Re: [Samba] Fwd: Samba semantics error?
On Tue, 2003-11-04 at 15:41, Mike Fedyk wrote: > Hello, > > I have this bug report that I have filed. Is there any specific reason why > samba behaves this way, and doesn't use the unix semantics? Since this is > even more restrictive than unix semantics, I'm more inclined to call it a > bug until I know it's supposed to be this way. > > Any ideas? > > - Forwarded message from Mike Fedyk <[EMAIL PROTECTED]> - > > From: Mike Fedyk <[EMAIL PROTECTED]> > To: Debian Bug Tracking System <[EMAIL PROTECTED]> > Subject: samba: Samba semantics error? > X-Mailer: reportbug 2.34 > Date: Thu, 30 Oct 2003 18:21:38 -0800 > > Package: samba > Version: 3.0.0final-1 > Severity: normal > > Hi there, > > I have this directory: > > drwxrws---2 adminssh96 Oct 30 17:09 . > drwxrwsr-x4 adminssh 112 Oct 30 17:08 .. > -r-xr-1 mfedyk ssh 12M Oct 29 15:40 > mozilla-win32-1.5-installer.exe > -r-xr-1 adminssh 0 Oct 30 18:15 test.txt > > Under linux, I can remove any file I'd like as long as I'm either the admin > user, or in the ssh group. > > But under windows through samba as the admin user, I can't remove the > mozilla installer file, but I can remove the test.txt file. And vise versa > with the mfedyk user through samba (but can remove the file as expected from > a bash shell). > > I have tried the dos filemodes config option, but that requires the file to > give group write permissions, and I explicitly don't want to do that on this > share. Under windows, I don't think you can delete a 'read only' file. Samba takes the missing 'w' for any user as meaning a read-only file. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba + user/host authentification
On Sat, 2003-11-08 at 04:00, Hezekiel wrote: > hi, i'm using suse 7.3 with samba 2.2.8 as PDC and openldap for > authentification in network with wfw-, winnt-, w2k-clients. everything works > fine. > because not every client has the same configuration (same progs, same > path's, hardware...), i got problems, if a user dosn't login from his > ordinary workstation, his roaming-profile doesn't work fine. > now, how can i force users only login from special machines (only to > machines which have the same installation). > > example: userA only login to ms-workstion1 > userBlogin to ms-ws1,ms-ws2 > userClogin to ms-ws3,ms--ws4 > userD only login to ms-ws4 > > i tried to configure a user restriction about PAM with 'pam_access.so' in > /etc/pam.d/samba and its config file 'access.conf', but it didn't work. > but restrictions for login,ssh, ftp etc. via PAM and 'pam_access.so' works. > maybe i have to set some values for the users in LDAP, but i don't know > what. the answer is probable quit easy, but i've got no more ideas. With Samba 3.0, the sambaUserWorkstations attribute contains a list of workstation names, for exactly this purpose. Users can only log into the workstations listed. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printing with CUPS. Drivers & Client issues. [Updated]
Trying to follow the Samba CUPS HowTo as closely as possible I chose to install the CUPS drivers. As in I'm trying to achieve 19.4 Advanced intelligent printing with postscript Driver Download Installing from cups-samba-1.1.19 all went OK other than it reported that it was actually installing 1.1.17. As others have reported Clients are not able to install/connect to the printer which for me was due to Samba clients not having access to the Drivers file store. Maybe an additional note in the howto? That fixed and my XP client connects and installs the printer into the local printers and faxes folder. However going into the Printers and Faxes folder on either the server or client and bringing up the properties results in an error: "The 'printer_name' printer driver is not installed on this computer. Some printer properties will not be accessible unless you install the printer driver. Do you want to install the driver now?" Selecting no gets me to the properties panel and show the printer as a Samba printer port device. Asking for a test print, or printing from any applications fails, no jobs show in the print queue either on the client or on the server. Checking with rpcclient I'm suspecting that the fact it is expecting a RAW input is the cause of my problem. [Windows NT x86] Printer Driver Info 3: Version: [2] Driver Name: [OfficeJet] Architecture: [Windows NT x86] Driver Path: [\\jasper\print$\W32X86\2\cupsdrvr.dll] Datafile: [\\jasper\print$\W32X86\2\OfficeJet.ppd] Configfile: [\\jasper\print$\W32X86\2\cupsui.dll] Helpfile: [\\jasper\print$\W32X86\2\cups.hlp] Monitorname: [] Defaultdatatype: [RAW] Having said that letting XP load drivers also fails, and the load of the drivers themselves is not persistent. At this point I'm going round in circles trying to check that I have understood and completed all the items needed from the howto. I'm not sure if I've missed something out here or have completely misunderstood the printing architecture. One other thing is that since rebuilding Samba from the src.rpm I've been seeing a lot of the following in the logs. [2003/11/08 22:34:24, 0] lib/util_str.c:safe_strcpy_fn(577) ERROR: NULL dest in safe_strcpy Regards Alan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Copying from win NTFS to Samba share=corruption??
On Tue, 2003-11-04 at 06:51, Scott Simmons wrote: > I'm copying files from an Compressed NTFS partition to a samba > share. The files seem to copy over correctly but the applications > that use them say they are corrupt. When I uncompress the files > first I don't get corruption. Is this normal behavior?? Compare the MD5 signature of the files at each end, but I don't think you will find the files are different. More likely is things like locking. If the files do appear corrupt, then I would first look into issues such as networking hardware (it can be quite surprising how much damage a cheap HUB or NIC can do). Which version of Samba is this? You should try Samba 3.0.0. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Integrating a Linux desktop into a Windows Domain environment
On Sat, 2003-11-08 at 02:26, Buchan Milne wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > Message: 35 > > Date: Wed, 5 Nov 2003 15:33:27 -0600 (CST) > > From: "Distribution Lists" <[EMAIL PROTECTED]> > > Subject: [Samba] Integrating a Linux desktop into a Windows Domain > > environment > > To: [EMAIL PROTECTED] > > Message-ID: > > <[EMAIL PROTECTED]> > > > > Content-Type: text/plain;charset=iso-8859-1 > > > > Can someone give me some pointers to documentation, concepts on how to > > integrate Linux desktop into a Windows domain environment to access shared > > drives / printers. I wonder what other peoples experiences were as well. > > > > If possible I want to setup Linux/Samba in such to replicate what an > > Windows workstation does, authenticate with a domain controller then be > > able to seamlessly access shares. > > You may want to take a look at this paper I presented a while ago, on > integrating Mandrake 9.0 into a Windows domain (only the basics of > winbind setup). > > http://ranger.dnsalias.com/mandrake/samba/Integrating%20Linux%20into%20Windows%20Networks.pdf > > Mandrake supports winbind authentication during installation since 9.0, > and since 9.2 you can configure it after installation using 'drakauth'. > This doesn't currently support AD, however it should in the next release > when we have samba3 in main (in contrib for 9.2). The big thing we need to do (and it really isn't that much work) is to make the kerberos stuff happen by default, in all of Samba's components. Currently, pam_winbind does not get a kerberos ticket for the user, even if they are in AD, and smbclient/libsmbclient/smbprint etc do not use kerberos, even if the user has a ticket. (you need to say '-k' on the command line). Even if you have a ticket, you need to tell it a bogus password, otherwise it prompts you anyway... These are all fixable, and I've written it up in bugs 742 and 743. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not connect to SWAT
Hi, Have you followed the information given in the Samba-HOWTO-Collection.pdf. You can obtain it from: http://us2.samba.org/samba/docs/Samba-HOWTO-Collection.pdf It has a chapter on SWAT that provides detailed information on how to get SWAT working on your system. If that fails please get back to me. - John T. On Sat, 8 Nov 2003, lovswr1 wrote: > On Sat, 2003-11-08 at 13:09, John H Terpstra wrote: > > On Sat, 8 Nov 2003, lovswr1 wrote: > > > > > Hello, Until yesterday (7 nov 03) I had a mostly working 2.27 samba > > > running on my redhat 9 box that I configured via SWAT. Now I can not get > > > back into SWAT & I also (in a useless attempt to make it work) upgraded > > > to samba 3.0 I get the following when trying to start SWAT: > > > > > > > > > An error occured while loading http://matrix1:901/: > > > > > > > > > Could not connect to host matrix1 (port 901) > > > > > > > > > > > > here is my /etc/hosts file: > > > > > > > > > # Do not remove the following line, or various programs > > > # that require network functionality will fail. > > > 127.0.0.1 localhost localhost.localdomain matrix1 > > > 192.168.2.147 philip > > > 192.168.2.145 robert > > > 192.168.1.148 pc2 > > > 192.168.1.149 freebsd > > > 0.0.0.0 ads.osdn.com > > > 0.0.0.0 claria.com > > > 0.0.0.0 www.gator.com > > > > > > > > > Also /etc/services does have the correct port 901 set up & > > > /etc/xinetd/d/swat > > > > > > description: swat is the Samba Web Administration Tool, which > > > # allows an administrator to configure Samba using a web > > > # browser interface, with the URL http://localhost:901 > > > service swat. > > > { > > > disable = no > > > socket_type = stream > > > wait = no > > > protocol = tcp > > > only_from = matrix1 > > > > Try: > > only_from = localhost > > > > - John T. > > Thanks John, but I'm still getting that can not connect host error > > > > > > > user = root > > > log_on_failure += USERID > > > server = /usr/sbin/swat > > > port = 901 > > > } > > > & /etc/pam.d/samba > > > > > > #%PAM-1.0 > > > auth required pam_nologin.so > > > auth required pam_stack.so service=system-auth > > > account required pam_stack.so service=system-auth > > > session required pam_stack.so service=system-auth > > > password required pam_stack.so service=system-auth > > > # added by me in a panic attempt to get swat working again on 7 nov 03 > > > samba auth required /lib/security/pam_pwdb.so nullok shadow > > > samba account required /lib/security/pam_pwdb.so > > > > > > > > > I dont't know if this is related but,my trouble started yesterday after > > > I actually got vnc-server working. I just left it at default so it > > > started on matrix1:1 I went to work (yes I puched a hole through > > > turtlefirewall just for this) & connected from my laptop at work via vnc > > > to the redhat box. I did not do anything & then jsut logged off. when I > > > got home I had to reboot the redhat box becuase konq would not work. > > > Kept complaing aobut something like the DHOCP server or other could not > > > be contactacted/(connected?). Well SWAT has not worked ever since. Now > > > the samba 2.7 still worked with a manual start, but this morning I did a > > > rpm -U| to 3.0 & now that too is not working Any help ir direction > > > pointing would be greatly appreciated. > > > > > > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not connect to SWAT
On Sat, 2003-11-08 at 13:09, John H Terpstra wrote: > On Sat, 8 Nov 2003, lovswr1 wrote: > > > Hello, Until yesterday (7 nov 03) I had a mostly working 2.27 samba > > running on my redhat 9 box that I configured via SWAT. Now I can not get > > back into SWAT & I also (in a useless attempt to make it work) upgraded > > to samba 3.0 I get the following when trying to start SWAT: > > > > > > An error occured while loading http://matrix1:901/: > > > > > > Could not connect to host matrix1 (port 901) > > > > > > > > here is my /etc/hosts file: > > > > > > # Do not remove the following line, or various programs > > # that require network functionality will fail. > > 127.0.0.1 localhost localhost.localdomain matrix1 > > 192.168.2.147 philip > > 192.168.2.145 robert > > 192.168.1.148 pc2 > > 192.168.1.149 freebsd > > 0.0.0.0 ads.osdn.com > > 0.0.0.0 claria.com > > 0.0.0.0 www.gator.com > > > > > > Also /etc/services does have the correct port 901 set up & > > /etc/xinetd/d/swat > > > > description: swat is the Samba Web Administration Tool, which > > # allows an administrator to configure Samba using a web > > # browser interface, with the URL http://localhost:901 > > service swat. > > { > > disable = no > > socket_type = stream > > wait = no > > protocol = tcp > > only_from = matrix1 > > Try: > only_from = localhost > > - John T. Thanks John, but I'm still getting that can not connect host error > > > user = root > > log_on_failure += USERID > > server = /usr/sbin/swat > > port = 901 > > } > > & /etc/pam.d/samba > > > > #%PAM-1.0 > > auth required pam_nologin.so > > auth required pam_stack.so service=system-auth > > account required pam_stack.so service=system-auth > > session required pam_stack.so service=system-auth > > password required pam_stack.so service=system-auth > > # added by me in a panic attempt to get swat working again on 7 nov 03 > > samba auth required /lib/security/pam_pwdb.so nullok shadow > > samba account required /lib/security/pam_pwdb.so > > > > > > I dont't know if this is related but,my trouble started yesterday after > > I actually got vnc-server working. I just left it at default so it > > started on matrix1:1 I went to work (yes I puched a hole through > > turtlefirewall just for this) & connected from my laptop at work via vnc > > to the redhat box. I did not do anything & then jsut logged off. when I > > got home I had to reboot the redhat box becuase konq would not work. > > Kept complaing aobut something like the DHOCP server or other could not > > be contactacted/(connected?). Well SWAT has not worked ever since. Now > > the samba 2.7 still worked with a manual start, but this morning I did a > > rpm -U| to 3.0 & now that too is not working Any help ir direction > > pointing would be greatly appreciated. > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smb.conf problems causes net groupmap to fail
Hello, I just thought I would post this since it may be helpful to others if they run into the same issues I did. I am using Samba 3.0 with openLDAP 2.1.23 as backend db on a Slackware 9 system. This is purely a test system that I need to test at home reliably enough to put into production in a school system. I was getting error messages when I went to run samba/bin/net commands. Couldn't figure it out until now. If you have a problem in your smb.conf when you try to run samba/bin/net commands like groupmap list, you get error messages. My guess and the developers can probably elaborate on this, net command reads the smb.conf whether or not the daemons smbd or nmbd is running. Errors in the config file will cause the net commands to fail. It took me a long time to experiment and find this out but I thought I should pass it on. -- Kent [EMAIL PROTECTED] [EMAIL PROTECTED] W 508 291-3510 X122 C 508 317-2755 Tips:--> "OpenOffice.org ... Stops Word macro viruses DEAD!" "Postgresql.org ... Don't 'kill -9' the postmaster" "Technology is legislation - C. Einfeldt on OO.o discuss list" -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users unable to change their passwords using 200/XP change password dialouge.
On Sat, 2003-11-08 at 01:59, Alan Munday wrote: > I've just found out today that my system won't let users (2000 and XP > clients) change their passwords. > >From their consoles they get permission denied messages. > > Looking at the logs its clearly a Samba/PAM interaction issue but all looks > OK in the pam.d directory. So, have you tried this without 'pam password change = yes' in your smb.conf? If the pam.d directory looks 'OK', what is it? What does the 'samba' file say? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ADS still doesn't work with SAMBA 3 CVS.
On Sun, 2003-11-09 at 03:05, Ron Gage wrote: > Currently running CVS of SAMBA 3.1 - pulled down last night. > > The Samba machine is joining the domain (or so it reports) but it doesn't show > up in AD Users & Computers. Attempting to browse the Samba computer from > Windows (Advanced Server 2000) fails with password/username failures. Here > is the output from "net ads join -U administrator". Yes, this is showing > that I was already joined to the domain. > > Any ideas on what I am doing wrong here? You haven't shown us anything that represents a failure. You need to include the error logs on the server at least. Are you running winbindd? Or do you have matching local accounts for all your users? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Second Windows Computer Disconnects First
Andy, You may find the Samba-HOWTO-Collection.pdf helpful. It's available in book form from Amazon.Com, called "The Official Samba-3 HOWTO and Reference Guide." The HOWTO is available from: httpd://us3.samba.org/samba/docs/Samba-HOWTO-Collection.pdf You should check the chapters on: Server Types and Security Modes Domain Control Stand-Alone Servers Network Browsing Account Information Integrating MS Windows Networks with Samba Have fun. Cheers, John T. On Sat, 8 Nov 2003 [EMAIL PROTECTED] wrote: > Hi, > > I'm setting up a Linux machine to use as a file server for a small group of > windows machines. > > Like many of the folks who write to this list, I'm having all kinds of > difficults getting the Windows machines to be able to access the Linux shares. > > In my case, the most frustrating thing is that all of my Windows machines and > users can access the Linux shares SOMETIMES. But typically, if one computer > accesses the shared folder, and then another one accesses it, the first > computer gets disconnected. > > Does anybody have any insights into why this is happening? > > All of my windows computers have their own unique computer names. And the > usernames that are set up for each machine are different (and match the Unix > names and samba names and passwords that I have on the Linux machine). > > Does this have anything to do with the samba server being the "preferred > master"? And why, when my Linux machine is running, do I so frequently see "logged > off" windows machines in Network Neighborhood. This is something that I never > see when the Linux machine is shut down. It's as if the Linux machine is > taking control of keeping track of who is and who isn't on the network -- and it > doesn't do as good a job of updating compared to the way windows stays current. > > Help would be appreciated. > > Andy Liebman > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Second Windows Computer Disconnects First
Hi, I'm setting up a Linux machine to use as a file server for a small group of windows machines. Like many of the folks who write to this list, I'm having all kinds of difficults getting the Windows machines to be able to access the Linux shares. In my case, the most frustrating thing is that all of my Windows machines and users can access the Linux shares SOMETIMES. But typically, if one computer accesses the shared folder, and then another one accesses it, the first computer gets disconnected. Does anybody have any insights into why this is happening? All of my windows computers have their own unique computer names. And the usernames that are set up for each machine are different (and match the Unix names and samba names and passwords that I have on the Linux machine). Does this have anything to do with the samba server being the "preferred master"? And why, when my Linux machine is running, do I so frequently see "logged off" windows machines in Network Neighborhood. This is something that I never see when the Linux machine is shut down. It's as if the Linux machine is taking control of keeping track of who is and who isn't on the network -- and it doesn't do as good a job of updating compared to the way windows stays current. Help would be appreciated. Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not connect to SWAT
On Sat, 8 Nov 2003, lovswr1 wrote: > Hello, Until yesterday (7 nov 03) I had a mostly working 2.27 samba > running on my redhat 9 box that I configured via SWAT. Now I can not get > back into SWAT & I also (in a useless attempt to make it work) upgraded > to samba 3.0 I get the following when trying to start SWAT: > > > An error occured while loading http://matrix1:901/: > > > Could not connect to host matrix1 (port 901) > > > > here is my /etc/hosts file: > > > # Do not remove the following line, or various programs > # that require network functionality will fail. > 127.0.0.1 localhost localhost.localdomain matrix1 > 192.168.2.147 philip > 192.168.2.145 robert > 192.168.1.148 pc2 > 192.168.1.149 freebsd > 0.0.0.0 ads.osdn.com > 0.0.0.0 claria.com > 0.0.0.0 www.gator.com > > > Also /etc/services does have the correct port 901 set up & > /etc/xinetd/d/swat > > description: swat is the Samba Web Administration Tool, which > # allows an administrator to configure Samba using a web > # browser interface, with the URL http://localhost:901 > service swat. > { > disable = no > socket_type = stream > wait = no > protocol = tcp > only_from = matrix1 Try: only_from = localhost - John T. > user = root > log_on_failure += USERID > server = /usr/sbin/swat > port = 901 > } > & /etc/pam.d/samba > > #%PAM-1.0 > auth required pam_nologin.so > auth required pam_stack.so service=system-auth > account required pam_stack.so service=system-auth > session required pam_stack.so service=system-auth > password required pam_stack.so service=system-auth > # added by me in a panic attempt to get swat working again on 7 nov 03 > samba auth required /lib/security/pam_pwdb.so nullok shadow > samba account required /lib/security/pam_pwdb.so > > > I dont't know if this is related but,my trouble started yesterday after > I actually got vnc-server working. I just left it at default so it > started on matrix1:1 I went to work (yes I puched a hole through > turtlefirewall just for this) & connected from my laptop at work via vnc > to the redhat box. I did not do anything & then jsut logged off. when I > got home I had to reboot the redhat box becuase konq would not work. > Kept complaing aobut something like the DHOCP server or other could not > be contactacted/(connected?). Well SWAT has not worked ever since. Now > the samba 2.7 still worked with a manual start, but this morning I did a > rpm -U| to 3.0 & now that too is not working Any help ir direction > pointing would be greatly appreciated. > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can not connect to SWAT
Hello, Until yesterday (7 nov 03) I had a mostly working 2.27 samba running on my redhat 9 box that I configured via SWAT. Now I can not get back into SWAT & I also (in a useless attempt to make it work) upgraded to samba 3.0 I get the following when trying to start SWAT: An error occured while loading http://matrix1:901/: Could not connect to host matrix1 (port 901) here is my /etc/hosts file: # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost localhost.localdomain matrix1 192.168.2.147 philip 192.168.2.145 robert 192.168.1.148 pc2 192.168.1.149 freebsd 0.0.0.0 ads.osdn.com 0.0.0.0 claria.com 0.0.0.0 www.gator.com Also /etc/services does have the correct port 901 set up & /etc/xinetd/d/swat description: swat is the Samba Web Administration Tool, which # allows an administrator to configure Samba using a web # browser interface, with the URL http://localhost:901 service swat. { disable = no socket_type = stream wait = no protocol = tcp only_from = matrix1 user = root log_on_failure += USERID server = /usr/sbin/swat port = 901 } & /etc/pam.d/samba #%PAM-1.0 auth required pam_nologin.so auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth session required pam_stack.so service=system-auth password required pam_stack.so service=system-auth # added by me in a panic attempt to get swat working again on 7 nov 03 samba auth required /lib/security/pam_pwdb.so nullok shadow samba account required /lib/security/pam_pwdb.so I dont't know if this is related but,my trouble started yesterday after I actually got vnc-server working. I just left it at default so it started on matrix1:1 I went to work (yes I puched a hole through turtlefirewall just for this) & connected from my laptop at work via vnc to the redhat box. I did not do anything & then jsut logged off. when I got home I had to reboot the redhat box becuase konq would not work. Kept complaing aobut something like the DHOCP server or other could not be contactacted/(connected?). Well SWAT has not worked ever since. Now the samba 2.7 still worked with a manual start, but this morning I did a rpm -U| to 3.0 & now that too is not working Any help ir direction pointing would be greatly appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] sambaGroupType
What is the sambaGroupType in the LDAP? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba with Domain User accounts
On Friday 07 November 2003 5:08 pm, anth jaz wrote: > I am trying to find an option to M$ file server under Linux. > Everything to this point is M$. Whether anybody goes for it or not, I > would like to put the option out there for choice. One of the > important necessities is that this doesn't become any more > complicated for the EU. As soon as you say Linux to the bosses they > think more complex for the user and the users have trouble enough > logging in to there computers. I am a Linux newbie trying to become > more efficient. At present, I am using RH9, Samba 3, and have > security = Domain and have joined the domain successfully. I have a > user joe created on the Linux/Samba server and when user joe logs > onto his Win2k computer on the NT domain he can access the Samba > share I have configured like this: Yes, you need to use winbind, which came with your samba distribution. Winbind add the domain users to the unix environment, so you don't need unix accounts for them to log in. Otherwise, you would need a file to map windows users to unix users. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ADS still doesn't work with SAMBA 3 CVS.
Currently running CVS of SAMBA 3.1 - pulled down last night. The Samba machine is joining the domain (or so it reports) but it doesn't show up in AD Users & Computers. Attempting to browse the Samba computer from Windows (Advanced Server 2000) fails with password/username failures. Here is the output from "net ads join -U administrator". Yes, this is showing that I was already joined to the domain. [EMAIL PROTECTED]:~# net ads testjoin -U administrator Join is OK [EMAIL PROTECTED]:~# net ads join -U administrator administrator password: [2003/11/08 10:38:55, 0] libads/ldap.c:ads_join_realm(1308) Host account for web already exists - deleting old account Using short domain name -- RONGAGEHOME Joined 'WEB' to realm 'RONGAGEHOME.COM' The Domain Controller is Windows 2000 Advanced Server. NOT Server 2003! Here is the contents of /etc/krb5.conf [logging] default = FILE:/var/log/krb5/libs.log kdc = FILE:/var/log/krb5/kdc.log admin_server = FILE:/var/log/krb5/admin.log [libdefaults] ticket_lifetime = 24000 default_realm = RONGAGEHOME.COM forwardable = true proxiable = true [realms] RONGAGEHOME.COM = { kdc = intel.rongagehome.com default_domain = rongagehome.com } [domain_realm] .rongagehome.com = RONGAGEHOME.COM rongagehome.com = RONGAGEHOME.COM Here is the contents of /usr/lib/smb.conf: [global] workgroup = rongagehome realm = rongagehome.com server string = Samba Server ; hosts allow = 192.168.1. 192.168.2. 127. ; load printers = yes ; printcap name = /etc/printcap ; printcap name = lpstat ; printing = bsd ; guest account = pcguest log file = /var/log/samba.%m max log size = 50 security = ads ; password server = encrypt passwords = yes ; include = /usr/local/samba/lib/smb.conf.%m socket options = TCP_NODELAY ; interfaces = 192.168.12.2/24 192.168.13.2/24 ; local master = no ; os level = 33 ; domain master = yes ; preferred master = yes ; domain logons = yes ; logon script = %m.bat ; logon path = \\%L\Profiles\%U ; wins support = yes ; wins server = w.x.y.z ; wins proxy = yes dns proxy = no # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = @staff Yes, I know there are no shares actually defined. We aren't at that point yet. Here is the output of klist -e: Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting ExpiresService principal 11/08/03 10:35:57 11/08/03 20:36:01 krbtgt/[EMAIL PROTECTED] renew until 11/09/03 10:35:57, Etype (skey, tkt): ArcFour with HMAC/md5, ArcFour with HMAC/md5 11/08/03 10:38:57 11/08/03 20:36:01 [EMAIL PROTECTED] renew until 11/09/03 10:35:57, Etype (skey, tkt): ArcFour with HMAC/md5, ArcFour with HMAC/md5 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Any ideas on what I am doing wrong here? -- Ron Gage - LPIC1, A+, Net+ Pontiac, Michigan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba with Domain User accounts
"anth jaz" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] There are a lot of users and equally a lot of passwords on the domain and it isn't very efficient to add every user to the Linux box. Is there a way to get around this. Have the Linux server communicate with the PDC or BDC since it is a member of the domain? Yes. You can use the add user script. Create a group for the users. You could use staff for example. groupadd staff Add the following line to the global section of your smb.conf file. add user script = useradd -c "Account from PDC" -s /bin/false \ -d /home/%u -m -n -g staff %u The commands do the following: useradd -c "Account from PDC".Adds a user to the Linux box and call it "Account from PDC". -s /bin/false \Prevents the user from logging in locally. -d /home/%u -m Creates the user's home directory -n -g staff %u Adds the user to the staff group The commands may vary slightly from one distro to the next. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File Locking
scully the truth is out there lol - Original Message - From: "John H Terpstra" <[EMAIL PROTECTED]> To: "Robert McIntosh" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Saturday, November 08, 2003 8:18 AM Subject: Re: [Samba] File Locking > On Fri, 7 Nov 2003, Robert McIntosh wrote: > > > Hi, > > > > I'm running smbd 2.2.8. I'm a little green when it comes to file locking > > with samba. > > Are you from Mars by any chance? Isn't that where green people come from? > Oh, I forgot, you could be Irish also. > > > I have two users that access a single data file on a FreeBSD box. It's a > > moneydance data file and obviously it gets messed-up if two users are > > writing to it at the same time. Is there a way with samba to stop a second > > instance of the file from being opened, something like a "File In Use" > > message for a user if the file is already in use? > > Suggest you read the HOWTO. It has a chapter on file and record locking. > You never know, it might help to educate little green people. > > http://us3.samba.org/samba/docs/Samba-HOWTO-Collection.pdf > > - John T. > -- > John H Terpstra > Email: [EMAIL PROTECTED] > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.3a and Windows Sychronization
Hi, update to samba 3 view your logs, post your smb.conf maybe we can help to debug then - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Saturday, November 08, 2003 3:01 AM Subject: Re: [Samba] Samba 2.2.3a and Windows Sychronization > i'm currently on version 2.2.7a and it is exhibiting this same behavior. I > also have problems with quicken accessing data on a share. I am a single user, > but when I exit and it prompts to make a backup, it says that it cannot > access the file. > > -Lynch > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.0-2 on RH9 winbindd_idmap.tdb corrupt
AFter working for weeks, some AD users cannot connect to shares. I get this error in log.winbindd at level 10 : [2003/11/07 14:44:12, 0] tdb/tdbutil.c:tdb_log(724) tdb(/var/cache/samba/winbindd_idmap.tdb): rec_free_read bad magic 0x42424242 at offset=36380 [2003/11/07 14:44:12, 10] sam/idmap_tdb.c:db_get_id_from_sid(385) db_get_id_from_sid: error Corrupt database What to do ? Erase winbindd_idmap.tdb ? Reinstall ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File Locking
On Fri, 7 Nov 2003, Robert McIntosh wrote: > Hi, > > I'm running smbd 2.2.8. I'm a little green when it comes to file locking > with samba. Are you from Mars by any chance? Isn't that where green people come from? Oh, I forgot, you could be Irish also. > I have two users that access a single data file on a FreeBSD box. It's a > moneydance data file and obviously it gets messed-up if two users are > writing to it at the same time. Is there a way with samba to stop a second > instance of the file from being opened, something like a "File In Use" > message for a user if the file is already in use? Suggest you read the HOWTO. It has a chapter on file and record locking. You never know, it might help to educate little green people. http://us3.samba.org/samba/docs/Samba-HOWTO-Collection.pdf - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ODD PAM ERROR
On Fri, 7 Nov 2003, Brandon Lederer wrote: > I have set up winbind, made the nsswitch settings, joined the current NT > Domain, got back the message that said "Welcome to Domain". When I try > to access the PC, it brings up IPC$ and wants a password. The log for > that workstation says "PAM: UNKNOWN PAM ERROR (9) during Account > Management for User: Domain+USERNAME!" Then it says "PAM: Account > Validation Failed - Rejecting User Domain+USERNAME!" > > Does anyone have any helpful ideas? Brandon, You are asking us to exercise our worn-out crystal balls by not providing your smb.conf file, so here goes: My guess is that your UNIX system does NOT have an account called "nobody". I guess also that given that your system does not have a nobody account, you also do not have the following entry in your smb.conf file [globals] section: guest account = 'a_valid_unix_account' So let me know, did my crystal ball work this time. Dang, it's been so unreliable lately! :) - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba