired  /lib/security/pam_deny.so
session required  /lib/security/pam_limits.so
session required  /lib/security/pam_unix.so

I hope that will help you.Thank you for your help.

Greetings

Matthias 

--- David Boynton david.boynton2 at asu.edu wrote:
 Well, I got this to work once by manually editing
 the /etc/group file, like 
 adding the line:
 
 localgroup:x:gid: domain+user1,domain+user2,etc
 
 I don't know if this is a safe thing to do, however.
 :)

I don't believe you can safely manually edit this
file, as you would probably also have to edit
/etc/gshadow to match.  Unix/Linux has a tool called
gpasswd that will do this for you:
gpasswd -a user group

It lets you add users to a group without them existing
in /etc/passwd (they don't even have to exist at all).
Combine this with winbind use default domain = yes
in smb.conf and you're ready to go.

For example, in the domain ABC for the user john, do
this to add him to a 'local' Unix group called
smbusers:

gpasswd -a john smbusers

With winbind use default domain = yes you don't need
to prefix it with your domain.  Slick, huh?  (:

Good luck,
/dev/idal

-- 
+++ GMX - Mail, Messaging  more  http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Joining Samba 3.0 to a pure Active Directory

2003-02-20 Thread Alexander Skwar 
Alexander Skwar schrieb:

 In a previous mail, I've been asked if I already have Kerberos setup and
 tested.  I don't.  How do I test if Kerberos is working correctly for me?

In an off-list mail, someone told me to try

| For test your kerberos
|
| The command
|
| Kinit [EMAIL PROTECTED]
| And your password username

I'm getting this error:

[root@ugkbase samba]# kinit [EMAIL PROTECTED]
kinit(v5): Cannot find KDC for requested realm while getting initial
credentials

In the ads documentation file of samba at http://tinyurl.com/64gv I read
that I need to configure kerberos first:

| The minimal configuration for krb5.conf is:
|
| [realms]
| YOUR.KERBEROS.REALM = {
|kdc = your.kerberos.server
| }

That's what I did not yet do.

Suppose I've got some Windows clients which are already in the AD -
using these machines, can I figure out the name of the KDC?  If so, how?

Thanks again,


Alexander Skwar
-- 
/* When we have more time, we can teach the penguin to say
 * By your command or Activating turbo boost, Michael.
 */
2.2.16 /usr/src/linux/arch/sparc/prom/sun4prom.c

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Joining Samba 3.0 to a pure Active Directory

2003-02-20 Thread fabien assuid 
On your active directory initialize your password 
vz6tml 
 --- Alexander Skwar [EMAIL PROTECTED]
a écrit :  Alexander Skwar schrieb:
 
  In a previous mail, I've been asked if I already
 have Kerberos setup and
  tested.  I don't.  How do I test if Kerberos is
 working correctly for me?
 
 In an off-list mail, someone told me to try
 
 | For test your kerberos
 |
 | The command
 |
 | Kinit [EMAIL PROTECTED]
 | And your password username
 
 I'm getting this error:
 
 [root@ugkbase samba]# kinit
 [EMAIL PROTECTED]
 kinit(v5): Cannot find KDC for requested realm while
 getting initial
 credentials
 
 In the ads documentation file of samba at
 http://tinyurl.com/64gv I read
 that I need to configure kerberos first:
 
 | The minimal configuration for krb5.conf is:
 |
 | [realms]
 | YOUR.KERBEROS.REALM = {
 |  kdc = your.kerberos.server
 | }
 
 That's what I did not yet do.
 
 Suppose I've got some Windows clients which are
 already in the AD -
 using these machines, can I figure out the name of
 the KDC?  If so, how?
 
 Thanks again,
 
 
 Alexander Skwar
 -- 
 /* When we have more time, we can teach the penguin
 to say
  * By your command or Activating turbo boost,
 Michael.
  */
   2.2.16 /usr/src/linux/arch/sparc/prom/sun4prom.c
 
 -- 
 To unsubscribe from this list go to the following
 URL and read the
 instructions: 
http://lists.samba.org/mailman/listinfo/samba 

___
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Joining Samba 3.0 to a pure Active Directory

2003-02-20 Thread Alexander Skwar 
fabien assuid schrieb:
 On your active directory initialize your password 
 vz6tml 

What do you mean with initialize?  The user has a password and the
account is set so that the user does not have to change the password.

Alexander Skwar
-- 
/* Nobody will ever see this message :-) */
panic(Cannot initialize video hardware
);
2.0.38 /usr/src/linux/arch/m68k/atari/atafb.c

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] New Users wont authenticate.

2003-02-20 Thread Kevin Smith 
Im using Samba 2.2.7a  on my RH7.3 box. The 3 users I have had on the system
work flawlessly, but when I add a new user (userconf,  adduser, smbpasswd
-a) the system takes the user, it exists in both PSSWD files, but won't
allow logging on from the Win9x box. 
I look in /var/log/messages and it doesn't tell me anything, nor do my
etc/samba/log.smbd-nmbd files, is there a particular switch or configuration
in smb.conf that tells it to update the /etc/pamd/passdb file? 
I feel this is one of those cant see the forest for the trees situations,
any assistance is appreciated. 

Kev


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Help with Winbind

2003-02-20 Thread Khanh Tran 
OK, so I got all pam problems sorted out.  For those interested, this
pam/gdm worked on my RH 8.0 box:

auth   sufficient   /lib/security/pam_winbind.so
auth   sufficient   /lib/security/pam_unix.so likeauth use_first_pass
nullok
auth   required /lib/security/pam_stack.so service=system-auth
auth   required /lib/security/pam_nologin.so
accountsufficient   /lib/security/pam_winbind.so
accountrequired /lib/security/pam_stack.so service=system-auth
password   required /lib/security/pam_stack.so service=system-auth
sessionrequired /lib/security/pam_stack.so service=system-auth
sessionoptional /lib/security/pam_console.so

The only difference from what I had been using was the addition of the
likeauth and nullok options on the pam_unix.so library.

Now on to my next issue with home directories!  I've tried two methods.  

First, I've used what the Winbind docs says for template homedir in
smb.conf: /home/%D/%U.  When my user logs in, i get an error that the home
directory does not exist and then logs the user out.  This is expected
because they don't exist locally :)

Second, I tried first mounting all my users' home directories (we mount them
here under windows like Novell used to) under /home.DOMAIN.  Then, I changed
template homdir to /home/home.%D and restarted the Samba daemons.  The user
can log in, but I get the following permission error because I've got the
home dirs mounted as root.

Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
/home.DOMAIN/user/.gnome2 does not exist.
Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
/home.DOMAIN/user/.gnome2 does not exist.
Feb 20 08:12:26 Martyr gdm[849]: gdm_auth_user_add: /home.DOMAIN/user is not
owned by uid 10173.
Feb 20 08:12:47 Martyr gdm(pam_unix)[849]: session closed for user
DOMAIN\user

So, I guess my question is, is there a way to mount each user's home
directory with their proper auth credentials under unix?  I've read through
the MARC archives and seen brief mentions of a hacked pam_mount, but nothing
detailed or a more standard solution.

Thanks again for everyone's help.

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: Aaron Bennett [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 19, 2003 4:51 PM
To: Khanh Tran
Cc: '[EMAIL PROTECTED]'
Subject: Re: [Samba] Help with Winbind


For debugging purposes, put the machine in console mode (init 4 or 
whatever, just kill kdm/xdm/kdm), and modify /etc/pam.d/login as 
directed in the Howto.  Login is much simpler then gdm, so you don't 
have to worry about multiple levels of pam stuf.

best luck,

Aaron Bennett
UNIX Administrator
Franklin W. Olin College of Engineering

Khanh Tran wrote:
 OK, so I added the lines to /etc/pam.d/gdm file.  It's not a big deal for
me
 to re-install RH on this box, so I didn't bother with the telnet test.
 
 Anyway, I put in my username and password, and get this error:
 Feb 19 14:33:31 Martyr gdm(pam_unix)[835]: authentication failure;
logname=
 uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost
 
 But RH doesn't return to the username prompt, it asks for the password
 again, so I enter the same password again, and get: 
 Feb 19 14:33:45 Martyr pam_winbind[835]: user 'ADMIN+khanh' granted acces
 Feb 19 14:33:45 Martyr gdm(pam_unix)[835]: check pass; user unknown
 Feb 19 14:33:48 Martyr gdm-binary[835]: Couldn't authenticate user
 Feb 19 14:33:48 Martyr gdm(pam_unix)[835]: 1 more authentication failure;
 logname= uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost
 
 I'm guessing from the error that the box is trying to authenticate the
user
 to the local passwd file?  Anyway, thanks again for the help, but any more
 ideas?
 
 Khanh Tran
 Network Operations
 Sarah Lawrence College
 
 
 -Original Message-
 From: bin wen [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 19, 2003 2:24 PM
 To: Khanh Tran; '[EMAIL PROTECTED]'
 Subject: RE: [Samba] Help with Winbind
 
 
 Looks like you are login through GDM, so you probably
 have to change the /etc/pam/gdm file too. Before you
 do that, you may want to just do a telnet to the RH
 see what happens.
 --- Khanh Tran [EMAIL PROTECTED] wrote:
 
I changed the pam conf per the 12.5.3.6 section. 
Here's what I've got:

pam.d/login:
#%PAM-1.0
auth   required
/lib/security/pam_securetty.so
auth   sufficient   /lib/security/pam_winbind.so
auth   sufficient   /lib/security/pam_unix.so
use_first_pass
auth   required /lib/security/pam_stack.so
service=system-auth
auth   required /lib/security/pam_nologin.so
accountsufficient   /lib/security/pam_winbind.so
accountrequired /lib/security/pam_stack.so
service=system-auth
password   required /lib/security/pam_stack.so
service=system-auth
sessionrequired /lib/security/pam_stack.so
service=system-auth
sessionoptional /lib/security/pam_console.so

Khanh Tran
Network Operations
Sarah Lawrence College

RE: [Samba] New Users wont authenticate.

2003-02-20 Thread Khanh Tran 
First, I'd try to see if one of those initial 3 users can log into the Win9x
box.  That would eliminate network issues and such.  Then I'd see if you
could telnet, SSH, FTP, etc to the box to see if it's a problem limited to
the unix password or samba password files...

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: Kevin Smith [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 8:53 AM
To: Samba
Subject: [Samba] New Users wont authenticate. 


Im using Samba 2.2.7a  on my RH7.3 box. The 3 users I have had on the system
work flawlessly, but when I add a new user (userconf,  adduser, smbpasswd
-a) the system takes the user, it exists in both PSSWD files, but won't
allow logging on from the Win9x box. 
I look in /var/log/messages and it doesn't tell me anything, nor do my
etc/samba/log.smbd-nmbd files, is there a particular switch or configuration
in smb.conf that tells it to update the /etc/pamd/passdb file? 
I feel this is one of those cant see the forest for the trees situations,
any assistance is appreciated. 

Kev


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Novell EDirectory as LDAP backend

2003-02-20 Thread Stefan Voelkel 
Hi,
is anybody out there who is using Novell Edir. with samba?


Yes, 8.6.3 on a RH 7.3 to be precise.


I have searched the archive and found some random notes but no real 
success story.

Works pretty good. I have not yet tried to integrate cups but user 
authentification (unix login) is done via pam_ldap, i just have some 
problems getting password syncronisation running, users can alt-ctrl-del 
an change their windows password, but I want to set the user unix 
password too.

The only thing that does not work is to ldapadd or ldif import users 
with objectClass sambaAccount.

sambaAccount is an auxiliary class, i think you do need a real object 
class (like user). Take a look with the Schema Manager (ConsoleOne) at 
the user class, and the needed attributes (IIRC there are 4).

Adding posixAccount users and then adding the sambaAccount objectClass 
via Novells ConsoleOne works, so I guess this is a edir. specific 
problem which is OT here.

Check out the Novell News Servers, one is at:
	
	support-forums.novell.com

by
	Stefan


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Help with Winbind

2003-02-20 Thread Aaron Bennett 
Kanh --

I'm currently beating my head against the pam_mount wall, with no luck. 
 It's the only way I can think of to do this w/o storing the password 
in plain text.  pam_mount is supposed to be able to mount using the 
login credentials, but I haven't been able to make it work.  I'll report 
any results I find.  If you come across any other solutions, could you 
let me know?

Cheers,

Aaron Bennett

Khanh Tran wrote:
OK, so I got all pam problems sorted out.  For those interested, this
pam/gdm worked on my RH 8.0 box:

auth   sufficient   /lib/security/pam_winbind.so
auth   sufficient   /lib/security/pam_unix.so likeauth use_first_pass
nullok
auth   required /lib/security/pam_stack.so service=system-auth
auth   required /lib/security/pam_nologin.so
accountsufficient   /lib/security/pam_winbind.so
accountrequired /lib/security/pam_stack.so service=system-auth
password   required /lib/security/pam_stack.so service=system-auth
sessionrequired /lib/security/pam_stack.so service=system-auth
sessionoptional /lib/security/pam_console.so

The only difference from what I had been using was the addition of the
likeauth and nullok options on the pam_unix.so library.

Now on to my next issue with home directories!  I've tried two methods.  

First, I've used what the Winbind docs says for template homedir in
smb.conf: /home/%D/%U.  When my user logs in, i get an error that the home
directory does not exist and then logs the user out.  This is expected
because they don't exist locally :)

Second, I tried first mounting all my users' home directories (we mount them
here under windows like Novell used to) under /home.DOMAIN.  Then, I changed
template homdir to /home/home.%D and restarted the Samba daemons.  The user
can log in, but I get the following permission error because I've got the
home dirs mounted as root.

Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
/home.DOMAIN/user/.gnome2 does not exist.
Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
/home.DOMAIN/user/.gnome2 does not exist.
Feb 20 08:12:26 Martyr gdm[849]: gdm_auth_user_add: /home.DOMAIN/user is not
owned by uid 10173.
Feb 20 08:12:47 Martyr gdm(pam_unix)[849]: session closed for user
DOMAIN\user

So, I guess my question is, is there a way to mount each user's home
directory with their proper auth credentials under unix?  I've read through
the MARC archives and seen brief mentions of a hacked pam_mount, but nothing
detailed or a more standard solution.

Thanks again for everyone's help.

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: Aaron Bennett [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 19, 2003 4:51 PM
To: Khanh Tran
Cc: '[EMAIL PROTECTED]'
Subject: Re: [Samba] Help with Winbind


For debugging purposes, put the machine in console mode (init 4 or 
whatever, just kill kdm/xdm/kdm), and modify /etc/pam.d/login as 
directed in the Howto.  Login is much simpler then gdm, so you don't 
have to worry about multiple levels of pam stuf.

best luck,

Aaron Bennett
UNIX Administrator
Franklin W. Olin College of Engineering

Khanh Tran wrote:

OK, so I added the lines to /etc/pam.d/gdm file.  It's not a big deal for


me


to re-install RH on this box, so I didn't bother with the telnet test.

Anyway, I put in my username and password, and get this error:
Feb 19 14:33:31 Martyr gdm(pam_unix)[835]: authentication failure;


logname=


uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost

But RH doesn't return to the username prompt, it asks for the password
again, so I enter the same password again, and get: 
Feb 19 14:33:45 Martyr pam_winbind[835]: user 'ADMIN+khanh' granted acces
Feb 19 14:33:45 Martyr gdm(pam_unix)[835]: check pass; user unknown
Feb 19 14:33:48 Martyr gdm-binary[835]: Couldn't authenticate user
Feb 19 14:33:48 Martyr gdm(pam_unix)[835]: 1 more authentication failure;
logname= uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost

I'm guessing from the error that the box is trying to authenticate the

user


to the local passwd file?  Anyway, thanks again for the help, but any more
ideas?

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: bin wen [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 19, 2003 2:24 PM
To: Khanh Tran; '[EMAIL PROTECTED]'
Subject: RE: [Samba] Help with Winbind


Looks like you are login through GDM, so you probably
have to change the /etc/pam/gdm file too. Before you
do that, you may want to just do a telnet to the RH
see what happens.
--- Khanh Tran [EMAIL PROTECTED] wrote:



I changed the pam conf per the 12.5.3.6 section. 
Here's what I've got:

pam.d/login:
#%PAM-1.0
auth   required
/lib/security/pam_securetty.so
auth   sufficient   /lib/security/pam_winbind.so
auth   sufficient   /lib/security/pam_unix.so
use_first_pass
auth   required /lib/security/pam_stack.so
service=system-auth
auth   required

RE: [Samba] Help with Winbind

2003-02-20 Thread Khanh Tran 
Sure, I'll let you know, but could you pass along what you have for
pam_mount?  I didn't even start down that path yet.  I'm glad to here I'm
not alone though.  Additionally, this may sound really naive, but what's the
point of logging into a domain if you can't get anywhere?

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: Aaron Bennett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 9:11 AM
To: Khanh Tran
Cc: '[EMAIL PROTECTED]'
Subject: Re: [Samba] Help with Winbind


Kanh --

I'm currently beating my head against the pam_mount wall, with no luck. 
  It's the only way I can think of to do this w/o storing the password 
in plain text.  pam_mount is supposed to be able to mount using the 
login credentials, but I haven't been able to make it work.  I'll report 
any results I find.  If you come across any other solutions, could you 
let me know?

Cheers,

Aaron Bennett

Khanh Tran wrote:
 OK, so I got all pam problems sorted out.  For those interested, this
 pam/gdm worked on my RH 8.0 box:
 
 auth   sufficient   /lib/security/pam_winbind.so
 auth   sufficient   /lib/security/pam_unix.so likeauth use_first_pass
 nullok
 auth   required /lib/security/pam_stack.so service=system-auth
 auth   required /lib/security/pam_nologin.so
 accountsufficient   /lib/security/pam_winbind.so
 accountrequired /lib/security/pam_stack.so service=system-auth
 password   required /lib/security/pam_stack.so service=system-auth
 sessionrequired /lib/security/pam_stack.so service=system-auth
 sessionoptional /lib/security/pam_console.so
 
 The only difference from what I had been using was the addition of the
 likeauth and nullok options on the pam_unix.so library.
 
 Now on to my next issue with home directories!  I've tried two methods.  
 
 First, I've used what the Winbind docs says for template homedir in
 smb.conf: /home/%D/%U.  When my user logs in, i get an error that the home
 directory does not exist and then logs the user out.  This is expected
 because they don't exist locally :)
 
 Second, I tried first mounting all my users' home directories (we mount
them
 here under windows like Novell used to) under /home.DOMAIN.  Then, I
changed
 template homdir to /home/home.%D and restarted the Samba daemons.  The
user
 can log in, but I get the following permission error because I've got the
 home dirs mounted as root.
 
 Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
 /home.DOMAIN/user/.gnome2 does not exist.
 Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
 /home.DOMAIN/user/.gnome2 does not exist.
 Feb 20 08:12:26 Martyr gdm[849]: gdm_auth_user_add: /home.DOMAIN/user is
not
 owned by uid 10173.
 Feb 20 08:12:47 Martyr gdm(pam_unix)[849]: session closed for user
 DOMAIN\user
 
 So, I guess my question is, is there a way to mount each user's home
 directory with their proper auth credentials under unix?  I've read
through
 the MARC archives and seen brief mentions of a hacked pam_mount, but
nothing
 detailed or a more standard solution.
 
 Thanks again for everyone's help.
 
 Khanh Tran
 Network Operations
 Sarah Lawrence College
 
 
 -Original Message-
 From: Aaron Bennett [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 19, 2003 4:51 PM
 To: Khanh Tran
 Cc: '[EMAIL PROTECTED]'
 Subject: Re: [Samba] Help with Winbind
 
 
 For debugging purposes, put the machine in console mode (init 4 or 
 whatever, just kill kdm/xdm/kdm), and modify /etc/pam.d/login as 
 directed in the Howto.  Login is much simpler then gdm, so you don't 
 have to worry about multiple levels of pam stuf.
 
 best luck,
 
 Aaron Bennett
 UNIX Administrator
 Franklin W. Olin College of Engineering
 
 Khanh Tran wrote:
 
OK, so I added the lines to /etc/pam.d/gdm file.  It's not a big deal for
 
 me
 
to re-install RH on this box, so I didn't bother with the telnet test.

Anyway, I put in my username and password, and get this error:
Feb 19 14:33:31 Martyr gdm(pam_unix)[835]: authentication failure;
 
 logname=
 
uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost

But RH doesn't return to the username prompt, it asks for the password
again, so I enter the same password again, and get: 
Feb 19 14:33:45 Martyr pam_winbind[835]: user 'ADMIN+khanh' granted acces
Feb 19 14:33:45 Martyr gdm(pam_unix)[835]: check pass; user unknown
Feb 19 14:33:48 Martyr gdm-binary[835]: Couldn't authenticate user
Feb 19 14:33:48 Martyr gdm(pam_unix)[835]: 1 more authentication failure;
logname= uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost

I'm guessing from the error that the box is trying to authenticate the
 
 user
 
to the local passwd file?  Anyway, thanks again for the help, but any more
ideas?

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: bin wen [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 19, 2003 2:24 PM
To: Khanh Tran; '[EMAIL PROTECTED]'
Subject: RE: [Samba] Help

[Samba] pam_mount ( was RE: Help with Winbind )

2003-02-20 Thread Aaron Bennett 
Khanh Tran wrote:
 Sure, I'll let you know, but could you pass along what you have for
 pam_mount?  I didn't even start down that path yet.  I'm glad to here I'm
 not alone though.  Additionally, this may sound really naive, but 
what's the
 point of logging into a domain if you can't get anywhere?



Here's what I have so far with pam_mount:

project homepage:  { the first link on google is broken, use this one 
instead }

http://www.flyn.org/#id5426299


from the homepage:

--

This module is aimed at environments with SMB (Samba or Windows NT) or 
NCP (Netware or Mars-NWE) servers that Unix users wish to access 
transparently. It facilitates access to private volumes of these types 
well. The module also supports mounting home directories using loopback 
encrypted filesystems.

* Every user can access his own volumes
* The user needs to type the password just once (at login)
* The mouting process is transparent to the users
* There is no need to keep the login passwords in any additional file


  The volumes are unmounted upon logout, so it saves system 
resources, avoiding the need of listing every every possibly useful 
remote volume in /etc/fstab or in an automount/supermount config file. 
This is also necessary for securing encrypted filesystems.

Pam_mount understands SMB, NCP, and any type of filesystem that can be 
mounted using the standard mount command. If someone has a particular 
need for a different filesystem, feel free to ask me to include it and 
send me patches.

--

the current version, 0.5.11, on that page doesn't compile for me under 
Rhat 8.  However, an older version, 0.5.9, does compile.  However it's 
poorly documented and I'm not sure if it works for this stuff.  At any 
rate I haven't been able to make it work, yet.  It appears it is or was 
part of connectiva linux.

Does anyone else in samba land have any experience with pam_mount?

Khanh Tran wrote:
Sure, I'll let you know, but could you pass along what you have for
pam_mount?  I didn't even start down that path yet.  I'm glad to here I'm
not alone though.  Additionally, this may sound really naive, but what's the
point of logging into a domain if you can't get anywhere?

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: Aaron Bennett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 9:11 AM
To: Khanh Tran
Cc: '[EMAIL PROTECTED]'
Subject: Re: [Samba] Help with Winbind


Kanh --

I'm currently beating my head against the pam_mount wall, with no luck. 
  It's the only way I can think of to do this w/o storing the password 
in plain text.  pam_mount is supposed to be able to mount using the 
login credentials, but I haven't been able to make it work.  I'll report 
any results I find.  If you come across any other solutions, could you 
let me know?

Cheers,

Aaron Bennett

Khanh Tran wrote:

OK, so I got all pam problems sorted out.  For those interested, this
pam/gdm worked on my RH 8.0 box:

auth   sufficient   /lib/security/pam_winbind.so
auth   sufficient   /lib/security/pam_unix.so likeauth use_first_pass
nullok
auth   required /lib/security/pam_stack.so service=system-auth
auth   required /lib/security/pam_nologin.so
accountsufficient   /lib/security/pam_winbind.so
accountrequired /lib/security/pam_stack.so service=system-auth
password   required /lib/security/pam_stack.so service=system-auth
sessionrequired /lib/security/pam_stack.so service=system-auth
sessionoptional /lib/security/pam_console.so

The only difference from what I had been using was the addition of the
likeauth and nullok options on the pam_unix.so library.

Now on to my next issue with home directories!  I've tried two methods.  

First, I've used what the Winbind docs says for template homedir in
smb.conf: /home/%D/%U.  When my user logs in, i get an error that the home
directory does not exist and then logs the user out.  This is expected
because they don't exist locally :)

Second, I tried first mounting all my users' home directories (we mount

them


here under windows like Novell used to) under /home.DOMAIN.  Then, I


changed


template homdir to /home/home.%D and restarted the Samba daemons.  The


user


can log in, but I get the following permission error because I've got the
home dirs mounted as root.

Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
/home.DOMAIN/user/.gnome2 does not exist.
Feb 20 08:12:26 Martyr gdm[849]: gdm_slave_session_start: Directory
/home.DOMAIN/user/.gnome2 does not exist.
Feb 20 08:12:26 Martyr gdm[849]: gdm_auth_user_add: /home.DOMAIN/user is


not


owned by uid 10173.
Feb 20 08:12:47 Martyr gdm(pam_unix)[849]: session closed for user
DOMAIN\user

So, I guess my question is, is there a way to mount each user's home
directory with their proper auth credentials under unix?  I've read


through


the MARC archives and

[Samba] pam_unix.so likeauth? (Was: Help with Winbind)

2003-02-20 Thread Chris de Vidal 
--- Khanh Tran [EMAIL PROTECTED] wrote:
 auth   sufficient   /lib/security/pam_unix.so
 likeauth use_first_pass nullok
snip
 The only difference from what I had been using was
 the addition of the
 likeauth and nullok options on the pam_unix.so
 library.

Could you help my ignorance?  What does likeauth do
for you?  I'm only using use_first_pass, and I don't
want nullok.

In /usr/share/doc/pam-0.75/txts/pam.txt:
The likeauth argument makes the module return the
same value when called as a credential setting module
and an authentication module.  This will help libpam
take a sane path through the auth component of your
configuration file.

That wasn't very helpful.

I Googled this option but didn't find anything useful.
 I didn't see an explanation of why you're using it in
this thread, either, unless I just missed it.

So could you explain, in human terms, how this helps
your setup?  (:

Thanks for the education,
/dev/idal

__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] RE: pam_unix.so likeauth? (Was: Help with Winbind)

2003-02-20 Thread Khanh Tran 
It makes it work!  I was reading through the other messages on the list with
similar subjects, and found this one:

-Original Message-
From: Matthias Rutzki [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 4:51 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: [Samba] domain users in local groups with Winbind/Samba/Redhat

It was a long message, so I won't quote it again, but if you read back,
you'll find this message.  I just decided I'd try his pam setup and it
worked after I added the likeauth option.  I tend to just do whatever it
takes to make it work first and then go back and figure out what
consequences I'll run into afterwards...

Khanh Tran
Network Operations
Sarah Lawrence College


-Original Message-
From: Chris de Vidal [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 9:55 AM
To: Khanh Tran; 'Aaron Bennett'
Cc: [EMAIL PROTECTED]
Subject: pam_unix.so likeauth? (Was: Help with Winbind)


--- Khanh Tran [EMAIL PROTECTED] wrote:
 auth   sufficient   /lib/security/pam_unix.so
 likeauth use_first_pass nullok
snip
 The only difference from what I had been using was
 the addition of the
 likeauth and nullok options on the pam_unix.so
 library.

Could you help my ignorance?  What does likeauth do
for you?  I'm only using use_first_pass, and I don't
want nullok.

In /usr/share/doc/pam-0.75/txts/pam.txt:
The likeauth argument makes the module return the
same value when called as a credential setting module
and an authentication module.  This will help libpam
take a sane path through the auth component of your
configuration file.

That wasn't very helpful.

I Googled this option but didn't find anything useful.
 I didn't see an explanation of why you're using it in
this thread, either, unless I just missed it.

So could you explain, in human terms, how this helps
your setup?  (:

Thanks for the education,
/dev/idal

__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Solaris, Samba and Windows XP Home ed

2003-02-20 Thread Wilfred J G Francis 
Am having problems connecting a Windows XP Home Edition PC to
Solaris(V4) via Samba (V0.9??). We can connect all other Windows
operating systems without any problems. Would anyone know of a fix. I
know  Kansas State University, USA, advised its users in May
2002(www.ksu.edu/cns/announce/20020507xphome.html), not to bother with
XP Home. Link explains why. Just wondering if there has been a fix since
then or should I be giving my department users the same advise.

We have just taken delivery of a new server onto which I will be
installing Solaris 8 with Samba 1.3, should I expect the same problem?

I do apologise if this has already been aired and would appreciate a
pointer towards those mailings.

Thanks
8-)
Wilfred
* * * * * * * * * * * * * * * * *
Physiology Computing Group
Physiology Department
University College London 
Extension: 33265
Telephone: +44(0)20 7679 3265
Email: [EMAIL PROTECTED]
Website: www.physiol.ucl.ac.uk
* * * * * * * * * * * * * * * * *

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Is Samba made for trash ?!?

2003-02-20 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, 20 Feb 2003, Michael Paarmann wrote:

 Yes. And that's what confuse me. Everyone from a Win98 or W2K
 workstation can log in and gets the login script and so on - but Samba
 generates this error message. Can i ignore this ? If yes, it's ok, but
 this messages fill up my logs.

Do you have security = domain?  Did you join teh Samba box to the 
domain using smbpasswd?  Please supply a copy of your smb.conf.
Send it to me off list if you want.

 In this case:Yes. And the clients crash much more often than before i
 replace the old server based on novell with Samba. The intenstion of
 replacing novell was to stabilize the network. I've checked the hardware
 once again and it's ok. But this messages appears whether the client
 dies or not!

You are dealing with a different network protocol and different network 
clients.  It is possible that a misformatted response could cause client 
crashes (like explorer.exe or spoolss.exe), but you are going to have to 
be more specific here.  

I will say that there are no known issues of clients crashing due to 
the Samba release.

 Or are 35 workstations and 15 printers too much for one Samba server ?

No.  Samba on apprpriate hardware can handle much more than that :-)

 
   smbd[30829]: [2003/02/11 14:02:15, 0]
   rpc_server/srv_netlog.c:api_net_sam_logon(206)
   smbd[30829]:   api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON.
 
 Please see the ml archives on this one.  99% chance you can ignore it.
 
 Can i disable this warning ?

Upgrade to 2.2.7a.  You are running and older release.






cheers, jerry
 --
 Hewlett-Packard- http://www.hp.com
 SAMBA Team -- http://www.samba.org
 GnuPG Key   http://www.plainjoe.org/gpg_public.asc
 You can never go home again, Oatman, but I guess you can shop there.  
--John Cusack - Grosse Point Blank (1997)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+VPZDIR7qMdg1EfYRAt+AAKDDQwSXQQoUeK+O1wxGnlDCen5K+QCgpkAl
OA37r8xHJJE89qdjX9ZR2w8=
=9NZO
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] explorer.exe crashing at login

2003-02-20 Thread Sam Hart 
 Hi,
 
 Reading your email, are u implying that the default user settings are 
updated in the SP3. If this is the case if you have a Default User 
directory under the netlogin share does this mean it will have to 
updated. If this is the case then our highly modified NTUSER.dat will 
need to be updated from SP3 then all the mods will need to be reapplied. 
Is this the case???

I'm not certain, I guess they could be. We did recently apply SP3 (very 
recently) and I actually hadn't made the connection.

In our situation, we don't have a Default user directory, everyone has 
their own unique login. Also, we have roaming profiles disabled (which is 
retained for legacy purposes, i.e., certain members of our staff would 
have a cow if they lost their bookmarks/backgrounds ;-) so the profiles 
are stored on the client machines.

If you do have a highly modified NTUSER.dat file, then you may need to 
have it be recreated... I dont know. Was this an NTUSER.dat file that was 
modified by hand? (Not like I can help you further one way or the other, 
it's just that I've always been far too squeemish to look much in, let 
alone mess with, these files, so I'm curious.)

-- 
Sam Hart
University/Work addr. [EMAIL PROTECTED]
Personal addr. [EMAIL PROTECTED]
end

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: domain users in local groups with Winbind/Samba/Redhat

2003-02-20 Thread Chris de Vidal 
--- Matthias Rutzki [EMAIL PROTECTED] wrote:
 Unfortunately the group members still can not access
 the shares. 

I'm sorry, I'd tested this some time back and should
have told you.  Winbind doesn't appear to obey local
group membership for domain users on the Samba box.

We worked around this by creating an NT global group
and added members to that.  Then we chgrp all files
and directories, then chmod g+rw on all files and
directories, then chmod g+xs all directories like so:
chgrp -R G_servername /path/to/share
chmod -R g+rw /path/to/share
find /path/to/share -type d -print0 | xargs -0 chgrp
g+xs

It is important NOT to set files g+xs.  It is
important to use s (set group id) so files created in
the future in that share always have the same group.

 I have done it in this way:
 1. stop smbd  nmbd 
 2. add winbind use default domain = yes to the
 smb.conf 
 3. create a testgroup with groupadd test1 

Instead, open User Manager for Domains and add an NT
global group.  I like to use something like
G_servername so we A.) know it is a global group and
B.) know that if a user can't access a server he just
needs to be in that global group.

 4. add my domain user (without the domain (domain+))
 to this group with
 gpasswd -a rutzki.matthias test1 

Instead, use User Manager to add users to this group.

 5. create a share called testshare with valid users
 = @test1 in smb

Use the NT global group here instead.

 6. start smbd nmbd
 7. logged in domain on a WIN98 System
 8. try to access the testshare
 9. System asks me for a password.

Should be fine now.  I tested it this morning with a
user with a dot in his name and he could access the
share.

I don't know how a Samba PDC reacts to local groups. 
Also, if you apply ACLs, your group memberships can be
more flexible and you won't need a global group for
each server.. a file or directory can have multiple
groups.

I hope local group membership will be recognized in
Samba 3.0.  Perhaps it is an engineering impossibility
and will never be recognized?

Sorry to mislead you, but I hope you're on the right
track now.
/dev/idal

__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba PDC and NetApps Success

2003-02-20 Thread Randy Parker 
Just FYI, I successfully joined a Samba PDC with
a NetApps filer yesterday. Looking through past
message lists I couldn't see that it had ever
been reported before.

Samba 3.0 Alpha 21
NetApps F840 with 6.3.1 release

Regards,
Randy Parker
Dallas, Texas
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Is Samba made for trash ?!?

2003-02-20 Thread Michael Paarmann 
Hi Jerry !




Do you have security = domain?  Did you join teh Samba box to the
domain using smbpasswd?  Please supply a copy of your smb.conf.
Send it to me off list if you want.


Ok, here it is:

[global]
workgroup = Office
os level = 128
server string = File- and Printserver
encrypt passwords = Yes
guest account = Nobody
map to guest = Bad User
security = DOMAIN
printing = LPRNG
printcap name = /etc/printcap
load printers = Yes
socket options = TCP_NODELAY
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Re-enter*new*password* %n\n 
*Password*changed*
unix password sync = yes
local master = YES
character set = ISO8859-15
client code page = 850
mangle case = no
case sensitive = no
short preserve case = yes
preserve case = yes
time server = yes
admin users = domadmin
log file = /var/log/samba/samba_log.%U@%m
max log size = 500
log level = 0
logon script = %U.bat
logon path = \\server_office01\%U\profileNT
logon home = \\server_office01\%U
hide dot files = yes
domain logons = YES
domain master = YES
preferred master = True
local master = Yes
wins support = Yes
hosts allow = 192.168.0.
hosts deny = ALL EXCEPT 192.168.0.
kernel oplocks = NO
level2 oplocks = NO

[homes]
comment = Home Directories
read only = No
create mask = 0770
directory mask = 0770
browseable = No
oplocks = no

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon

[printers]
comment = Alle Drucker
path = /tmp
create mask = 0600
printable = Yes
browseable = No
printer admin = @ma
oplocks = no

[profiles]
comment = Network Profiles Service
path = /home/%U/profileNT
writeable = yes
create mode = 0770
directory mode = 0770
browseable = No
oplocks = NO

[interna]
path = /daten/interna
create mode = 0770
directory mode = 0770
force group = ma
valid users = @ma
comment = Interna
write list = @ma
oplocks = NO

and so on...

I've disabled all oplocks. With them the clients crashed much more often 
than without. But Samba is a lot slower.


You are dealing with a different network protocol and different network
clients.


No, i'm only working with TCP/IP now. And yes, the clients work with W98 or 
W2K.

  It is possible that a misformatted response could cause client
crashes (like explorer.exe or spoolss.exe), but you are going to have to
be more specific here.


That's right. Spool32.exe or spoolss.exe die very often. I can see a read 
or a write socket error in the log list nearly at the same time.


I will say that there are no known issues of clients crashing due to
the Samba release.

 Or are 35 workstations and 15 printers too much for one Samba server ?

No.  Samba on apprpriate hardware can handle much more than that :-)


Ok.


Upgrade to 2.2.7a.  You are running an older release.


Hmm, do you really think that this can solve some of my problems? The 
update from 2.2.3a to 2.2.5 wasn't very effective.

But is there a possibility to set Samba in a kind of Compatibility Mode, 
so that i can be sure the source of the problems isn't Samba ?

Thanks in advance.

Michel








cheers, jerry
 --
 Hewlett-Packard- http://www.hp.com
 SAMBA Team -- http://www.samba.org
 GnuPG Key   http://www.plainjoe.org/gpg_public.asc
 You can never go home again, Oatman, but I guess you can shop there.
--John Cusack - Grosse Point Blank (1997)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+VPZDIR7qMdg1EfYRAt+AAKDDQwSXQQoUeK+O1wxGnlDCen5K+QCgpkAl
OA37r8xHJJE89qdjX9ZR2w8=
=9NZO
-END PGP SIGNATURE-

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Teo Chee Hong/isp is out of the office.

2003-02-20 Thread teoch 
I will be out of the office starting  02/20/2003 and will not return until
02/22/2003.

I will respond to your message when I return.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Help in Password Server

2003-02-20 Thread Walter Vendraminetto 
Hello,
i need help because my samba server is not working.
I have a Samba TNG server which SUCCEEDS in authenticating all users stored
in a LDAP Directory. They (admins before me) installed in a RH7.3 Box the
rpms of Samba HEAD 2.2.3a which *sholud* make available some shares (e.g.
users' home) while authenticating against the TNG. The previous version of
Samba HEAD did work but since its upgrade it doesn't work anymore. I'm
determined to understand why.

The SAMBA HEAD is uses TNG as a PASSWORD server but it seems that no trust
relationship is found:
-
--
[2003/02/20 10:29:04, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
  cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2003/02/20 10:29:04, 0] rpc_client/cli_login.c:cli_nt_setup_creds(74)
  cli_nt_setup_creds: auth2 challenge failed
[2003/02/20 10:29:04, 0] smbd/password
c:connect_to_domain_password_server(1335)
  connect_to_domain_password_server: unable to setup the PDC credentials to
machine TNG_DOM. Error was : SUCCESS - 0.
[2003/02/20 10:29:04, 0] smbd/password.c:domain_client_validate(1554)
  domain_client_validate: Domain password server not available.
-
--

- From the log it seems that some information should be wrote to the HEAD
server in order to estabilish the PDC credentials
- Why it says 'Error' on a SUCCESS assertion ?
- Can someone provide me with a LDAP trust relationship ? Stated that TNG
works fine as a PDC i desume that trust relationship work fine.
- Is it possible that an upgrade would make it ?

The openldap server is OpenLDAP 2.0.27.

Thanks
Walter
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] pam_smbpass and ldap

2003-02-20 Thread rossp 
I upped teh loge level in my smb.conf jsut to see if that would give
me anything.  Even at log level = 10 the samba logs say nothing when I
do passwd test0.  In my pam.d/passwd file I have one line for
testing, password required pam_smbpass.so.  running passwd test0
looks like this:

  ppc-test:~# passwd test0
  Enter new SMB password:
  Retype new SMB password:
  Failed to find entry for user test0.

  passwd: Authentication token manipulation error

auth.log says:

Feb 20 17:58:00 ppc-test PAM_smbpass[513]: username [test0] obtained
Feb 20 17:58:00 ppc-test PAM_smbpass[513]: username [test0] obtained
Feb 20 17:58:03 ppc-test PAM_smbpass[513]: password change failed for
user test0

and the samba logs with log level at 10 say nothing.

Do I need auth or other lines in pam.d/passwd?  If so, why cause
debian comes with only password lines in pam.d/passwd?  Straces show
pam.d/other being opened.  other in configured only with pam_unix.so
which goes through nss which is configred for LDAP.  Do I need
pam_smbpass.so in there?  If so, why?

I've been pouring over straces, but I just can't figure it out.  I can
see it try to open /etc/passwd at one point.  I have straces of both
the successful smbpasswd test0 call and the unsuccessful passwd
test0 call.  I can e-mail cleaned up full straces, but until
requested, I'll just include the open() lines:

--- smbpasswd test0
open(/etc/ld.so.preload, O_RDONLY)= -1 ENOENT (No such file or
directory)
open(/etc/ld.so.cache, O_RDONLY)  = 3
open(/usr/lib/libldap.so.2, O_RDONLY) = 3
open(/usr/lib/liblber.so.2, O_RDONLY) = 3
open(/lib/libresolv.so.2, O_RDONLY)   = 3
open(/usr/lib/libcups.so.2, O_RDONLY) = 3
open(/lib/libdl.so.2, O_RDONLY)   = 3
open(/lib/libnsl.so.1, O_RDONLY)  = 3
open(/lib/libpam.so.0, O_RDONLY)  = 3
open(/lib/libc.so.6, O_RDONLY)= 3
open(/lib/libcrypt.so.1, O_RDONLY)= 3
open(/usr/lib/libsasl.so.7, O_RDONLY) = 3
open(/usr/lib/i686/cmov/libssl.so.0.9.7, O_RDONLY) = 3
open(/usr/lib/i686/cmov/libcrypto.so.0.9.7, O_RDONLY) = 3
open(/lib/libdb2.so.2, O_RDONLY)  = 3
open(/etc/localtime, O_RDONLY)= 3
open(/etc/samba/smb.conf, O_RDONLY|O_LARGEFILE) = 3
open(/usr/share/samba/codepages/codepage.850, O_RDONLY|O_LARGEFILE)
= 3
open(/usr/share/samba/codepages/unicode_map.850,
O_RDONLY|O_LARGEFILE) = 3
open(/usr/share/samba/codepages/unicode_map.ISO8859-1,
O_RDONLY|O_LARGEFILE) = 3
open(/var/lib/samba/secrets.tdb, O_RDWR|O_CREAT|O_LARGEFILE, 0600) =
3
open(/dev/tty, O_RDWR|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 4
open(/dev/tty, O_RDWR|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 4
open(/etc/resolv.conf, O_RDONLY)  = 4
open(/etc/nsswitch.conf, O_RDONLY)= 4
open(/etc/ld.so.cache, O_RDONLY)  = 4
open(/lib/libnss_files.so.2, O_RDONLY) = 4
open(/etc/host.conf, O_RDONLY)= 4
open(/etc/hosts, O_RDONLY)= 4
open(/etc/ldap/ldap.conf, O_RDONLY|O_LARGEFILE) = 4
open(/root/ldaprc, O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file
or directory)
open(/root/.ldaprc, O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file
or directory)
open(ldaprc, O_RDONLY|O_LARGEFILE)= -1 ENOENT (No such file or
directory)
open(/dev/null, O_RDONLY|O_NONBLOCK|O_DIRECTORY) = -1 ENOTDIR (Not a
directory)
open(/usr/lib/sasl, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) =
-1 ENOENT (No such file or directory)
open(/etc/hosts, O_RDONLY)= 4
open(/etc/hosts, O_RDONLY)= 4
open(/etc/ld.so.cache, O_RDONLY)  = 4
open(/lib/libnss_dns.so.2, O_RDONLY)  = 4
open(/etc/hosts, O_RDONLY)= 5
open(/etc/ld.so.cache, O_RDONLY)  = 5
open(/lib/libnss_ldap.so.2, O_RDONLY) = 5
open(/etc/libnss-ldap.conf, O_RDONLY) = 5
open(/etc/ldap.secret, O_RDONLY)  = 5
open(/etc/hosts, O_RDONLY)= 4
open(/etc/hosts, O_RDONLY)= 4
open(/etc/hosts, O_RDONLY)= 6
open(/etc/hosts, O_RDONLY)= 4
open(/etc/hosts, O_RDONLY)= 4
open(/etc/hosts, O_RDONLY)= 6

--- passwd test0
open(/etc/ld.so.cache, O_RDONLY)  = 3
open(/lib/libcrypt.so.1, O_RDONLY)= 3
open(/lib/libpam.so.0, O_RDONLY)  = 3
open(/lib/libpam_misc.so.0, O_RDONLY) = 3
open(/lib/libdl.so.2, O_RDONLY)   = 3
open(/lib/libc.so.6, O_RDONLY)= 3
open(/var/run/utmp, O_RDWR)   = 3
open(/etc/nsswitch.conf, O_RDONLY)= 3
open(/etc/ld.so.cache, O_RDONLY)  = 3
open(/lib/libnss_ldap.so.2, O_RDONLY) = 3
open(/usr/lib/libldap.so.2, O_RDONLY) = 3
open(/usr/lib/liblber.so.2, O_RDONLY) = 3
open(/lib/libnsl.so.1, O_RDONLY)  = 3
open(/lib/libresolv.so.2, O_RDONLY)   = 3
open(/usr/lib/libsasl.so.7, O_RDONLY) = 3
open(/usr/lib/i686/cmov/libssl.so.0.9.7, O_RDONLY) = 3
open(/usr/lib/i686/cmov/libcrypto.so.0.9.7, O_RDONLY) = 3
open(/lib/libdb2.so.2, O_RDONLY)  = 3
open(/etc/libnss-ldap.conf, O_RDONLY) = 3
open(/etc/ldap.secret, O_RDONLY)  = 3
open(/etc/resolv.conf, O_RDONLY)  = 3
open(/etc/ld.so.cache, O_RDONLY)  = 3
open(/lib/libnss_files.so.2, O_RDONLY) = 3

re: [Samba] Does smbmount support timeout equivalent to nfs softmount ?

2003-02-20 Thread Greg Freemyer 
   BTW, Windows share needs to be mounted in real time, instead of Linux
   boot time. So possibly I could not put it to /etc/fstab.

Leave it in fstab, but say noauto in the options section
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Printing question

2003-02-20 Thread Esler, Joel Contractor 
We have printers sitting off of a W2K Native AD FP Server.  Is it possible
to print to the printer with a Linux client using Samba?  If so, how is this
accomplished?

J
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Printing question

2003-02-20 Thread Joel Hammer 
The basic command is:
cat file | smbclient //server/share -c 'print -'
Note: smbclient doesn't need samba running to work.

The things you need to arrange in this setting are:
1. Getting the file filtered on the samba box before it is sent to the
windows printer.
2. Taking care of any password stuff in the smbclient command.

Once you have this working, you can then explore getting this command put
into a print filter on the linux box and set it up to work with lpr.

Joel


On Thu, Feb 20, 2003 at 02:01:48PM -0500, Esler, Joel  Contractor wrote:
 We have printers sitting off of a W2K Native AD FP Server.  Is it possible
 to print to the printer with a Linux client using Samba?  If so, how is this
 accomplished?
 
 J
 -- 
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Netbios name service forwarding.

2003-02-20 Thread James 
I wrote this little program to deal with the situation
where there are a number of workgroups on a number of
subnets with no WINS server [actually I couldn't get this
configuration to run with a WINS server - but that's
another story]

You run this program on machines bridging your subnets and
it listens for netbios nameserver packets and forwards
them. [Broadcast packets are sent on to other nets as
broadcast packets, the unicast replies are returned as
unicast replies] It also sends a copy of any netbios
traffic it sees to the local nmbd which will be running
on a different port.

So I have a machine running samba bridging 
eth0 192.168.42.0/24
eth1 192.168.48.0/24

I start nmbd with nmbd -D -p 138
and this program
nbnsfw 138 eth0 eth1

then my windows machines on each side can resolve names
without a WINS server and across multiple workgroups.

take care,

J.


/*
 * nbnsfw.c:
 *
 * Copyright (c) 2003 James McKenzie [EMAIL PROTECTED],
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 *
 */

static char rcsid[] =
  $Id: nbnsfw.c,v 1.2 2003/02/20 22:00:46 root Exp root $;

/*
 * $Log: nbnsfw.c,v $
 * Revision 1.2  2003/02/20 22:00:46  root
 * #
 *
 * Revision 1.1  2003/02/20 21:54:22  root
 * Initial revision
 *
 */


#include syslog.h
#include stdio.h
#include sys/ioctl.h
#include sys/types.h
#include sys/socket.h
#include netinet/in.h
#include sys/time.h
#include sys/types.h
#include unistd.h
#include string.h
#include strings.h
#include malloc.h
#include net/if.h
#include arpa/inet.h


#define NETBIOSPORT 137

typedef struct iface_struct
{
  struct iface_struct *next;
  char *name;
  int fd;
  struct sockaddr_in me;
  struct sockaddr_in nmbd;
  struct sockaddr_in bcast;
  struct sockaddr_in addr_cache[0x1];
}
 *iface;

iface ifs;


void
open_if (char *name, int nb_port, int dm_port)
{
  struct sockaddr_in me = { 0 };
  iface i = (iface) malloc (sizeof (struct iface_struct));

  int fd;
  int one = 1;
  int j;

  struct ifreq ifr = { 0 };

  bzero (i, sizeof (struct iface_struct));

  i-name = strdup (name);
  i-fd = socket (AF_INET, SOCK_DGRAM, 0);
  if (i-fd  0)
{
  syslog (LOG_ERR, Can't open socket: %m);
  exit (1);
}

  strcpy (ifr.ifr_name[0], name);
  if (setsockopt (i-fd, SOL_SOCKET, SO_BINDTODEVICE, ifr, sizeof (ifr)))
{
  syslog (LOG_ERR, Can't bind to interface %s: %m, name);
  exit (1);
}


  bzero (ifr, sizeof (ifr));
  strcpy (ifr.ifr_name[0], name);
  if (ioctl (i-fd, SIOCGIFADDR, ifr))
{
  syslog (LOG_ERR, Can't get ip address for interface %s: %m, name);
  exit (1);
}
  bcopy (ifr.ifr_addr, i-me, sizeof (struct sockaddr_in));
  i-me.sin_port = htons (nb_port);

  bzero (ifr, sizeof (ifr));
  strcpy (ifr.ifr_name[0], name);
  if (ioctl (i-fd, SIOCGIFBRDADDR, ifr))
{
  syslog (LOG_ERR, Can't get broadcast address for interface %s: %m,
  name);
  exit (1);
}
  bcopy (ifr.ifr_addr, i-bcast, sizeof (struct sockaddr_in));
  i-bcast.sin_port = htons (nb_port);


  me.sin_addr.s_addr = INADDR_ANY;
  me.sin_port = htons (nb_port);

  if (bind (i-fd, (struct sockaddr *) me, sizeof (struct sockaddr_in))  00)
{
  syslog (LOG_ERR, Can't bind to port %d on interface %s: %m,
  nb_port, name);
  exit (1);
}

  if (setsockopt (i-fd, SOL_SOCKET, SO_BROADCAST, one, sizeof (one)))
{
  syslog (LOG_ERR, Can't enable broadcasts on interface %s: %m, name);
  exit (1);
}

  i-nmbd = i-me;
  i-nmbd.sin_port = htons (dm_port);

  for (j = 0; j  0x1; ++j)
{
  i-addr_cache[j].sin_addr.s_addr = INADDR_BROADCAST;
  i-addr_cache[j].sin_port = htons (nb_port);
}

  {
char buf[1024], *ptr = buf;

ptr +=
  sprintf (ptr, Initialized %s ip %s, name, inet_ntoa (i-me.sin_addr));
ptr += sprintf (ptr,  bcast %s, inet_ntoa (i-bcast.sin_addr));

syslog (LOG_ERR, ptr);
  }


  i-next = ifs;
  ifs = i;
}


int
main (int argc, char **argv)
{
  unsigned char buf[8192];
  int w = getdtablesize ();
  int len;
  int fromlen;
  iface i, j;
  struct sockaddr_in from;
  fd_set rfds;
  int tid;
  int bcast;
  int dmport;

  if (argc  3)
{
  fprintf (stderr, Usage:\n);
  fprintf (stderr, %s nmbdport interface [interface] [interface] ...\n);
  exit (1);
}

  openlog (nbnsfw, LOG_CONS, LOG_DAEMON);

  daemon (0, 0);

Re: [Samba] Suport to HP UX 10.20

2003-02-20 Thread Jonathan Gowland 
On Thu, Feb 20, 2003 at 11:35:10AM -0300, MARIO YWAO AKIOKA wrote:

 I need to test SAMBA with a HP K 9000 Class machine, with HP-UX 10.20
 operating system.
 Wich SAMBA software version is compatible with this OS? How can I get this
 software?

You can get Samba 2.2.3a for HP-UX 10.20, in HP-UX depot format (for
use with the HP-UX swinstall command), from the Software Porting And
Archive Centre for HP-UX (http://hpux.connect.org.uk/ - it has nine
mirrors in other locations).

We've been running Samba from this site for years, and running the
above version for the last six months.

-- 
Jonathan Gowland 
GenaWare
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] cupsaddsmb - why the heck can't I getrpcclient-addprinter to work?

2003-02-20 Thread Kurt Pfeifle 
Date: Thu, 20 Feb 2003 20:11:21 +
From: Brian Johnson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [Samba] cupsaddsmb - why the heck can't I get rpcclient-addprinter to work?
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain;charset=iso-8859-1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: list
Message: 39

I can't seem to get the rpcclient-addprinter to work - grr


Which versions of software are you using? Samba, CUPS?  Which OS?


It looks like the drivers files are copied correctly and the NT drivers are added
correctly but the addprinter command says it's unsuccessful!


cupsaddsmb - why the heck can't I get rpcclient-addprinter to work?

Maybe because your CUPS/cupsaddsmb version is too old ?

The addprinter rpcclient command formerly used by cupsaddsmb has
long been replaced by the setdriver command...


Cheers,
Kurt



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba-LDAP too imature for production?

2003-02-20 Thread Bradley W. Langhorst 
/On Thu, 2003-02-20 at 15:23, Jim wrote:
 2.2.7a
 
 It seems that samba-ldap is still to immature for any kind of production 
 environment.  The provided Perl scripts simply do not work with the 'add 
 user script' setting or if they do, then there is an an undocumented 
 bug, issue, etc.   The scripts work fine from the command line but 
 aparently samba won't execute them properly.  Since I cannot expect my 
 users to understand enough of the vagaries of Unix to log in with ssh 
 and add thier machines to the system I don't see how samba-ldap can be 
 implemented in a production environment.
well - i use the smbldap-tools in production...
are you sure you have the permissions right?

add user script = /usr/sbin/smbldap-useradd.pl -a -m %u
delete user script = /usr/sbin/smbldap-userdel.pl %u
add group script = /usr/sbin/smbldap-groupadd.pl %g
delete group script = /usr/sbin/smbldap-groupdel.pl %g
add user to group script = /usr/sbin/smbldap-groupmod.pl -m %u
%g
delete user from group script = /usr/sbin/smbldap-groupmod.pl -x
%u %g
add machine script = /usr/sbin/smbldap-useradd.pl -w -n %u
(this is samba3 but i used to have it working on samba 2.2.5 too)

brad

-- 
Bradley W. Langhorst [EMAIL PROTECTED]

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Damnit audit

2003-02-20 Thread Hal Roberts 
Damnit, pay attention to the list.

I submitted a patch to fix this in reply to your message about a week ago.
 Look back in the list archives.

-hal

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 On Wed, 19 Feb 2003, Zoki wrote:

 Le 22/01/2003 08:59, « Eugene M. Zheganin » [EMAIL PROTECTED] a
 écrit :

  Hi, all.
 
  It seems like everybody ignore my letters about audit in samba.

 snip

 Yes...there are reported seg faults in the audit VFS module in
 Samba 2.2.  And yes the ones we know about will be fixed for
 2.2.8.  I've already replied to this effect once I think.

 Feel free to submit a patch if you have one.





 cheers, jerry
  --
 Hewlett-Packard- http://www.hp.com
 SAMBA Team -- http://www.samba.org
 GnuPG Key   http://www.plainjoe.org/gpg_public.asc
 You can never go home again, Oatman, but I guess you can shop there.

 --John Cusack - Grosse Point Blank (1997)

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.2.0 (GNU/Linux)
 Comment: For info see http://quantumlab.net/pine_privacy_guard/

 iD8DBQE+VEs3IR7qMdg1EfYRAtiHAKDsnC5A0zNpOGfLz6H/goCFxxWzYQCgm9ue
 43HRpPQX1oElhZjaxuCv0UQ=
 =kI6w
 -END PGP SIGNATURE-

 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [samba] windows client use Linux printer

2003-02-20 Thread Joel Hammer 
Congratulations. Getting an understanding of printing problems, rather
than just blindly trying this or that printing software solution,
is really the way to go with printing.

I am not sure why you are just getting black and white printing. Is there a
configuration setting in the HP driver on the windows box that is set to BW
only?  Can you print color from the linux server?

I have no good idea why the use of a postscript driver on the windows client
is not a universal solution for all windows clients. Maybe it is too
simple. Maybe they think they will get better results if they use the
driver supplied by the printer manufacturer. 

There is at least one problem if you use the lexmark windows driver and
send the jobs to the raw queue. My lexmarkz53 windows driver had an
option for two way communication with the printer. Such communication
is impossible with the samba server between you and the printer, and
printing won't work. You have to turn the two way communication option
off in the lexmark windows software. This minor item took me a LONG time
to figure out.

Joel



On Wed, Feb 19, 2003 at 05:45:45PM +0200, David Harel wrote:
 Hi and thanks Joel,
 
 This information is priceless.
 I did what you recommended and got it printing. As I see the problem, 
 the most problematic part is to set the driver on the windows client 
 that will produce the desired postscript image. The printer you 
 recommended is not on the list as you typed it. I found the printer: HP 
 Laser Jet III Postscript Plus v2010.118  which works black and white 
 only. Now I am looking for a printer driver that will produce color images.
 As the role of the driver on the windows system is only to produce 
 postscript image I think samba documents should include a recommendation 
 for such a driver.
 
 Joel Hammer wrote:
 
 This is always a tricky situation. There is nothing simple about printing.
 It may look simple, but it is not.  So, to get it done, I keep it as
 simple as possible.
 
 Basics:
 The windows client transfers the job, prefiltered, to the spool directory
 listed in the samba print share. Then, the command you have supplied in the
 samba print share is invoked to print that file. The file name is %s.
 Now, things are hard to follow when you get fancy and use (perhaps
 unknowingly) a bunch of default settings which may not be what you need.
 Attempting to load the drivers onto you samba server to allow easy
 configuration on the windows clients is also another source of error.
 
 Now, a basic question is this: Can you print from the samba server directly
 to your printer? lexmark does provide some nice drivers for their printers
 for linux, but other drivers might be available. Anyway, if you have a
 driver for your lexmark printer that works in linux, that means you can
 convert postscript files to a format your printer understands. If so, you
 can just use a generic postscript driver on your windows client. HP Laserjet
 III + works fine for me. Then, direct your printjobs to the queue that does
 all your other printing on the linux server, and the problem is solved.
 
 Here is what I have in my set up:
 
 This is /etc/printcap
 
 ps|z53:\
 sh:sd=/var/spool/lpd/z53:mx#0:\
 :lp=/dev/lp0:\
 :if=/usr/local/lexmark/z53/z53.sh  
 :mc#1
 :sh:
 
 lp|LP|z53-outfiles:\
  :sd=/var/spool/lpd/lp:\
  :mx#0:\
  :lp=/dev/lp0:\
  :sh:rw:
 
 The first handles postscript jobs, the second handles jobs that are
 already filtered for this printer, ie, a raw queue. This raw queue is
 there to print test pages from the linux server, too. If you filter
 your jobs on your clients with the lexmark driver, you would use queue #2
 (lp). If you send postscript jobs, you would use #1 (ps).  Notice there
 is no if parameter in the raw queue.
 
 Here is my printer share definitions. I don't use the special printer share,
 because I don't have dozens of printer to service, and I want to be sure I
 know what samba is really trying to do.
 smb.conf:
 
 [lp]
  comment = Raw Printer for Z53
  path = /tmp
  create mask = 0700
  guest ok = yes
  hosts allow = 192.168.
  printable = Yes
  printing = lprng
  print command = echo %J %p %s/tmp/junkJ;\
a=`echo '%J' | sed s/^.*- //` ;\
 echo This is truncated $a  /tmp/junkJ;\
/usr/bin/lpr -Plp  -J$a  %s;\
rm %s
  lpq command = /usr/bin/lpq -Plp
  lprm command = /usr/bin/lprm -Plp %j
  lppause command = /usr/sbin/lpc hold -Plp %j
  lpresume command = /usr/sbin/lpc release -Plp %j
  printer name = lp
  share modes = No
 
 [ps]
  comment = Filtered for Z53
  path = /tmp
  read only = No
  create mask = 0700
  guest ok = yes
  hosts allow = 192.168.
  printable = Yes
  printing = lprng
  print command = echo %J %p %s/tmp/junkJ;\
a=`echo '%J' | sed

Re: [Samba] Is it possible to specify Username/Password in a UNCwhen connecting to a samba server from W2K?

2003-02-20 Thread bkrusic 
Hi,

Mebbe I don't understand but try this;

smbmount //foo/bar -o username=foo password-bar

I use this to cross mount servers of various types for
sym link integrity.  My way of load balancing.
Bri-

__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Success! (was Re: [Samba] samba print server

2003-02-20 Thread Clayton Slaughter 
Hello ,

I guess I'm talking to myself but I finally got the printer to work
changing to security = share.

My home directories still require authentication. I guess security =
user doesn't permit printers to be active.

I'm headed to replace the redhat with gentoo so that I can have just
the right amount of software on the server and move my file server to
another box with a fat hard drive.

I would like to understand why security = user won't permit me to
secure the printers. I'm on a private home network of 7 computers so
it really doesn't matter with the firewall in place.

Here's my smb.conf:
#=== Global Settings =
[global]

# workgroup = NT-Domain-Name or Workgroup-Name
   workgroup = SLAUGHTERHOUSE

# server string is the equivalent of the NT Description field
   server string = UTILITY

# if you want to automatically load your printer list rather
# than setting them up individually then you'll need this
;   printcap name = /etc/printcap
;   load printers = yes

# added from doc:
;   printing = bsd
   printcap name = /etc/printcap
   load printers = yes
;   log file = /var/log/samba-log.%m
;   lock directory = /var/lock/samba

# this tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/%m.log

# Put a capping on the size of the log files (in Kb).
   max log size = 0

# Security mode. Most people will want user level security. See
# security_level.txt for details.
;   security = user
security = share

# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
   encrypt passwords = yes
   smb passwd file = /etc/samba/smbpasswd

# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
;   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
   dns proxy = no 


# Share Definitions ==
[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   valid users = %S
   create mode = 0664
   directory mode = 0775


# NOTE: If you have a BSD-style print system there is no need to 
# specifically define each individual printer
[printers]
   comment = All Printers
;   path = /var/spool/lpd/lp
   path = /var/spool/samba
   browseable = no
;   public = yes
;   create mode = 0700
;guest ok = yes
# Set public = yes to allow user 'guest account' to print
   guest ok = no
   writable = no
   printable = yes



   end smb.conf

   I changed 2 things: I removed the socket line and changed security
   to share.
  

-- 
See Ya,
 Clayton  mailto:[EMAIL PROTECTED]

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] cupsaddsmb - why the heck can't I getrpcclient-addprinter to work?

2003-02-20 Thread Brian Johnson 
cups-1.1.14-15.2
samba-2.2.7-1.7.3

Educate me please ...
man rpcclient shows:
setdriver printername drivername - Execute a SetPrinter() command
 to  update  the  printer driver associated with an installed printer.
 The printer driver must already be correctly installed on  the  print
 server.

 See  also  the  enumprinters and enumdrivers commands for obtaining a
 list of of installed printers and drivers.

This sounds like the printer must already be installed - how is that done if not via
addprinter?

Currently, if I use enumprinters and enumdrivers (without a level setting), I get a
listing of installed drivers and installed printers.  If I run setdriver for each of
the printer/driver pairs, will it work?  I just did it but don't have a windows
client to test it against until tomorrow (I'm connected remotely via a ssh terminal)



Kurt Pfeifle ([EMAIL PROTECTED]) wrote*:

 Date: Thu, 20 Feb 2003 20:11:21 +
 From: Brian Johnson [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: [Samba] cupsaddsmb - why the heck can't I get rpcclient-addprinter to work?
 Message-ID: [EMAIL PROTECTED]
 Content-Type: text/plain;charset=iso-8859-1
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 Precedence: list
 Message: 39

 I can't seem to get the rpcclient-addprinter to work - grr

Which versions of software are you using? Samba, CUPS?  Which OS?

 It looks like the drivers files are copied correctly and the NT drivers are added
 correctly but the addprinter command says it's unsuccessful!

cupsaddsmb - why the heck can't I get rpcclient-addprinter to work?

Maybe because your CUPS/cupsaddsmb version is too old ?

The addprinter rpcclient command formerly used by cupsaddsmb has
long been replaced by the setdriver command...


Cheers,
Kurt



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] PATCH: downloading drivers from Solaris [was Re: SoSAMBA no longer ...]

2003-02-20 Thread Oktay Akbal 
On Thu, 20 Feb 2003, Gerald (Jerry) Carter wrote:

 OK.  after more time than I would like to admit, here the's fix.
 The bug is obvious now that I see it.  Sorry for the headaches
 this caused.

Sorry, if I missed something, but is this really only a problem with
solaris or might this be a problem on linux ?

Oktay Akbal
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [PATCH] fix sid_to_uid() return correct sidtype

2003-02-20 Thread Michael Steffens 
[EMAIL PROTECTED] wrote:

On Wed, Feb 19, 2003 at 10:20:35PM +0100, Stefan (metze) Metzmacher wrote:


At 21:07 19.02.2003 +, [EMAIL PROTECTED] wrote:


On Wed, Feb 19, 2003 at 10:03:57PM +0100, Stefan (metze) Metzmacher wrote:


HI all,

here's a small fix for returning the correct sidtype in sid_to_uid() and
sid_to_gid()

this should be applied to all branches with the new uid - sid caching 

code

No attachment - please try again.

Jeremy.


mailman filtered it out...:-(



Actually I made the cache cache the sidtype also.
Please check over the code I just checked in...


Had also thought about caching the sitype, but then omitted it. Isn't
it redundant? What else than SID_NAME_USER and SID_NAME_DOM_GRP can
go there, residing in different caches?

Cheers!
Michael

Accessing Linux workstation from Linux server using samba ..pl

2003-02-20 Thread raj rajesh kalagarla 
Hi,

  I am having another doubt that can we access linux 
workstation from linux server or windows machines in the network 
using samba?

Regards,
Rajesh.K

Re: problem with oplocks.

2003-02-20 Thread Olaf Frczyk 
On Tue, 2003-02-18 at 03:34, Michael B. Allen wrote:
 I wondered what was meant by this too. I concluded it was just a zealous
 choice of words. I believe he means that a) even after being granted an
 oplock break the client may still find the file is locked and ultimately
 get a sharing violation and b) on any system other than Windows or systems
 with kernel oplocks the file can still be written to and possibly c)
 if the oplock holder looses connectivity and another writer commits
 changes data will be lost. There's nothing unreliable or technically
 flawed about the protocol though. NFSv4 will have the same issues.
Hi,


I was thinking about the c scenario.

Re: problem with oplocks.

2003-02-20 Thread Olaf Frczyk 
On Tue, 2003-02-18 at 03:34, Michael B. Allen wrote:
 On Mon, 17 Feb 2003 15:02:59 -0600
  Um... Just curious, but how are oplocks are unreliable by definition?
 
 I wondered what was meant by this too. I concluded it was just a zealous
 choice of words. I believe he means that a) even after being granted an
 oplock break the client may still find the file is locked and ultimately
 get a sharing violation and b) on any system other than Windows or systems
 with kernel oplocks the file can still be written to and possibly c)
 if the oplock holder looses connectivity and another writer commits
 changes data will be lost. There's nothing unreliable or technically
 flawed about the protocol though. NFSv4 will have the same issues.
Hi,

Sorry if I had confused you.
I was thinking about the c scenario.

Regards,

Olaf Fraczyk

Cisco, Nortel, Sun, . - !

2003-02-20 Thread Cisco - 
úÄÒÁ×ÓÔ×ÕÊÔÅ!
 
Cisco, Nortel, Sun, ÔÅÌÅÆÏÎÉÑ É ÐÒ. - ÏÄÎÉ ÉÚ ÌÕÞÛÉÈ ÃÅÎ × íÏÓË×Å!
 
éÍÅÅÔÓÑ ×ÏÚÍÏÖÎÏÓÔØ ÐÏÓÔÁ×ÌÑÔØ ÏÂÏÒÕÄÏ×ÁÎÉÅ CISCO, Nortel, Lucent, Sun  É ÄÒ. ÐÏ ÃÅÎÁÍ 
ÎÉÖÅ ÒÙÎÏÞÎÙÈ. 
ðÒÉÞÅÍ ËÁË ÎÏ×ÏÅ ÏÂÏÒÕÄÏ×ÁÎÉÅ, ÔÁË É Â\Õ É ×ÏÓÓÔÁÎÏ×ÌÅÎÎÏÅ, ×ÓÅ Ó ÇÁÒÁÎÔÉÅÊ, ÞÅÒÅÚ 
ÆÉÒÍÕ, ÓÏ ×ÓÅÍÉ ÄÏËÕÍÅÎÔÁÍÉ.
 
óÒÏËÉ ÐÏÓÔÁ×ËÉ - 1-3 ÎÅÄÅÌÉ, ÐÒÉ ÐÏÓÔÏÑÎÎÙÈ ÚÁËÕÐËÁÈ ÂÙÓÔÒÅÅ.
 
äÌÑ ÆÉÒÍ - ×ÏÚÎÁÇÒÁÖÄÅÎÉÅ ÌÉÃÁÍ, ÏÔ×ÅÔÓÔ×ÅÎÎÙÍ ÚÁ ÚÁËÕÐËÕ ÏÂÏÒÕÄÏ×ÁÎÉÑ!
 
îÁÛÉ ÃÅÎÙ - ÄÅÊÓÔ×ÉÔÅÌØÎÏ ÎÉÚËÉÅ (20-30% ÏÔ GPL ÎÁ ÎÏ×ÏÅ, 40-70% - ÎÁ Â\Õ)
 
îÁ ×ÓÅ ÏÂÏÒÕÄÏ×ÁÎÉÅ ÇÁÒÁÎÔÉÑ 1 ÇÏÄ, × Ô.Þ. ÎÁ Â\Õ!
çÉÂËÉÅ ÕÓÌÏ×ÉÑ ÐÏÓÔÁ×ËÉ!
 
ðÒÉÓÙÌÁÊÔÅ ÓÐÉÓÏË ÉÎÔÅÒÅÓÕÀÝÅÇÏ ×ÁÓ ÏÂÏÒÕÄÏ×ÁÎÉÑ Ó ÕËÁÚÁÎÉÅÍ ËÏÌÉÞÅÓÔ×Á, ÕÓÌÏ×ÉÊ É 
ÓÏÓÔÏÑÎÉÑ ÏÂÏÒÕÄÏ×ÁÎÉÑ (ÎÏ×ÏÅ, Â\Õ) É ÍÙ 
× ËÒÁÔÞÁÊÛÉÅ ÓÒÏËÉ ÐÏÄÇÏÔÏ×ÉÍ ÏÐÔÉÍÁÌØÎÙÅ ÄÌÑ ×ÁÓ ÐÒÅÄÌÏÖÅÎÉÑ.
 
ðÒÉÎÏÓÉÍ ÷ÁÍ Ó×ÏÉ ÉÚ×ÉÎÅÎÉÑ, ÅÓÌÉ ÄÁÎÎÏÅ ÐÉÓØÍÏ  ÐÏÐÁÌÏ ÎÅ ÐÏ ÁÄÒÅÓÕ.
ðÉÓØÍÏ ÎÏÓÉÔ ÒÁÚÏ×ÙÊ ÈÁÒÁËÔÅÒ, × ÄÁÌØÎÅÊÛÅÍ ÷Ù ÐÏÄÏÂÎÙÈ ÐÉÓÅÍ ÐÏÌÕÞÁÔØ ÎÅ ÂÕÄÅÔÅ.
÷ÁÛ ÁÄÒÅÓ ×ÚÑÔ ÉÚ ÏÔËÒÙÔÙÈ ÉÓÔÏÞÎÉËÏ×.

RE: Make Admins be admin users

2003-02-20 Thread Ken Cross 
Andrew:

You've a valid point that the domain isn't checked (although it's
probably still correct for Enterprise Admins).

The idea was to do it automatically.  Adding Domain Admins to admin
users in smb.conf would have the correct results unless somebody forgets
to do it.  This is especially true if the domain changes.  Hence the
hack.

Since we're trying to emulate a Windows environment, Windows admins
expect to have certain privileges.  Is there a better way to do this
automatically?

Ken


Ken Cross

Network Storage Solutions
Phone 865.675.4070 ext 31
[EMAIL PROTECTED] 

 From: Andrew Bartlett [mailto:[EMAIL PROTECTED]] 
 
 On Thu, 2003-02-20 at 00:17, Ken Cross wrote:
  Related to the Allow chown of directories patch, I added a hack 
  where members of Admins, Domain Admins, or Enterprise Admins 
  automatically become admin users.  (This really saved a lot of 
  headaches for admins.)
  
  Note that this sets conn-admin_user, but does *not* set 
 uid to 0 or 
  force_user -- those caused subtle problems.
  
  This applies to SAMBA_3_0.
 
 This means that administrators in a 'trusted' domain (which 
 means you trust the domain to authenticate it's own users, 
 not to administer your
 server) has root on your box.
 
 I suggest you use:
 
 'admin users = @MYDOM\Domain Admins'
 
 In you smb.conf instead.
 
 We are going to get rid of 'sid_peek_rid' soon, as it allows 
 this kind of thing too easily - you simply don't know which domain...
 
 (The sid_peek_check_rid() version makes sure you have to 
 specify it up front).
 
 Andrew Bartlett

Re: [PATCH] fix sid_to_uid() return correct sidtype

2003-02-20 Thread Michael Steffens 
Michael Steffens wrote:

[EMAIL PROTECTED] wrote:


On Wed, Feb 19, 2003 at 10:20:35PM +0100, Stefan (metze) Metzmacher 
wrote:

At 21:07 19.02.2003 +, [EMAIL PROTECTED] wrote:


On Wed, Feb 19, 2003 at 10:03:57PM +0100, Stefan (metze) Metzmacher 
wrote:

HI all,

here's a small fix for returning the correct sidtype in 
sid_to_uid() and
sid_to_gid()

this should be applied to all branches with the new uid - sid 
caching 


code

No attachment - please try again.

Jeremy.



mailman filtered it out...:-(




Actually I made the cache cache the sidtype also.
Please check over the code I just checked in...



Had also thought about caching the sitype, but then omitted it. Isn't
it redundant? What else than SID_NAME_USER and SID_NAME_DOM_GRP can
go there, residing in different caches?


Noticed why :)
The current caching code does also cache local lookups, meaning that
local groups (and machine SIDs when Samba is running as DC) can also
occur?

Hmm, I'm not sure whether the speed gain for local lookups outweighs
the costs of having them wipe winbind SID mapping cache entries.
The latter ones look more expensive to me.

Cheers!
Michael

RE: Make Admins be admin users

2003-02-20 Thread Andrew Bartlett 
On Thu, 2003-02-20 at 21:29, Ken Cross wrote:
 Andrew:
 
 You've a valid point that the domain isn't checked (although it's
 probably still correct for Enterprise Admins).

 The idea was to do it automatically.  Adding Domain Admins to admin
 users in smb.conf would have the correct results unless somebody forgets
 to do it.  This is especially true if the domain changes.  Hence the
 hack.
 
 Since we're trying to emulate a Windows environment, Windows admins
 expect to have certain privileges.  Is there a better way to do this
 automatically?

Well, I assume your smb.conf file is automatically generated to some
extent, so just extend that.  (I assume you set 'workgroup' from some
other interface, for example).

However, NT admins do not have 'root' power over their system.  That is
reserved for 'System'.  NT admins have their power due to ACLs and
privileges.  The privileges part is being worked on, but a more limited
hack has been employed by other NAS vendors to give 'change ownership'
permissions.  The rest is up to what ACLs you set on your file system.

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net



signature.asc
Description: This is a digitally signed message part

Re: Accessing Linux workstation from Linux server using samba ..pl

2003-02-20 Thread Michael Breuer 
Assuming you're using a recent redhat release... the default workstation 
installation installs firewall rules which block incoming connections. 
This is documented at redhat.com, along with instructions for modifying 
the default rules.

raj rajesh kalagarla wrote:

Hi,

  I am using samba on my both systems working as linux server  
workstation in windows environment.  I am able to access windows 
machines in the network by both machines. And also I am able to access 
linux server from Linux workstation but the reverse is not working 
(accessing linux workstation from linux server).

Pl clarify that whether samba will solve the above problem?
 How can I access linux workstation from linux server?

Regards,
Rajesh.K





smime.p7s
Description: S/MIME Cryptographic Signature

Win2K/XP, oplocks, and readahead.

2003-02-20 Thread Peter Godman 
Hi!

I'm forwarding this message, which I orignally posted to the samba list,
in the hopes of reaching a wider audience for my question.  Thanks for
considering my problem.

I'm working with Samba backed by a high performance filesystem.  From a
Windows 2K and Windows XP client I'm trying to achieve very high speed
single file throughput over GigE from the Windows client using either
open/write or CreateFile/ReadFile APIs.  I'd rather not venture into
overlapped IO there so that we don't have to recommend that all our
customers rewrite their applications!

I'm seeing a problem where it appears that windows is not reading data far
enough ahead (or maybe at all) to keep the pipeline full.  From assessing
the load on samba, it is a apparent that much of its time is spent idle.  
The characteristics of the load suggest that WinXP or Win2000 is not
requesting readahead far enough to be useful.  My link roundtrip latency
is around .4 ms beyond the data transmission time, the samba servicing
time for 32K of data (32K is the blocksize I'm using) is about .27 ms, and
the wire time for 32K of data should be around .27ms on GigE.

I understand that it is necessary that oplocking be functional to have the
windows client read ahead.  However, I have verified that oplocks are
being established, yet still the readahead seems either nonexistant or
minimal.  I don't know how to establish which.  FreeBSD is the host OS.  
I have verified that samba is not sleeping on socket buffer space, and
this is borne out by the fact that changing TCP window sizes on client and
server improves performance very little.  In addition, samba isn't
sleeping on the filesystem reads, as readahead on the filesystem ensures
data is always available when the windows client requests it.

I'd be grateful for answers to any of the following questions:

1.  How do Windows clients determine appropriate levels of readahead?  
Are there any caps on this algorithm that I might be hitting? 
2.  Is the client or server responsible for producing readahead data (I'm
assuming this is the client)? 
3.  Any other tips on how to make this work or anecdotal evidence of
single file performance in the half-gigabit/sec ballpark in the read
and write of a single file? 
4.  Is there any way for samba to send unsolicited readahead data to the
Windows client when an oplock has been established?
5.  Any samba tricks for debugging this?

In terms of registry keys I've already changed those for window sizes,
MTU, UseOpportunisticLocking, SizReqBuf (to 64K), EnablePMTUDiscovery,
MaxCmds.

Here's my samba configuration:

[global]
  encrypt passwords = yes
  log file = /var/log/samba.log
  max log size = 100
  local master = no
  read size = 8192
  # below socket sizes have been varied without effect
  socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=65536
SO_SNDBUF=65536
  dns proxy = no
  change notify timeout = 3000
  disable spoolss = yes
  smb passwd file = /usr/local/private/smbpasswd
  password server = *
  winbind uid = 1-2
  winbind gid = 1-2
  winbind enum users = yes
  winbind enum groups = yes
  workgroup = FOO
  server string = A Samba Server
  hosts allow = 
  security = SHARE
  oplocks = true

[myfs]
  printable = no
  level2 oplocks = true
  guest ok = yes
  path = /myfs
  comment = myfs
  read only = no
  hide dot files = no
  share modes = no

Samba and windows xp

2003-02-20 Thread Jalene Joyner 
I have set up a server with Redhat linux version 7.3 running Samba
2.2.7...  initially this was configured using the SWAT.  This particular
server is not only a file server but a webserver and provides database
support through MySQL.  Shares and users have been set up and the system
has worked fine ever since.  From a Winxp client I can connect to the
server and work as though it was my hard drive.  So have a setup that
works and has continued to work.

 

In the meantime I have tried setting up two additional servers with the
same configuration software wise and for some reason we will have
connectivity through Samba for a 3-5 days then all the sudden I get
messages to the affect that I don't have permission to use the network
resource.  I know this sounds crazy but this happens all on its own.
Absolutely no changes were made on the server to cause this to happen.
I have talked to several people that were more experienced than I and I
had already tried their ideas.  BTW I have tried syncing all the
passwords/usernames and the problem is still there.

 

Below is what my smb.conf file looks like:

 

# Samba config file created using SWAT

# from localhost.localdomain (127.0.0.1)

# Date: 2003/02/20 08:22:26

 

# Global parameters

[global]

  workgroup = HDS

  netbios name = RH_TIC1

  server string = Samba Server

  security = DOMAIN

  encrypt passwords = Yes

  update encrypted = Yes

  obey pam restrictions = Yes

  pam password change = Yes

  passwd program = /usr/bin/passwd %u

  passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*

  unix password sync = Yes

  log file = /var/log/samba/%m.log

  max log size = 0

  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

  preferred master = False

  local master = No

  domain master = False

  dns proxy = No

  printing = lprng

 

[homes]

  comment = Home Directories

  valid users = %S

  read only = No

  create mask = 0664

  directory mask = 0775

  browseable = No

 

[printers]

  comment = All Printers

  path = /var/spool/samba

  printable = Yes

  browseable = No

 

[tic1]

  path = /tic1

  read only = No

  guest ok = Yes

 

 

Can one of you real techies tell me what to look for to correct this
problem?

Re: Accessing Linux workstation from Linux server using samba ..pl

2003-02-20 Thread Richard Sharpe 
On Thu, 20 Feb 2003, raj rajesh kalagarla wrote:

 Hi,
 
I am having another doubt that can we access linux 
 workstation from linux server or windows machines in the network 
 using samba?

I know what you mean. Sometimes I find myself doubting that gcc can do 
what it does, but after a little testing, I find that it's true.


Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com

Locking db getting corrupt?

2003-02-20 Thread Ray Frush 
We've been seeing a re-curring problem on one of our Samba servers:
Samba 2.2.7 running on HP-UX 11.0.

After a week of running relatively quietly, we'll get a rash of errors 
in smbd.log associated with a call from a user that their connection is 
getting dropped.  

 I_ve been dropped off twice in
the past couple of days. So far I_ve been able to
get back on -- once took a reboot of my pc, this
time it only took trying to reconnect several
times.


[2003/02/19 12:25:46, 3] smbd/oplock.c:(1211)
 open_oplock_ipc: opening loopback UDP socket.
[2003/02/19 12:25:46, 3] lib/util_sock.c:(813)
 bind succeeded on port 0
[2003/02/19 12:25:46, 3] smbd/oplock.c:(1241)
 open_oplock ipc: pid = 18635, global_oplock_port = 60186
[2003/02/19 12:25:46, 3] smbd/process.c:(878)
 Transaction 0 of length 72
[2003/02/19 12:25:46, 2] smbd/reply.c:(91)
 netbios connect: name1=ICTEST1  name2=FCMC7196LL
[2003/02/19 12:25:46, 2] smbd/reply.c:(110)
 netbios connect: local=ictest1 remote=fcmc7196ll
[2003/02/19 12:45:24, 0] locking/brlock.c:(235)
 Failed to open byte range locking database
[2003/02/19 12:45:24, 0] locking/locking.c:(328)
 ERROR: Failed to initialise locking database
[2003/02/19 12:45:24, 0] locking/brlock.c:(235)
 Failed to open byte range locking database
[2003/02/19 12:45:24, 0] locking/locking.c:(328)
 ERROR: Failed to initialise locking database
[2003/02/19 12:50:04, 3] smbd/oplock.c:(1211)
 open_oplock_ipc: opening loopback UDP socket.
[2003/02/19 12:50:04, 3] lib/util_sock.c:(813)
 bind succeeded on port 0
[2003/02/19 12:50:04, 3] smbd/oplock.c:(1241)
 open_oplock ipc: pid = 18875, global_oplock_port = 60285
[2003/02/19 12:50:04, 3] smbd/process.c:(878)
 Transaction 0 of length 72
[2003/02/19 12:50:04, 2] smbd/reply.c:(91)
 netbios connect: name1=ICTEST1  name2=SJPCT2679-D   
[2003/02/19 12:50:04, 2] smbd/reply.c:(110)
 netbios connect: local=ictest1 remote=sjpct2679-d


The above pattern of messages repeats several times in the log, and then 
disappears again.  In past occurances, we've stopped Samba, deleted all 
the locking databases, and restarted which cleared up more persistant 
occurances of this issue, but I'd like to discover the root cause.


--
Ray Frush   Either you are part of the solution
T:970.288.6223   or part of the precipitate.
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
Agilent Technologies, Inc. | Information Technology | IT Engineer

Re: [PATCH] fix sid_to_uid() return correct sidtype

2003-02-20 Thread jra 
On Thu, Feb 20, 2003 at 01:20:14PM +0100, Michael Steffens wrote:

 Noticed why :)
 The current caching code does also cache local lookups, meaning that
 local groups (and machine SIDs when Samba is running as DC) can also
 occur?
 
 Hmm, I'm not sure whether the speed gain for local lookups outweighs
 the costs of having them wipe winbind SID mapping cache entries.
 The latter ones look more expensive to me.

Hmmm. True, but the local lookups could be going via NIS or another
method to a remote server. I also reduced the cache size to 10. Can
you test the code in you environment and see if it still gives the
speedup you noticed. If not I'll remove the local caching code.

Jeremy.

mount points / free disk space / dfree command

2003-02-20 Thread Panko, Kevin 
We have a share with mount points beneath it.  Free disk space is incorrect
because samba always returns the free space in the top level directory of
the share.  It is the same problem discussed before in this thread:

http://groups.google.com/groups?hl=enlr=ie=UTF-8oe=UTF-8th=4c04c4aeb2405
d4dseekm=9q2iee%242s7r%241%40FreeBSD.csie.NCTU.edu.twframe=off

I was hoping to use the dfree command smb.conf option, as the df command
reports the correct amount of free space for each subdirectory.  I found
that my dfree command was always given the directory name of the top level
of the share, regardless of the current directory on the Win2k client, so
the answer I get with dfree is the same as the internal samba routines.

Why does that happen?  Does the QUERY_FS_INFO trans2 call have knowledge of
the current directory of the client, or is that not included in the client's
request?  If not, then I must admit that this may be impossible.  If it
does, and if that 
directory were passed to the df command, then what I need can be done via
samba.

I do not want to use recursion and add up the amount of free space as the
sum of each mount point.  I only care about the current directory.

We do have a need to determine the amount of free space from Win2k, and
creating a samba share for each subdirectory would be impractical.

TIA,
Kevin Panko

Re: technical support

2003-02-20 Thread Martin Pool 
On 19 Feb 2003, HAKIZIMANA Claude [EMAIL PROTECTED] wrote:

 Can you help me?

You need to ask this kind of question on the users list,
[EMAIL PROTECTED]
-- 
Martin

[PATCH] leak in init_valid_table

2003-02-20 Thread Martin Pool 
util_unistr.c/init_valid_table in HEAD and 3.0 causes a 64k leak every
time the configuration is loaded if there is no valid.dat file
installed.  (The pointer to the malloc'd valid_table is clobbered by
the call to map_file.)

It looks like it is intended that the valid table be recreated on each
reload in case the dos codepage has changed.  Is that right?

The commit comment for 1.87 says that this should remove the need for
valid.dat.  Rather than fixing the leak I wonder if it would be better
to now just remove valid.dat support altogether?

If you don't want to do that, I think this patch will remove the leak.


--- util_unistr.c.~1.99.~   2003-02-21 14:05:33.0 +1100
+++ util_unistr.c   2003-02-21 14:14:20.0 +1100
@@ -105,27 +105,34 @@ static int check_dos_char(smb_ucs2_t c)
  **/
 void init_valid_table(void)
 {
-   static int initialised;
static int mapped_file;
int i;
const char *allowed = .!#$%'()_-@^`~;
+   uint8 *valid_file;
 
-   if (initialised  mapped_file) return;
-   initialised = 1;
+   if (mapped_file) {
+   /* Can't unmap files, so stick with what we have */
+   return;
+   }
 
-   valid_table = map_file(lib_path(valid.dat), 0x1);
-   if (valid_table) {
+   valid_file = map_file(lib_path(valid.dat), 0x1);
+   if (valid_file) {
+   valid_table = valid_file;
mapped_file = 1;
return;
}
 
-   /* Otherwise, using a dynamically loaded one. */
+   /* Otherwise, we're using a dynamically created valid_table.
+* It might need to be regenerated if the code page changed.
+* We know that we're not using a mapped file, so we can
+* free() the old one. */
if (valid_table) free(valid_table);
 
DEBUG(2,(creating default valid table\n));
valid_table = malloc(0x1);
-   for (i=0;i128;i++) valid_table[i] = isalnum(i) || 
-   strchr(allowed,i);
+   for (i=0;i128;i++)
+   valid_table[i] = isalnum(i) || strchr(allowed,i);
+   
for (;i0x1;i++) {
smb_ucs2_t c;
SSVAL(c, 0, i);



-- 
Martin

Re: Byte range locking

2003-02-20 Thread jra 
On Thu, Feb 20, 2003 at 07:50:22PM -0800, Srikanta Shivanna wrote:
 I noticed a difference in byte range locking behavior between Samba (2.2.x) and 
Windows 2000 server, basically on Samba 2.2.x
 with strict locking enabled,  a client process which owns a shared byte range lock 
can write to the locked region, this is not allowed
 on Windows 2000 server.  Is there a reason for this Samba behavior?  Is it because 
of default value of some config option?

Can you give me more information on what open modes, access requested
etc. from the client Win32 code please ?

Thanks,

Jeremy.

Re: [PATCH] fix sid_to_uid() return correct sidtype

2003-02-20 Thread Michael Steffens 
Hi Jeremy,

[EMAIL PROTECTED] wrote:

On Thu, Feb 20, 2003 at 01:20:14PM +0100, Michael Steffens wrote:

Hmm, I'm not sure whether the speed gain for local lookups outweighs
the costs of having them wipe winbind SID mapping cache entries.
The latter ones look more expensive to me.



Hmmm. True, but the local lookups could be going via NIS or another
method to a remote server.


Had not taken NIS into account. Good point.


I also reduced the cache size to 10.


Actually 100 :)


Can
you test the code in you environment and see if it still gives the
speedup you noticed.


I did on a test machine, already during the testing of
W2k and XP office apps use of ACLs. Caching did fine.
(ACLs did not.) I don't expect the cache behaviour to
be much different on the production box. Both don't have
NIS, do not act as DCs, and share user management is
almost pure winbind driven. (I'm a little winbind biased :)


If not I'll remove the local caching code.


I was wrong and you convinced me!

Thanks!
Michael

Re: possible memory leak

2003-02-20 Thread jra 
On Fri, Jan 24, 2003 at 11:07:49AM -0800, Leo Qiu wrote:
 Hi,
 
 I seem to find some possible memory leaks in Samba
 code. The patch is attached, Could you guys have a
 look to check whether it is correct?

One of them was, one wasn't. I've added comments to the POSIX_ACL
code to make it clearer - thanks !

Jeremy.

IDMAP backend

2003-02-20 Thread Stefan (metze) Metzmacher 
Hi Jim, Anthony,

It's nice to see that someone is working on the idmap backend stuff :-)

But I'm REALLY NOT FINE with a parameter name 'winbind backend' for this!!!
winbind backends are RPC and ADS.

we should name this parameter 'idmap backend' or something like that.

please, please change this fast! :-)
otherwise it will be bad to change this parameter because everyone has it 
in his smb.conf
and has to change this.

also we should seperate the idmap stuff from winbind,
so that we can use it in pdb and other subsystems of samba also.


metze
-
Stefan metze Metzmacher [EMAIL PROTECTED]

Re: Locking db getting corrupt?

2003-02-20 Thread Michael Steffens 
Ray Frush wrote:

We've been seeing a re-curring problem on one of our Samba servers:
Samba 2.2.7 running on HP-UX 11.0.

After a week of running relatively quietly, we'll get a rash of errors 
in smbd.log associated with a call from a user that their connection is 
getting dropped. 
 I_ve been dropped off twice in
the past couple of days. So far I_ve been able to
get back on -- once took a reboot of my pc, this
time it only took trying to reconnect several
times.

[...]

[2003/02/19 12:45:24, 0] locking/brlock.c:(235)
 Failed to open byte range locking database
[2003/02/19 12:45:24, 0] locking/locking.c:(328)
 ERROR: Failed to initialise locking database
[2003/02/19 12:45:24, 0] locking/brlock.c:(235)
 Failed to open byte range locking database
[2003/02/19 12:45:24, 0] locking/locking.c:(328)
 ERROR: Failed to initialise locking database


We haven't had these since running 2.2.7a for about three weeks
now on HP-UX 11.11. But messages do remind those smbstatus does
report when the locking database just doesn't exist, yet.
So it might be temporarily unaccessible?

Does dmesg report anything suspicous, like it has
run out of nfiles or nflocks? In that case these kernel
parameters would need to be increased.

Michael

Browing Trouble for SAMBA 1.9.17p4

2003-02-20 Thread Maruyama, Kazutoshi 
Hello, 
(B
(BI installed the SAMBA 1.9.17p4 on  OpenVMS V6.2.
(BDuring the installation, there is no error message. 
(B
(BI can find the SAMBA server from Windows client. 
(B
(BHowever, when I try to acees the SAMBA server, I always rejected. 
(B
(BSo my browsing test, I set "guest ok = yes" and "security = user" at global
(Bsection.
(BHowever, I can not access the directory of SAMBA server.
(B
(BThere are my questions. 
(B(1)What do I need to check the SAMBA is propery working?
(B(2)What is the easy way to access the directory of SAMBA 
(B(This setting use fot testing purpose. So the security is not my concern.)
(B(3)What is the best choice for security setting? 
(B(I was planning to set the server level security.)
(B(4)If you can, please tell me how to set the security. 
(B(Especailly, serlevel security.) 
(B
(BI am waiting for your answer. 
(B
(BThanks,

CVS update: samba/source/nsswitch

2003-02-20 Thread abartlet 

Date:   Thu Feb 20 10:43:21 2003
Author: abartlet

Update of /data/cvs/samba/source/nsswitch
In directory dp.samba.org:/tmp/cvs-serv30233/nsswitch

Modified Files:
winbindd_ads.c 
Log Message:
for some (very weird) reason, the domain I was testing aginst would not
return a DN for the user.  Make sure we don't segfault.

Andrew Bartlett


Revisions:
winbindd_ads.c  1.61 = 1.62

http://www.samba.org/cgi-bin/cvsweb/samba/source/nsswitch/winbindd_ads.c?r1=1.61r2=1.62

CVS update: samba/source/smbd

2003-02-20 Thread abartlet 

Date:   Thu Feb 20 10:50:10 2003
Author: abartlet

Update of /data/cvs/samba/source/smbd
In directory dp.samba.org:/tmp/cvs-serv30729/smbd

Modified Files:
sesssetup.c 
Log Message:
Like for NTLM logins, lookup the 'winbind' user first, then the 'local' user.

This needs to change, to be a SID-UID lookup from the PAC.

Andrew Bartlett


Revisions:
sesssetup.c 1.87 = 1.88

http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/sesssetup.c?r1=1.87r2=1.88

CVS update: samba/source/auth

2003-02-20 Thread abartlet 

Date:   Thu Feb 20 12:01:39 2003
Author: abartlet

Update of /data/cvs/samba/source/auth
In directory dp.samba.org:/tmp/cvs-serv10849/auth

Modified Files:
auth_util.c 
Log Message:
For a number of months now, support for being a domain member without also
running winbind has been broken.  This fixes that, by removing assumptions
about being able to call sid_to_uid() at will.  This whole area needs 
revising when we get groups into the PDB.

Andrew Bartlett



Revisions:
auth_util.c 1.63 = 1.64

http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c?r1=1.63r2=1.64

CVS update: samba/source/tdb

2003-02-20 Thread jra 

Date:   Thu Feb 20 18:54:12 2003
Author: jra

Update of /data/cvs/samba/source/tdb
In directory dp.samba.org:/tmp/cvs-serv13023/tdb

Modified Files:
tdb.c 
Log Message:
Ensure tdb error code is set for corrupt and i/o errors before calling
the log function. This allows the log function to take action.
Jeremy.


Revisions:
tdb.c   1.121 = 1.122
http://www.samba.org/cgi-bin/cvsweb/samba/source/tdb/tdb.c?r1=1.121r2=1.122

CVS update: samba/source/tdb

2003-02-20 Thread jra 

Date:   Thu Feb 20 19:03:11 2003
Author: jra

Update of /data/cvs/samba/source/tdb
In directory dp.samba.org:/tmp/cvs-serv14494/tdb

Modified Files:
  Tag: SAMBA_3_0
tdb.c 
Log Message:
Ensure tdb error code is set for corrupt and i/o errors before calling
the log function. This allows the log function to take action.
Jeremy.


Revisions:
tdb.c   1.106.2.8 = 1.106.2.9

http://www.samba.org/cgi-bin/cvsweb/samba/source/tdb/tdb.c?r1=1.106.2.8r2=1.106.2.9

CVS update: samba/source/tdb

2003-02-20 Thread jra 

Date:   Thu Feb 20 19:03:15 2003
Author: jra

Update of /data/cvs/samba/source/tdb
In directory dp.samba.org:/tmp/cvs-serv12982/tdb

Modified Files:
  Tag: APPLIANCE_HEAD
tdb.c 
Log Message:
Ensure tdb error code is set for corrupt and i/o errors before calling
the log function. This allows the log function to take action. CR#1837.
Jeremy.


Revisions:
tdb.c   1.35.2.31 = 1.35.2.32

http://www.samba.org/cgi-bin/cvsweb/samba/source/tdb/tdb.c?r1=1.35.2.31r2=1.35.2.32

CVS update: samba/source/rpcclient

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 19:10:19 2003
Author: jelmer

Update of /home/cvs/samba/source/rpcclient
In directory dp.samba.org:/tmp/cvs-serv15239

Removed Files:
display.c display_spool.c samsync.c 
Log Message:

Remove obsolete files


Revisions:
display.c   1.47 = NONE
http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/display.c?rev=1.47
display_spool.c 1.8 = NONE

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/display_spool.c?rev=1.8
samsync.c   1.31 = NONE
http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/samsync.c?rev=1.31

CVS update: samba/source/rpcclient

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 19:13:37 2003
Author: jelmer

Update of /home/cvs/samba/source/rpcclient
In directory dp.samba.org:/tmp/cvs-serv16255

Removed Files:
  Tag: SAMBA_3_0
display_spool.c samsync.c 
Log Message:

Remove obsolete files


Revisions:
display_spool.c 1.8 = NONE

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/display_spool.c?rev=1.8
samsync.c   1.15.2.6 = NONE

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/samsync.c?rev=1.15.2.6

CVS update: samba/source/lib

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 19:14:55 2003
Author: jelmer

Update of /home/cvs/samba/source/lib
In directory dp.samba.org:/tmp/cvs-serv16527

Added Files:
  Tag: SAMBA_3_0
module.c 
Log Message:

Merge in smb_load_module() function from HEAD


Revisions:
module.cNONE = 1.6.2.1
http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/module.c?rev=1.6.2.1

CVS update: samba/source

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 19:21:20 2003
Author: jelmer

Update of /home/cvs/samba/source
In directory dp.samba.org:/tmp/cvs-serv17261

Modified Files:
  Tag: SAMBA_3_0
Makefile.in 
Log Message:

Compile in lib/module.o


Revisions:
Makefile.in 1.468.2.43 = 1.468.2.44

http://www.samba.org/cgi-bin/cvsweb/samba/source/Makefile.in?r1=1.468.2.43r2=1.468.2.44

CVS update: samba/source/utils

2003-02-20 Thread jra 

Date:   Thu Feb 20 22:09:55 2003
Author: jra

Update of /data/cvs/samba/source/utils
In directory dp.samba.org:/tmp/cvs-serv27467/utils

Modified Files:
  Tag: SAMBA_3_0
testparm.c 
Log Message:
Added Volkers print server role patch.
Jeremy.


Revisions:
testparm.c  1.45.2.10 = 1.45.2.11

http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/testparm.c?r1=1.45.2.10r2=1.45.2.11

CVS update: samba/source/utils

2003-02-20 Thread jra 

Date:   Thu Feb 20 22:09:57 2003
Author: jra

Update of /data/cvs/samba/source/utils
In directory dp.samba.org:/tmp/cvs-serv27435/utils

Modified Files:
testparm.c 
Log Message:
Added Volkers print server role patch.
Jeremy.


Revisions:
testparm.c  1.60 = 1.61

http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/testparm.c?r1=1.60r2=1.61

CVS update: samba/source/include

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 22:26:28 2003
Author: jelmer

Update of /home/cvs/samba/source/include
In directory dp.samba.org:/tmp/cvs-serv30763/include

Modified Files:
smb.h 
Log Message:

Make init_module() and thus smb_load_module() return an int. 
modules/developer.c: init_module() should return an int


Revisions:
smb.h   1.474 = 1.475

http://www.samba.org/cgi-bin/cvsweb/samba/source/include/smb.h?r1=1.474r2=1.475

CVS update: samba/source/modules

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 22:26:28 2003
Author: jelmer

Update of /home/cvs/samba/source/modules
In directory dp.samba.org:/tmp/cvs-serv30763/modules

Modified Files:
developer.c 
Log Message:

Make init_module() and thus smb_load_module() return an int. 
modules/developer.c: init_module() should return an int


Revisions:
developer.c 1.1 = 1.2

http://www.samba.org/cgi-bin/cvsweb/samba/source/modules/developer.c?r1=1.1r2=1.2

CVS update: samba/source/rpc_server

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 22:26:28 2003
Author: jelmer

Update of /home/cvs/samba/source/rpc_server
In directory dp.samba.org:/tmp/cvs-serv30763/rpc_server

Modified Files:
srv_pipe.c 
Log Message:

Make init_module() and thus smb_load_module() return an int. 
modules/developer.c: init_module() should return an int


Revisions:
srv_pipe.c  1.104 = 1.105

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpc_server/srv_pipe.c?r1=1.104r2=1.105

CVS update: samba/source/lib

2003-02-20 Thread jelmer 

Date:   Thu Feb 20 22:26:28 2003
Author: jelmer

Update of /home/cvs/samba/source/lib
In directory dp.samba.org:/tmp/cvs-serv30763/lib

Modified Files:
module.c 
Log Message:

Make init_module() and thus smb_load_module() return an int. 
modules/developer.c: init_module() should return an int


Revisions:
module.c1.6 = 1.7
http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/module.c?r1=1.6r2=1.7

CVS update: samba/source/nsswitch

2003-02-20 Thread jmcd 

Date:   Thu Feb 20 22:46:37 2003
Author: jmcd

Update of /home/cvs/samba/source/nsswitch
In directory dp.samba.org:/tmp/cvs-serv1744/nsswitch

Modified Files:
winbindd.h winbindd_idmap.c 
Added Files:
winbindd_idmap_tdb.c 
Log Message:
From [EMAIL PROTECTED]:
This patch adds the architecture for an IDMAP backend system including a new
smb.conf parameter winbind backend.  Right now, the only valid value is tdb
but I'm currently working on an LDAP backend.



Revisions:
winbindd_idmap_tdb.cNONE = 1.1

http://www.samba.org/cgi-bin/cvsweb/samba/source/nsswitch/winbindd_idmap_tdb.c?rev=1.1
winbindd.h  1.38 = 1.39

http://www.samba.org/cgi-bin/cvsweb/samba/source/nsswitch/winbindd.h?r1=1.38r2=1.39
winbindd_idmap.c1.23 = 1.24

http://www.samba.org/cgi-bin/cvsweb/samba/source/nsswitch/winbindd_idmap.c?r1=1.23r2=1.24

CVS update: samba/source/rpc_server

2003-02-20 Thread jerry 

Date:   Fri Feb 21 00:19:18 2003
Author: jerry

Update of /data/cvs/samba/source/rpc_server
In directory dp.samba.org:/tmp/cvs-serv21258/rpc_server

Modified Files:
  Tag: SAMBA_2_2
srv_spoolss_nt.c 
Log Message:
fix printer settings on Solaris print servers.
ASCII - UNICODE conversion bug.  Other branches are
already ok.





Revisions:
srv_spoolss_nt.c1.115.2.224 = 1.115.2.225

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpc_server/srv_spoolss_nt.c?r1=1.115.2.224r2=1.115.2.225

CVS update: samba/source/rpcclient

2003-02-20 Thread tpot 

Date:   Fri Feb 21 04:25:04 2003
Author: tpot

Update of /data/cvs/samba/source/rpcclient
In directory dp.samba.org:/tmp/cvs-serv13842/rpcclient

Modified Files:
rpcclient.c 
Log Message:
Fix for only specifying one command with -c


Revisions:
rpcclient.c 1.207 = 1.208

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/rpcclient.c?r1=1.207r2=1.208

CVS update: samba/source/rpc_client

2003-02-20 Thread tpot 

Date:   Fri Feb 21 04:26:58 2003
Author: tpot

Update of /data/cvs/samba/source/rpc_client
In directory dp.samba.org:/tmp/cvs-serv14580/rpc_client

Modified Files:
cli_samr.c 
Log Message:
Exit path cleanup for cli_samr_enum_dom_users()


Revisions:
cli_samr.c  1.73 = 1.74

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpc_client/cli_samr.c?r1=1.73r2=1.74

CVS update: samba/source/rpcclient

2003-02-20 Thread tpot 

Date:   Fri Feb 21 04:28:32 2003
Author: tpot

Update of /data/cvs/samba/source/rpcclient
In directory dp.samba.org:/tmp/cvs-serv14974/rpcclient

Modified Files:
cmd_samr.c 
Log Message:
Added enumdomusers command.


Revisions:
cmd_samr.c  1.155 = 1.156

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpcclient/cmd_samr.c?r1=1.155r2=1.156

CVS update: samba/source/smbd

2003-02-20 Thread tpot 

Date:   Fri Feb 21 04:46:27 2003
Author: tpot

Update of /data/cvs/samba/source/smbd
In directory dp.samba.org:/tmp/cvs-serv19737

Modified Files:
sesssetup.c 
Log Message:
Fixed compiler warning.


Revisions:
sesssetup.c 1.88 = 1.89

http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/sesssetup.c?r1=1.88r2=1.89

CVS update: samba/source/rpc_server

2003-02-20 Thread tpot 

Date:   Fri Feb 21 04:47:24 2003
Author: tpot

Update of /data/cvs/samba/source/rpc_server
In directory dp.samba.org:/tmp/cvs-serv20009

Modified Files:
srv_lsa_nt.c 
Log Message:
Fixed compiler warning.


Revisions:
srv_lsa_nt.c1.67 = 1.68

http://www.samba.org/cgi-bin/cvsweb/samba/source/rpc_server/srv_lsa_nt.c?r1=1.67r2=1.68

CVS update: samba/source/utils

2003-02-20 Thread tpot 

Date:   Fri Feb 21 04:53:39 2003
Author: tpot

Update of /data/cvs/samba/source/utils
In directory dp.samba.org:/tmp/cvs-serv21936

Modified Files:
net_ads.c 
Log Message:
Fixed another compiler warning.


Revisions:
net_ads.c   1.61 = 1.62

http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/net_ads.c?r1=1.61r2=1.62

CVS update: samba/source/nsswitch

2003-02-20 Thread tpot 

Date:   Fri Feb 21 05:06:49 2003
Author: tpot

Update of /data/cvs/samba/source/nsswitch
In directory dp.samba.org:/tmp/cvs-serv25517

Modified Files:
winbindd_ads.c 
Log Message:
Fix another compiler warning.


Revisions:
winbindd_ads.c  1.62 = 1.63

http://www.samba.org/cgi-bin/cvsweb/samba/source/nsswitch/winbindd_ads.c?r1=1.62r2=1.63

CVS update: samba/source

2003-02-20 Thread tpot 

Date:   Fri Feb 21 05:51:37 2003
Author: tpot

Update of /data/cvs/samba/source
In directory dp.samba.org:/tmp/cvs-serv30210

Modified Files:
  Tag: SAMBA_3_0
Makefile.in 
Log Message:
Ignore errors on python_clean target.


Revisions:
Makefile.in 1.468.2.44 = 1.468.2.45

http://www.samba.org/cgi-bin/cvsweb/samba/source/Makefile.in?r1=1.468.2.44r2=1.468.2.45

CVS update: samba/source/libsmb

2003-02-20 Thread jra 

Date:   Fri Feb 21 05:54:23 2003
Author: jra

Update of /data/cvs/samba/source/libsmb
In directory dp.samba.org:/tmp/cvs-serv30390/libsmb

Modified Files:
  Tag: SAMBA_2_2
libsmbclient.c 
Log Message:
Small fix from Tom Jansen [EMAIL PROTECTED] to check correct error return.
Jeremy.


Revisions:
libsmbclient.c  1.27.2.23 = 1.27.2.24

http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/libsmbclient.c?r1=1.27.2.23r2=1.27.2.24

CVS update: samba/source/smbd

2003-02-20 Thread jra 

Date:   Fri Feb 21 06:25:02 2003
Author: jra

Update of /data/cvs/samba/source/smbd
In directory dp.samba.org:/tmp/cvs-serv1729/smbd

Modified Files:
  Tag: SAMBA_2_2
posix_acls.c 
Log Message:
Added comments to make it clearer when we're assigning a pointer that it
must not be freed afterwards.
Jeremy.


Revisions:
posix_acls.c1.1.4.68 = 1.1.4.69

http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/posix_acls.c?r1=1.1.4.68r2=1.1.4.69