Re: [Samba] Re: Winbind broken after 2.2.8 upgrade

2003-03-26 Thread Andrew Bartlett 
On Thu, Mar 27, 2003 at 01:27:26AM +, Andrew Bartlett wrote:
> On Wed, Mar 26, 2003 at 04:11:13PM -0800, Shawn Wright wrote:
> > Ok, stupid me. Somehow I missed updating /lib/libnss_winbind.so on both 
> > these machines. Presumably this would have also caused corruption of the 
> > winbind idmap?
> 
> I doubt it, actually.  
> 
> > Since winbind is now installed with a "make install", would it not be a good 
> > idea to also install libnss_winbind.so also? Or at least provide some version 
> > checking in winbind so that it will fail to start and report an error if it 
> > encounters the wrong version of libnss_winbind.so?
> 
> Winbind doens't *require* libnss_winbind - there are actually situations where
> it is used without it.  That said, I've implemented some extensive version
> checks from the client side - we certainly won't connect to a winbind with
> a different protocol version any more.

(In Samba 3.0 and Samba HEAD)

In Samba 2.2 we have a more basic check, but it should still cause the client to 
bail if contacting the wrong version.

Andrew Bartlett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] trouble configuring and compiling

2003-03-26 Thread Andrew Bartlett 
On Wed, Mar 26, 2003 at 11:39:08PM -0700, Daniel Watrous wrote:
> I found the fix...
> 
> Basically the problem is that the compile is looking for headers that are
> usually distributed with the kernel sources
> 
> by grabbing the latest kernel, untaring it in /usr/src, and creating the
> following links:
> 
> /usr/include/linux -> /usr/src/linux/include/linux
> /usr/include/asm -> /usr/src/linux/include/asm-i386
> 
> everything worked.

You should not do this - you should get the kernel that your glibc
was compiled against, and use that.  Redhat has a glibc-kernel-headers
for exactly this task.

Andrew Bartlett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Access to shares for authenticated domain users only

2003-03-26 Thread Andrew Bartlett 
On Thu, Mar 27, 2003 at 12:31:08PM +0700, Kevin wrote:
> I am running several samba servers (2.2.3a and 2.2.7) in various places as
> pdcs. Everything seems to be running smoothly, but I can't find any way of
> restricting access to only those uses who have logged on to the domain. Is
> this possible? ie at the moment, any user can map a drive to \\server\share,
> put in a valid user/password pair and have access to that share without
> going through any logon script or pol files. This is what I would like to
> avoid. I believe that if I can do this, it would also stop any unauthorised
> machines from accessing the shares, as these machines would not be joined to
> the domain.
> 
> Is this sort of authorisation possible?

While 'hacks' might be possible, shares are authenticated seperatly to the 
domain logon, and there is no linkage apart from the fact that the domain
logon sets up the default username/pw pair.

Fundementally, any restriction imposed by logon script/.pol files can be
avoided - you must never trust the client to actually follow their directions...

Andrew Bartlett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] trouble configuring and compiling

2003-03-26 Thread Daniel Watrous 
I found the fix...

Basically the problem is that the compile is looking for headers that are
usually distributed with the kernel sources

by grabbing the latest kernel, untaring it in /usr/src, and creating the
following links:

/usr/include/linux -> /usr/src/linux/include/linux
/usr/include/asm -> /usr/src/linux/include/asm-i386

everything worked.

Commands from start to beginning might look something like this:

cd /usr/src
wget http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.18.tar.bz2
bzip2 -dc linux-2.4.18.tar.bz2 | tar xvf -
cd /usr/include
ln -s /usr/src/linux/include/linux linux
ln -s /usr/src/linux/include/asm-i386 asm

Daniel Watrous
[EMAIL PROTECTED]

- Original Message -
From: "Daniel Watrous" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 26, 2003 10:10 PM
Subject: [Samba] trouble configuring and compiling


RedHat 8.0, samba-latest.tar.gz (samba-2.2.8),

>checking configure summary... WARNING: No automated network interface
determination
>ERROR: no seteuid method available
>configure: error: summary failure. Aborting config

>configure:2033:
gcc -c -O  -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
conftest.c 1>&5
>In file included from /usr/include/bits/posix1_lim.h:126,
> from /usr/include/dirent.h:209,
> from /usr/include/sys/dir.h:24,
> from configure:2027:
>/usr/include/bits/local_lim.h:36:26: linux/limits.h: No such file or
directory
>configure: failed program was:
>#line 2025 "configure"
>#include "confdefs.h"
>#include 
>#include 
>int main() {
>DIR *dirp = 0;
>; return 0; }

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Common Authentication Scheme

2003-03-26 Thread stscanlan 
Has anybody out there had luck with LDAP or similar to enable users to share
a common logon database for Windows 2000 and Linux. Microsoft and Linux
supposedly allow authentication using LDAP, Kerberos and alternative schemes
to their native databases ie /etc/shadow/passwd and the SAM.

Any help with this would be greatly appreciated.

Steve S.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Access to shares for authenticated domain users only

2003-03-26 Thread Kevin 
I am running several samba servers (2.2.3a and 2.2.7) in various places as
pdcs. Everything seems to be running smoothly, but I can't find any way of
restricting access to only those uses who have logged on to the domain. Is
this possible? ie at the moment, any user can map a drive to \\server\share,
put in a valid user/password pair and have access to that share without
going through any logon script or pol files. This is what I would like to
avoid. I believe that if I can do this, it would also stop any unauthorised
machines from accessing the shares, as these machines would not be joined to
the domain.

Is this sort of authorisation possible?

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] trouble configuring and compiling

2003-03-26 Thread Daniel Watrous 
RedHat 8.0, samba-latest.tar.gz (samba-2.2.8), 

I am trying to configure and compile the latest samba from source code.  I have used 
samba in the past, but always RPM installs on redhat.  The first problem is near the 
end of the configure process:

checking for gcc... gcc
checking whether the C compiler (gcc -O  ) works... yes
checking whether the C compiler (gcc -O  ) is a cross-compiler... no
...
checking for poptGetContext in -lpopt... yes
checking whether to use included popt... no
checking configure summary... WARNING: No automated network interface determination
ERROR: no seteuid method available
configure: error: summary failure. Aborting config

The configure file contains various errors about not finding files:

configure:2033: gcc -c -O  -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE  
conftest.c 1>&5
In file included from /usr/include/bits/posix1_lim.h:126,
 from /usr/include/dirent.h:209,
 from /usr/include/sys/dir.h:24,
 from configure:2027:
/usr/include/bits/local_lim.h:36:26: linux/limits.h: No such file or directory
configure: failed program was:
#line 2025 "configure"
#include "confdefs.h"
#include 
#include 
int main() {
DIR *dirp = 0;
; return 0; }

The error may be more a result of my environment, and not a samba issue.  Any 
suggestions and links will be appreciated.  Thanks in advance.

Daniel Watrous
[EMAIL PROTECTED]
801-484-6747
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Printing NT to Linux printer problem

2003-03-26 Thread John 
Using SuSE V8.0 Samba 2.2.7a on a small network I have a Lexmark laser 
printer attached to the Linux PC, using Cups 1.1.15.

I was able to print from Linux OK, and some months ago had setup  the Win 
NT PC to print across the network to the laser. So all was well.

Recently I had a couple of problems with the NT machine (the usual BSOD's 
etc) also had a couple of problems with the SuSE PC and still feeling my 
way as newbie I took a while to get things going again, that is with the 
exception of printing from the NT PC.

I have been back through the documents and run through the 11 tests in 
diagnosis.txt and the setup checks out OK between the two machines.

The following is my smb.conf

# Global parameters
[global]
 workgroup = HOME
 netbios name = PENGUIN
 interfaces = eth0
 encrypt passwords = Yes
 update encrypted = Yes
 map to guest = Bad User
 printcap name = cups
 load printers = yes
 preferred master = Yes
 wins server = 192.168.0.1
 printer admin = @ntadmin, root,john
 hosts allow = 192.168.0.0/255.255.255.0  127.0.0.1
 printing = cups
 veto files = /*.eml/*.nws/riched20.dll/*.{*}/

[public]
 comment = public
 path = /home/public
 read only = No
 guest ok = Yes

[print$]
 comment = printer drivers
 path = /etc/samba/drivers
 write list = @ntadmin, root,john
 browseable = yes
 guest ok = no
 read only = yes


[printers]
 comment = All printers
 path = /var/spool/samba
 printer admin = root, @ntadmin, john
 guest ok = Yes
 printable = Yes
 browseable = No
 public = yes
 writable = no

On the NT Pc (NT$ sp6a) I can use windows explorer, browse to Penguin 
(linux pc) see the shares and the printer. When I attempt to add the printer I 
can proceed through selecting the port, printer model etc but as soon as I 
select finish I get access denied.

I have tried this logged in as administrator, and as a super user..no 
difference.

I would appreciate any advice on how to sort this out. 

Thanks,

John

This email has been pre-scanned using the latest Anti Virus 
software for your peace of mind.

Please remember to maintain your own anti virus up to date with 
the latest reference files.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba and CCC

2003-03-26 Thread Will L G 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

When are you all going to make Samba compatible with CCC (Compaq
Compiler)? I would really like to be able to compile it using CCC but
I keep getting the errors listed below. I was wondering, could please
point me in the right direction for a solution to this dilemma? 

  ERROR MESSAGE  
Using FLAGS
=  -O -fast -O4 -ev56   -Iinclude -I./include -I./ubiqx
- -I./smbwrapper -D_LA
RGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE 
- -DLOGFILEBASE="/usr/l
ocal/samba/var" -DCONFIGFILE="/usr/local/samba/lib/smb.conf"
- -DLMHOSTSFILE="
/usr/local/samba/lib/lmhosts"   -DSWATDIR="/usr/local/samba/swat"
- -DSBINDIR=
"/usr/local/samba/bin" -DLOCKDIR="/usr/local/samba/var/locks"
- -DCODEPAGEDIR=
"/usr/local/samba/lib/codepages"
- -DDRIVERFILE="/usr/local/samba/lib/printers
.def" -DBINDIR="/usr/local/samba/bin"
- -DPIDDIR="/usr/local/samba/var/locks"
- -DLIBDIR="/usr/local/samba/lib" -DHAVE_INCLUDES_H
- -DPASSWD_PROGRAM="/usr/bin
/passwd" -DSMB_PASSWD_FILE="/usr/local/samba/private/smbpasswd"
- -DTDB_PASSWD
_FILE="/usr/local/samba/private/smbpasswd.tdb"
Using FLAGS32
=  -O -fast -O4 -ev56   -Iinclude -I./include -I./ubiqx
- -I./smbwrapper -D_LA
RGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE 
- -DLOGFILEBASE="/usr/l
ocal/samba/var" -DCONFIGFILE="/usr/local/samba/lib/smb.conf"
- -DLMHOSTSFILE="
/usr/local/samba/lib/lmhosts"   -DSWATDIR="/usr/local/samba/swat"
- -DSBINDIR=
"/usr/local/samba/bin" -DLOCKDIR="/usr/local/samba/var/locks"
- -DCODEPAGEDIR=
"/usr/local/samba/lib/codepages"
- -DDRIVERFILE="/usr/local/samba/lib/printers
.def" -DBINDIR="/usr/local/samba/bin"
- -DPIDDIR="/usr/local/samba/var/locks"
- -DLIBDIR="/usr/local/samba/lib" -DHAVE_INCLUDES_H
- -DPASSWD_PROGRAM="/usr/bin
/passwd" -DSMB_PASSWD_FILE="/usr/local/samba/private/smbpasswd"
- -DTDB_PASSWD
_FILE="/usr/local/samba/private/smbpasswd.tdb"
Using LIBS = -lcups -lnsl -ldl -lcrypt -lpopt
Compiling smbd/server.c
cc: Warning: /usr/include/glob.h, line 201: In this declaration,
parameter 4
has a different type than specified in an earlier declaration of this
function. (mismatparam)
extern int glob64 __P ((__const char *__restrict __pattern, int
__flags,
- ---^
cc: Error: /usr/include/glob.h, line 201: In this declaration, the
type of
"glob64" is not compatible with the type of a previous declaration of
"glob64" at line number 186 in file /usr/include/glob.h. (notcompat)
extern int glob64 __P ((__const char *__restrict __pattern, int
__flags,
- ---^
cc: Warning: /usr/include/glob.h, line 205: In this declaration,
parameter 1
has a different type than specified in an earlier declaration of this
function. (mismatparam)
extern void globfree64 __P ((glob64_t *__pglob));
- ^
cc: Error: /usr/include/glob.h, line 205: In this declaration, the
type of
"globfree64" is not compatible with the type of a previous
declaration of
"globfree64" at line number 191 in file /usr/include/glob.h.
(notcompat)
extern void globfree64 __P ((glob64_t *__pglob));
- ^
cc: Warning: smbd/server.c, line 450: In this statement, the
referenced type
of the pointer value "&rlp" is "struct rlimit", which is not
compatible with
"struct rlimit64". (ptrmismatch)
getrlimit(RLIMIT_CORE, &rlp);
- ---^
cc: Warning: smbd/server.c, line 452: In this statement, the
referenced type
of the pointer value "&rlp" is "struct rlimit", which is not
compatible with
"const struct rlimit64". (ptrmismatch)
setrlimit(RLIMIT_CORE, &rlp);
- ---^
cc: Warning: smbd/server.c, line 453: In this statement, the
referenced type
of the pointer value "&rlp" is "struct rlimit", which is not
compatible with
"struct rlimit64". (ptrmismatch)
getrlimit(RLIMIT_CORE, &rlp);
- ---^
make: *** [smbd/server.o] Error 1
[EMAIL PROTECTED] source]#





-BEGIN PGP SIGNATURE-
Version: PGP 8.0 - not licensed for commercial use: www.pgp.com

iQA/AwUBPoJ9vFgS44p+cDKOEQJrUgCfT8IQBzXDXfYccVSgiNdRrlSNrQYAn38j
onEd98Sh1bNJu/ajk4wnd32a
=TjRL
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] need help with samba server

2003-03-26 Thread Allen Smith 
Hello fellow samba users, I'm trying to setup my samba server on my linux 
box, went through the installation and stuff, but ran into a whole world of 
problems when testing it out (samba2.2.8).  As I'm reading through the 
DIAGNOSIS.txt file included in the docs, I got stuck on Test 7.  when I run 
"smbclient //bigserver/tmp" I get prompted with a password.  when I type in 
my root password (I'm doing all this in root) I get a message saying 
"session setup failed: NT_STATUS_LOGON_FAILURE" . Then I tried with 
"smbclient //bigserver/tmp -Ufred" and typed in the password for fred, I 
still get the same error.  Also I can get to public,"smbclient 
//bigserver/public" if I don't enter any password, but when I try with 
-Ufred and enter the password I get the same error.

my smb.conf

[global]
debug hires timestamp = yes
debug pid = yes
debug timestamp = yes
debug uid = yes
encrypt passwords = yes
guest account = smbguest
hide unreadable = yes
hide dot files= yes
log level = 3
log file = /usr/local/samba/var/%m.log
max log size = 5000
netbios name = notcool
security = user
server string = "this blows"
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192
time server = yes
wins support = yes
workgroup = myworkgroup
[homes]
browseable = no
read only = no
create mode = 0600
directory mode = 0700
hide files = /*.pst/
[public]
browseable = yes
create mode = 0666
directory mode = 0777
guest ok = yes
guest only = yes
path = /home/public
read only = no
veto files = /*.com/*.exe/*.scr/*.dll/*.{*}/
[private]
browseable = yes
create mode = 0660
directory mode = 0770
force group = +users
path = /home/private
read only = no
valid users = +staff +students +users
veto files = /*.com/*.exe/*.scr/*.dll/*.{*}/
write list = +staff
[tmp]
path = /home/tmp
browseable = yes
writeable = yes
what am I missing here? I'm new to the linux system and samba, so please, 
any help is greatly apreciated.

Email me at [EMAIL PROTECTED]

Thank you for your time and assistance

--Yuan







_
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*  
http://join.msn.com/?page=features/junkmail

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Winbind broken after 2.2.8 upgrade

2003-03-26 Thread Andrew Bartlett 
On Wed, Mar 26, 2003 at 04:11:13PM -0800, Shawn Wright wrote:
> Ok, stupid me. Somehow I missed updating /lib/libnss_winbind.so on both 
> these machines. Presumably this would have also caused corruption of the 
> winbind idmap?

I doubt it, actually.  

> Since winbind is now installed with a "make install", would it not be a good 
> idea to also install libnss_winbind.so also? Or at least provide some version 
> checking in winbind so that it will fail to start and report an error if it 
> encounters the wrong version of libnss_winbind.so?

Winbind doens't *require* libnss_winbind - there are actually situations where
it is used without it.  That said, I've implemented some extensive version
checks from the client side - we certainly won't connect to a winbind with
a different protocol version any more.

> It seems that the idmap file is a very weak link in samba right now, so every 
> effort should be made to prevent corruption during upgrades, etc.
> In our case, I was able to re-apply acls for 400 users, but quota information 
> for a large shared file volume was lost, as I could not re-map the ids, and 
> had to reset file ownerships to avoid users having incorrect quota 
> assignments.

Yes, we need to work on that - the outsource of this into LDAP is one example
of these efforts - and we did have a project to dump/import the tdb to a text
file, but I'm not sure what happened to it...

Andrew Bartlett

> On 25 Mar 2003 at 10:32, [EMAIL PROTECTED] wrote:
> 
> > I have just upgraded two of our samba boxes to 2.2.8 and ended up with 
> > partially broken winbind after the upgrade. The machines are slightly 
> > different, and so are the symptoms, so here goes:
> > 
> > System 1: Was at 2.2.3 compiled from source Feb4/02, using options: 
> > "./configure  --with-winbind --with-acl-support --with-quotas". Running on 
> > RedHat 7.2, installed from SGI's XFS installer to enable ACLs and quotas 
> > with samba on XFS filesystems. System running fine in production for ~500 
> > NT domain users for the past 8 months. All users are on NT domain, using 
> > winbind from user lookups.
> > After upgrade to 2.2.8, I see the following:
> > 
> > getent passwd shows only local users, no domain users
> > wbinfo -u and -g report domain users & groups normally
> > users connecting to smb shares appear as "root" in smbstatus (!)
> > a nobody share appears browsing the system from an NT box.
> > As this is  a production system, I've had to revert to 2.2.3 so further testing 
> > may be difficult at this time.
> > 
> > System #2 is a fresh install of RedHat 8 using the SGI XFS installer v1.2, 
> > and had the stock samba 2.2.5 rpm installed, over which I compiled and 
> > installed 2.2.8. Config is essentially the same as system #1 otherwise. 
> > (smb.conf shown at end of message)
> > 
> > This time, wbinfo -t, -u, -g all work as expected.
> > getent passwd shows local users, then a list of domain user IDs in the 
> > format: (where 106xx is the id)
> > 
> > ::0:10646:'::
> > ::0:10647:'::
> > ::0:10648:'::
> > 
> > getent group shows a corrupted group listing as follows, "webalizer" is the 
> > last entry in /etc/group, and the correct domain name is "SHAWNIGAN - 
> > notice it is mangled in various places:
> > 
> > webalizer:x:67:
> > hHAWNIGAN+AP French:aminx:1280532334:À«
> > ::1852728681:WNIGAN+abehennah,SHAWNIGAN+adeane,SHAWNIGAN+
> > dew,SHAWNIGAN+gperry,SH
> > AWNIGAN+jrc,SHAWNIGAN+rfilgate,SHAWNIGAN+jcs
> > 
> > 
> > Here is what the above should look like (and does on the other box running 
> > 2.2.3):
> > 
> > SHAWNIGAN+AP French:x:10023:
> > SHAWNIGAN+Dept-
> > English:x:10024:SHAWNIGAN+abehennah,SHAWNIGAN+adeane,SHAWN
> > IGAN+dew,SH
> > AWNIGAN+gperry,SHAWNIGAN+jrc,SHAWNIGAN+rfilgate,SHAWNIGAN+j
> > cs
> > 
> 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Shawn Wright, Systems Manager
> Shawnigan Lake School
> http://www.sls.bc.ca
> [EMAIL PROTECTED]
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] print$ share problem URGENT - BUG

2003-03-26 Thread Andrew Bartlett 
On Thu, Mar 27, 2003 at 01:14:58AM +, [EMAIL PROTECTED] wrote:
> On Wed, Mar 26, 2003 at 10:33:13PM +0100, Stéphane Purnelle wrote:
> > Why I have no answer for my questions ?
> > 
> > I repeat the situation : 
> > RedHat 8.0 with samba 2.2.8 compiled wiwth ldapsam and acl-support
> > I need the print$ share and this system dont't work.
> > I explain : 
> > when I add a driver, the system copy the data to the share, but after
> > the copy, w2k display a message "the process cannot finish".  
> > 
> > If I look in the log of machine, I found a 
> > 
> > ...
> >   ===
> > [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(39)
> > 
> >  INTERNAL ERROR: Signal 11 in pid 16328 (2.2.8)
> > 
> >   Please read the file BUGS.txt in the distribution
> > 
> > [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(41)
> > 
> >   ===
> 
> Please add the following line to your smb.conf file :
> 
>  panic action = /bin/sleep 9
> 
> and reproduce the problem. You will find a sleep process
> left on the machine. Using ps, find the parent of this
> process (it will be an smbd process), then attach to
> it using gdb. Type 'bt' to get a backtrace of the problem
> and please mail it to the list.
> 
> Thanks,
> 
>   Jeremy.

I've been having touble getting gdb to work - ever since
I upgraded to the RH 2.2.18-27.8.0 errata kernels...

I wonder if all our changing uid back and forth has caused
the kernel to decide we shouldn't be ptrace'ed...

I'm glad jelmer added that backtrace() code...

Andrew Bartlett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] print$ share problem URGENT - BUG

2003-03-26 Thread jra 
On Wed, Mar 26, 2003 at 10:33:13PM +0100, Stéphane Purnelle wrote:
> Why I have no answer for my questions ?
> 
> I repeat the situation : 
> RedHat 8.0 with samba 2.2.8 compiled wiwth ldapsam and acl-support
> I need the print$ share and this system dont't work.
> I explain : 
> when I add a driver, the system copy the data to the share, but after
> the copy, w2k display a message "the process cannot finish".  
> 
> If I look in the log of machine, I found a 
> 
> ...
>   ===
> [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(39)
> 
>  INTERNAL ERROR: Signal 11 in pid 16328 (2.2.8)
> 
>   Please read the file BUGS.txt in the distribution
> 
> [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(41)
> 
>   ===

Please add the following line to your smb.conf file :

 panic action = /bin/sleep 9

and reproduce the problem. You will find a sleep process
left on the machine. Using ps, find the parent of this
process (it will be an smbd process), then attach to
it using gdb. Type 'bt' to get a backtrace of the problem
and please mail it to the list.

Thanks,

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Winbind broken after 2.2.8 upgrade

2003-03-26 Thread Shawn Wright 
Ok, stupid me. Somehow I missed updating /lib/libnss_winbind.so on both
these machines. Presumably this would have also caused corruption of the
winbind idmap?
Since winbind is now installed with a "make install", would it not be a good
idea to also install libnss_winbind.so also? Or at least provide some version
checking in winbind so that it will fail to start and report an error if it
encounters the wrong version of libnss_winbind.so?
It seems that the idmap file is a very weak link in samba right now, so every
effort should be made to prevent corruption during upgrades, etc.
In our case, I was able to re-apply acls for 400 users, but quota information
for a large shared file volume was lost, as I could not re-map the ids, and
had to reset file ownerships to avoid users having incorrect quota
assignments.


On 25 Mar 2003 at 10:32, [EMAIL PROTECTED] wrote:

> I have just upgraded two of our samba boxes to 2.2.8 and ended up with
> partially broken winbind after the upgrade. The machines are slightly
> different, and so are the symptoms, so here goes:
>
> System 1: Was at 2.2.3 compiled from source Feb4/02, using options:
> "./configure  --with-winbind --with-acl-support --with-quotas". Running on
> RedHat 7.2, installed from SGI's XFS installer to enable ACLs and quotas
> with samba on XFS filesystems. System running fine in production for ~500
> NT domain users for the past 8 months. All users are on NT domain, using
> winbind from user lookups.
> After upgrade to 2.2.8, I see the following:
>
> getent passwd shows only local users, no domain users
> wbinfo -u and -g report domain users & groups normally
> users connecting to smb shares appear as "root" in smbstatus (!)
> a nobody share appears browsing the system from an NT box.
> As this is  a production system, I've had to revert to 2.2.3 so further testing
> may be difficult at this time.
>
> System #2 is a fresh install of RedHat 8 using the SGI XFS installer v1.2,
> and had the stock samba 2.2.5 rpm installed, over which I compiled and
> installed 2.2.8. Config is essentially the same as system #1 otherwise.
> (smb.conf shown at end of message)
>
> This time, wbinfo -t, -u, -g all work as expected.
> getent passwd shows local users, then a list of domain user IDs in the
> format: (where 106xx is the id)
>
> ::0:10646:'::
> ::0:10647:'::
> ::0:10648:'::
>
> getent group shows a corrupted group listing as follows, "webalizer" is the
> last entry in /etc/group, and the correct domain name is "SHAWNIGAN -
> notice it is mangled in various places:
>
> webalizer:x:67:
> hHAWNIGAN+AP French:aminx:1280532334:À«
> ::1852728681:WNIGAN+abehennah,SHAWNIGAN+adeane,SHAWNIGAN+
> dew,SHAWNIGAN+gperry,SH
> AWNIGAN+jrc,SHAWNIGAN+rfilgate,SHAWNIGAN+jcs
>
> 
> Here is what the above should look like (and does on the other box running
> 2.2.3):
>
> SHAWNIGAN+AP French:x:10023:
> SHAWNIGAN+Dept-
> English:x:10024:SHAWNIGAN+abehennah,SHAWNIGAN+adeane,SHAWN
> IGAN+dew,SH
> AWNIGAN+gperry,SHAWNIGAN+jrc,SHAWNIGAN+rfilgate,SHAWNIGAN+j
> cs
>

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Shawn Wright, Systems Manager
Shawnigan Lake School
http://www.sls.bc.ca
[EMAIL PROTECTED]



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] I see my samba server but.............

2003-03-26 Thread Manuel_Casoluengo 
Here I go guys!

I've already changed the configuration of my sbm.conf, also I made my samba
server to be configured as a windows domain, yes! it is found in my windows
domain now but as doing double click on this machine (samba) it asks me for
a user and passsword, it does not let me get into it, I have created the
same samba users as windows, but without any results.
I appreciate your help :

(See attached file: samba1.jpg)

And my samba config files is:


|---|
|   |
| # Samba config file created using SWAT|
| # from 0.0.0.0 (0.0.0.0)  |
| # Date: 2003/03/24 13:54:09   |
|   |
| # Global parameters   |
| [global]  |
|   workgroup = COTY|
|   netbios name = MXLINUX  |
|   netbios aliases = cotylinux |
|   server string = Samba Server %v |
|   interfaces = 10.19.2.10/255.255.255.255 |
|   encrypt passwords = Yes |
|   update encrypted = Yes  |
|   username map = /etc/samba/user.map  |
|   log file = /var/log/samba/log.%m|
|   max log size = 50   |
|   socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192  |
|   printcap name = lpstat  |
|   logon script = logon.cmd|
|   domain logons = Yes |
|   os level = 64   |
|   domain master = True|
|   dns proxy = No  |
|   wins server = 10.19.0.23|
|   default service = homes |
|   remote announce = 10.19.1.90/coty   |
|   comment = Pruebas   |
|   path = /home/test   |
|   username = administrator,administrator$,lap_admin   |
|   guest account = administrator   |
|   valid users = administrator,administrator$,lap_admin,@administrator,|
| @lap_admin,@machines  |
|   admin users = administrator |
|   force user = administrator  |
|   force group = unix01|
|   read only = No  |
|   create mask = 0777  |
|   force create mode = 0777|
|   directory mask = 0777   |
|   force directory mode = 0777 |
|   guest ok = Yes  |
|   only user = Yes |
|   printing = cups |
|   printer name = contra   |
|   delete readonly = Yes   |
|   |
| [homes]   |
|   comment = Home Directories  |
|   path = /home/dir|
|   only user = No  |
|   |
| [printers]|
|   comment = All Printers  |
|   path = /var/sp

[Samba] help

2003-03-26 Thread wassim abbas 


hello there
please i need your help with samba server i can't make it runing well, i'm 
on lan my pc is linux/slackware8.1 and all the other pcs on lan is windows 
98/me/200/xp
i read all the man pages and the help doc's on the web but not use
i want to share my files with the other clinets
my internal ip is 192.168.1.75 and i want to share with 192.168.1.73 and 
192.168.1.1 how do i do this , plz if u can send me the smb.conf file i will 
be thankfull for u
thanks a lot

_
Add photos to your e-mail with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] What am I missing here?!

2003-03-26 Thread John H Terpstra 
Baxter,

The attached may help you.

- John T.

On Sat, 22 Mar 2003, Baxter Shepperson wrote:

>   OK, I've tried changing my printcap name from printcap to cups.  Printing
> works fine locally using CUPS on the Samba box.  What am I missing here?  Why
> can't I print to the Samba box via the Windows and linux clients?  Shared
> directories work fine.  I am really frustrated here and have exhausted Google
> and all other resources I have.  Here's my smb.conf for what it's worth.
> Global parameters
> [global]
> path = /var/spool/cups
> passwd program = /usr/bin/passwd %u
> domain master = True
> printing = cups
> dns proxy = No
> null passwords = Yes
> encrypt passwords = Yes
> valid users = bax morbo amy nobody
> invalid users = root
> wins support = true
> printcap name = cups
> max log size = 1000
> hosts allow = 192.168.1.
> obey pam restrictions = Yes
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n .
> username level = 8
> map to guest = Bad User
> security = share
> message command = /bin/sh -c '/usr/bin/linpopup
> server string = %h server (Samba %v)
> workgroup = SHEP
> syslog = 0
> netbios name = PRINTSERVER
> log file = /var/log/samba/log.%m
> load printers = yes
> os level = 35
> default = printers
> [printers]
> comment = All Printers
> path = /tmp
> guest ok = Yes
> use client driver = Yes
> printable = yes
> print command = lp -d %p -o raw %s; rm -f %s
> create mask = 0700
>
> [Laserjet]
> writable = yes
> browseable = yes
> use client driver = Yes
> guest ok = Yes
> oplocks = No
> printable = yes
> print command = lp -d %p -o raw %sU „² -f %s
> printer name = Laserjet
> create mask = 0700
>
>
>

-- 
John H Terpstra
Email: [EMAIL PROTECTED]There are Six (6) Extracts here from mail in the Samba Mailing List.
The key contribution here is from Kurt Pfeifle.

I added them to this repository in the hope that someone would find the information 
helpful.

John T. <[EMAIL PROTECTED]>

==
<<< EXTANT 1 >>>
==
Subject: Print Filtering Mechanism Explained


Date: Sun, 22 Sep 2002 15:38:02 +0200
From: "Kurt Pfeifle" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Organization: Danka Deutschland GmbH
To: [EMAIL PROTECTED]
Subject: CUPS filtering mechanism explained, was: [cups raw mode, was Re: [Samba] 
unlink data file in cups_job_submit]

Paul Janzen wrote on Samba digest:

 > Message: 7
 > To: Gerald Carter <[EMAIL PROTECTED]>
 > Cc: [EMAIL PROTECTED]
 > From: Paul Janzen <[EMAIL PROTECTED]>
 > Subject: cups raw mode, was Re: [Samba] unlink data file in cups_job_submit
 > Date: 21 Sep 2002 12:09:23 -0700
 >
 >
 > Gerald Carter <[EMAIL PROTECTED]> writes:
 >
 >  > Looks right to me  [:-)] Applying it now.  Thanks.  I've been meaning to
 >  > track this one down.
 >
 >
 > Thanks!
 >
 > While we are on the subject...  [:-)]
 >
 > If I am using native printer drivers on Windows clients, I would like
 > the "raw" option to get propagated to CUPS.  Otherwise cups does not
 > pass the data on to the printer.

Paul,

I see you know about what you call the "raw data passthrough feature".
I guess you mean the lines in "/etc/cups/mime.types" and
"/etc/cups/mime.convs" which need to be uncommented to allow "raw"
printing ?

Here is some clarification (likely not very useful for you, but
possibly for some other readers of the Samba list):

###  If you have "printing = cups" and "printcap = cups" enabled,
---  everything is handled by Samba accessing the CUPS API. (And any
  "print command" directive in Samba will be ignored.) If the CUPS
  API is not available (because Samba might not be compiled against
libcups), it automatically maps to the "System V" command set, with
"-oraw" enabled automatically.

 > (If I enable cups's application/
 > octet-stream raw-data passthrough feature, both cupsomatic and the
 > Windows driver add PJL headers and footers, which is not what I want
 > either.)

###  According to my experience, cupsomatic on the Samba/CUPS server
---  does *not* add any features if a file is really printed "raw".
  However, if you have loaded the driver for the Windows client
from the CUPS server, using the "cupsaddsmb" utility, and if this
driver is one using a "Foomatic" PPD, the PJL header in question is
already added on the Windows client, at the time when the driver
initially generated the PostScript data -- and CUPS in true "-oraw"
manner doesn't remove this PJL header and passes the file "as is"
to its printer commun

[Samba] HELP

2003-03-26 Thread Groce, David 
I am running samba 2.2.7 on three solaris 2.8  servers. Only one of the Sun
server I can not connect to and I have remove and install ver 2.2.2 and
2.2.7. The server in question I can access with a unix server but not a
Windows client.  The testparm shows no problem and I put the same smb.conf
on all the servers.  The only thing different
is in the /usr/local/samba/private dir. there is no MACHINE.SID file. What
action can be taken to create this file??
 Thanks.


David Groce
EDS Digital Labs
MS H4-GF-20
5400 Legacy Dr.
Plano TX. 75024

Phone: +01-972-797-8927 (8-837)
*    
*   mailto:[EMAIL PROTECTED]
*   pager: 877-797-0188

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Cannot see any files in samba shares

2003-03-26 Thread Matt Yahna 
I have installed Samba 2.2.8 on a Solaris 8 machine.  My compile options
were as follows:

./configure  --with-fhs --prefix=/usr --sysconfdir=/etc --localstatedir=/var
 --with-smbwrapper --with-syslog

My smb.conf is as follows:
[global]
workgroup = 
netbios name = MOJO
server string = Samba Server v. 2.2.8
security = DOMAIN
encrypt passwords = Yes
password server = *
log level = 2
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
preferred master = No
local master = No
domain master = No
dns proxy = No
wins server = 10.40.5.1
hide dot files = No

[tmp]
comment = Temporary Files
path = /tmp

The server runs, I have run everything in DIAGNOSTIC.txt with no problems
except that running smbclient //mojo/tmp gets me connected to the server,
but there are no files through Samba (there are files in this directory).

Using a Windows 2000 box, I can open \\mojo\tmp, it asks for a username and
password, and it connects.  However, there are no files listed.

I am able to create files in this directory via windows, but can't see them.

Any help would be much appreciated.

Thank you.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Win2K access denied on shares from Samba PDC

2003-03-26 Thread Patrick Haggood 
HAve looked in archive - can't find anyone with same error.  I have a samba 2.2.8 
(just upgraded rpm) and am trying to give user access to their home dirs.  All are 
created using adduser (uname) and smbpasswd -a (username) (passwd) on samba.  During 
client login, I get a message about an error creating roaming profile.  I can map to 
the users home dir on the server, but any attempt to create or copy file to their home 
dir gives 'access denied'.  Security properties on Win2k browser all say 'Everyone' 
and 'root'.  LS on server shows user and group as the username for each directory. 
Directory permissions are as below:

drw-rw-rw-3 dhoward2001 dhoward2001 4096 Mar 25 11:01 dhoward2001


What log file can I examine to figure out what's wrong?  I looked in individual 
machine log file and there's no share error messages.  My smb.conf for home is below:

[profiles]
path = /home/ntprofile
read only = No
create mask = 0600
directory mask = 0700
browseable = No

[homes]
comment = Home Directories
path = /home/netlogon
valid users = %S
write list = administrator %S
read only = No
create mask = 0750
directory mask = 0700
guest ok = Yes
browseable = No
writeable = Yes

-- 
___
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] print$ share problem URGENT - BUG

2003-03-26 Thread Peter Hurley 
I do not know why your logs are showing an smb_panic(), but the failure
to make a connection to {2227a280-3aea} is because the printer
driver is attempting to open the "Printers" InProcServer on the remote
print server.  

***Snippet from logs***
[2003/03/26 14:33:08, 0] smbd/service.c:make_connection(252)
  donglesvr (10.217.7.11) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
***

Since the print server is a Samba machine (that has no registry or
capability to run InProcServers), that service doesn't exist.  I had
this happen to me when trying to add additional drivers from my W2k
workstation to our 2.2.7a Samba server for a new HP2200 network printer.

The solution I used was to add them manually via rpcclient on the Samba
server itself.  It took me quite a while.  Basically the process is:
1)  expand the driver files on your local W2k workstation, via the
"extract" command line utility.
2)  copy the driver files up to the appropriate directory on the
[print$] share.  See section 6.2.1 of the Samba HOWTO for the directory
structure.
Basically, NT4/W2K/XP drivers go in W32X86 and 95/98/Me go into WIN40.
3)  on the samba server, run rpcclient.
4)  at the rpcclient prompt, use "adddriver" to install the files into
the appropriate architecture location.  The tricky part of this is
looking at the *.INF file to determine what parameters go where in the
adddriver command. The format is:

adddriver "Architecture" "LongPrinterName:DriverFile:DataFile:
ConfigFile:HelpFile:LanguageMonitorFile:DataType:ListOfFiles"

See rpcclient() man page for list of Architectures.
The ListOfFiles are the files not already specified in the other
parameters.

For example,

adddriver "Windows NT x86" "HP LaserJet 2200 Series PCL 6:
HPBF3222.DLL:HPBF3224.PMD:HPBF3220.DLL:HPBF3220.HLP:HPBMMON.DLL:RAW:
HPBAFD32.DLL,HPBFTM32.DLL,HPDOMON.DLL,HPBHEALR.DLL"

5)  when you have added the driver successfully, then you use the
"setdriver" command (still at the rpcclient prompt) to associate the
printer share with the driver.

For example,

setdriver "hp2200" "HP LaserJet 2200 Series PCL 6"

Now automatic driver download should work.

This process was so painful, eventually I'm going to look at the
Imprints package to see if that works (there's a reference to this
package in section 6.3 of the Samba HOWTO).

Thanks,

Peter Hurley
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Stéphane Purnelle
Sent: Wednesday, March 26, 2003 4:33 PM
To: [EMAIL PROTECTED]; samba US; samba-tech
Subject: Re: [Samba] print$ share problem URGENT - BUG

Why I have no answer for my questions ?

I repeat the situation : 
RedHat 8.0 with samba 2.2.8 compiled wiwth ldapsam and acl-support
I need the print$ share and this system dont't work.
I explain : 
when I add a driver, the system copy the data to the share, but after
the copy, w2k display a message "the process cannot finish".  

If I look in the log of machine, I found a 

...
  ===
[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(39)

 INTERNAL ERROR: Signal 11 in pid 16328 (2.2.8)

  Please read the file BUGS.txt in the distribution

[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(41)

  ===

[2003/03/26 14:29:50, 0] lib/util.c:smb_panic(1094)
  PANIC: internal error
.

[2003/03/26 14:32:36, 1] smbd/ipc.c:api_fd_reply(292)
  api_fd_reply: INVALID PIPE HANDLE: 7351
[2003/03/26 14:32:41, 1] smbd/ipc.c:api_fd_reply(292)
  api_fd_reply: INVALID PIPE HANDLE: 7352
[2003/03/26 14:33:08, 0] smbd/service.c:make_connection(252)
  donglesvr (10.217.7.11) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}

My print$ share is in a other share

//sys/samba.pub/printer

sys is a share
printer is the print$ share  


How can I found the service {2227a280-3aea-1069-a2de-08002b-30309d} ?

can anybody help me. 

My samba server need to be in production and fastly. 

Le mer 26/03/2003 à 14:41, [EMAIL PROTECTED] a écrit :
> Hello
> 
> I try to install drivers from CD to print$ share.
> I use the APW for that, but when the system have finish to copy
drivers,
> w2k says that he cannot complete the process.
> 
> And the log of the machine says :
> 
> [2003/03/26 11:56:41, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:26:53, 0] smbd/service.c:make_connection(252)
>   donglesvr (10.217.7.11) couldn't find service
> ::{2227a280-3aea-1069-a2de-08002b30309d}
> [2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26

RE: [Samba] Using ACLs

2003-03-26 Thread Freeman, Peter (ERHS) 

>What's more I can't do:
>
>[EMAIL PROTECTED] tmp]# setfacl -m u:root:rwx test.txt
>setfacl: test.txt: Operation not supported
>
>I don't even know where to begin... Mandrake 9.1 kernel, XFS...
>
>Smaba seems to be out of the picture for now since I can't 
>even modify the
>ACL from Linux.

I had the same problem with a stock 2.4.20 kernel + the ext acl/xattr
patches.  With 2.4.19 and onwards you need to add "acl" or "user_xattr" to
fstab as a parameter.

(ie:  /blah .defaults,acl,user_xattr 1 1)

Works fine after that...
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: problems compiling Samba 2.2.8 on Solaris 2.8

2003-03-26 Thread Matt Yahna 
Check your smb.conf and the log file variable.

"Greg Petras" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi -
>
> I am trying to compile and install 2.2.8 to /opt/samba, but I keep getting
> the following errors after I 'make install' and try to start smbd using
> '/opt/samba/sbin/smbd -d 2 -D -s /opt/samba/lib/smb.conf':
>
>   Unable to open new log file /usr/local/samba/var/log.smbd: No such file
or
> directory
> [2003/03/25 10:21:56, 0] lib/debug.c:reopen_logs(348)
>   Unable to open new log file /usr/local/samba/var/log.smbd: No such file
or
> directory
> [2003/03/25 10:21:56, 2] lib/interface.c:add_interface(81)
>   added interface ip=172.26.38.51 bcast=255.255.255.255 nmask=0.0.0.0
> [2003/03/25 10:21:56, 0] passdb/secrets.c:secrets_init(44)
>   Failed to open /usr/local/samba/etc/private/secrets.tdb
> [2003/03/25 10:21:56, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163)
>   pdb_generate_sam_sid: Failed to store generated machine SID.
> [2003/03/25 10:21:56, 0] smbd/server.c:main(877)
>   ERROR: Samba cannot create a SAM SID.
>
> The weird thing is these errors appear in /opt/samba/var, but it is still
> complaining about /usr/local/samba.
>
> When I ran the ./configure script I used the following options:
>
> # ./configure --prefix=/opt/samba \
> --with-privatedir=/opt/samba/private --with-lockdir=/opt/samba/var/locks \
> --with-piddir=/opt/samba/var/locks --with-swatdir=/opt/samba/swat \
> --with-configdir=/opt/samba/lib --with-logfilebase=/opt/samba/var \
> --with-logfilebase=/opt/samba/var --with-automount
>
> So I did properly set my logfile base to /opt/samba/var but samba still
> seems to think it should be /usr/local/samba. Did I forget something? Any
> help is much appreciated as I am fairly new to Samba.
>
> Thanks,
>
> Greg
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Auth Problems with 2.2.8 and Windows 2000

2003-03-26 Thread Gilbert, Erric E - CIDS-2 

Hi Folks, 

We recently upgraded from 2.2.7 to 2.2.8 to fix the recently discovered bug in Samba. 
We are now getting intermittent log on failures from Win2K clients connecting to our 
Samba server (vitals below).

Samba 2.2.8 is running on Solaris 2.8 with Kernel 108528-18

Our Samba security method is set to server and we pass along auth requests to an Win2K 
AD Domain Controller that has NT 4 compatibility enabled.

We use 4 DC but for testing we have limited requests down to 1. All DCs give the same 
un-desirable results.

The DC does not show a failure but the Samba server shows:

error packet at smbd/reply.c(1025) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE

Some dirs on the samba server have in excess of 3 - 5K of files (I am currently 
leaning on a timeout theory)

The authentication does work almost 50% of the time. It isn't exact but it is very 
close.

This may be a bit vague so if there are things I could describe further to help with a 
resolutoin, please let me know.

Thanks,

Erric
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Issues with home shares and W2K and MS Office

2003-03-26 Thread Dan Tappin 
Ok the attached text is my new smb.conf file with the PDC lines removed.

The home directory issue is still there.

Also on Win98 systems users are prompted for a password when accessing the
home share via Office 2000.  If they enter the proper password they are
given the contents of the home share and they have the applicable
permissions.  W2K users still have no access.

I have a new issue now.

We also have a 'secretarial' share which should be read-only for all users
except for those in the 'secretarial' or 'admin' group.  W2K 'secretarial'
users have read-write access but the same user logged on a Win98 system only
has read only priv.  It's not a Office 2000 thing either... it's via Windows
Explorer as well.  I think I am missing something obvious here.

The '/var/secretarial' directory has 0770 permissions with
server:secretarial ownership.

This hurts my brain.

Dan

[global]

 workgroup = OROURKE
 netbios name = FILESERVER
 server string = OEL File Server
 log level = 3
 log file = /var/log/samba/%m.log
 share modes = yes
 encrypt passwords = yes
 wins support = yes
 wins proxy = yes
 smb passwrd file = /etc/smbpasswd
 read raw = yes
 write raw = yes
 oplocks = yes
 max xmit = 65535
 dead time = 15
 getwd cache = yes

[homes]
comment = Home Directory
writeable = yes
read only = no
browseable = no
create mode = 0600
directory mode = 0700
hide dot files = yes
veto files = /desktop/
veto files = /.*/
inherit permissions = yes

...

[secretarial]
  comment = Secretarial Directory
  path = /var/secretarial
read only = yes
  public = yes
  write list = @secretarial, @admin
  inherit permissions = yes
  force group = secretarial
  force user = server

> -Original Message-
> From: Michael G. Noble [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 26, 2003 11:55 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [Samba] Issues with home shares and W2K and MS Office
>
>
> I did not know that this was a PDC, you can't use security=SHARE on a
> PDC (at least I do not think so).  I believe for a PDC you need
> security=USER.
> You probably also need domain logons = Yes.
>
> I do not have my system setup as a PDC, I did play with it a bit at home
> but did not go to far as I really did not want it.
>
> Unless you really need it as a PDC, I would suggest first setting it up
> as a standard file server.  Once you have that working, you can then
> work on making it a PDC.
>
>
> Mike

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Change password 1st logon

2003-03-26 Thread Andrew Bartlett 
On Thu, 2003-03-27 at 04:35, [EMAIL PROTECTED] wrote:
> Hello everyone, i would like to know if there is a way to change the samba
> user´s password is the first logon???

See my posts in the archives, but I do this with Samba HEAD and pdb_ldap
- setting 'pwdMustChange' to 0 for that user.

Also possible for NT4 and above with PAM and 'obey pam restrictions =
yes', but not quite as clean.  (Naturally, this requires 'unix passwd
sync = yes'.

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] print$ share problem URGENT - BUG

2003-03-26 Thread Marc Kaplan 
You wrote:
>>Why I have no answer for my questions ?

You only sent the original posting to this list a few hours ago. If you need
this kind of immediate support, where somebody gets back to you within hours
(or maybe even minutes) guaranteed you might consider paying for it, see the
Commercial Support section on: http://us1.samba.org/samba/support/

-Marc
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0 - a bunch of really high level questions

2003-03-26 Thread Andrew Bartlett 
On Thu, 2003-03-27 at 04:58, Chere Zhou wrote:
> 
> >> > 4) trust relationships in 2000 environment. Is it possible, what
> >> > needs to be done.
> >> 
> >> This is undocumented at this time. Sorry, we will get around to it soon.
> 
> >Trust relationships behave exactly as for NT4 - modulo bugs, for the member
> >server.  For the PDC, we only provide an NT4 PDC, and have not yet compleated
> >all that is required to trust other domains.  
> 
> I am using 3.0alpha21.  Trusts in a win2k domain (ADS mode) seem to work, but 
> I do not see any trusted domain if join the domain using NT4 mode.  This is 
> fixed in HEAD, but I do need to fix my 3.0a21 version for it. 

If it's a code bug that is fixed in HEAD, you really can't expect to do
anything but upgrade.

There is meaning to 'alpha' - things can (and will) break, and sometimes
you will just need to move to a newer version.  We are trying very hard
to kick a 'stable' release out the door, but it's a slow process.

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] smbcontol smbd close-share doesn't close all open filehandles.

2003-03-26 Thread Tom Dickson 
I have a client connected to a share CocaCola:

smbstatus shows:

CocaCola root root  2959   tdickson (10.73.0.109) Wed Mar 26
13:16:16 2003
IPC$ root root  2959   tdickson (10.73.0.109) Wed Mar 26
13:16:09 2003
IPC$ nobody   nobody2959   tdickson (10.73.0.109) Wed Mar 26
13:16:15 2003

"lsof | grep CocaCola" shows:

smbd  2959 root   22r   DIR   58,04096   135
/mnt/H29/CocaCola
smbd  2959 root   24r   DIR   58,04096   135
/mnt/H29/CocaCola

after running (as root)

smbcontrol smbd close-share CocaCola

smbstatus shows:

IPC$ root root  2959   tdickson (10.73.0.109) Wed Mar 26
13:16:09 2003

(cocacola has been closed and is gone)

BUT, lsof |grep CocaCola still shows the smbd process having the directory
open:

smbd  2959 root   22r   DIR   58,04096   135
/mnt/H29/CocaCola
smbd  2959 root   24r   DIR   58,04096   135
/mnt/H29/CocaCola

Is there anyway to kick smbd so that it will correctly close the open files
in a certain directory? I want to unmount the snapshot, but can't do it
while there are files open. I can stop smb, and then unmount, and then
start, but that interrupts access to other shares.

(As an aside, it seems that having ACLs enabled may be part of the issue. On
another test machine, it works correctly, but that machine doesn't have
ACLs).

Any work-arounds would be appreciated.

Thank you

- Tom

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Using ACLs

2003-03-26 Thread David Brodbeck 


> -Original Message-
> From: Jim Wharton [mailto:[EMAIL PROTECTED]

> What's more I can't do:
> 
> [EMAIL PROTECTED] tmp]# setfacl -m u:root:rwx test.txt
> setfacl: test.txt: Operation not supported
> 
> I don't even know where to begin... Mandrake 9.1 kernel, XFS...

Is there a mount option to enable ACLs?  I'm not familiar with XFS, but in
recent versions of ext2/ext3 ACLs, you need to use the 'acl' option for them
to work.  (If that doesn't work, try 'noacl' -- I think there was briefly a
bug in XFS where the sense of this flag was inverted.)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] print$ share problem URGENT - BUG

2003-03-26 Thread Stéphane Purnelle 
Why I have no answer for my questions ?

I repeat the situation : 
RedHat 8.0 with samba 2.2.8 compiled wiwth ldapsam and acl-support
I need the print$ share and this system dont't work.
I explain : 
when I add a driver, the system copy the data to the share, but after
the copy, w2k display a message "the process cannot finish".  

If I look in the log of machine, I found a 

...
  ===
[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(39)

 INTERNAL ERROR: Signal 11 in pid 16328 (2.2.8)

  Please read the file BUGS.txt in the distribution

[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(41)

  ===

[2003/03/26 14:29:50, 0] lib/util.c:smb_panic(1094)
  PANIC: internal error
.

[2003/03/26 14:32:36, 1] smbd/ipc.c:api_fd_reply(292)
  api_fd_reply: INVALID PIPE HANDLE: 7351
[2003/03/26 14:32:41, 1] smbd/ipc.c:api_fd_reply(292)
  api_fd_reply: INVALID PIPE HANDLE: 7352
[2003/03/26 14:33:08, 0] smbd/service.c:make_connection(252)
  donglesvr (10.217.7.11) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}

My print$ share is in a other share

//sys/samba.pub/printer

sys is a share
printer is the print$ share  


How can I found the service {2227a280-3aea-1069-a2de-08002b-30309d} ?

can anybody help me. 

My samba server need to be in production and fastly. 

Le mer 26/03/2003 à 14:41, [EMAIL PROTECTED] a écrit :
> Hello
> 
> I try to install drivers from CD to print$ share.
> I use the APW for that, but when the system have finish to copy drivers,
> w2k says that he cannot complete the process.
> 
> And the log of the machine says :
> 
> [2003/03/26 11:56:41, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:26:53, 0] smbd/service.c:make_connection(252)
>   donglesvr (10.217.7.11) couldn't find service
> ::{2227a280-3aea-1069-a2de-08002b30309d}
> [2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:29:41, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16328)
> [2003/03/26 14:29:49, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16328)
> [2003/03/26 14:29:49, 1] smbd/service.c:close_cnum(677)
>   donglesvr (10.217.7.11) closed connection to service print$
> [2003/03/26 14:29:49, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16328)
> [2003/03/26 14:29:50, 1] smbd/service.c:close_cnum(677)
>   donglesvr (10.217.7.11) closed connection to service print$
> [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(38)
>   ===
> [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(39)
>   INTERNAL ERROR: Signal 11 in pid 16328 (2.2.8)
>   Please read the file BUGS.txt in the distribution
> [2003/03/26 14:29:50, 0] lib/fault.c:fault_report(41)
>   ===
> [2003/03/26 14:29:50, 0] lib/util.c:smb_panic(1094)
>   PANIC: internal error
> [2003/03/26 14:29:50, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
>   ldap_connect_system: Binding to ldap server as
> "cn=manager,dc=corman,dc=be"
> [2003/03/26 14:29:50, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16602)
> [2003/03/26 14:30:18, 1] smbd/service.c:close_cnum(677)
>   donglesvr (10.217.7.11) closed connection to service print$
> [2003/03/26 14:30:18, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16602)
> [2003/03/26 14:31:05, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16602)
> [2003/03/26 14:31:05, 1] smbd/service.c:close_cnum(677)
>   donglesvr (10.217.7.11) closed connection to service print$
> [2003/03/26 14:31:05, 1] smbd/service.c:make_connection(636)
>   donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
> gid=0) (pid 16602)
> [2003/03/26 14:31:06, 1] smbd/service.c:close_cnum(677)
>   donglesvr (10.217.7.11) closed connection to service print$
> [2003/03/26 14:31:06, 0] lib/fault.c:fault_report(38)
>   ===
> [2003/03/26 14:31:06, 0] lib/fault.c:fault_rep

[Samba] smbd/service.c:make_connection(589)

2003-03-26 Thread Michael 
I am receiving this error on 2 of my shares now.  Can anyone please help me
out with what it means.  I have a lot of other samba shares that are working
fine.  This share is in my home directory, but the unix permissions on it
are 770 for the group.  I am not having a problem with it, but the other
person in the group is getting this error in the log.  The strange part also
is that the other person can read and write to the directory.

Here is the conf:

[Wedding]
   comment = Wedding
   path = /home/mweber/MyFiles/Wedding
   public = yes
   writable = yes


Thanks in advance for your help.

Michael


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] SMB passthrough authentication and Encrypted passwords

2003-03-26 Thread Beau Hunter 
Hey all first post,
I recently set up an Apple Xserve running Mac OS X server v. 10.2.4 as a
SMB file server for a network of mixed win2k, win98, and Mac (classic) boxes
(samba version 2.2.3).  I currently have Open Directory setup to pull Active
Directory users and groups via ldap from the PDC, as well as SMB pass
through authentication (so winbindd is not needed).  Everything is currently
up and running, the main problem I have is that I can only get passthrough
authentication to run if I have encrypt passwords=NO setup in my smb.conf
file.  This obviously creates the hassle of both using unencrypted
passwords, and having to go to every 98 box and modify the registry to use
plaintext passwords.  If I switch encrypt passwords=YES, then from every
machine I try, be it 98, 2k, or xp, I receive an invalid password error.
There's obviously something I'm missing here, but I've scrounged the net and
archives and have found very little documentation on this.  My guess is that
the problem is due to a misconfiguration on the PDC end involving security
settings, but I've mucked about as much as I can on that, and not been able
to solve the issue.  Here's the relevant section of my smb.conf file:



client code page = 437
coding system = utf8
guest account = unknown
encrypt passwords = NO
local master = NO
inherent permissions= YES
max smbd processes = 0
server string = XServe
log file = /Library/Logs/WindowsServices/WindowsFileService.log
wins support = NO
wins server = 10.2.0.43
domain master = NO
workgroup = WORK
password server= SVR_PASSWD

(wg and pass server names changed)

I've joined the domain using smbpasswd -j WORK -r SVR_PASSWD -u Admin

The machine is showing as a member from my pdc.

With this conf, it works fine, but the second I change it to encrypt
passwords = yes, SMB authent is broken.

Anyone come across this before? Any suggestions?

TIA,
Beau Hunter





"The only thing necessary for evil to triumph is for good men to do
nothing."


-unknown



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Help regarding Samba Server

2003-03-26 Thread Abhijit Vaidya 

hi all,

I am student at ASU and i wanted to know if I could use Samba to export some local 
file system like NFS via samba server. I am using Red Hat Linux 8 (kernel 2.4.18-14). 
If it is possible kindly let me know how i can do it.

thanks,

Abhijit

Catch all the cricket action. Download Yahoo! Score tracker
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba 2.2.8-1 as W2k Member server

2003-03-26 Thread Sebastián Abate 
See
http://us3.samba.org/samba/ftp/docs/textdocs/Solaris-Winbind-HOWTO.txt.


Sebastián Abate
Telcom Sistemas
www.telcomsistemas.com.ar
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Andre Dieball
Sent: Miércoles, 26 de Marzo de 2003 01:34 p.m.
To: [EMAIL PROTECTED]
Subject: [Samba] Samba 2.2.8-1 as W2k Member server


Hello

I have a problem with setting up Samba as a AD member server.

Environment:
Linux tux 2.2.20-idepci (Debian Woody)
samba   2.2.8-1.woody
samba-common2.2.8-1.woody
smbclient   2.2.8-1.woody
(samba from people.samba.org/~peloy/samba)

Smb.conf:
---cut---
[global]
printer driver file = /etc/samba/printers.def
encrypt passwords = true
character set = ISO8859-15
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY 
kernel oplocks = No
invalid users = root
password server = de-mail, plains
interfaces = xx.xx.xx.xx/255.255.255.0
security = domain
server string = PDF-Test
workgroup = xx_
log level = 3
local master = No   
client code page = 850
netbios name = tux
log file = /var/log/samba/%m
guest account = nobody
os level = 2

[shr]
   path = /shr
   browseable = yes
   writeable = yes
   guest ok = yes
   force user = nobody

[pdf]
comment = PDF Printer
path = /var/tmp
create mask = 0600
guest ok = yes
printable = Yes
;   browseable = No
print command = /usr/bin/printpdf.sh %s %U
lpq command =
lprm command =
printer driver = HP C LaserJet 4500-PS
printer driver location = \\%h\printer$

[printer$]
path = /etc/samba/printdrivers
guest ok = yes
read only = yes
printable = yes
---cut---

I have created a machine acount in active directory named tux (as the
netbios name in smb.conf) and made it pre W2k compatible. Aftrewards, I
stopped samba and used:

Smbpasswd -j xx_x -r de-mail -U administrator

With the active directory administrator domain and received a message,
that the domain has been joined.

I see the node in network neighbourhood, but I can't access it. It
always askes for a username/password combination.

Any help is really appriciated.

Rgds.
Andre



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba versus WindowsXP

2003-03-26 Thread Tiago Cruz 

On Wed, 2003-03-26 at 16:04, Charles Galindo wrote:
> Hi all,
>  
> We have a problem between samba 2.2.2 (Linux RedHat) and WindowsXP with all
> patchs and updates.

Hei Charles!

Maybe this can help you:
http://www.linuxrapido.kit.net/dicas_samba.htm

This is my diary of the migration with samba...

Regards 

[ ]'s

Tiago Cruz
Org. King de Contab. S/C Ltda.
www.linuxrapido.kit.net
Linux User #282636


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba versus WindowsXP

2003-03-26 Thread Charles Galindo 
Hi all,
 
We have a problem between samba 2.2.2 (Linux RedHat) and WindowsXP with all
patchs and updates.
When logon my workstation in Samba 2.2.2 return message:
 
"Your password expire today. you need change."
 
Why?
 
Best Regards
 
 
Charles Galindo
VISUELLES Informática Ltda
[EMAIL PROTECTED]
  www.visuelles.com.br
  www.compiere.com.br
 
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] VFS Recycle bin in 2.2.7a.

2003-03-26 Thread Jason C. Leach 
hi,

I'm running Samba v2.2.7a and it works fine.  I noticed however that
I can no longer set the recycle bin directory with an absolute path.
It only accepts relative paths.  

What I want is to use a 'global' recycle bin. One for all shares.

Thanks,
j.


-- 
..
. Jason C. Leach
.. 

Current PGP/GPG Key ID: 43AD2024 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba 2.2.8-1 as W2k Member server

2003-03-26 Thread Robert Adkins II 
Andre,

Take a look at your old smb.conf file, if you still have it
available. I believe that you have a setting difference regarding
authentication that is causing your issue. 

We don't allow access to anyone that doesn't have an account on
the domain. So, our smb.conf is configured to disallow "guest" and
"nobody" accounts. Perhaps yours is configured in that fashion as well.

Good luck.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
586-254-5800


-Original Message-
From: Andre Dieball [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, March 26, 2003 12:33 PM
To: 'Robert Adkins II'; [EMAIL PROTECTED]
Subject: RE: [Samba] Samba 2.2.8-1 as W2k Member server

Hello Robert

Thanks for your mail.

The thing is, that it worked in exect the same configuration before
(Samba
2.2.7a).

I don't want Samba do be part of any kind of domain controllers, I just
want
it to offer services (printer) to active directory users.

I'm not sure, but I think, that's why anybody, who does not have an
samba
account uses the user "nobody".

I had this issue with 2.2.7a before, but can't remember how I solved it
:-(

Rgds.
Andre



> -Original Message-
> From: Robert Adkins II [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 26, 2003 5:59 PM
> To: 'Andre Dieball'; [EMAIL PROTECTED]
> Subject: RE: [Samba] Samba 2.2.8-1 as W2k Member server
> 
> 
> Andre,
> 
>   It does that because Samba is using its own internal
> smbpasswd file. While you may have been able to get Samba 
> 2.2.8-1 connected to the Windows 2000 Domain, it will not 
> replicate the SAM data (usernames/passwords).
> 
>   Run this test; create a Linux user account, then create
> a Samba User account of the same name. (The Linux User 
> account is required to create the Samba user account.) Once 
> you have done that, attempt to connect to the server using 
> Windows Explorer or whatever. (Make sure that you create a 
> user account/password combo that exists in your Windows 2000 
> AD.) If all goes well, that user account should connect 
> perfectly fine.
> 
>   I believe that they are working on figuring out how to
> get Samba to replicate the SAM data. However, that is still 
> some time off, I believe. 
> 
>   At this time, I know that you can setup a Samba PDC and
> another Samba server to act as a Samba Back-up Domain 
> Controller, as we have that configuration working fine in our office.
> 
> Regards,
> Robert Adkins II
> IT Manager/Buyer
> Impel Industries, Inc.
> 586-254-5800
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> On Behalf Of Andre Dieball
> Sent: Wednesday, March 26, 2003 11:34 AM
> To: [EMAIL PROTECTED]
> Subject: [Samba] Samba 2.2.8-1 as W2k Member server
> 
> Hello
> 
> I have a problem with setting up Samba as a AD member server.
> 
> Environment:
> Linux tux 2.2.20-idepci (Debian Woody)
> samba   2.2.8-1.woody
> samba-common2.2.8-1.woody
> smbclient   2.2.8-1.woody
> (samba from people.samba.org/~peloy/samba)
> 
> Smb.conf:
> ---cut---
> [global]
> printer driver file = /etc/samba/printers.def
> encrypt passwords = true
> character set = ISO8859-15
> socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY 
> kernel oplocks = No
> invalid users = root
> password server = de-mail, plains
> interfaces = xx.xx.xx.xx/255.255.255.0
> security = domain
> server string = PDF-Test
> workgroup = xx_
> log level = 3
> local master = No   
> client code page = 850
> netbios name = tux
> log file = /var/log/samba/%m
> guest account = nobody
> os level = 2
> 
> [shr]
>path = /shr
>browseable = yes
>writeable = yes
>guest ok = yes
>force user = nobody
> 
> [pdf]
> comment = PDF Printer
> path = /var/tmp
> create mask = 0600
> guest ok = yes
> printable = Yes
> ;   browseable = No
> print command = /usr/bin/printpdf.sh %s %U
> lpq command =
> lprm command =
> printer driver = HP C LaserJet 4500-PS
> printer driver location = \\%h\printer$
> 
> [printer$]
> path = /etc/samba/printdrivers
> guest ok = yes
> read only = yes
> printable = yes
> ---cut---
> 
> I have created a machine acount in active directory named tux
> (as the netbios name in smb.conf) and made it pre W2k 
> compatible. Aftrewards, I stopped samba and used:
> 
> Smbpasswd -j xx_x -r de-mail -U administrator
> 
> With the active directory administrator domain and received a
> message, that the domain has been joined.
> 
> I see the node in network neighbourhood, but I can't access
> it. It always askes for a username/password combination.
> 
> Any help is really appriciated.
> 
> Rgds.
>   Andre
> 
> 
> 
> --
> To unsubscribe from thi

Re: [Samba] Samba 3.0 - a bunch of really high level questions

2003-03-26 Thread John H Terpstra 
On Wed, 26 Mar 2003, Chere Zhou wrote:

>
> >> > 4) trust relationships in 2000 environment. Is it possible, what
> >> > needs to be done.
> >>
> >> This is undocumented at this time. Sorry, we will get around to it soon.
>
> >Trust relationships behave exactly as for NT4 - modulo bugs, for the member
> >server.  For the PDC, we only provide an NT4 PDC, and have not yet compleated
> >all that is required to trust other domains.
>
> I am using 3.0alpha21.  Trusts in a win2k domain (ADS mode) seem to work, but
> I do not see any trusted domain if join the domain using NT4 mode.  This is
> fixed in HEAD, but I do need to fix my 3.0a21 version for it.
>
> abartlet and jht, any hint for me of where to look at?

In samba-HEAD/docs/Samba-HOWTO-Collection.pdf might help you.

- John T.
-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Issues with home shares and W2K and MS Office

2003-03-26 Thread Dan Tappin 
Here is my global section:

# General Section

 workgroup = OROURKE
 netbios name = FILESERVER
 server string = OEL File Server
 log level = 3
 log file = /var/log/samba/%m.log
 share modes = yes
 encrypt passwords = yes
 wins support = yes
 wins proxy = yes
 smb passwrd file = /etc/smbpasswd

# Domain Server Section

 os level = 65
 local master = yes
 prefered master = yes
 domain master = yes
 remote announce = 192.168.0.255/OROURKE

# Performance Section

 read raw = yes
 write raw = yes
 oplocks = yes
 max xmit = 65535
 dead time = 15
 getwd cache = yes


I added security = SHARE but that did not change anything... same problem.

I am not running this as a PDC but I think I added the domain section
thinking ahead.

Dan


> -Original Message-
> From: Michael G. Noble [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 26, 2003 9:37 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [Samba] Issues with home shares and W2K and MS Office
>
>
> I have users on W2K accessing their home without a single problem.  Here
> is what my homes looks like:
>
> [home]
> comment = Home Directories
> path = /export/home/%u
> read only = No
> veto files = /.*/
>
> My users then mount the share as the H: drive: H: \\sambaserver\home
>
> \home will always map to the uses home directory that is logged in to
> the PC.
>
> Since you do not show your global config portion, I do not know if that
> is causing a problem, I suggest that you use security=SHARE, and make
> sure that encrypt passwords = Yes.
>
> Mike
>
> On Wed, 2003-03-26 at 08:15, Dan Tappin wrote:
> > Our office is running Samba 2.2.x on Red Hat 7.x
> >
> > We have a mixed bag of Win98 and recent W2K clients.   The new
> W2K clients
> > have no trouble connecting to the current shares including a home share:
> >
> > [homes]
> > comment = Home Directory
> > writeable = yes
> > read only = no
> > browseable = no
> > create mode = 0600
> > directory mode = 0700
> > hide dot files = yes
> > veto files = /desktop/
> > veto files = /.*/
> > inherit permissions = yes
> >
> > The problem is that when running MS Office 2000 (Word, Excel,
> Outlook etc)
> > the W2K clients can't access their home share.  They are given
> a 'You do not
> > have access to the folder '\\Fileserver\w2kuser\'.  See your
> administrator
> > to access this folder' error message.
> >
> > The users are forced to save to their desktop and manually copy
> these files
> > across to their home share.  This is not an issue on Win98 at all.
> >
> > Any ideas out there?  I have searched the lists and can't find
> an obvious
> > solution.
> >
> > Thanks,
> >
> > Dan
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> --
> Michael G. Noble  RF Magic, Inc.
> Senior System Administrator   10182 Telesis Ct., 4th Floor
>   San Diego, CA.   92121
> email: [EMAIL PROTECTED]   voice: (858) 546-2401 x207
>   fax:   (858) 546-2402
> --
> There is Sanity in my Madness!
>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] WARNING: The "printer driver location"option is deprecated

2003-03-26 Thread Andre Dieball 
Hello

After upgrade to 2.2.8-1 woody fom 2.2.7a I get (apart from other problems)
the following error message:

WARNING: The "printer driver location"option is deprecated

As I use the Samba server only for printing, I'm not sure, what this means
to me, as I have the follwoing in my smb.conf:

printer driver file = /etc/samba/printers.def

Any help is really appreciated.

Thanks a lot in advance.


Mit freundlichen Grüßen / Yours sincerely,

Andre Dieball


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0 - a bunch of really high level questions

2003-03-26 Thread Chere Zhou 

>> > 4) trust relationships in 2000 environment. Is it possible, what
>> > needs to be done.
>> 
>> This is undocumented at this time. Sorry, we will get around to it soon.

>Trust relationships behave exactly as for NT4 - modulo bugs, for the member
>server.  For the PDC, we only provide an NT4 PDC, and have not yet compleated
>all that is required to trust other domains.  

I am using 3.0alpha21.  Trusts in a win2k domain (ADS mode) seem to work, but 
I do not see any trusted domain if join the domain using NT4 mode.  This is 
fixed in HEAD, but I do need to fix my 3.0a21 version for it. 

abartlet and jht, any hint for me of where to look at?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Help! winbind idmap corrupt!

2003-03-26 Thread daniel . jarboe 
> Our problems with the attempted upgrade to 2.2.8 continue. 
> On a production machine running 2.2.3, I backed out of the 
> 2.2.8 upgrade due to winbind strangeness reported in earlier 
> post. Things *appeared* normal, until this morning, when I 
> noticed that an 'ls -l' no longer shows domain usernames, and 
> a 'chacl -l' also no longer shows names, only winbind ids. 

If winbind is not running, then nsswitch cannot convert those
uid's to user names.  Is it running?

> Furthermore, comparing these ids to the output of 'getent 
> passwd' or 'getent group', it appears the idmap is totally 
> messed up. I have searched but not found any posts telling 
> how to rebuild this file -surely there must be a way?
> 
> There are 400 domain users involved, so rebuilding by hand is 
> not an option...

Uh oh, sounds like you'll have to restore your winbindd_idmap.tdb
from backup.

Perhaps the format of the tdb changed from 2.2.3 to 2.2.8... or
maybe the file was lost during your upgrade/downgrade?

Sorry not more help,
~ Daniel
















---

This message is the property of Time Inc. or its affiliates. It may be
legally privileged and/or confidential and is intended only for the use
of the addressee(s). No addressee should forward, print, copy, or
otherwise reproduce this message in any manner that would allow it to be
viewed by any individual not originally listed as a recipient. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorized disclosure, dissemination, distribution,
copying or the taking of any action in reliance on the information
herein is strictly prohibited. If you have received this communication
in error, please immediately notify the sender and delete this message.
Thank you.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Change password 1st logon

2003-03-26 Thread helio 
Hello everyone, i would like to know if there is a way to change the samba
user´s password is the first logon???


Hélio Dubeux Neto
Depto. Técnico
INTERSIGHT
www.intersight.com.br
(81) 3221 - 8511



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba 2.2.8-1 as W2k Member server

2003-03-26 Thread Andre Dieball 
Hello Robert

Thanks for your mail.

The thing is, that it worked in exect the same configuration before (Samba
2.2.7a).

I don't want Samba do be part of any kind of domain controllers, I just want
it to offer services (printer) to active directory users.

I'm not sure, but I think, that's why anybody, who does not have an samba
account uses the user "nobody".

I had this issue with 2.2.7a before, but can't remember how I solved it :-(

Rgds.
Andre



> -Original Message-
> From: Robert Adkins II [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 26, 2003 5:59 PM
> To: 'Andre Dieball'; [EMAIL PROTECTED]
> Subject: RE: [Samba] Samba 2.2.8-1 as W2k Member server
> 
> 
> Andre,
> 
>   It does that because Samba is using its own internal
> smbpasswd file. While you may have been able to get Samba 
> 2.2.8-1 connected to the Windows 2000 Domain, it will not 
> replicate the SAM data (usernames/passwords).
> 
>   Run this test; create a Linux user account, then create
> a Samba User account of the same name. (The Linux User 
> account is required to create the Samba user account.) Once 
> you have done that, attempt to connect to the server using 
> Windows Explorer or whatever. (Make sure that you create a 
> user account/password combo that exists in your Windows 2000 
> AD.) If all goes well, that user account should connect 
> perfectly fine.
> 
>   I believe that they are working on figuring out how to
> get Samba to replicate the SAM data. However, that is still 
> some time off, I believe. 
> 
>   At this time, I know that you can setup a Samba PDC and
> another Samba server to act as a Samba Back-up Domain 
> Controller, as we have that configuration working fine in our office.
> 
> Regards,
> Robert Adkins II
> IT Manager/Buyer
> Impel Industries, Inc.
> 586-254-5800
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> On Behalf Of Andre Dieball
> Sent: Wednesday, March 26, 2003 11:34 AM
> To: [EMAIL PROTECTED]
> Subject: [Samba] Samba 2.2.8-1 as W2k Member server
> 
> Hello
> 
> I have a problem with setting up Samba as a AD member server.
> 
> Environment:
> Linux tux 2.2.20-idepci (Debian Woody)
> samba   2.2.8-1.woody
> samba-common2.2.8-1.woody
> smbclient   2.2.8-1.woody
> (samba from people.samba.org/~peloy/samba)
> 
> Smb.conf:
> ---cut---
> [global]
> printer driver file = /etc/samba/printers.def
> encrypt passwords = true
> character set = ISO8859-15
> socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY 
> kernel oplocks = No
> invalid users = root
> password server = de-mail, plains
> interfaces = xx.xx.xx.xx/255.255.255.0
> security = domain
> server string = PDF-Test
> workgroup = xx_
> log level = 3
> local master = No   
> client code page = 850
> netbios name = tux
> log file = /var/log/samba/%m
> guest account = nobody
> os level = 2
> 
> [shr]
>path = /shr
>browseable = yes
>writeable = yes
>guest ok = yes
>force user = nobody
> 
> [pdf]
> comment = PDF Printer
> path = /var/tmp
> create mask = 0600
> guest ok = yes
> printable = Yes
> ;   browseable = No
> print command = /usr/bin/printpdf.sh %s %U
> lpq command =
> lprm command =
> printer driver = HP C LaserJet 4500-PS
> printer driver location = \\%h\printer$
> 
> [printer$]
> path = /etc/samba/printdrivers
> guest ok = yes
> read only = yes
> printable = yes
> ---cut---
> 
> I have created a machine acount in active directory named tux
> (as the netbios name in smb.conf) and made it pre W2k 
> compatible. Aftrewards, I stopped samba and used:
> 
> Smbpasswd -j xx_x -r de-mail -U administrator
> 
> With the active directory administrator domain and received a
> message, that the domain has been joined.
> 
> I see the node in network neighbourhood, but I can't access
> it. It always askes for a username/password combination.
> 
> Any help is really appriciated.
> 
> Rgds.
>   Andre
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
> 
> 
> 


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Help! winbind idmap corrupt!

2003-03-26 Thread Shawn Wright 
Our problems with the attempted upgrade to 2.2.8 continue. 
On a production machine running 2.2.3, I backed out of the 
2.2.8 upgrade due to winbind strangeness reported in earlier 
post. Things *appeared* normal, until this morning, when I 
noticed that an 'ls -l' no longer shows domain usernames, and 
a 'chacl -l' also no longer shows names, only winbind ids. 
Furthermore, comparing these ids to the output of 'getent 
passwd' or 'getent group', it appears the idmap is totally 
messed up. I have searched but not found any posts telling 
how to rebuild this file -surely there must be a way?

There are 400 domain users involved, so rebuilding by hand is 
not an option...


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Shawn Wright, Systems Manager
Shawnigan Lake School
http://www.sls.bc.ca
[EMAIL PROTECTED]



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] no route to host between Mac samba and Linux samba

2003-03-26 Thread Kyle Loree 
[EMAIL PROTECTED] writes:
>I have a mac running Mac OS X ans samba 2.2.5 which is provided by
>Apple. The Linux server have samba 2.2.8 (the last one). Sometimes, in
>the server logs, you have:
>[2003/03/26 14:26:30, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = No route to host
>in this case, the Macclient  lost the samba connection and has to reboot
>because a silly error (Mac error: -47, % macerror -47
>Mac OS error -47 (fBsyErr): File is busy (delete) )
>I don't understand the no route to host message because the error occurs
>only once (or 2 times) per day   
>the problem occurs even if netatalk (appletalk) is not running
>some suggestions ?
>
>-- 
>Jean-Max Reymond
>derniËre Èruption de l'Etna: http://jmreymond.free.fr/Etna2002

Apple machines work way better on a half duplex connection, it must be
forced on the switch and then the machine will accept it, or you can get a
util from versiontracker called "cocktail"  it will let you set the mode
of the en* controller.

do you have the lastest software updates on?

I think this is a more mac side error than a samba prob.
perhaps we should look into getting a apple-samba list going.
god knows it could have helped me a while ago.

Mac's are getting better, open source may save them.
they have to find a way to update better though.

good luck, I hope that kinda helps.

Kyle Loree
Rendek Communications
[EMAIL PROTECTED]

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] problems compiling Samba 2.2.8 on Solaris 2.8

2003-03-26 Thread Greg Petras 
Hi -

I am trying to compile and install 2.2.8 to /opt/samba, but I keep getting
the following errors after I 'make install' and try to start smbd using
'/opt/samba/sbin/smbd -d 2 -D -s /opt/samba/lib/smb.conf':

  Unable to open new log file /usr/local/samba/var/log.smbd: No such file or
directory
[2003/03/25 10:21:56, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /usr/local/samba/var/log.smbd: No such file or
directory
[2003/03/25 10:21:56, 2] lib/interface.c:add_interface(81)
  added interface ip=172.26.38.51 bcast=255.255.255.255 nmask=0.0.0.0
[2003/03/25 10:21:56, 0] passdb/secrets.c:secrets_init(44)
  Failed to open /usr/local/samba/etc/private/secrets.tdb
[2003/03/25 10:21:56, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163)
  pdb_generate_sam_sid: Failed to store generated machine SID.
[2003/03/25 10:21:56, 0] smbd/server.c:main(877)
  ERROR: Samba cannot create a SAM SID.

The weird thing is these errors appear in /opt/samba/var, but it is still
complaining about /usr/local/samba.

When I ran the ./configure script I used the following options:

# ./configure --prefix=/opt/samba \
--with-privatedir=/opt/samba/private --with-lockdir=/opt/samba/var/locks \
--with-piddir=/opt/samba/var/locks --with-swatdir=/opt/samba/swat \
--with-configdir=/opt/samba/lib --with-logfilebase=/opt/samba/var \
--with-logfilebase=/opt/samba/var --with-automount

So I did properly set my logfile base to /opt/samba/var but samba still
seems to think it should be /usr/local/samba. Did I forget something? Any
help is much appreciated as I am fairly new to Samba.

Thanks,

Greg

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba 2.2.8-1 as W2k Member server

2003-03-26 Thread Robert Adkins II 
Andre,

It does that because Samba is using its own internal smbpasswd
file. While you may have been able to get Samba 2.2.8-1 connected to the
Windows 2000 Domain, it will not replicate the SAM data
(usernames/passwords).

Run this test; create a Linux user account, then create a Samba
User account of the same name. (The Linux User account is required to
create the Samba user account.) Once you have done that, attempt to
connect to the server using Windows Explorer or whatever. (Make sure
that you create a user account/password combo that exists in your
Windows 2000 AD.) If all goes well, that user account should connect
perfectly fine.

I believe that they are working on figuring out how to get Samba
to replicate the SAM data. However, that is still some time off, I
believe. 

At this time, I know that you can setup a Samba PDC and another
Samba server to act as a Samba Back-up Domain Controller, as we have
that configuration working fine in our office.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
586-254-5800


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Andre Dieball
Sent: Wednesday, March 26, 2003 11:34 AM
To: [EMAIL PROTECTED]
Subject: [Samba] Samba 2.2.8-1 as W2k Member server

Hello

I have a problem with setting up Samba as a AD member server.

Environment:
Linux tux 2.2.20-idepci (Debian Woody)
samba   2.2.8-1.woody
samba-common2.2.8-1.woody
smbclient   2.2.8-1.woody
(samba from people.samba.org/~peloy/samba)

Smb.conf:
---cut---
[global]
printer driver file = /etc/samba/printers.def
encrypt passwords = true
character set = ISO8859-15
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY 
kernel oplocks = No
invalid users = root
password server = de-mail, plains
interfaces = xx.xx.xx.xx/255.255.255.0
security = domain
server string = PDF-Test
workgroup = xx_
log level = 3
local master = No   
client code page = 850
netbios name = tux
log file = /var/log/samba/%m
guest account = nobody
os level = 2

[shr]
   path = /shr
   browseable = yes
   writeable = yes
   guest ok = yes
   force user = nobody

[pdf]
comment = PDF Printer
path = /var/tmp
create mask = 0600
guest ok = yes
printable = Yes
;   browseable = No
print command = /usr/bin/printpdf.sh %s %U
lpq command =
lprm command =
printer driver = HP C LaserJet 4500-PS
printer driver location = \\%h\printer$

[printer$]
path = /etc/samba/printdrivers
guest ok = yes
read only = yes
printable = yes
---cut---

I have created a machine acount in active directory named tux (as the
netbios name in smb.conf) and made it pre W2k compatible.
Aftrewards, I stopped samba and used:

Smbpasswd -j xx_x -r de-mail -U administrator

With the active directory administrator domain and received a message,
that
the domain has been joined.

I see the node in network neighbourhood, but I can't access it. It
always
askes for a username/password combination.

Any help is really appriciated.

Rgds.
Andre



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Connection of Linux/Unix clients to Samba PDC

2003-03-26 Thread Robert Adkins II 
Brian,

A Samba PDC acts like a Windows NT 4.0 Domain Controller. The
issue you are experiencing is likely related to the configurations you
had to do in order to get the Linux systems to connect to the Win2K
Domain Controller. 

That is where I would start looking. Unfortunately, I haven't
had a chance to focus on adding Linux workstations to our network. Just
one machine that I use for some testing of software we would potentially
use in out network someday. With that system, I was using
LinNeighborhood and never ran into any issues with connecting to the
Linux PDC. (It is a fairly manual method of mounting shares though.)

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
586-254-5800


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Brian Crittenden
Sent: Wednesday, March 26, 2003 11:29 AM
To: [EMAIL PROTECTED]
Subject: [Samba] Connection of Linux/Unix clients to Samba PDC

We replaced our Win2k PDC with a Samba PDC and have all Windows clients
are
connecting.  But we are having difficulty logging on with the Linux and
Unix
servers to this domain.  Is there something that must be done
differently
for them to connect?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba 2.2.8-1 as W2k Member server

2003-03-26 Thread Andre Dieball 
Hello

I have a problem with setting up Samba as a AD member server.

Environment:
Linux tux 2.2.20-idepci (Debian Woody)
samba   2.2.8-1.woody
samba-common2.2.8-1.woody
smbclient   2.2.8-1.woody
(samba from people.samba.org/~peloy/samba)

Smb.conf:
---cut---
[global]
printer driver file = /etc/samba/printers.def
encrypt passwords = true
character set = ISO8859-15
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY 
kernel oplocks = No
invalid users = root
password server = de-mail, plains
interfaces = xx.xx.xx.xx/255.255.255.0
security = domain
server string = PDF-Test
workgroup = xx_
log level = 3
local master = No   
client code page = 850
netbios name = tux
log file = /var/log/samba/%m
guest account = nobody
os level = 2

[shr]
   path = /shr
   browseable = yes
   writeable = yes
   guest ok = yes
   force user = nobody

[pdf]
comment = PDF Printer
path = /var/tmp
create mask = 0600
guest ok = yes
printable = Yes
;   browseable = No
print command = /usr/bin/printpdf.sh %s %U
lpq command =
lprm command =
printer driver = HP C LaserJet 4500-PS
printer driver location = \\%h\printer$

[printer$]
path = /etc/samba/printdrivers
guest ok = yes
read only = yes
printable = yes
---cut---

I have created a machine acount in active directory named tux (as the
netbios name in smb.conf) and made it pre W2k compatible.
Aftrewards, I stopped samba and used:

Smbpasswd -j xx_x -r de-mail -U administrator

With the active directory administrator domain and received a message, that
the domain has been joined.

I see the node in network neighbourhood, but I can't access it. It always
askes for a username/password combination.

Any help is really appriciated.

Rgds.
Andre



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Connection of Linux/Unix clients to Samba PDC

2003-03-26 Thread Brian Crittenden 
We replaced our Win2k PDC with a Samba PDC and have all Windows clients are
connecting.  But we are having difficulty logging on with the Linux and Unix
servers to this domain.  Is there something that must be done differently
for them to connect?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Issues with home shares and W2K and MS Office

2003-03-26 Thread Dan Tappin 
Our office is running Samba 2.2.x on Red Hat 7.x

We have a mixed bag of Win98 and recent W2K clients.   The new W2K clients
have no trouble connecting to the current shares including a home share:

[homes]
comment = Home Directory
writeable = yes
read only = no
browseable = no
create mode = 0600
directory mode = 0700
hide dot files = yes
veto files = /desktop/
veto files = /.*/
inherit permissions = yes

The problem is that when running MS Office 2000 (Word, Excel, Outlook etc)
the W2K clients can't access their home share.  They are given a 'You do not
have access to the folder '\\Fileserver\w2kuser\'.  See your administrator
to access this folder' error message.

The users are forced to save to their desktop and manually copy these files
across to their home share.  This is not an issue on Win98 at all.

Any ideas out there?  I have searched the lists and can't find an obvious
solution.

Thanks,

Dan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Single shared directory, with a universal password

2003-03-26 Thread Brian Wiese 
On 17 Mar 2003 12:07:39 +1100
Andrew Bartlett <[EMAIL PROTECTED]> wrote:

|On Mon, 2003-03-17 at 11:37, [EMAIL PROTECTED] wrote:
|> Hello,
|> 
|> I am using Samba "Version 2.2.3a-12 for Debian" on a Debian 3.0 system.
|> I have looked at lots of Samba documentation and have not been able to
|> find anything explaining what I need. I want to create a single
|> directory on my Samba server that is ok for any user (e.g. 'guest ok =
|> yes'), but is password protected. Meaning, I want a share that any user
|> can access as long as they have the password to that specific
|> directory. I haven't seen how to do this anywhere, so any assistance
|> that you could offer would be most appreciative. Thanks a lot!
|
|Set 'security=share' on the server, and create an account in smbpasswd
|for a new user 'share_user' (or whatever you like to call it).
|
|Then put 'user = share_user' and 'valid users = share_user' in the
|declaration for that share. 

Might also want to add "force user = share_user"
>From 'man smb.conf'...
   force user (S)
  This  specifies  a  UNIX  user  name  that  will be
  assigned as the default user for all users connect­
  ing  to  this  service.  This is useful for sharing
  files. You should also use it carefully as using it
  incorrectly can cause security problems.

  This  user name only gets used once a connection is
  established.  Thus clients still need to connect as
  a valid user and supply a valid password. Once con­
  nected, all file operations will  be  performed  as
  the  "forced  user",  no  matter  what username the
  client connected as. This can be very useful.

|This gets you pretty close to the 'share level' password on Win9X.  Not
|quite (because we map to unix users) but pretty close.
|
|Note that setting 'security=share' will affect other shares on the
|server, so you might want to look into a %L include to host this on a
|separate virtual hostname.
|
|Andrew Bartlett
|
|-- 
|Andrew Bartlett [EMAIL PROTECTED]
|Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
|Student Network Administrator, Hawker College   [EMAIL PROTECTED]
|http://samba.org http://build.samba.org http://hawkerc.net
|


  Brian Wiese | [EMAIL PROTECTED] | aim: unolinuxguru
--
  GnuPG/PGP key 0xF3220030 | "FREEDOM!" - Braveheart 
--  
This is not about Napster or DVDs. It's about your Freedom.
  I'll see your DMCA and raise you a First Amendment.
  http://www.anti-dmca.org
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] 2.2.8 - Permissions display differently

2003-03-26 Thread dowlime 
We were using 2.0.6 on a SunOS 5.6 server, using domain security in an NT domain, and 
have upgraded to 2.2.8 for the security fix.  Now, when the file permissions are 
displayed on an NT client, ACL's are only shown for user/group/other if there are R,W, 
or X permissions.  If u, g, or o have no rights, the ACL is not displayed for them. 

Example, 
in 2.0.6, with a file with r--r- permissions (440), the NT permissions display 
would have an ACL for the owner with R permissions, an ACL for the group with R 
permissions, and the Everyone group would show as O for no permissions.
In 2.2.8 with the same file, the NT permissions dialog only shows an ACL line for the 
owner, and an ACL line for the group, but NO ACL line for Everyone since they have no 
permissions
If a file had r permissions, there won't be an ACL line for the group either.

In addition, we can't "Add" an ACL for the ones not displayed - In other words, in the 
first example, we couldn't Add the Everyone group with R prrmissions to give world 
read.

Is this normal behavior in 2.2.8, or should we see the same displays as before?
How can we get the displays to show as before, or what might we have missed?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Solaris 9 sparc, Forte C compile errors (2_2 branch)

2003-03-26 Thread Steve Kennedy 
Still compile errors on Solaris 9 (Ultra Sparc in 64bit mode)
Forte C, 2_2 branch from CVS as of about 11am UK time.

Only errors shown: -

rebuilding include/proto.h
Using FLAGS =  -O  -I./popt -Iinclude -I./include -I./ubiqx -I./smbwrapper 
-I/usr/local//include -I/usr/local//include  -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -DLOGFILEBASE="/usr/local/samba/var" 
-DCONFIGFILE="/usr/local/samba/lib/smb.conf" 
-DLMHOSTSFILE="/usr/local/samba/lib/lmhosts"   -DSWATDIR="/usr/local/samba/swat" 
-DSBINDIR="/usr/local/samba/bin" -DLOCKDIR="/usr/local/samba/var/locks" 
-DCODEPAGEDIR="/usr/local/samba/lib/codepages" 
-DDRIVERFILE="/usr/local/samba/lib/printers.def" -DBINDIR="/usr/local/samba/bin" 
-DPIDDIR="/usr/local/samba/var/locks" -DLIBDIR="/usr/local/samba/lib" 
-DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/usr/bin/passwd" 
-DSMB_PASSWD_FILE="/usr/local/samba/private/smbpasswd" 
-DTDB_PASSWD_FILE="/usr/local/samba/private/smbpasswd.tdb"
Using FLAGS32 =  -O  -I./popt -Iinclude -I./include -I./ubiqx -I./smbwrapper 
-I/usr/local//include -I/usr/local//include  -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -DLOGFILEBASE="/usr/local/samba/var" 
-DCONFIGFILE="/usr/local/samba/lib/smb.conf" 
-DLMHOSTSFILE="/usr/local/samba/lib/lmhosts"   -DSWATDIR="/usr/local/samba/swat" 
-DSBINDIR="/usr/local/samba/bin" -DLOCKDIR="/usr/local/samba/var/locks" 
-DCODEPAGEDIR="/usr/local/samba/lib/codepages" 
-DDRIVERFILE="/usr/local/samba/lib/printers.def" -DBINDIR="/usr/local/samba/bin" 
-DPIDDIR="/usr/local/samba/var/locks" -DLIBDIR="/usr/local/samba/lib" 
-DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/usr/bin/passwd" 
-DSMB_PASSWD_FILE="/usr/local/samba/private/smbpasswd" 
-DTDB_PASSWD_FILE="/usr/local/samba/private/smbpasswd.tdb"
Using LIBS = -lsec -lgen -lsocket -lnsl  -ldl

Compiling libsmb/clirap.c
"libsmb/clirap.c", line 114: warning: argument #9 is incompatible with prototype:
prototype: pointer to unsigned int : "libsmb/clirap.c", line 57
argument : pointer to int
"libsmb/clirap.c", line 114: warning: argument #11 is incompatible with prototype:
prototype: pointer to unsigned int : "libsmb/clirap.c", line 57
argument : pointer to int
"libsmb/clirap.c", line 164: warning: argument #9 is incompatible with prototype:
prototype: pointer to unsigned int : "libsmb/clirap.c", line 57
argument : pointer to int
"libsmb/clirap.c", line 164: warning: argument #11 is incompatible with prototype:
prototype: pointer to unsigned int : "libsmb/clirap.c", line 57
argument : pointer to int
"libsmb/clirap.c", line 244: warning: argument #9 is incompatible with prototype:
prototype: pointer to unsigned int : "libsmb/clirap.c", line 57
argument : pointer to int
"libsmb/clirap.c", line 244: warning: argument #11 is incompatible with prototype:
prototype: pointer to unsigned int : "libsmb/clirap.c", line 57
argument : pointer to int
"libsmb/clirap.c", line 356: warning: argument #4 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1294
argument : pointer to int
"libsmb/clirap.c", line 356: warning: argument #6 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1294
argument : pointer to int

Compiling libsmb/cliprint.c
"libsmb/cliprint.c", line 87: warning: argument #9 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1237
argument : pointer to int
"libsmb/cliprint.c", line 87: warning: argument #11 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1237
argument : pointer to int
"libsmb/cliprint.c", line 148: warning: argument #9 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1237
argument : pointer to int
"libsmb/cliprint.c", line 148: warning: argument #11 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1237
argument : pointer to int

Compiling libsmb/clisecdesc.c
"libsmb/clisecdesc.c", line 52: warning: argument #3 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1303
argument : pointer to int
"libsmb/clisecdesc.c", line 52: warning: argument #5 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1303
argument : pointer to int
"libsmb/clisecdesc.c", line 116: warning: argument #3 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1303
argument : pointer to int
"libsmb/clisecdesc.c", line 116: warning: argument #5 is incompatible with prototype:
prototype: pointer to unsigned int : "include/proto.h", line 1303
argument : pointer to int

Compiling rpc_parse/parse_spoolss.c
"rpc_parse/parse_spoolss.c", line 1209: warning: assignment

[Samba] winbind database changed after power loss

2003-03-26 Thread Roach, Mark R. 
After a power loss last night, the winbind database appears to be
different. several of my users' home dirs are owned by the wrong person
or a non-mapped uid.

How can I avoid this? Is it as simple as running sync every so often?

Thanks,

Mark Roach

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] no route to host between Mac samba and Linux samba

2003-03-26 Thread Jean-Max Reymond 
I have a mac running Mac OS X ans samba 2.2.5 which is provided by
Apple. The Linux server have samba 2.2.8 (the last one). Sometimes, in
the server logs, you have:
[2003/03/26 14:26:30, 0] lib/util_sock.c:read_data(436)
  read_data: read failure for 4. Error = No route to host
in this case, the Macclient  lost the samba connection and has to reboot
because a silly error (Mac error: -47, % macerror -47
Mac OS error -47 (fBsyErr): File is busy (delete) )
I don't understand the no route to host message because the error occurs
only once (or 2 times) per day   
the problem occurs even if netatalk (appletalk) is not running
some suggestions ?
--
Jean-Max Reymond
dernière éruption de l'Etna: http://jmreymond.free.fr/Etna2002
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Fw: share a folder rw, but not deletable?

2003-03-26 Thread Marco De Vitis 
On Wed, 26 Mar 2003 02:38:43 -0600, Brian Wiese wrote:

> I've tried setting the directories with the sticky bit (i) with "chattr +i
> dir/" and that didn't work... as now the users could not r/w data within
> the directory.  I don't want the directories to be renamed or deleted. 

I solved a similar situation this way: I changed the mode of all files 
in the share to 666, and dirs to 1777 (that's 777 + sticky bit). This 
means that anyone can read the contents of the share, but they cannot 
delete or rename any file or directory and they cannot edit the contents 
of any existing file (exception made for one user, the owner of all 
files and dirs, who can do anything).

Anyway, everyone can add files and dirs, but I also used these two 
options:
force create mode = 666
force directory mode = 1777

Then, every night, an automated script sets the privileged user as the 
owner of all files and dirs in the share.
So, if someone adds a file or dir, he has the possibility to delete or 
edit it for the whole day; then, the next day, the objects he added are 
"locked" again, just like the rest of the share.

The only difference, in your case, might be if you want to allow users 
to edit existing files. I do not have a solution for this... you might 
remove the sticky bit from the directory containing the files to be 
edited, but this will allow other users to also delete or rename subdirs 
contained in the same dir.

-- 
Ciao,
  Marco.

..."The Glimpse", Trilok Gurtu 1997

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Can't reach Samba shares from Win XP Pro

2003-03-26 Thread Dennis O'Neill 
Srinivas,

If you did a standard RH8 install and enabled the firewall, it may be 
blocking access to the shares. To confirm this, just drop the security 
level to none and see it the share appears under the Samba server name 
on the XP system.

Good luck,

Dennis

-Original Message-
From: Srinivas Murty [mailto:[EMAIL PROTECTED]
Sent: Monday, March 24, 2003 9:39 PM
To: [EMAIL PROTECTED]
Subject: [Samba] Can't reach Samba shares from Win XP Pro
This seems to be common enough problem. I've used a variety of methods 
(command line as well as utilities like LinNeighborhood) to mount XP 
shares on my RedHat 8.0 running Samba 2.2.7. I get consistent problems 
the other way around. Despite a couple of shares on my Linux partition, 
I am just unable to do get to it. Network Neighborhood shows my 
Linux/Samba server but no shares, nor can I explicitly map the share to 
a Win XP logical drive.

While troubleshooting by reading Sam24hc13.qxd (an extract from an 
excellent book, I might add), I found that I run into trouble trying to 
use "nmblookup -B  ". The same 
command works fine if I give it the names of my two XP machines. I 
somehow suspect this is the main reason why I'm having troubles 
elsewhere. Does anyone have an answer?

Srinivas Murty



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba client with iptables

2003-03-26 Thread Rob Nagler 
Philippe Dhont   (Sea-ro) writes:
> what ports is samba using ?

% egrep 'netbios|microsoft' /etc/services
netbios-ns  137/tcp # NETBIOS Name Service
netbios-ns  137/udp
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp
netbios-ssn 139/tcp # NETBIOS session service
netbios-ssn 139/udp
microsoft-ds445/tcp
microsoft-ds445/udp

Rob



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Error connecting from an W2K.

2003-03-26 Thread Jim Wharton 
at the command line, type set. This will return all sorts of results.

one line should read something like:

LOGONSERVER=\\DomainController

if it reads:

LOGONSERVER=\\YourWorkstation, then you are not truly authenticating to the
domain.

another line will read:

USERDOMAIN=YOURDOMAIN make sure that this specifies your domain.

The error you are reporting, is because somewhere along the line, the remote
share does not know who you are.

Jim


> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
>  Behalf Of
> TURPIN, SERGE
> Sent: Wednesday, March 26, 2003 8:14 AM
> To: Samba-List
> Subject: [Samba] Error connecting from an W2K.
> 
> 
> Guys,
> 
> I quick question for the expert.
> 
> I run samba server 2.2.3a on a HP 11i Unix server.
> All connectivity testing between the samba server and the 
> workstation seems
> to working fine.
> The problem is when I try to connect to the samba server from 
> a W2K machine
> on the same workgroup, not on the same subnet network.
> I receive this following error when invoking the
> Net view \\tivlab22\pub command
> System error 5 has occurred.
> Access is denied
> 
> I also received the following error when invoking a net use command.
> The account is not authorized to log in from this workstation.
> 
> Some tips from you guys will be very appreciated.
> 
> Regards
> Serge Turpin
> CGI // GIT Services
> 
> Office: (514) 878-8700  ext:4732
> Fax : (514) 393-0123
> Cellular : (514) 233-1073
> Pager : (514) 741-0625
> 
> <>
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 


OutBound Mail Scanned by Mcafee Web Appliance.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] print$ share problem URGENT - BUG

2003-03-26 Thread stephane . purnelle 
Hello

I try to install drivers from CD to print$ share.
I use the APW for that, but when the system have finish to copy drivers,
w2k says that he cannot complete the process.

And the log of the machine says :

[2003/03/26 11:56:41, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
  ldap_connect_system: Binding to ldap server as
"cn=manager,dc=corman,dc=be"
[2003/03/26 14:26:53, 0] smbd/service.c:make_connection(252)
  donglesvr (10.217.7.11) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
  ldap_connect_system: Binding to ldap server as
"cn=manager,dc=corman,dc=be"
[2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
  ldap_connect_system: Binding to ldap server as
"cn=manager,dc=corman,dc=be"
[2003/03/26 14:28:04, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
  ldap_connect_system: Binding to ldap server as
"cn=manager,dc=corman,dc=be"
[2003/03/26 14:29:41, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16328)
[2003/03/26 14:29:49, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16328)
[2003/03/26 14:29:49, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:29:49, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16328)
[2003/03/26 14:29:50, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(38)
  ===
[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(39)
  INTERNAL ERROR: Signal 11 in pid 16328 (2.2.8)
  Please read the file BUGS.txt in the distribution
[2003/03/26 14:29:50, 0] lib/fault.c:fault_report(41)
  ===
[2003/03/26 14:29:50, 0] lib/util.c:smb_panic(1094)
  PANIC: internal error
[2003/03/26 14:29:50, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
  ldap_connect_system: Binding to ldap server as
"cn=manager,dc=corman,dc=be"
[2003/03/26 14:29:50, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16602)
[2003/03/26 14:30:18, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:30:18, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16602)
[2003/03/26 14:31:05, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16602)
[2003/03/26 14:31:05, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:31:05, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16602)
[2003/03/26 14:31:06, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:31:06, 0] lib/fault.c:fault_report(38)
  ===
[2003/03/26 14:31:06, 0] lib/fault.c:fault_report(39)
  INTERNAL ERROR: Signal 11 in pid 16602 (2.2.8)
  Please read the file BUGS.txt in the distribution
[2003/03/26 14:31:06, 0] lib/fault.c:fault_report(41)
  ===
[2003/03/26 14:31:06, 0] lib/util.c:smb_panic(1094)
  PANIC: internal error
[2003/03/26 14:31:06, 0] passdb/pdb_ldap.c:ldap_connect_system(316)
  ldap_connect_system: Binding to ldap server as
"cn=manager,dc=corman,dc=be"
[2003/03/26 14:31:06, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16612)
[2003/03/26 14:31:28, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:31:31, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16612)
[2003/03/26 14:31:38, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16612)
[2003/03/26 14:31:38, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:31:38, 1] smbd/service.c:make_connection(636)
  donglesvr (10.217.7.11) connect to service print$ as user root (uid=0,
gid=0) (pid 16612)
[2003/03/26 14:31:38, 1] smbd/service.c:close_cnum(677)
  donglesvr (10.217.7.11) closed connection to service print$
[2003/03/26 14:31:38, 0] lib/fault.c:fault_report(38)
  ===
[2003/03/26 14:31:38, 0] lib/fault.c:fault_report(39)
  INTERNAL ERROR:

[Samba] samba client with iptables

2003-03-26 Thread Philippe Dhont (Sea-ro) 
hi, 
i have a linux firewall and i want to "mount -t smbfs" to a samba server but
what ports is samba using ?
because i don't know what ports to set op for this on my input.

regards, 

Philippe Dhont 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Error connecting from an W2K.

2003-03-26 Thread TURPIN, SERGE 
Guys,

I quick question for the expert.

I run samba server 2.2.3a on a HP 11i Unix server.
All connectivity testing between the samba server and the workstation seems
to working fine.
The problem is when I try to connect to the samba server from a W2K machine
on the same workgroup, not on the same subnet network.
I receive this following error when invoking the
Net view \\tivlab22\pub command
System error 5 has occurred.
Access is denied

I also received the following error when invoking a net use command.
The account is not authorized to log in from this workstation.

Some tips from you guys will be very appreciated.

Regards
Serge Turpin
CGI // GIT Services

Office: (514) 878-8700  ext:4732
Fax : (514) 393-0123
Cellular : (514) 233-1073
Pager : (514) 741-0625

<>



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Unable to join Win2k to Samba Domain

2003-03-26 Thread FRANCO 
Hi,

I dojnt read nothing about to create a machine name into smbpasswd Where
did you found this

Franco Catena
http://www.surson.com.br
tel 011-44374040
cel:78535362
NEXTEL: 55*26006*1
MSN: [EMAIL PROTECTED]
ICQ: 24755602
-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org

mQGiBD5fPr8RBAC4GydYCddbpvUo2g8xInqq8mJf4wIx0a1rX1cgNVX4Mx62kMXR
fKDB9wjCUrj73xdJDtwTD778LABwuF9hTK0WjrxGCFhZ1Vk1nwM8wrNAO6m98HVF
/gsb2ZrWp2LFsxUQsV2RfZXYax6xCI1czx5i+oPIz8z0eqSr5cpwwgGGAwCggeyg
IhuYbgFxKZYpONfIus3c6j8EAI3JIz026gcbMRyD7jeAAi8e+Brh1rifrtXmXbxr
/TQh1+biwIpA/HEPzgRZGkGzjhZdVd9Oxkgp6Zq3XKV9XpHnoucq/dvWTYaMm0pi
pD85VNkROD2F/9owcFWKPWDYem/ipmyfhKgQ2nnUIrD9eHGxrxGBYW76Xx1htIoF
8GqlA/0XAXR0hopoVxgTEuLPOWT7MktY2f6vtvNG7pp1b0HzbLU7PRWNgCv8DRdG
E7o1ewuT7KjiLbsTlmtI2Tw+BIWd8dWdcGkHl75DCdr/jyONkJvD6vPga98P36Nn
H9/LJpf3kpaHud9K27ThpTWVCMuVyWXwK77RdNM56wHBJpMFurQhZmFjYXRlbmEg
PGZhY2F0ZW5hQHN1cnNvbi5jb20uYnI+iF0EExECAB0FAj5fPr8FCQGUvIAFCwcK
AwQDFQMCAxYCAQIXgAAKCRAH3evru7lBCyw4AJ9YMfqtOt26h9h/7W1Mm9Ga9/d3
oQCeKXBdahSPvEv+egRCYbcx5hLqAYi5AY0EPl8+3hAGAJu+Ezr636haP3Vjfgsh
EnYX7s/yNSyNUkdcGjEC6dNKmlAZ8U5Tc3DD1vnkBEcSVjg2lrMSVADGZBCXuIEC
keI/wbQWFQIKfPIZx0kJnW+np+tmTxZ/LoKV7gVqNW9hIKE5UWC8bzoH3EvtBRR8
LVLNADZUuhn17Wta0wJ+L+vB3Qa6DzwdSE98qCrsUWyCbC9JUdWjxKNH9X5H8Jl/
mXZOFprSeEs7k9P5XeNyv0lVVqVtDBA004KVAXHRvNSPvwADBQX/YMbUCZ8fVc6F
xPKyBnBYNvRNlxbL+NyFzUGvTO/u+CTeJrvE/3O1Ax9AfXRjXdWgZ7mqhJAEAqWN
ACE3g0Y4gFfMhSfgMYt9lmcNBUrk58h1kW2kYakEpOZlk3klO9HvKTmIYYyyu3vc
Da0q+ALmATihlY8duAKUw/U1HV8P5JZ8LAjiaKpJQAj2XrH+WZ5YDi22zJ7M94zi
CRBci5YCnAHmdfbKIyDXdCtLK2D0ouFt9+ahoxdioSrIBr34WauliEwEGBECAAwF
Aj5fPt4FCQGUvIAACgkQB93r67u5QQvImQCfdARi8DpWjBCcZW9E6rfA8wTWK/gA
n3kZ/R2hS/Kk7KLtvIOQ8Cd5y2UD
=ry0w
-END PGP PUBLIC KEY BLOCK-


-Mensagem original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Em nome de
Jean-Eric Cuendet
Enviada em: quarta-feira, 26 de março de 2003 07:04
Para: [EMAIL PROTECTED]
Assunto: [Samba] Unable to join Win2k to Samba Domain


Hi,
We have a network of about 20-30 win2k machines in a Samba 2.2.7 (RH7.3) 
domain. All are joined OK.
 From yesterday (no idea what changed...), I'm unable to join new 
machines in the domain...
The message from win2k is "The specified user doesn't exist".
I join using the root user which is valid (able to connect to shares 
with this user). If I type a wrong password, I have a messsage "Wrong 
user or password", so I think that the error message "The specified user 
doesn't exist" is not related to the root user used to join but to the 
machine name. But the machine name exists (I used WKS21) , was added to 
the smbpasswd file (with smbpasswd -a -m WKS21). su - WKS21$ works as 
expected.
I don't understand what could happen
And in the mean time, all the other workstation works like a charm! They 
are all in the domain and works well!

Any idea?
Thanks.
-jec

-- 
Jean-Eric Cuendet
Riskpro Technologies SA
Av du 14 avril 1b, 1020 Renens Switzerland
Principal: +41 21 637 0110  Fax: +41 21 637 01 11
Direct: +41 21 637 0123
E-mail: [EMAIL PROTECTED]
http://www.rptec.ch



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.465 / Virus Database: 263 - Release Date: 25/3/2003
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.465 / Virus Database: 263 - Release Date: 25/3/2003
 

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Fw: share a folder rw, but not deletable?

2003-03-26 Thread Peter Carpenter 
On Wed, 26 Mar 2003, Brian Wiese wrote:

> Is there a way in UNIX to make a folder with read+write permissions for
> some group of users, but only allow them to read and write to the
> folder... not actually delete the folder itself?

In Unix the permissions ("perms") of the _parent_ directory determine who
can remove a sub-directory (= folder in Windows). So you can set the perms
on a given directory wide open but restrict write access to its parent.
Maybe this is all you need?

PCC
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Unable to join Win2k to Samba Domain

2003-03-26 Thread Jean-Eric Cuendet 
Hi,
We have a network of about 20-30 win2k machines in a Samba 2.2.7 (RH7.3) 
domain. All are joined OK.
From yesterday (no idea what changed...), I'm unable to join new 
machines in the domain...
The message from win2k is "The specified user doesn't exist".
I join using the root user which is valid (able to connect to shares 
with this user). If I type a wrong password, I have a messsage "Wrong 
user or password", so I think that the error message "The specified user 
doesn't exist" is not related to the root user used to join but to the 
machine name. But the machine name exists (I used WKS21) , was added to 
the smbpasswd file (with smbpasswd -a -m WKS21). su - WKS21$ works as 
expected.
I don't understand what could happen
And in the mean time, all the other workstation works like a charm! They 
are all in the domain and works well!

Any idea?
Thanks.
-jec
--
Jean-Eric Cuendet
Riskpro Technologies SA
Av du 14 avril 1b, 1020 Renens Switzerland
Principal: +41 21 637 0110  Fax: +41 21 637 01 11
Direct: +41 21 637 0123
E-mail: [EMAIL PROTECTED]
http://www.rptec.ch

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0 - a bunch of really high level questions

2003-03-26 Thread Andrew Bartlett 
On Wed, Mar 26, 2003 at 09:08:18AM +, John H Terpstra wrote:
> On Wed, 26 Mar 2003 [EMAIL PROTECTED] wrote:
> 
> > Hello everyone... I am a long time samba user (3 or 4 years), though I
> > never ventured into the alpha stages until recently (alpha 21, I'll move
> > to 22 in the near future once I get a better idea of what's going on). I
> > am very interested in Samba being part of a ADS domain, but I have been
> > a little frustrated due to the lack of documentation. Specifically, I've
> > read the HOWTO's from the University of Navarre and idealx, and I've
> > gotten to the stage where I have all users on my machine authenticating
> > through LDAP, samba is using LDAP to authenticate, etc. And I've gotten
> > it to act as what appears to be an NT4 PDC.
> 
> Welcome to alpha releases! We are still working on Documentation, you will
> find the most up to date Samba-HOWTO in PDF format in the Samba HEAD
> branch CVS Code tree. Periodically we update the 3.0.0 code tree from the
> HEAD branch.

More up to date is the SGML source, or the HTML - in reality the PDF isn't
regenerated very often.
 
> > Reading through the available documentation, the WHATSNEW.TXT, etc. I am
> > reading all these entries like "Active Directory support. This release
> > is able to join a ADS realm as a member server and authenticate users
> > using LDAP/kerberos." etc. but I have found very little guides on how to
> > implement this, or even what is meant by "member server". I am assuming
> > this means that the 3.0 branch cannot yet act as an AD server in a
> > native mode (i.e., non mixed mode) 2000 domain. Well what exactly CAN it
> > do?
> 
> This is still being documented. Any pointers anyone discovers that may
> help other users should be reported to [EMAIL PROTECTED] (at least while I
> am working on documentation updates). In other words - your help is much
> appreciated - and Yes, even you can help. As you spot errors or incomplete
> information, please let me know. I will be working on updates throughout
> this week.

To clarify this, Samba 3.0 is intended to function in an active directory
domain, as a domsin member (a machine that trusts the domain for all account
information) with NO backward compatiability options enabled on the DC.  When 
directly joined to such a domain, I beleive this is functional.

> > These may sound like stupid questions, but I've found very little on
> > exactly:
> > 1) what ./configure options I should be compiling samba with in
> > order to use as much of the active directory member features
> > available.
> 
> It is best to use the binary packages made available by the Samba-Team on
> the samba FTP sites. These are usually built with maximum available
> functionality for your platform.

I would disagree here, and note that for alphas, a source install is appropriate,
as we don't get a particularly wide range of platforms done for the binaries.

As to configure options, we try to pick up as much as possible automaticly - 
this means that you should have both you ldap and kerberos development
headers installed (and naturally, the actual libs too).

> > 2) whether I need to have a kerberos kdc installed on the smb
> > server, or anywhere on the network, or not at all.
> 
> See the ADS-Howto in the samba HEAD branch docs area.

As a member server, the Win2k ADS server is a kerberos server.  

> > 3) I know that ADS realms utilize special SRV records in the DNS,
> > should I implement these, how?
> 
> Ditto above.
> 
> > 4) trust relationships in 2000 environment. Is it possible, what
> > needs to be done.
> 
> This is undocumented at this time. Sorry, we will get around to it soon.

Trust relationships behave exactly as for NT4 - modulo bugs, for the member
server.  For the PDC, we only provide an NT4 PDC, and have not yet compleated
all that is required to trust other domains.  

Having other domains trust us is a much simpiler task, and is simply a 
matter of establishing the shared secret.  The smbpasswd -i command does
this, and I think this is documented.  This works well in my production
environment.

> >
> > Basically, I have a reasonable amount of free time, am very interested
> > in the project, have minimal coding skills but a pretty firm grasp on
> > the technologies, have a basement full of linux, XP, and 2000 machines
> > with a VPN into a "pure win2000 domain" for comparative testing, and
> > want to help you people test this puppy out... just need a little more
> > specific guidance on what it can do, and how to implement it.
> 
> Hope this helps a little.
> 
> - John T.
> -- 
> John H Terpstra
> Email: [EMAIL PROTECTED]
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Fw: share a folder rw, but not deletable?

2003-03-26 Thread John H Terpstra 
On Wed, 26 Mar 2003, Brian Wiese wrote:

> Is there a way in UNIX to make a folder with read+write permissions for
> some group of users, but only allow them to read and write to the
> folder... not actually delete the folder itself?

In Unix/Linux if you can read and write in a directory then you can delete
it. Sorry - we did not invent the rules.

- John T.

>
> I have some samba shares, and directories inside them that I want to
> remain with their current structure and permission settings -- with many
> similiar group-specific files inside each folder, but I don't want the
> users to be able to delete the folders themselves! =)
>
> I've tried setting the directories with the sticky bit (i) with "chattr +i
> dir/" and that didn't work... as now the users could not r/w data within
> the directory.  I don't want the directories to be renamed or deleted.
> Windows has the "delete" permissions available -- but not samba?
>
> Any UNIX/Samba suggestions?
>
> thanks, peace
>
>   Brian Wiese | [EMAIL PROTECTED] | aim: unolinuxguru
> --
>   GnuPG/PGP key 0xF3220030 | "FREEDOM!" - Braveheart
> --
> This is not about Napster or DVDs. It's about your Freedom.
>   I'll see your DMCA and raise you a First Amendment.
>   http://www.anti-dmca.org
>

-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Problems with samba password file

2003-03-26 Thread John H Terpstra 
On Wed, 26 Mar 2003, Enzo Cardillo wrote:

> Hello
>
>
> For some weeks I get  the following error message
> when I want to add new users and machines.
> Also the log-files are full with the same message:
>
>  passdb/smbpass.c:getsmbfilepwent(225)
>  getsmbfilepwent: malformed password entry (no terminating  : )
>
> I do not know why this problem arose suddenly, without changing
> somewhat in the configuration of samba and without changing something
> in the samba password file?!
> I am not an expert concerning Samba and I was not able to solve the
> problem untill now.So, I want to ask whether somebody can help me in this
> bad situation and give me some hints and advice what I can do?
>
> Thank you very much in advance,

Please send me a few lines from your smbpasswd file. I want to see if your
file format is correct. Please email off-line to [EMAIL PROTECTED]

- John T.
-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Question binary <=> ascii

2003-03-26 Thread John H Terpstra 
On Wed, 26 Mar 2003 [EMAIL PROTECTED] wrote:

> Hello,
>
> We have version 2.0.5a installed on a UNIX, I have connection to it via
> Windows NT, that works, but now I have the problem that files are send over
> in binary format, but I want it in ASCII format (it's a text-file and MS
> Access sees a file that exists of 1 line). Can I configure this anywhere in
> Samba???

No. You need to convert the file to DOS text format (use unix2dos or
similar program) or else use an editor like emacs for MS Windows.

- John T.
-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0 - a bunch of really high level questions

2003-03-26 Thread John H Terpstra 
On Wed, 26 Mar 2003 [EMAIL PROTECTED] wrote:

> Hello everyone... I am a long time samba user (3 or 4 years), though I
> never ventured into the alpha stages until recently (alpha 21, I'll move
> to 22 in the near future once I get a better idea of what's going on). I
> am very interested in Samba being part of a ADS domain, but I have been
> a little frustrated due to the lack of documentation. Specifically, I've
> read the HOWTO's from the University of Navarre and idealx, and I've
> gotten to the stage where I have all users on my machine authenticating
> through LDAP, samba is using LDAP to authenticate, etc. And I've gotten
> it to act as what appears to be an NT4 PDC.

Welcome to alpha releases! We are still working on Documentation, you will
find the most up to date Samba-HOWTO in PDF format in the Samba HEAD
branch CVS Code tree. Periodically we update the 3.0.0 code tree from the
HEAD branch.

> Reading through the available documentation, the WHATSNEW.TXT, etc. I am
> reading all these entries like "Active Directory support. This release
> is able to join a ADS realm as a member server and authenticate users
> using LDAP/kerberos." etc. but I have found very little guides on how to
> implement this, or even what is meant by "member server". I am assuming
> this means that the 3.0 branch cannot yet act as an AD server in a
> native mode (i.e., non mixed mode) 2000 domain. Well what exactly CAN it
> do?

This is still being documented. Any pointers anyone discovers that may
help other users should be reported to [EMAIL PROTECTED] (at least while I
am working on documentation updates). In other words - your help is much
appreciated - and Yes, even you can help. As you spot errors or incomplete
information, please let me know. I will be working on updates throughout
this week.

> These may sound like stupid questions, but I've found very little on
> exactly:
> 1) what ./configure options I should be compiling samba with in
> order to use as much of the active directory member features
> available.

It is best to use the binary packages made available by the Samba-Team on
the samba FTP sites. These are usually built with maximum available
functionality for your platform.

> 2) whether I need to have a kerberos kdc installed on the smb
> server, or anywhere on the network, or not at all.

See the ADS-Howto in the samba HEAD branch docs area.

> 3) I know that ADS realms utilize special SRV records in the DNS,
> should I implement these, how?

Ditto above.

> 4) trust relationships in 2000 environment. Is it possible, what
> needs to be done.

This is undocumented at this time. Sorry, we will get around to it soon.

>
> Basically, I have a reasonable amount of free time, am very interested
> in the project, have minimal coding skills but a pretty firm grasp on
> the technologies, have a basement full of linux, XP, and 2000 machines
> with a VPN into a "pure win2000 domain" for comparative testing, and
> want to help you people test this puppy out... just need a little more
> specific guidance on what it can do, and how to implement it.

Hope this helps a little.

- John T.
-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Fw: share a folder rw, but not deletable?

2003-03-26 Thread Brian Wiese 
Is there a way in UNIX to make a folder with read+write permissions for
some group of users, but only allow them to read and write to the
folder... not actually delete the folder itself?

I have some samba shares, and directories inside them that I want to
remain with their current structure and permission settings -- with many
similiar group-specific files inside each folder, but I don't want the
users to be able to delete the folders themselves! =)  

I've tried setting the directories with the sticky bit (i) with "chattr +i
dir/" and that didn't work... as now the users could not r/w data within
the directory.  I don't want the directories to be renamed or deleted. 
Windows has the "delete" permissions available -- but not samba?

Any UNIX/Samba suggestions?

thanks, peace

  Brian Wiese | [EMAIL PROTECTED] | aim: unolinuxguru
--
  GnuPG/PGP key 0xF3220030 | "FREEDOM!" - Braveheart 
--  
This is not about Napster or DVDs. It's about your Freedom.
  I'll see your DMCA and raise you a First Amendment.
  http://www.anti-dmca.org
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Problems with samba password file

2003-03-26 Thread Enzo Cardillo 
Hello

For some weeks I get  the following error message
when I want to add new users and machines.
Also the log-files are full with the same message:
passdb/smbpass.c:getsmbfilepwent(225)
getsmbfilepwent: malformed password entry (no terminating  : )
I do not know why this problem arose suddenly, without changing
somewhat in the configuration of samba and without changing something
in the samba password file?!
I am not an expert concerning Samba and I was not able to solve the
problem untill now.So, I want to ask whether somebody can help me in this
bad situation and give me some hints and advice what I can do?
Thank you very much in advance,

   Enzo Cardillo

--

Enzo Cardillo

Institut für Energieübertragung und
Hochspannungstechnik der Universität Stuttgart
Pfaffenwaldring 47
70569 Stuttgart-Vaihingen
mailto:[EMAIL PROTECTED]
---
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] nmbd in FreeBSD jail

2003-03-26 Thread Dmitry S. Rzhavin 
Hello!

I'm trying to set up samba in FreeBSD jail.
smbd works great, but nmbd says something like this:

[2003/03/25 16:58:33, 0] nmbd/nmbd.c:main(794)
  Netbios nameserver version 2.2.7a started.
  Copyright Andrew Tridgell and the Samba Team 1994-2002
[2003/03/25 16:58:33, 0] nmbd/nmbd_subnetdb.c:create_subnets(239)
  create_subnets: No local interfaces !
[2003/03/25 16:58:33, 0] nmbd/nmbd.c:main(872)
  ERROR: Failed when creating subnet lists. Exiting.

The nmbd is configured as wins client (wins server = my.wins.server.ip)

Is there any chance to start nmbd in jail?

Thank You.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba