RE: [Samba] Getting SAMBA to recognize windows user
hi alan try using [global] security = server password server = "name_of_windows_password_server" [share] public = yes guest ok = yes read only = no it worked for me on Redhat 8 &Samba 2.2.7 and Samba 2.2.8 you can also try setting "directory mask" , "valid users" , "writable" and "read only" if this doesnt do it tsvi -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: PAM-Winbind authentication working but can't use domain groups (FIXED)
- Original Message - From: "Rich Webb" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, October 11, 2003 8:17 PM > I am having trouble trying to figure out how to set up access to a samba > share based on an Active Directory group. Here is my smb.conf file: In order to make it work, I had to take out the lines "winbind use default domain = yes", and "winbind seperator = +" and then fully specify the domain group in my share definition as such: [shared] path = /svr/shared valid users = @TESTSYS\shared (or @TESTSYS\"Domain Users" if there are spaces in the group) writeable = yes browseable = yes force group = TESTSYS\shared I think this could be a bug that it does not accept only "valid users = shared" while "winbind use default domain = yes". It appears that samba is not correctly matching the group the domain controllers group. The + is not a good seperator because if you read about the "valid users" directive, it uses a + to specify a unix group. Hope this helps someone! Rich -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0 - Need Help With Groups
On Sat, 11 Oct 2003, xeon65 wrote: > I've just installed Samba 3.0 on my Redhat 9.0 system. Everything is > running smoothly except Windows XP Pro won't see any users of the group > Domain Admins. So I when I logon Windows XP Pro sets the user as a > regular user not an admin. When I do add an individual name it will > work, just not with groups. Please explain precisely what you are doing and what you are trying to achieve. Your description leave too much open to guessing - and that does not make for a good reply. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba3 ADS without Microsoft?
On Sat, 11 Oct 2003, Mike wrote: > Does this mean it would work if I 'domain join'ed an existing M$ ADS? > another Samba ADS? My own Samba ADS? Perhaps if it were a Win2K > client? Samba can not be an ADS server - FYI. - John T. > > Thanks in advance. This should go a long way towards > eliminating/replacing M$ in the workplace. > > On 11 Oct 2003 11:28:58 +1000 > Andrew Bartlett <[EMAIL PROTECTED]> wrote: > > > On Sat, 2003-10-11 at 05:55, Mike wrote: > > > What I'm trying to accomplish is: > > > > > > 1. kinit [EMAIL PROTECTED] for krbtgt > > > 2. smbclient -k -L someserver > > > > > > Server accepts tgt, extrapolates user info., and accepts authen. > > > > > > > > > This is an attempt at Microsoft server-free directory/kerberos > > > implementation. These steps work if using M$ server/ADS, so the > > > smbclient understands it. > > > > > > Server accepts kerb. ticket, extrapolates principal, performs ldap > > > query on principal name for additional data, and accepts kerb. as > > > valid authen. > > > > > > Suggestions? > > > > When Jeremy completes his work to allow us to use the existing host > > keytab, this should 'just work'. But for now, it doesn't, as we need > > to domain join password in secrets.tdb, which we add by joining the > > ADS realm. > > > > Andrew Bartlett > > > > -- > > Andrew Bartlett [EMAIL PROTECTED] > > Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] > > Student Network Administrator, Hawker College [EMAIL PROTECTED] > > http://samba.org http://build.samba.org http://hawkerc.net > > > > > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Swen virus and spam appears to be coming from Samba list
At 11:39 PM 10/11/2003 -0400, Steve Smith wrote: >Shortly after I subscribed to this Samba list I started receiving numerous >emails infected with the Swen/Gibe worm. Many of these emails contained the >email addresses of Samba list members. I believe a subscriber of the Samba >list has the Swen virus. Has anyone else on this list been getting emails >infected with the Swen/Gibe worm? Please update your virus definitions and >do a virus scan just to make sure your it's not your computer that is >sending out this virus. YES! I subscribed a couple of days ago, and my daily Swen count has gone from 1-2/day to >200/day. At 55KB/ea., that's a pretty fair chunk of traffic over my poor IDSL line, too. Norton has been successfully nuking all of them... Terry -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Swen virus and spam appears to be coming from Samba list
Shortly after I subscribed to this Samba list I started receiving numerous emails infected with the Swen/Gibe worm. Many of these emails contained the email addresses of Samba list members. I believe a subscriber of the Samba list has the Swen virus. Has anyone else on this list been getting emails infected with the Swen/Gibe worm? Please update your virus definitions and do a virus scan just to make sure your it's not your computer that is sending out this virus. You may not know that this but this Samba list is posted to the newsgroups. See http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&group=linux.samba. While most of you know better than to use a real email address for usenet, Samba list subscriber's must supply a real email address and your email addresses are then exposed to the net where you will be surely spammed. I'm going to unsubscribe but since these messesages are archived by Google, it's probably too late. It's too bad because I'd really like to stay subscribed and learn more about Samba. But, I'll still be able to follow the posts with my news reader. Steve Smith -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 - Need Help With Groups
I've just installed Samba 3.0 on my Redhat 9.0 system. Everything is running smoothly except Windows XP Pro won't see any users of the group Domain Admins. So I when I logon Windows XP Pro sets the user as a regular user not an admin. When I do add an individual name it will work, just not with groups. - Do you Yahoo!? The New Yahoo! Shopping - with improved product search -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba3 ADS without Microsoft?
Does this mean it would work if I 'domain join'ed an existing M$ ADS? another Samba ADS? My own Samba ADS? Perhaps if it were a Win2K client? Thanks in advance. This should go a long way towards eliminating/replacing M$ in the workplace. On 11 Oct 2003 11:28:58 +1000 Andrew Bartlett <[EMAIL PROTECTED]> wrote: > On Sat, 2003-10-11 at 05:55, Mike wrote: > > What I'm trying to accomplish is: > > > > 1. kinit [EMAIL PROTECTED] for krbtgt > > 2. smbclient -k -L someserver > > > > Server accepts tgt, extrapolates user info., and accepts authen. > > > > > > This is an attempt at Microsoft server-free directory/kerberos > > implementation. These steps work if using M$ server/ADS, so the > > smbclient understands it. > > > > Server accepts kerb. ticket, extrapolates principal, performs ldap > > query on principal name for additional data, and accepts kerb. as > > valid authen. > > > > Suggestions? > > When Jeremy completes his work to allow us to use the existing host > keytab, this should 'just work'. But for now, it doesn't, as we need > to domain join password in secrets.tdb, which we add by joining the > ADS realm. > > Andrew Bartlett > > -- > Andrew Bartlett [EMAIL PROTECTED] > Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] > Student Network Administrator, Hawker College [EMAIL PROTECTED] > http://samba.org http://build.samba.org http://hawkerc.net > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Newbie question about adding clients across subnets to Samba PDC
Hi all, I am planning to deploy a Samba PDC for centralised file and print services serving a mostly windows 2000 pro client environment. My network configuration forces me to have the Samba PDC on a particular subnet ( say 172.16.56.X) and I could have my clients anywhere on the 172.16.*.* network. How could I go round ensuring that my clients can actually see the domain the PDC is serving and connect to file and print services on the samba PDC? Would simply enabling a WINS server on the Samba PDC and pointing to its IP number on each and every client be enough? I would like to avoid using elements such as Local Master Browsers and rely solely on a standalone Samba PDC. Many thanks to whomever can offer help on the above! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem Logging into Domain
I've currently got wins enabled however. -Original Message- From: David Bronson [mailto:[EMAIL PROTECTED] Sent: Saturday, October 11, 2003 5:46 PM To: [EMAIL PROTECTED] Cc: Philip Bubel; [EMAIL PROTECTED] Subject: Re: [Samba] Problem Logging into Domain I overcame that by enabling wins. Good Luck. David On Sun, Oct 12, 2003 at 02:31:44AM +1000, [EMAIL PROTECTED] wrote: > Have you followed the instructions to add your machine to the domain? > Is this what you are trying to achieve? > > eg: > > /usr/sbin/useradd -g machines -d /dev/null -c "machine nickname" \ >-s /bin/false machine_name$ > passwd -l machine_name$ > smbpasswd -a -m machine_name > > On Sat, Oct 11, 2003 at 12:16:27PM -0400, Philip Bubel wrote: > > Oh sorry, failed to mention that in my e-mail. Yes I have applied > > the sign and seal registry patch. > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Sent: Saturday, October 11, 2003 12:13 PM > > To: Philip Bubel > > Cc: [EMAIL PROTECTED] > > Subject: Re: [Samba] Problem Logging into Domain > > > > Did you set the XP sign and seal option as per the documentation? > > > > On Sat, Oct 11, 2003 at 11:42:51AM -0400, Philip Bubel wrote: > > > I've got Samba 2.2.3a running on Debian Linux Kernel 2.4.21 setup > > > as a domain controller. When I try and login to the domain from a > > > Windows XP workstation I get the following message. > > > > > > Windows cannon connect to the domain, either because the domain > > > controller is down or otherwise unavailable, or because your > > > computer account was not found. > > > > > > Can anybody think of what is causing this? Any help is appreciated. > > > > > > > > > Philip Bubel > > > [EMAIL PROTECTED] > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > Regards > > > > Rudi > > > > -- > > Rudi HeitbaumPh: +61-3-8371 7444 > > Managing DirectorFax: +61-3-8371 7445 > > DARX Consulting Pty Ltd Mobile: 04-1122 6244 > > mailto:[EMAIL PROTECTED] http://www.darx.com/ > Regards > > Rudi > > -- > Rudi HeitbaumPh: +61-3-8371 7444 > Managing DirectorFax: +61-3-8371 7445 > DARX Consulting Pty Ltd Mobile: 04-1122 6244 > mailto:[EMAIL PROTECTED] http://www.darx.com/ > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] More problems with Active Directory
Ok, now that I found out that the parameter that is widely referenced in online docs regarding the AD server doesn't exist anymore, I am now having a different problem.. I can only log into the samba server if security = domain. If I set security = ads, nobody can log in. HELP Yes, the samba machine has joined the domain. :) -- Ronald R. Gage MCP, LPIC1, A+, Net+ Pontiac, Michigan This message was sent using webmail provided by www.rongage.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] PAM-Winbind authentication working but can't use domain groups
I have successfully set up samba 3.0, PAM, Winbind and joined my samba server to a windows 2000 domain. I can log into my linux box as a domain user and that all works fine. I am having trouble trying to figure out how to set up access to a samba share based on an Active Directory group. Here is my smb.conf file: [global] winbind separator = ` idmap uid = 1-2 winbind gid = 1-2 winbind enum users = yes winbind enum groups = yes workgroup = testsys security = domain password server = testdc template shell = /bin/bash template homedir = /home/%U winbind use default domain = yes [shared] path = /svr/shared valid users = +TESTSYS`Shared writeable = yes browseable = yes Now in the shared section, I have tried the following for valid users: valid users = @Shared valid users = @TESTSYS+Shared(with the seperator being a +) valid users = +Shared (with seperator being a `) valid users = +TESTSYS`Shared All attempts to access the share failed. The permissions on the directory are: drwxr-xr-x2 rwebbShared 4096 Oct 11 15:44 shared When trying to access this share from the win2k server, it pops up the "Connect As" box and does not let me proceed. Any help would be greatly appreciated. Rich -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3 - ads server option doesn't work
On Sun, 2003-10-12 at 09:48, Ron Gage wrote: > Hi: > > Is there something that needs to happen for the "ads server" option to become > functional? It was removed, and the ADS code uses 'password server' when it needs that information. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 - ads server option doesn't work
Hi: Is there something that needs to happen for the "ads server" option to become functional? I have compiled samba 3 to support ads support, have kerberos 5 installed. The samba machine has joined the local AD domain. I can enumerate the domain users and groups (net users and net groups from the samba machine). I get this oddity in just about everything that samba does though: [EMAIL PROTECTED]:/usr/local/samba/bin# ./net user [2003/10/11 19:40:50, 0] param/loadparm.c:map_parameter(2422) Unknown parameter encountered: "ads server" [2003/10/11 19:40:50, 0] param/loadparm.c:lp_do_parameter(3150) Ignoring unknown parameter "ads server" [2003/10/11 19:40:50, 0] param/loadparm.c:map_parameter(2422) Unknown parameter encountered: "ads server" [2003/10/11 19:40:50, 0] param/loadparm.c:lp_do_parameter(3150) Ignoring unknown parameter "ads server" Administrator Guest IWAM_DOMAIN IUSR_DOMAIN krbtgt [EMAIL PROTECTED]:/usr/local/samba/bin# With this problem, nobody on the network can use any resources on the samba server. Anyone have any ideas on what I messed up in configuring the samba server? System: Slackware 9.0 kernel 2.4.21 -- Ron Gage - LPIC1, A+, Net+ Pontiac, Michigan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem Logging into Domain
I overcame that by enabling wins. Good Luck. David On Sun, Oct 12, 2003 at 02:31:44AM +1000, [EMAIL PROTECTED] wrote: > Have you followed the instructions to add your machine to the > domain? Is this what you are trying to achieve? > > eg: > > /usr/sbin/useradd -g machines -d /dev/null -c "machine nickname" \ >-s /bin/false machine_name$ > passwd -l machine_name$ > smbpasswd -a -m machine_name > > On Sat, Oct 11, 2003 at 12:16:27PM -0400, Philip Bubel wrote: > > Oh sorry, failed to mention that in my e-mail. Yes I have applied the sign > > and seal registry patch. > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Sent: Saturday, October 11, 2003 12:13 PM > > To: Philip Bubel > > Cc: [EMAIL PROTECTED] > > Subject: Re: [Samba] Problem Logging into Domain > > > > Did you set the XP sign and seal option as per the documentation? > > > > On Sat, Oct 11, 2003 at 11:42:51AM -0400, Philip Bubel wrote: > > > I've got Samba 2.2.3a running on Debian Linux Kernel 2.4.21 setup as a > > > domain controller. When I try and login to the domain from a Windows > > > XP workstation I get the following message. > > > > > > Windows cannon connect to the domain, either because the domain > > > controller is down or otherwise unavailable, or because your computer > > > account was not found. > > > > > > Can anybody think of what is causing this? Any help is appreciated. > > > > > > > > > Philip Bubel > > > [EMAIL PROTECTED] > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > Regards > > > > Rudi > > > > -- > > Rudi HeitbaumPh: +61-3-8371 7444 > > Managing DirectorFax: +61-3-8371 7445 > > DARX Consulting Pty Ltd Mobile: 04-1122 6244 > > mailto:[EMAIL PROTECTED] http://www.darx.com/ > Regards > > Rudi > > -- > Rudi HeitbaumPh: +61-3-8371 7444 > Managing DirectorFax: +61-3-8371 7445 > DARX Consulting Pty Ltd Mobile: 04-1122 6244 > mailto:[EMAIL PROTECTED] http://www.darx.com/ > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Course for Non Technical People
http://atrc.net.pk/linux_course/linux_for_non_technical_people_7_oct_2003.html -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem Logging into Domain
Have you followed the instructions to add your machine to the domain? Is this what you are trying to achieve? eg: /usr/sbin/useradd -g machines -d /dev/null -c "machine nickname" \ -s /bin/false machine_name$ passwd -l machine_name$ smbpasswd -a -m machine_name On Sat, Oct 11, 2003 at 12:16:27PM -0400, Philip Bubel wrote: > Oh sorry, failed to mention that in my e-mail. Yes I have applied the sign > and seal registry patch. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Saturday, October 11, 2003 12:13 PM > To: Philip Bubel > Cc: [EMAIL PROTECTED] > Subject: Re: [Samba] Problem Logging into Domain > > Did you set the XP sign and seal option as per the documentation? > > On Sat, Oct 11, 2003 at 11:42:51AM -0400, Philip Bubel wrote: > > I've got Samba 2.2.3a running on Debian Linux Kernel 2.4.21 setup as a > > domain controller. When I try and login to the domain from a Windows > > XP workstation I get the following message. > > > > Windows cannon connect to the domain, either because the domain > > controller is down or otherwise unavailable, or because your computer > > account was not found. > > > > Can anybody think of what is causing this? Any help is appreciated. > > > > > > Philip Bubel > > [EMAIL PROTECTED] > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > Regards > > Rudi > > -- > Rudi HeitbaumPh: +61-3-8371 7444 > Managing DirectorFax: +61-3-8371 7445 > DARX Consulting Pty Ltd Mobile: 04-1122 6244 > mailto:[EMAIL PROTECTED] http://www.darx.com/ Regards Rudi -- Rudi HeitbaumPh: +61-3-8371 7444 Managing DirectorFax: +61-3-8371 7445 DARX Consulting Pty Ltd Mobile: 04-1122 6244 mailto:[EMAIL PROTECTED] http://www.darx.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem Logging into Domain
Oh sorry, failed to mention that in my e-mail. Yes I have applied the sign and seal registry patch. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, October 11, 2003 12:13 PM To: Philip Bubel Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Problem Logging into Domain Did you set the XP sign and seal option as per the documentation? On Sat, Oct 11, 2003 at 11:42:51AM -0400, Philip Bubel wrote: > I've got Samba 2.2.3a running on Debian Linux Kernel 2.4.21 setup as a > domain controller. When I try and login to the domain from a Windows > XP workstation I get the following message. > > Windows cannon connect to the domain, either because the domain > controller is down or otherwise unavailable, or because your computer > account was not found. > > Can anybody think of what is causing this? Any help is appreciated. > > > Philip Bubel > [EMAIL PROTECTED] > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba Regards Rudi -- Rudi HeitbaumPh: +61-3-8371 7444 Managing DirectorFax: +61-3-8371 7445 DARX Consulting Pty Ltd Mobile: 04-1122 6244 mailto:[EMAIL PROTECTED] http://www.darx.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem Logging into Domain
Did you set the XP sign and seal option as per the documentation? On Sat, Oct 11, 2003 at 11:42:51AM -0400, Philip Bubel wrote: > I've got Samba 2.2.3a running on Debian Linux Kernel 2.4.21 setup as a > domain controller. When I try and login to the domain from a Windows XP > workstation I get the following message. > > Windows cannon connect to the domain, either because the domain controller > is down or otherwise unavailable, or because your computer account was not > found. > > Can anybody think of what is causing this? Any help is appreciated. > > > Philip Bubel > [EMAIL PROTECTED] > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba Regards Rudi -- Rudi HeitbaumPh: +61-3-8371 7444 Managing DirectorFax: +61-3-8371 7445 DARX Consulting Pty Ltd Mobile: 04-1122 6244 mailto:[EMAIL PROTECTED] http://www.darx.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem Logging into Domain
I've got Samba 2.2.3a running on Debian Linux Kernel 2.4.21 setup as a domain controller. When I try and login to the domain from a Windows XP workstation I get the following message. Windows cannon connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Can anybody think of what is causing this? Any help is appreciated. Philip Bubel [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] About usernames.
Hello, I'm using Samba on a Linux server, as a excellent and cheap sollution for an organization in the Netherlands, www.wereldvenster.nl . Now, in this organization there are over 250 users and 30 Windows 98 platforms. Because nobody has a computer for his own, were using domain logons and roaming profiles. This is working very good. Not only the desktop is stored in the roaming profile, but - very important in our case - also the map "My Documents". Now also I'm using LDAP to store account information. I'm very happy with the posibilty to view this information from other computers with a tool like LDAP Account Manager ( see lam.sourceforge.net ) or PHPLdapAdmin (also on sourceforge.net ) . Now we give the users a system name like com011 or com342 or ned224. My problem is, how can I map these userid's to normal names?? I know this can be done with the username map, but it is not that easy to edit this file from other computers I would like that the users can log in with their own name. Is there a possibilty to this with LDAP?? To map a "Windows" inlog name to a "LINUX" userid?? Stef -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net getlocalsid problem solved in an ugly fashion
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gémes Géza írta: | Hi I decided after some testing and experimenting, to move the | production servers from 2.2.x to 3.0. so I've installed samba3.0 in | paralel with the old binaries. To start the migration I wanted to save | the old domain SID, to can make the migration as transparent as | possible, so I did: | net3 -d 10 -I 127.0.0.1 getlocalsid | while the old binaries are still runing all that I've got (remember at | debuging level 10!): | | [2003/10/10 23:44:07, 5] lib/debug.c:debug_dump_status(359) | INFO: Current debug levels: | all: True/10 | tdb: False/0 | printdrivers: False/0 | lanman: False/0 | smb: False/0 | rpc_parse: False/0 | rpc_srv: False/0 | rpc_cli: False/0 | passdb: False/0 | sam: False/0 | auth: False/0 | winbind: False/0 | vfs: False/0 | idmap: False/0 | [2003/10/10 23:44:07, 3] param/loadparm.c:lp_load(3917) | lp_load: refreshing parameters | [2003/10/10 23:44:07, 3] param/loadparm.c:init_globals(1303) | Initialising global parameters | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(87) | Attempting to register new charset UCS-2LE | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(95) | Registered charset UCS-2LE | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(87) | Attempting to register new charset UTF8 | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(95) | Registered charset UTF8 | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(87) | Attempting to register new charset ASCII | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(95) | Registered charset ASCII | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(87) | Attempting to register new charset 646 | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(95) | Registered charset 646 | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(87) | Attempting to register new charset UCS2-HEX | [2003/10/10 23:44:07, 5] lib/iconv.c:smb_register_charset(95) | Registered charset UCS2-HEX | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 3] param/params.c:pm_process(566) | params.c:pm_process() - Processing configuration file | "/etc/samba3/smb.conf" | [2003/10/10 23:44:07, 3] param/loadparm.c:do_section(3420) | Processing section "[global]" | doing parameter workgroup = KZSDABAS | doing parameter netbios name = PDC | [2003/10/10 23:44:07, 4] param/loadparm.c:handle_netbios_name(2712) | handle_netbios_name: set global_myname to: PDC | doing parameter server string = Samba Server %v | doing parameter printcap name = cups | doing parameter load printers = yes | doing parameter printing = cups | doing parameter printer admin = @adm | doing parameter log file = /var/log/samba3/log.%m | doing parameter max log size = 50 | doing parameter map to guest = bad user | doing parameter security = user | doing parameter encrypt passwords = yes | doing parameter smb passwd file = /etc/samba3/smbpasswd | doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 | SO_SNDBUF=8192 | doing parameter dns proxy = no | [2003/10/10 23:44:07, 4] param/loadparm.c:lp_load(3949) | pm_process() returned Yes | [2003/10/10 23:44:07, 7] param/loadparm.c:lp_servicenumber(4059) | lp_servicenumber: couldn't find homes | [2003/10/10 23:44:07, 10] param/loadparm.c:set_server_role(3867) | set_server_role: role = ROLE_STANDALONE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74) | Substituting charset 'ISO-8859-2' for LOCALE | [2003/10/10 23:44:07, 5] lib/charcnv.c:charset_name(74)
[Samba] Samba 3.0 acl problems
Hi folks, I have set up a samba-3.0 compiled with-acl-support on a Red Hat 9 with 2.4.21 patched with acl and extra attribs, ext3 filesystem mounted acl,user_xattr. I use win2k to set up acls. Samba acting as a pdc this part works fine. I'd like to set up the samba as a pdc of 350+ nodes mixed win98 and win2k and I'd like to use acls on it. The problems are the following: If I add a user to let him to write into a particular folder then it seems samba grants him the all permissions exist. There is a special need that user should create a file can modify but deleting is not allowed. It seems that some combination of the settings work others not. If there is another version of samba (recent one) which works good with acls it also good for me. Here is the relevant part of my config: [global] workgroup = TEST security = user server string = Test Samba 3.0 printcap name = /etc/printcap load printers = yes printing = cups log file = /var/log/samba/%m.log debuglevel = 3 acl compatibility = Auto max log size = 1 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*succ pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote announce = 192.168.1.255 local master = yes domain master = yes preferred master = yes domain logons = yes logon script = %U.bat logon path = \\%L\Profiles\%U wins support = yes dns proxy = no [tmp] comment = test folders path = /home/tmp browseable = yes writeable = yes create mask = 0700 directory mask = 0700 directory security mask = 0700 admin users = TEST\Administrator Thanks., Sandor -- ...Fehér Sándor...---Sandor Feher fejlesztési vezető --- development manager Blue System Kft. --- Blue System Ltd. mailto:[EMAIL PROTECTED] http://www.bluesystem.hu -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Invitation to SSCCII-2004 in Amalfi, Italy, 29.1.-1.2.2004
Dear Dr. Samba I am happy to invite you to be a speaker at the VIP Scientific Forum of the International SSCCII-2004 Conference in Italy (SSCCII = Symposium of Santa Caterina on Challenges in Internet and Interdisciplinary research). Deadlines: Abstract (100 words) = October 29, 2003 Full Papers = November 19, 2003 Paper Acceptance Notification = December 3, 2003 Payment (fee and hotel) = December 24, 2003 This year SSCCII-2004 takes place from Thursday January 29 (arrival day) till Sunday February 1 (departure day), in the Italy's best coastline hotel Santa Caterina, Amalfi (source: The Leading Hotels of the World). Detailed program and all relevant information are given at the web site of the conference. The conference is limited to 60 attendees (physical capacity of the Santa Caterina hotel), and only plenary sessions will be organized. So far, many more researchers expressed an interest to come, which means that some submissions will have to be rejected. Still, new submissions are more than welcome. In addition to other programs, a special VIP Scientific Forum is also organized. Talks of the VIP Scientific Forum are open to all participants (other fori include the High Tech Forum and Talented Students Forum). Keynote speakers of the VIP Scientific Forum will be Dr. Raimundo Pasquino (Italy), Rector of the University of Salerno, Dr. Erich Neuhold (Germany), General Director, Fraunhofer IPSI. Please submit your title/abstract (which means that you have committed to participate if your paper is accepted), as soon as convenient for you, because we will be accepting papers until the limit is reached. The major goal of this forum is to establish a podium for a fruitful exchange of the newest scientific ideas, and that is why your participation is extremely important to all of us. Only elite researchers and professionals are invited. If you like to accept this invitation, please send email (with title, abstract, and affiliation) to [EMAIL PROTECTED] Conditions of this invitation are as follows: 1. Duration of your slot is 30 minutes (20 to 25 minutes for your talk, and the rest for discussions). 2. You are financially responsible: (a) for the air ticket to arrive to Napoli, Italy (b) for the hotel/breakfast cost for 3 days, one person in a single room = e695, two persons in a double room = e895, two adult persons and a child in a tripple room = e985 (child is 12 or below), three adult persons in a tripple room = e995. (c) for the conference fee (e302). 3. The conference fee is e302. It includes the program, a book of abstracts, a CD with full papers, a cocktail and the welcome dinner on the arrival day, and access to all professional and social activities of the SSCCII-2004. Also FREE transfer from the Napoli airport or railway station, to the hotel (upon arrival) and back (on departure). 4. For paper layout format, you are free to select any format that meets your needs and esthetical criteria. Your paper will be reviewed, with the major intention to provide you with a feedback that can help improve the quality. 5. Full papers are limited to maximum 1MBy and minimum 4 pages. 6. The scope of the conference is relatively wide: Informatics, Internet, Computer Science and Engineering, Interdisciplinary Research, MBA, Internet aspects of Medicine, Education, Management, Law, etc. Of course, traditional Electrical and Computer Engineering, and Engineering Physics, or BioEngineering and Environment Protection, too. URL(SSCCII-2004 VIP Scientific Forum) => http://amalfi2004.internetconferences.net URL(Chairman of the SSCCII-2004 VIP Scientific Forum) => http://galeb.etf.bg.ac.yu/vm/ Sincerely yours, Prof. Dr. V. Milutinovic Chairman PS - Please tell us exactly if you want to be informed about other scientific non-profit conferences organized by us. If you would like not to receive information about our conferences, please let us know. Our office is closed (vacations) till October 12. We will reply to your email as soon as we return. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba
My question is: how can I configure Samba as a timer? Take an example, that a user uses it for 1 hour per day for 1 month. Thank you. George -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Any good add/delete share scripts laying around?
Does anyone have any scripts for adding and deleting shares/printers using the "add share" and "add printer" options? Thanks much, Leland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Migrating from win2k pdc to samba3 + ldap + pam + nss
On Thu, 2003-10-09 at 04:00, Alexandru Ionica wrote: > So here is the setup now: pam worknig, ldap working, samba working, passwd > sync works great both ways (linux accounts > win accouns; win > lin). I'm > useing another domain name for the new pdc. Today i tried to migtrate all > the accounts from the Win2k PDC and i got into problems. I changed in > smb.conf the domain name to the one of the win PDC , joind my samba intro > the domain and did anet rpc vampire , text flashed :) , and accounts > were imported. Everything seemd to be ok . > I changed the domain name to > the new one, and restarted samba. This seems to be the critical failure here. You must not rename the domain - ever. You imported the users under one domain, you must keep that name. Furthermore, you must import the users under the name that they came from. Kill all the accounts, and try again. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0 stable: make --with-afs fails on SuSE 8.2
On Sat, 2003-10-11 at 11:29, Joe Samba wrote: > Hi All- > > I have SuSE 8.2 installed on two different Intel machines, with (as far as > I can determine) all required packages for doing what I'm trying to do > here. Both machines suffer the same problems. > > I didn't find any SuSE 8.2 rpms, so I'm trying to build Samba 3.0 (stable) > (24th Sep, 2003) on either of these machines but am having problems with > it. > > As root, I did a "./configure --with-afs" (several other options too---see > below) and it finished without complaints. If someone thinks it would > help, just say so and I'll post it (or a portion of it) in a follow-up. > > Actual configure command: > > ./configure --prefix=/usr --with-fhs --sysconfdir=/etc/samba > --localstatedir=/var --infodir=/usr/share/info --mandir=/usr/share/man > --enable-cups --with-privatedir=/etc/samba --with-lockdir=/var/lock > --with-piddir=/var/run/samba --with-swatdir=/usr/share/samba/swat > --with-configdir=/etc/samba --with-logfilebase=/var/log/samba > --with-smbwrapper --with-afs --with-dce-dfs --with-ldap --with-ads > --with-automount --with-smbmount --with-pam --with-pam_smbpass > --with-ldapsam --with-quotas --with-acl-support --with-winbind > --with-krb5=/usr/local --with-mysql-prefix=/usr > --with-mysql-exec-prefix=/usr/bin > > > I did a "make" and quite alot compiles ok, but when I get to > source/auth/pass_check.c, it fails with the messages below: > > > athena:/home/adam/smb/samba-3.0.0/source # make > Using FLAGS = -g -O2 -I/usr/local/include -Iinclude > -I/home/adam/smb/samba-3.0.0/source/include > -I/home/adam/smb/samba-3.0.0/source/ubiqx > -I/home/adam/smb/samba-3.0.0/source/smbwrapper -I. -D_LARGEFILE64_SOURCE > -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -I/usr/local/include > -I/home/adam/smb/samba-3.0.0/source > LIBS = -lcrypt -lresolv -lnsl -ldl > LDSHFLAGS = -shared > LDFLAGS = > Compiling auth/pass_check.c > auth/pass_check.c:38:22: afs/stds.h: No such file or directory > auth/pass_check.c:39:25: afs/kautils.h: No such file or directory > auth/pass_check.c: In function `afs_auth': > auth/pass_check.c:53: error: `KA_USERAUTH_VERSION' undeclared (first use > in this function) > auth/pass_check.c:53: error: (Each undeclared identifier is reported only > once > auth/pass_check.c:53: error: for each function it appears in.) > auth/pass_check.c:53: error: `KA_USERAUTH_DOSETPAG' undeclared (first use > in this function) > make: *** [auth/pass_check.o] Error 1 > athena:/home/adam/smb/samba-3.0.0/source # While there is some ongoing work to properly implement AFS support, this isn't it. This is 'AFS cleartext authentication support'. That means that you *must* give samba the password, at login time, in plain text. This means that the windows client must have it's registry hacked to support this. This is no longer supported by microsoft, and has nasty, nasty bugs. > If I remove the "--with-afs" option in the ./configure command, and then > try to make again, then the make finishes with no complaints, so that > should help explain something. > > I could possibly use samba 3.0 without afs support, but I'd really like to > have it as I expect to be using afs very soon, so I'd like to build in > whatever support for it samba has. The best bet is to wait until this can be done properly with the krb5 login ticket. Then we can use that, with 'proxy' permissions (or whatever they are called) to authenticated to the AFS server. There is ongoing work to make Samba a proper AFS gateway, using this. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba