[Samba] Samba (2.2.8a or 3.0.2a) + WinXP not updating roaming profiles on logout
I have a linux box running samba configured as my PDC with roaming profiles. Everything was running great until I upgraded to WinXP instead of Win2K. Now, when I log out of my XP session, my profile doesn't get uploaded to the server. The local copy remains in effect until I reboot. When I log out, the following message gets sent to the event logger: [quote] Windows has detected that Offline Caching is enabled on the Roaming Profile share - to avoid potential profile corruption, Offline Caching must be disabled on shares where roaming user profiles are stored. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. [/quote] I searched around and found an email which suggested adding the following to my profiles share to fix this warning message (not sure if it's supposed to fix my problem, but I figured it was worth a shot): csc policy = disabled share modes = no The warning still occurs (yes, I restarted samba and I restarted windows). Here's my smb.conf file with comments stripped [global] workgroup = HOME netbios name = ERADICATOR server string = Samba Server %v printcap name = lpstat load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 guest account = guest security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth1 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\%U\profile logon home = \\%L\%U logon drive = I: add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u domain admin group = root @wheel domain guest group = nobody guest @nobody @nogroup @guest wins support = yes dns proxy = no [homes] comment = Home Directories browseable = no writable = yes profile acls = yes csc policy = disabled share modes = no [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpq -P %p lprm command = cancel %p-%j [download] comment = Downloads path = /usr/local/download public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [music] comment = Music path = /home/jeremy/Music public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [movies] comment = Movies path = /home/jeremy/Movies public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [root] comment = Root Directory path = / read only = No [raid0] comment = RAID 0 path = /mnt/raid0 read only = No --- As another note, I get the following message in log.machine name since going to samba3... [2004/04/05 23:16:16, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [jeremy] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705) aerith (192.168.0.3) connect to service jeremy initially as user jeremy (uid=1000, gid=4) (pid 22991) --- Thanks in advance for any help you have to offer. It is very much appreciated. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ACHTUNG! Sie haben eine mit einem Virus infizierte Mail verschickt.
G DATA AntiVirenKit hat in folgender Mail einen Virus entdeckt: Absender: [EMAIL PROTECTED] Empfänger: [EMAIL PROTECTED] Cc: Bcc: Datum: 5.04.2004 22:18 Betreff: Virus: Win32/[EMAIL PROTECTED] Der infizierte Teil wurde gelöscht. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba (2.2.8a or 3.0.2a) + WinXP not updating roamingprofiles on logout
Hi Jeremy, Can't help with the romaing profiles, but can with this one As another note, I get the following message in log.machine name since going to samba3... [2004/04/05 23:16:16, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [jeremy] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705) aerith (192.168.0.3) connect to service jeremy initially as user jeremy (uid=1000, gid=4) (pid 22991) You need to re-assign the primary group for the user to a windows group such as domain users. An easy way to do this is through the NT4 usermanager package USRMGR.EXE mentioned somewhere in the SAMBA 3 Doc's, I believe still available from microsoft. Cheers, Lewis -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Undeliverable message returned to sender
This message was created automatically by mail delivery software. Delivery failed for the following recipients(s): [EMAIL PROTECTED] The message you sent contained an attachment which the recipient has chosen to block. Usually these sort of attachments are blocked to prevent malicious software from being sent to the recipient in question. The name(s) of the blocked file(s) follow: stap.pif To send this file, please place it in a compressed archive using WinZip (http://www.winzip.com) or the archive software of your choice. - Original Message Header - Received: by mail3-ash (MessageSwitch) id 1081236791340547_4674; Tue, 6 Apr 2004 07:33:11 + (UCT) Received: from lists.samba.org (host5-254.pool80205.interbusiness.it [80.205.254.5]) by mail3-ash.bigfish.com (Postfix) with ESMTP id 9547E1C5ADF for [EMAIL PROTECTED]; Tue, 6 Apr 2004 07:31:06 + (UCT) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Hi Date: Tue, 6 Apr 2004 09:31:04 +0200 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary==_NextPart_000_0009_83C7715A.8D4AE394 X-Priority: 3 X-MSMail-Priority: Normal Message-Id: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
The big question is, though... why aren't the old addresses getting un-registered when new ones are registered with WINS? Or if that's standard, why do the old addresses take precedent over the new ones? This is why I wrote little patch, wich allows to dump/edit/load wins.dat without restarting of nmbd... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.3pre2 Available for Download
Just wandering, wether this bug is fixed in the 303 pre 2 ?? -- [2004/02/19 14:03:00, 0] lib/util_sock.c:read_socket_data(342) read_socket_data: recv failure for 4. Error = Connection reset by peer [2004/02/19 14:06:18, 0] lib/util_sock.c:get_peer_addr(952) getpeername failed. Error was Transport endpoint is not connected [2004/02/19 14:06:18, 0] lib/util_sock.c:send_smb(605) Error writing 4 bytes to client. -1. (Connection reset by peer) - Collen Blijenberg (Montessori Lyceum Herman Jordan) Monday, April 5, 2004, 6:26:22 PM, you wrote: GJC -BEGIN PGP SIGNED MESSAGE- GJC Hash: SHA1 GJC This is the second preview release of the Samba 3.0.3 code base GJC and is provided for testing only. This release is *not* intended GJC for production servers. Use at your own risk. GJC There have been several bug fixes since the 3.0.2a release that GJC we feel are important to make available to the Samba community GJC for wider testings. See the Changes section for details on GJC exact updates. GJC Common bugs fixed in this preview release include: GJC ~ o Substitution errors for %[UuGg] in smb.conf. GJC ~ o winbindd crashes when using ADS security mode. GJC ~ o SMB signing errors. GJC New features introduced in this preview release include: GJC ~ o Experimental support for storing DOS attribute on files GJC ~and folders in Extended Attributes. GJC The source code can be downloaded from: GJC ~ http://download.samba.org/samba/ftp/pre/ GJC The uncompressed tarball and patch file have been signed GJC using GnuPG. The Samba public key is available at GJC ~ http://download.samba.org/samba/ftp/samba-pubkey.asc GJC Links to binary packages can be found on the GJC ~ http://www.samba.org/samba/samba.html GJC A simplified version of the CVS log of updates since 3.0.3pre1 GJC can be found in the the download directory under the name GJC ChangeLog-3.0.3pre1-3.0.3pre2. The release notes are also available GJC in the same directory. GJC As always, all bugs are our responsibility. GJC ~ --Enjoy GJC ~ The Samba Team GJC -BEGIN PGP SIGNATURE- GJC Version: GnuPG v1.2.1 (GNU/Linux) GJC Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org GJC iD8DBQFAcYiuIR7qMdg1EfYRAnCPAKDihuJSZwd5j/9w7HzZMVmbjKLdVgCglAJr GJC ZciCvu4QpvzwZ6rx72260is= GJC =70/e GJC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ls and getfacl hanging with nt authentication
I have Samba 3.0.2a running on Solaris 8 compiled with winbind and authenticating against an NT domain. every time I run a ls -l or getfacl the command line hangs as it's tries to pull down all the user/group details from the domain. I heard this may have something to do with nscd (nameservice cache daemon?) which is running on the solaris machine. Any thoughts appreciated! Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.3pre2 Available for Download
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 6 Apr 2004, Collen Blijenberg MLHJ wrote: Just wandering, wether this bug is fixed in the 303 pre 2 ?? -- [2004/02/19 14:03:00, 0] lib/util_sock.c:read_socket_data(342) read_socket_data: recv failure for 4. Error = Connection reset by peer [2004/02/19 14:06:18, 0] lib/util_sock.c:get_peer_addr(952) getpeername failed. Error was Transport endpoint is not connected [2004/02/19 14:06:18, 0] lib/util_sock.c:send_smb(605) Error writing 4 bytes to client. -1. (Connection reset by peer) - The client disconnected. This is not a Samba bug. Best to check for bad network hardware, hubs, switches, mismatched duplex settings on NICs, etc... Now if we did something to cause the client to disconnect (e.g. blue screen the client), then we would need to fix that. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFAcm+LIR7qMdg1EfYRAiy1AJ9/kHvF125iphdpTpzhOTR3bGIk5wCfQiyC DfuYD54GBUh+4irRyE/y6fI= =Y2uI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to log into a workgroup share after saving password in XP
HI, I'm currently running redhat 7.3, using samba 2.2.7 on our webserver and am using Windows XP on the desktop, logging into our domain, I set up the sameba server to allow a specific user only to log in in the default workgroup 'Workgroup'. This was working fine (for around 2 weeks), but I decided to click the save password box in windows, and for some reason everytime now, it refuses to let me even access the share, I keep getting the following error: - Start Error - \\Webdev\webroot is not accessable. You might not have the correct permissions to use this network resource. Contact the administrator of this server to find out if you have access. The user name could not be found. - End Error - If I log out and login the machine locally (i.e not into the domain), I can access the share no problem, it would seem that for some reason when I clicked same password, windows has added some extra information, and this is stopping me from logging in, this has also happened to other users as well, everyone can login to the share if they are local, but if they saved the password and re logged into the domain, they are all kicked out. All the people who have not saved the password, can still login ok. There are no details in the actuall workstations logs on the samba server. Am I correct in thinking this is a windows error, or could the samba server be setup wrong? All I probally need to do is delete the referance to this server and password in windows, but for the life of me I cannot find it. I presume it's probally in the registery somewhere. Googling has not uncovered much so far, but I'm still looking. Thanks in advance Mark C -- Ever mind The Rule of Three Three times what thou givest returns to thee. This lesson well, thou must learn, Thee only gets what thou dost earn! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Your mail to feedback@suse.de
- (deutsche Version unten) Dear SuSE Linux User, thank you for your message regarding Unknown Exception ([EMAIL PROTECTED]). Please note that the email address you sent your message to ([EMAIL PROTECTED]) is no longer in use. Of course you still can send us your ideas, comments and bug reports related to our products! Please use our web pages: http://www.suse.de/feedback If you need support please contact our installation support [EMAIL PROTECTED], if you have a valid registration code or consult our support database at http://sdb.suse.de/sdb/en/html/ Thank you for your interest in SuSE Linux! - Sehr geehrter SuSE Linux-Benutzer, vielen Dank für Ihre Nachricht betreffs Unknown Exception ([EMAIL PROTECTED]). Bitte beachten Sie, dass die von Ihnen verwendete Emailadresse ([EMAIL PROTECTED]) nicht mehr verwendet wird. Natürlich können Sie uns auch weiterhin Ihre Anregungen, Fehlermeldungen oder Verbesserungsvorschläge zusenden. Wir haben für Sie ein Webformular eingerichtet unter http://www.suse.de/feedback Falls Sie Unterstützung benötigen, wenden Sie sich bitte an unseren Installationssupport [EMAIL PROTECTED] oder konsultieren Sie unsere Supportdatenbank unter: http://sdb.suse.de/ Vielen Dank für Ihr Interesse an SuSE Linux! Ihr SuSE Linux Feedback Team -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error make_server_info_info3: pdb_init_sam failed!
Hi, Samba 3.0.1 on Solaris 9. We have a user domain EMEA and a resource domain NLRESOURCES. [global] workgroup = NLRESOURCES security = DOMAIN password server = nlresod01,nlresod02 All users in the EMEA domain can access the shares without any problems. Except for one user. This user cannot access any of the shares. From the log file: [2004/04/06 11:23:33, 0] auth/auth_util.c:make_server_info_info3(1080) make_server_info_info3: pdb_init_sam failed! As far as I can tell all users have the same settings. Any idea what could be the problem? Thanks, Simon. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mac OS 9 And Mac OS 10 Clients
James Coggan wrote: Is there a Mac OS 9 and Mac OS 10 Samba File/Printer Shares Client Or i have to install a server using the macintosh protocol ? OS X connects to SMB servers out of the box. OS 9 does not, however there is third party software (Dave from Thurlby Systems ?) that adds this capability. Be aware however that Netatalk sores Mac files differently to OS X accessing the same server via SMB - though there is a forked project (under a different name that escapes me at the moment) that is engineering a version of Netatalk to support AFP3 and compatibility between the two access methods. Simon -- Simon Hobson, Technology Specialist Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101 Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Give access to hosts outside the user domain
Hi, Samba 3.0.1 on Solaris 9. We have a user domain EMEA and a resource domain NLRESOURCES. [global] workgroup = NLRESOURCES security = DOMAIN password server = nlresod01,nlresod02 We have a few servers that are NOT in the user domain EMEA but need to access the shares. I believe this can be done by the hosts allow parameter? Will this work in conjunction with the user domain and security = domain configuration. I do not have access to a test config so I cannot test the various settings very easily myself. I was hoping that you could give me some pointers. Thanks, Simon. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Samba 3.0.3pre2 Available for Download
strange, coz' i got the problem on 4 diferent servers with differend nic's (intel, realtek and 3com) and differend switches ( 2 networks) i thought it was caused by that 0.0.0.0 broadcast.. (i vagely remeber seeing some in my log files, some time ago) - Collen Blijenberg (Montessori Lyceum Herman Jordan) Tuesday, April 6, 2004, 10:51:20 AM, you wrote: GJC -BEGIN PGP SIGNED MESSAGE- GJC Hash: SHA1 GJC On Tue, 6 Apr 2004, Collen Blijenberg MLHJ wrote: Just wandering, wether this bug is fixed in the 303 pre 2 ?? -- [2004/02/19 14:03:00, 0] lib/util_sock.c:read_socket_data(342) read_socket_data: recv failure for 4. Error = Connection reset by peer [2004/02/19 14:06:18, 0] lib/util_sock.c:get_peer_addr(952) getpeername failed. Error was Transport endpoint is not connected [2004/02/19 14:06:18, 0] lib/util_sock.c:send_smb(605) Error writing 4 bytes to client. -1. (Connection reset by peer) - GJC The client disconnected. This is not a Samba bug. Best to check GJC for bad network hardware, hubs, switches, mismatched duplex settings on GJC NICs, etc... GJC Now if we did something to cause the client to disconnect (e.g. blue GJC screen the client), then we would need to fix that. GJC cheers, jerry GJC - GJC -- GJC Hewlett-Packard- http://www.hp.com GJC SAMBA Team -- http://www.samba.org GJC GnuPG Key GJC http://www.plainjoe.org/gpg_public.asc GJC ...a hundred billion castaways looking for a home. --- Sting GJC -BEGIN PGP SIGNATURE- GJC Version: GnuPG v1.2.1 (GNU/Linux) GJC Comment: For info see http://quantumlab.net/pine_privacy_guard/ GJC iD8DBQFAcm+LIR7qMdg1EfYRAiy1AJ9/kHvF125iphdpTpzhOTR3bGIk5wCfQiyC GJC DfuYD54GBUh+4irRyE/y6fI= GJC =Y2uI GJC -END PGP SIGNATURE- ===8===End of original message text=== -- Best regards, Collenmailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Win2000 does not update file date/time
Applications under Win 98 2nd Ed updated the modification date of all files accessed, in the normal way. Upgraded to Win2000 professional. Same Win applications now do not change the file times. Not even touch has any effect. RedHat Linux 6.2, Samba 2.0.6 Regards, Neil A Fraser North East Consultants TEL: +27 (11) 468 2892 FAX: by prior arrangement CELL: +27 (82) 903 4962 Web site: www.necon.co.za More details on data communications and flying consultants at: www.necon.co.za -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] I've got
Hi all, I've got to install samba as as PDC with Windows XP. I changed some directives and the SealorSign register in XP and done. Thanks, Cleiton -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Two major issues with Mac OS X clients
Hi Andrew, firstly, I also have seen the issue with sharing Excel files but this is not a Samba problem as you will see the same behaviour on an MS Windows server. You need to pose the question to Apple and Microsoft on this one. On the slow connection apart from stating the obvious which is that is looks like it's timing out trying to authenticate via Kerberos all I can say is we have tested this with Samba AD member servers using Kerberos and NTLM authentication and haven't experienced these timeouts. Have you tried installing Mac OS X 10.3.3? this has some fixes to the SMB client, cheers Andy. Hello, I am having to major issues with Mac clients on our samba server. One has to do with how the Mac vs. the PC locks files and the other has to do with a very slow connection to one of our larger shares. 1.) File locking issue: I am having a strange problem occur with shared excel and word files being opened by multiple users. The problem appears to be a result of a Mac opening the file first. So I assume the Mac is locking the file differently. Here is an example: If user A who uses a Mac (OSX Panther) opens up the excel file on the samba server everyone else gets an error message when trying to open it and cannot open the file. If user B running windows XP opens up the excel file other people can open the file at the same time Here is what the locks look like in smbstatus (Notice the different access modes): Mac: 8336 DENY_NONE 0x3 RDWR NONE /mnt/share/Applied_Minds/Files/Ext List by 1st Name.xls Wed Mar 24 16:09:02 2004 PC: 8798 DENY_NONE 0x2019f RDWR NONE /mnt/share/Applied_Minds/Files/Ext List by 1st Name.xls Wed Mar 24 16:08:21 2004 2.) Slow connection issue When a Mac connects to one of our shares on our fileserver the connection can take up to a minute. So far the only reference to the slow connection that I can see is the following error: Mac log file: mount_smbfs: No credentials cache found krb5_cc_get_principal If anyone can help it would be greatly appreciated... Here is the my conf file and version: Samba 3.0.2-6.3E Redhat ES [global] log level = 1 log file = /var/log/samba/%m.log realm = domain.net workgroup = DOMAIN security = ADS encrypt passwords = yes password server = dc0.domain.net dc1.domain.net server string = AMI File Server socket options = TCP_NODELAY SO_KEEPALIVE kernel oplocks = yes oplocks = yes veto oplock files = /*.doc/*.DOC/*.xls/*.XLS/*.ppt/*.PPT/*.pst/*.PST/*.mdb/*.MDB/*.ldb/*.LDB/*.v sd/*.VSD/*.mpp/*.MPP/*.qbw/*.QBW/*.qbb/*.QBB/*.qbI/*.qbl/*.dxf/*.DXF/*.dwg/* .DWG/*.cdr/*.CDR/*.bak/*.BAK/*.ord/*.xlo/*.igs/*.ipt/*.ipj/*.slp/*.stp/*.opt /*.xli/*.stl/*.cur/*.sjb/*.log/*.LOG/*.sbs/*.iam/*.idv/ interfaces = eth0*,lo bind interfaces only = yes # strict locking # strict sync # separate domain and username with +, like DOMAIN+username winbind separator = + # use uids from 11000 to 19000 for domain users idmap uid = 11000-19000 # use gids from 11000 to 19000 for domain groups idmap gid = 11000-19000 # allow enumeration of winbind users and groups winbind enum users = yes winbind enum groups = yes # give winbind users a real shell (only needed if they have telnet access) template shell = /bin/bash [Share] comment = Share path = /mnt/share/share create mask = 0770 directory mask = 0770 public = yes writable = yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] vfs module load
Hello All, Trying to use audit vfs module with samba 3.0.2a, but no luck. I get the following log: [2004/04/06 13:07:45, 3] smbd/vfs.c:vfs_init_default(203) Initialising default vfs hooks [2004/04/06 13:07:45, 3] smbd/vfs.c:vfs_init_custom(229) Initialising custom vfs hooks from [/usr/lib/samba/vfs/audit.so] Probing module '/usr/lib/samba/vfs/audit.so' [2004/04/06 13:07:45, 0] smbd/vfs.c:smb_register_vfs(184) Module '/usr/lib/samba/vfs/audit.so' loaded [2004/04/06 13:07:45, 0] smbd/vfs.c:vfs_init_custom(256) Can't find a vfs module [/usr/lib/samba/vfs/audit.so] [2004/04/06 13:07:45, 0] smbd/vfs.c:smbd_vfs_init(319) smbd_vfs_init: vfs_init_custom failed for /usr/lib/samba/vfs/audit.so vfs_init failed for service test How can I solve this? Thanks, Andras -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-3 openldap gssapi auth to kerberos
Hi! How do I configure smb.conf and/or Pam as a single sign on server if I have a LDAP server with a Kerberos as password backend through gssapi? I only see either Samba/ldap as PDC or Samba/kerberos with ads on the Internet. Not both at the same time? I've already configured samba with LDAP and Kerberos support. Everything seams to works. I also configured Samba with ads and Pam support if needed? Peter Nyberg Institutionen för Biokemi och Biofysik Arrheniusvägen 12 Tel: 08-16 24 69 Mobil: 070 339 24 69 Fax 153679 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] [3.0.X] Interdomain Trust (Windows+Samba), limit Domain Admins to its own domain?
Hi everybody, I would like to limit the level of trust of a interdomain trust between a Windows NT4 and Samba3-domain. AFAIK Domain Administrators from both Domains are able to manage and administrate *all* workstations. How do I limit Domain Administrators to their domain only but let users login on both domains? Thanks, Oliver -- pro|business Berlin AG [EMAIL PROTECTED] Potsdamer Platz 11 http://www.probusiness.de/ 10785 BerlinTel: +49 030 259 378-0 Germany Fax: +49 030 259 378-22 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba (2.2.8a or 3.0.2a) + WinXP not updating roaming profiles on logout
I have working 3.0.2a and 2.2.8a domain controllers. The only thing that I see that is significantly different in your conifguration to our configuration is that we have a [profiles] share. [profiles] comment = Personal Profile Folder path = \\%L\%U\profile read only = No profile acls = Yes browseable = No Hope it helps, Jim I have a linux box running samba configured as my PDC with roaming profiles. Everything was running great until I upgraded to WinXP instead of Win2K. Now, when I log out of my XP session, my profile doesn't get uploaded to the server. The local copy remains in effect until I reboot. When I log out, the following message gets sent to the event logger: [quote] Windows has detected that Offline Caching is enabled on the Roaming Profile share - to avoid potential profile corruption, Offline Caching must be disabled on shares where roaming user profiles are stored. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. [/quote] I searched around and found an email which suggested adding the following to my profiles share to fix this warning message (not sure if it's supposed to fix my problem, but I figured it was worth a shot): csc policy = disabled share modes = no The warning still occurs (yes, I restarted samba and I restarted windows). Here's my smb.conf file with comments stripped [global] workgroup = HOME netbios name = ERADICATOR server string = Samba Server %v printcap name = lpstat load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 guest account = guest security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth1 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\%U\profile logon home = \\%L\%U logon drive = I: add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u domain admin group = root @wheel domain guest group = nobody guest @nobody @nogroup @guest wins support = yes dns proxy = no [homes] comment = Home Directories browseable = no writable = yes profile acls = yes csc policy = disabled share modes = no [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpq -P %p lprm command = cancel %p-%j [download] comment = Downloads path = /usr/local/download public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [music] comment = Music path = /home/jeremy/Music public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [movies] comment = Movies path = /home/jeremy/Movies public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [root] comment = Root Directory path = / read only = No [raid0] comment = RAID 0 path = /mnt/raid0 read only = No --- As another note, I get the following message in log.machine name since going to samba3... [2004/04/05 23:16:16, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [jeremy] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705) aerith (192.168.0.3) connect to service jeremy initially as user jeremy (uid=1000, gid=4) (pid 22991) --- Thanks in advance for any help you have to offer. It is very much appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] not force-user'ing while printing?
Hi all,... ...currently I am trying to get the following setup up and working here: * capisuite (www.capisuite.de) works as an isdn/capi-based fax solution for the LAN. * cups is used as printer spooler, there is some glue package to access capisuite through cups, thus generating a print-to-fax solution. * since the clients in the LAN still are all Windows NT 4, samba is supposed to provide print services to everyone around. Problem: I set up one user to fax through capisuite, and I actually intended to set up a printer in samba, doing something, like [printers] ... force user = printfax force group = printfax ... to assign all print jobs to the fax user. For short: This is not working; testparm doesn't complain but yet the force ... directives are simply ignored, print jobs always started using the user account that was starting the job at the workstation. Samba: storage:/usr/src# dpkg -l|grep samba ii samba 3.0.2a-1 a LanManager-like file and printer ii samba-common 3.0.2a-1 Samba common files used.. ii samba-doc 3.0.2a-1 Samba documentation Can anyone point me where to go / peek / read to get this problem solved? TIA, have a fine afternoon everyone. Kris -- Kristian Rink -- Programmierung/Systembetreuung planConnect GmbH * Strehlener Str. 12 - 14 * 01069 Dresden 0176 24472771 * [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] REALM???
hi, im trying to log on to my win2003 ADS from Samba3-0.2a, buet every time to run i got the same message dmm:/home/dmagana # net ads join -U dmagana dmagana password: [2004/04/06 09:09:48, 0] libads/kerberos.c:ads_kinit_password(134) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot contact any KDC for requested realm dmm:/home/dmagana # my domain is genesis.local, but i don't know what the REAL is. im trying to mount the win2003 share's bur then again i got the SMB signing error can somebody help me, tanks. -- Ing. Daniel Magaña Molina Gnovus Networks Software www.gnovus.com [EMAIL PROTECTED] Merida, Yuc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT/ADS and UNIX user convergence using Samba
I'd like this fileserver set up so that files created from either type of client have the same ownership. Basically I need to somehow map my ADS UID/GID's to my UNIX UID/GID's. It is *not* important that users have login accounts on the fileserver ... so one idea I had was this: - Remove NIS from the nsswitch.conf entries on the fileserver. - Edit my /etc/passwd file on my NIS server so that UID/GID entries for a user are the same as they ones generated by winbind Hi Steve, I think you have two options, use winbind and bin NIS or vice versa. If you choose to use winbind as you identified you have to worry about mappings being different on individual Samba servers, the only way to get around this currently is to use LDAP as your idmap backend. This stores the UID to SID mappings centrally for multiple Samba servers to share. If you choose to use NIS you will have to mess around with smbpasswd and net groupmap to make users and groups visiable as valid accounts for Samba. Also your NTLM passwords will not be sync'd to the domain but Kerberos auth will work seemlessly. AFAIK Hope that helps, cheers Andy. BBCi at http://www.bbc.co.uk/ This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated. If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received. Further communication will signify your consent to this. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] REALM???
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ing. Daniel Magaña Molina wrote: | hi, im trying to log on to my win2003 ADS from Samba3-0.2a, buet | every time to run i got the same message | | dmm:/home/dmagana # net ads join -U dmagana dmagana password: | [2004/04/06 09:09:48, 0] libads/kerberos.c:ads_kinit_password(134) | kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot | contact any KDC for requested realm dmm:/home/dmagana # | | my domain is genesis.local, but i don't know what the REAL is. | | im trying to mount the win2003 share's bur then again i got the SMB | signing error | | can somebody help me, tanks. Hi there you need cifs instead of smb to moutn windows 2003 shares with smb signing. so if you got a 2.6.x kernel you got that also compiled if not you have to install it manualy... Cheers, Mark -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAcsC8oKtmDMYNuGsRAuw5AJ9BzdBGF/ec1MRuwwDAbCOHNe9rCACdEXZ3 iGsgE8G1cJER1nVjXGoZErU= =tECm -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: NT/ADS and UNIX user convergence using Samba
Hi Steve, I think you have two options, use winbind and bin NIS or vice versa. If you choose to use winbind as you identified you have to worry about mappings being different on individual Samba servers, the only way to get around this currently is to use LDAP as your idmap backend. This stores the UID to SID mappings centrally for multiple Samba servers to share. If you choose to use NIS you will have to mess around with smbpasswd and net groupmap to make users and groups visiable as valid accounts for Samba. Also your NTLM passwords will not be sync'd to the domain but Kerberos auth will work seemlessly. AFAIK Thanks. I did a little more poking around and it seems like I'm leaning towards using winbind as my definitive authorization for this server and removing NIS from the fileserver. If I do this, I'll need to get LDAP up and running to control the mapping of SID - UID so my NT SIDs map to my NIS UIDs for UNIX NFS clients that mount the volume(s). I've seen several descriptions of how to get the Samba side up (basically use the idmap backend option in smb.conf), but I'm completely new to LDAP, and I haven't found a simple description of how to set up an minimal LDAP server (probably using OpenLDAP) on my linux box that would just contain the SID-UID mappings. Does anyone have a simple example configuration for OpenLDAP that they would like to share? You can post, or email me directly at: [EMAIL PROTECTED] Thanks in advance, Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] OS 10.3.3 client File saving problems
Hello, I administrate a modest network of 12 Mac (os x 10.3.3) and PC clients (win xp) connecting to a Samba server running Redhat enterprise Linux 3 and Samba 3.0.2 We just recently switched to this configuration from a Win2000 file server running SMB and AFP that did not have any of the issues I list below. My OS X users are running into occasional yet persistent problems saving files to the samba shares. Here's a list: 1) File date modified times are not updated when a file is changed and saved, unless the file is saved using Save As (Photoshop CS) 2) Sometimes after working on a file (having opened it from the server), you cannot save it back to the share. (Quark 6, Indesign CS, Photoshop CS) 3) Sometimes a user cannot open or save a file. The solution in this case is to remove the resource forks (._*) files. Vetoing these files by default causes permission problems with the OS X machines. I'm using ext3's acl support to handle permissions and that seems to work fine. Here's my smb.conf file. As you can see, I've tried a lot of different things after reading this lists archives and googling for a few weeks. dos filetimes = yes #dos filetime resolution = yes dos filemode = yes # Should help with weird mac characters unix charset = UTF8 dos charset = ASCII unicode = yes # prevent resource forks #veto files = /._*/ #delete veto files = yes log level = 4 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [Production] path = /home/shares/Production writeable = yes invalid users = %S oplocks = false level2 oplocks = false dos filetimes = yes Any insight would be welcome, Thanks. -km -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: NT/ADS and UNIX user convergence using Samba
I just set up your situation on a couple of test boxes. You can follow the steps here: http://www.openldap.org/doc/admin22/quickstart.html start at step 8 if you've already gotten the OpenLDAP package installed via your distro's package management routine. Set your domain equal to your windows domain name, for example, my test domain here was dc=active,dc=bis,dc=ae-solutions,dc=com where my windows domain was ACTIVE with a fqdn of active.bis.ae-solutions.com. You then need to add one idmap object under it, I can't be much more specific than that, since I just found that someone hosed my ldap config on the test boxes. news.gmane.org wrote: Hi Steve, I think you have two options, use winbind and bin NIS or vice versa. If you choose to use winbind as you identified you have to worry about mappings being different on individual Samba servers, the only way to get around this currently is to use LDAP as your idmap backend. This stores the UID to SID mappings centrally for multiple Samba servers to share. If you choose to use NIS you will have to mess around with smbpasswd and net groupmap to make users and groups visiable as valid accounts for Samba. Also your NTLM passwords will not be sync'd to the domain but Kerberos auth will work seemlessly. AFAIK Thanks. I did a little more poking around and it seems like I'm leaning towards using winbind as my definitive authorization for this server and removing NIS from the fileserver. If I do this, I'll need to get LDAP up and running to control the mapping of SID - UID so my NT SIDs map to my NIS UIDs for UNIX NFS clients that mount the volume(s). I've seen several descriptions of how to get the Samba side up (basically use the idmap backend option in smb.conf), but I'm completely new to LDAP, and I haven't found a simple description of how to set up an minimal LDAP server (probably using OpenLDAP) on my linux box that would just contain the SID-UID mappings. Does anyone have a simple example configuration for OpenLDAP that they would like to share? You can post, or email me directly at: [EMAIL PROTECTED] Thanks in advance, Steve -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: NT/ADS and UNIX user convergence using Samba
On Tue, Apr 06, 2004 at 11:17:44AM -0400, news.gmane.org wrote: Hi Steve, I think you have two options, use winbind and bin NIS or vice versa. If you choose to use winbind as you identified you have to worry about mappings being different on individual Samba servers, the only way to get around this currently is to use LDAP as your idmap backend. This stores the UID to SID mappings centrally for multiple Samba servers to share. If you choose to use NIS you will have to mess around with smbpasswd and net groupmap to make users and groups visiable as valid accounts for Samba. Also your NTLM passwords will not be sync'd to the domain but Kerberos auth will work seemlessly. AFAIK Thanks. I did a little more poking around and it seems like I'm leaning towards using winbind as my definitive authorization for this server and removing NIS from the fileserver. If I do this, I'll need to get LDAP up and running to control the mapping of SID - UID so my NT SIDs map to my NIS UIDs for UNIX NFS clients that mount the volume(s). I've seen several descriptions of how to get the Samba side up (basically use the idmap backend option in smb.conf), but I'm completely new to LDAP, and I haven't found a simple description of how to set up an minimal LDAP server (probably using OpenLDAP) on my linux box that would just contain the SID-UID mappings. Does anyone have a simple example configuration for OpenLDAP that they would like to share? You can post, or email me directly at: [EMAIL PROTECTED] Thanks in advance, Steve Hi, What you're trying to accomplish is exactly the same thing that I've done on my network. The solution that I'm using is to use AD4Unix. This modifies the AD LDAP-tree, so that you can add UID and GID entries for every user and group through a new tab that appears in user manager. The only problem is that if you've got a bunch of users, you need to manually allocate their UIDs and to every new user you add, you need to enable their UNIX settings. So after installing it, you need to go through each and every user to enable their UNIX settings... However, it's only a few clicks per user... On the samba server you simply use LDAP for passwd and group entries in nsswitch and use the AD server as the LDAP. Then you need to configure winbind with winbind trusted domains only = yes. However, this doesn't work out of the box on Samba 3.0.2a, because there seems to be a bug with returning incorrect SIDs, but I made a quick hack to Samba to make it work. I've been using this configuration since Samba 3.0.0, but the earlier versions required a bit more tinkering as there wasn't such a thing as winbind trusted domains only. The good side with this configuration is that you don't need to have an idmap backend and every bit of configuration is simply done through the user manager. The bad side is that modifying the AD LDAP-tree prevents you from updating the operating system on the AD server. There's some patch from M$ to make updating work, but you can't find it on their website; the only way to get it is to contact their customer support. I don't know why this is made so hard... The other good thing is that you can add UNIX workstations to the network and let them authenticate through kerberos to the AD and share the files on the samba server to them through NFS. This way all user management both for the UNIX and windows workstations is done on the AD server. This makes it easy to integrate UNIX workstations to the windows network and you don't have to install Samba on any of the UNIX workstations. If you need more info you can e-mail me and I'll give you more detailed information of how to make it work. Regards, Edvard -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can User Manager for Domains be used without logging in as root on Samba 3?
I have seen some posts (Hi John!) (for example: http://groups.google.com/groups?selm=1eFNE-38e-27%40gated-at.bofh.it) that suggest that you need to log into a domain as root in order to use the usrmgr (User Manager for Domains) utility with Samba 3. However there seem to be others that suggest (that the Samba Howto Collection just needs a bit of updating and) that one does not need to log in as root simply a Domain Administrator (for example: http://groups.google.com/groups?selm=1pRip-1tU-11%40gated-at.bofh.it) So I am wondering what the actual state of this subject is. Is there anyway (through group mapping or otherwise) to give a (non-root) user which is designated a Domain Administrator the ability to use the usrmgr to manage accounts or does the user always have to log out of Windows and back on as root to accomplish this? Thanx, b. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Resources forks 'dot underscore' files locked indefinitely from MacOSX clients
We have a central samba file share for our designers (who all use OSX boxes, and mostly use Macromedia products) to work off of. I've lately been able to track down a lot of application quirks (mostly problems with errors when saving, about files being locked) to the Mac resource fork files being indefinitely locked. Here's a sample from a `smbstatus` 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._neckpain.jpg Tue Apr 6 10:41:22 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._golfers.jpg Tue Apr 6 10:41:18 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/._index.php Tue Apr 6 11:03:38 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/forms/._shoulderrepair.pdf Tue Apr 6 11:03:38 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._spine.jpg Tue Apr 6 10:41:22 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._hip.jpg Tue Apr 6 10:41:18 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._box.gif Tue Apr 6 10:41:18 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._hand.jpg Tue Apr 6 10:41:18 2004 14853 DENY_NONE 0x1 RDONLY NONE /files/HCMG/mainline/proto1/images/._bgimage.gif Tue Apr 6 10:41:18 2004 (the entries here aren't populated with really ancient data due to a recent server restart) These files stay locked long after any application dealing with them has been quit, excluding the finder. I've noticed on casual smbstatus's seeing locked files that have not been accessed in over a week. Although the problem seems to mostly occur with Macromedia's Studio products, it is not limited to that application suite. The permanent locks are also created with MS Word, Acrobat, BBEdit, and many other applications; they still manage to save properly, with occasionally displaying a warning message about a file being locked. It just seems that Macromedia products aren't horribly fault tolerant and just prefer to error and delete the working file (which I chock up to bad programming). Added note: Macromedia has been contacted about this problem as well, but their developers were not able to reproduce the problem. The main question: Does anyone know why MacOSX creates these permanent locks on the resource forks, and is it preventable? (short of disabling locking in samba or setting up a 'veto files', both of which just skirt around the actual problem) The computers involved in this senario are: Server, running Debian-woody, with samba 2.2.8a compiled from source Clients, running MacOSX 10.3.3 and below (to 10.2, but we noticed problems even earlier) Thanks -- Gabe Martin-Dempesy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-3 openldap gssapi auth to kerberos
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter Nyberg írta: | Hi! | How do I configure smb.conf and/or Pam as a single sign on server if I have a | LDAP server with a Kerberos as password backend through gssapi? | I only see either Samba/ldap as PDC or Samba/kerberos with ads on the Internet. | Not both at the same time? | I've already configured samba with LDAP and Kerberos support. Everything seams | to works. I also configured Samba with ads and Pam support if needed? | Unfortunatelly not yet. Windows clients need an MSPAC in their Kerberos tickets, and as usual with M$ inventions they keep thats a trade secret, so currently only AD Kerberos servers can do that. However you can have a Heimdal Kerberos server (current snapshots) with LDAP backend authenticate your UNIX users against NT password hashes. For more info you can search the Heimdal or the Samba-technical mailing lists. Cheers Geza -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAcu7+/PxuIn+i1pIRAj/TAJ0eTZD8l5OsCdntJpscY5TyvhxyRwCcDZXf LC0WRfcDiDObOICIm2p71aM= =YWGc -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba (2.2.8a or 3.0.2a) + WinXP not updating roaming profiles on logout
Hi, Please post to the list how you solved this. Thanks Jeremy Huddleston wrote: I have a linux box running samba configured as my PDC with roaming profiles. Everything was running great until I upgraded to WinXP instead of Win2K. Now, when I log out of my XP session, my profile doesn't get uploaded to the server. The local copy remains in effect until I reboot. When I log out, the following message gets sent to the event logger: [quote] Windows has detected that Offline Caching is enabled on the Roaming Profile share - to avoid potential profile corruption, Offline Caching must be disabled on shares where roaming user profiles are stored. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. [/quote] I searched around and found an email which suggested adding the following to my profiles share to fix this warning message (not sure if it's supposed to fix my problem, but I figured it was worth a shot): csc policy = disabled share modes = no The warning still occurs (yes, I restarted samba and I restarted windows). Here's my smb.conf file with comments stripped [global] workgroup = HOME netbios name = ERADICATOR server string = Samba Server %v printcap name = lpstat load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 guest account = guest security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth1 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\%U\profile logon home = \\%L\%U logon drive = I: add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u domain admin group = root @wheel domain guest group = nobody guest @nobody @nogroup @guest wins support = yes dns proxy = no [homes] comment = Home Directories browseable = no writable = yes profile acls = yes csc policy = disabled share modes = no [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpq -P %p lprm command = cancel %p-%j [download] comment = Downloads path = /usr/local/download public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [music] comment = Music path = /home/jeremy/Music public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [movies] comment = Movies path = /home/jeremy/Movies public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [root] comment = Root Directory path = / read only = No [raid0] comment = RAID 0 path = /mnt/raid0 read only = No --- As another note, I get the following message in log.machine name since going to samba3... [2004/04/05 23:16:16, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [jeremy] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705) aerith (192.168.0.3) connect to service jeremy initially as user jeremy (uid=1000, gid=4) (pid 22991) --- Thanks in advance for any help you have to offer. It is very much appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba (2.2.8a or 3.0.2a) + WinXP not updating roaming profiles on logout
Also, for samba 3, the add user script needs to be modified to add machine script to add new client PC's to the domain. See the HOWTO 30.4.2. Mark I have working 3.0.2a and 2.2.8a domain controllers. The only thing that I see that is significantly different in your conifguration to our configuration is that we have a [profiles] share. [profiles] comment = Personal Profile Folder path = \\%L\%U\profile read only = No profile acls = Yes browseable = No Hope it helps, Jim I have a linux box running samba configured as my PDC with roaming profiles. Everything was running great until I upgraded to WinXP instead of Win2K. Now, when I log out of my XP session, my profile doesn't get uploaded to the server. The local copy remains in effect until I reboot. When I log out, the following message gets sent to the event logger: [quote] Windows has detected that Offline Caching is enabled on the Roaming Profile share - to avoid potential profile corruption, Offline Caching must be disabled on shares where roaming user profiles are stored. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. [/quote] I searched around and found an email which suggested adding the following to my profiles share to fix this warning message (not sure if it's supposed to fix my problem, but I figured it was worth a shot): csc policy = disabled share modes = no The warning still occurs (yes, I restarted samba and I restarted windows). Here's my smb.conf file with comments stripped [global] workgroup = HOME netbios name = ERADICATOR server string = Samba Server %v printcap name = lpstat load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 guest account = guest security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth1 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\%U\profile logon home = \\%L\%U logon drive = I: add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u domain admin group = root @wheel domain guest group = nobody guest @nobody @nogroup @guest wins support = yes dns proxy = no [homes] comment = Home Directories browseable = no writable = yes profile acls = yes csc policy = disabled share modes = no [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpq -P %p lprm command = cancel %p-%j [download] comment = Downloads path = /usr/local/download public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [music] comment = Music path = /home/jeremy/Music public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [movies] comment = Movies path = /home/jeremy/Movies public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [root] comment = Root Directory path = / read only = No [raid0] comment = RAID 0 path = /mnt/raid0 read only = No --- As another note, I get the following message in log.machine name since going to samba3... [2004/04/05 23:16:16, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [jeremy] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705) aerith (192.168.0.3) connect to service jeremy initially as user jeremy (uid=1000, gid=4) (pid 22991) --- Thanks in advance for any help you have to offer. It is very much appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] building samba2.2.8a on HPUX10.20
Guys, Help... I'm receiving this message from './configure' on an HP running 10.20... checking configure summary... ERROR: No locking available. Running Samba would be unsafe configure: error: summary failure. Aborting config I ran ./configure --help, to check which options or switches are available, but didn't see any to address this locking failure in order to get a binary built. Thanks, Derek Moran -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbstatus error
Gurus, I have downloaded and compiled 3.0.2a. I can map from 2000 to my share fine. If I try a smbstatus I get errors, see below. Can someone please point me in the right direction? smbstatus -s /usr/local/etc/meltwk-tst02.conf -d 10 edited to keep it short but this error about not having this charset repeats about 10 times. Locale charset 'ISO8859-15' unsupported, using ASCII instead Probing module 'ISO8859-15' Probing module 'ISO8859-15': Trying to load from /usr/local/samba-3.0.2a/lib/charset/ISO8859-15.so Error loading module '/usr/local/samba-3.0.2a/lib/charset/ISO8859-15.so': ld.so.1: smbstatus: fatal: /usr/local/samba-3.0.2a/lib/charset/ISO8859-15.so: open failed: No such file or directory Locale charset 'ISO8859-15' unsupported, using ASCII instead tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba/var/locks/MELTWK-TST02/sessionid.tdb: No such file or directory sessionid.tdb not initialised tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba/var/locks/MELTWK-TST02/connections.tdb: No such file or directory /usr/local/samba/var/locks/MELTWK-TST02/connections.tdb not initialised This is normal if an SMB client has never connected to your server. tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba/var/locks/MELTWK-TST02/brlock.tdb: No such file or directory Failed to open byte range locking database tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba/var/locks/MELTWK-TST02/locking.tdb: No such file or directory ERROR: Failed to initialise locking database Can't initialise locking module - exiting Bill Casey Senior Support Engineer Raytheon Systems 50 Apple Hill Dr. Tewksbury,Ma 01876 [EMAIL PROTECTED] Phone # 978-858-1923 Fax # 978-858-1481 Mail Stop T1LB22 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] A message you sent contained a Virus
A message that you sent has been blocked because it contained a virus. It was addressed to [EMAIL PROTECTED] Its subject was information The virus was identified as Scenarios/F-Secure Antivirus: Error 0xc2060a08, W32/[EMAIL PROTECTED], F-Secure Orion, W32/[EMAIL PROTECTED] Scenarios/Incoming/Allowed Incoming File Types: 'Selected'. Please clean the virus from the file and send the message again. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help? Mac OSX vs 2003 win server clash
If anyone can help me with this I'd greatly appreciate it. I'm running on mac os x.2 -- I need to access a share on win server 2003. The server has the smb signing security option on, and I can't turn it off... From what I understand, samba 3 will fix my problem. However, i can't get a successful make on the samba 3 source code, and can't find a darwin port... Can anyone help me? Drew -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA server problem
Hi, I am experiencing an odd problem testing a SAMBA server on Linux/390. I have tested the same configuration on an Intel box without having this problem. The problem is particularly with windows 9x clients accessing the server. When a windows 9x client connects to a share and does a right-click on a file to show file properties, there is a long delay (depending on the file size) before the file properties are shown. The larger the file (like 100 megs.), the longer the delay. After looking at the problem more closely, it appears that when the windows 9x client checks file properties, there is a large amount of data transmitted to the client (similar to the size of the file in bytes). It seems like the file is being transmitted to the client before the peoperties page is displayed. Windows 2K clients do not show this slow behaviour but still, more data is beging sent to the client than expected. This data transfer increases based on the file size also. Overall performance of the server is so-so but not bad. I have tried SAMBA versions 2.2.3 and 3.0.2 with the same results. I am running Debian version 3 kernel 2.4.17. I get the same results with Redhat and SAMBA version 2.8. Thanks in advance. Aria -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-3 by Example now available
Hi All, Thanks to everyone who has written wanting more information on when Samba-3 by Example by John Terpstra will be available. The good news is that it is available right now through your local bookstore or online sites like Amazon.com. There are already a couple of very positive comments posted to Amazon. These indicate that if you want to get Samba-3 up and running, you'll find the book very useful. We certainly hope this is the case. Please send any comments about the book to me and John. We're always interestd in feedback. Thanks again for your interest. Jill Harry Executive Editor AW/PHPTR 5585 Bear Creek Drive Catheys Valley, CA 95306 209-374-3402 209-374-3406 fax [EMAIL PROTECTED] www.phptr.com This email may contain confidential material. If you were not an intended recipient, please notify the sender and delete all copies. We may monitor email to and from our network. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba pam kerberos
thats not a good option as the password for the kerberos user must be passed in CLEARTEXT for the pam_krb5 module to work for samba auth. I don't think you can even tell XP to do that. On Tue, 2004-04-06 at 01:23, aarumuga arumugam wrote: Hi Everybody, We are working on samba 3.0.2a with sun kerberos SEAM and Netscape iDirectory Server support. We are able to integrate samba with ldap support. we tried integrater kerberos for authentication. We found a solution using pam via pam_krb5 module provided by the sun solaris 8. One important fact we found out using samba pam authentication, it directly calls for an account management function instead of an authentication function. Please refer pam_smb_accountcheck function () in pampass.c in source/auth . We have included options like obey pam instructions and pam password change to be positive in smb.conf and we have included information about samba service in the pam configuration file. we have included information about pam in the krb5.conf of kerberos. I have also set the encrypt password to be positive in smb.conf file. I am able to get a solaris machine getting authenticated by the kerberos server.The problem is when i try to join a Win xp computer to the samba server . I get access denied error. when i check the samba logs, i could find the samba sam authentication succeded but when the pam authentication takes place , It says authentication failed , User rejected etc., I could not find any information about samba server contacting in the kerberose server logs. SAMBA server is not contacting the KERBEROS server for authentication. Please any suggestions is appreciated. I could send the configuration of samba and pam and kerberos if the information is not sufficient. eccsamba __ Do you Yahoo!? Yahoo! Small Business $15K Web Design Giveaway http://promotions.yahoo.com/design_giveaway/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Version 3.0.2a and Windows XP
Hello Samba Support Team, ...I've just updated my samba from 2.2.7a to 3.0.2a and now have one big problem: in one directory in a samba share I store over 6000 files, all in this single directory without subdirectories... my Explorer (WinXP SP1) only shows 3134 of 6062 files!!! when this share is mapped on a SuSE 9.0 Workstation all 6062 files are available but the first time this directory is listet there are a big number of files with 0kb in size... when the directory is opened after all files are good!!! I played around with various parameters in smb.conf under protocol and tuning section... no change I also observerd that always the same file are missing in Explorer and also there are always 3134 files listed and no more. I apreciate your help thnx a lot, Patrick -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help for the Kerberos challenged in the audience
I am running Samba v3.0.2a on a fully patched Red Hat Linux 9 machine. Nmbd, smbd and winbindd are all running. I am trying to authenticate to a Windows 2003 native AD domain. I received the following error: net ads join -U root%password [2004/04/06 15:11:10, 0] libads/kerberos.c:ads_kinit_password(133) kerberos_kinit_password [EMAIL PROTECTED] failed: Decrypt integrity check failed If someone could point me to the solution to this problem, it would be appreciated. Thanks in advance. Edward W. Ray -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Administrators Not Recognized in Samba3
Uh...yes? root doesn't have a samba account. 'travis' is in the domain admins group though, which is all you need to join a domain afaik. Take a look at the ldap chunks and 'net groupmap list' output. Its either something really stupid or i've uncovered a bug...according to all the documentation I've seen and examples i've followed, I haven't missed anything. --Travis On Mon, 2004-04-05 at 02:02, Ron Dhillon wrote: Travis, Are you trying to join the domain with this account that is part of the Domain Administrators group? By design, Samba only allows the root account to join computers to the domain. If you are using the usermap function in your smb.conf file, the you can use any name that is aliased to the root account. Ron Travis Groth wrote: Hi, I've been struggling with this for a while now, and i can't figure out whats missing. I have a valid user, who is also a member of the Domain Admins group. I can login with smbclient just fine, but administrative rights aren't recognized when i try to join the domain.Group is mapped to the proper SID and a matching POSIX group (just in case). Backend is ldapsam. Here are the relevent chunks from ldap: dn: sambaDomainName=**,dc=*,dc=*** sambaDomainName: ** sambaSID: S-1-5-21-2608521594-2523984132-290594028 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain dn: cn=Domain Admins,ou=groups,dc=**,dc=*** objectClass: posixGroup objectClass: sambaGroupMapping cn: Domain Admins gidNumber: 1003 sambaSID: S-1-5-21-2608521594-2523984132-290594028-512 sambaGroupType: 2 memberUid: travis dn: uid=travis,ou=users,dc=**,dc=*** objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSAMAccount cn: travis sn: travis uid: travis uidNumber: 1002 gidNumber: 1003 homeDirectory: /home/travis loginShell: /bin/bash gecos: System User description: System User sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 displayName: System User sambaAcctFlags: [UX] sambaSID: S-1-5-21-2608521594-2523984132-290594028-3004 sambaPrimaryGroupSID: S-1-5-21-2608521594-2523984132-290594028-512 sambaHomeDrive: H: sambaLogonScript: travis.cmd sambaLMPassword: sambaPwdLastSet: 1081021518 sambaNTPassword: output of 'net groupmap list': Domain Users (S-1-5-21-2608521594-2523984132-290594028-513) - Domain Users Domain Admins (S-1-5-21-2608521594-2523984132-290594028-512) - Domain Admins Domain Guests (S-1-5-21-2608521594-2523984132-290594028-514) - Domain Guests output of 'net join -d 2 -U travis ***': [2004/04/03 15:26:50, 0] param/loadparm.c:map_parameter(2418) Unknown parameter encountered: domain admin group [2004/04/03 15:26:50, 0] param/loadparm.c:lp_do_parameter(3056) Ignoring unknown parameter domain admin group [2004/04/03 15:26:50, 2] lib/interface.c:add_interface(79) added interface ip=192.168.0.4 bcast=192.168.0.255 nmask=255.255.255.0 travis password: [2004/04/03 15:26:52, 2] libsmb/namequery.c:name_query(484) Got a positive name query response from 127.0.0.1 ( 192.168.0.4 ) [2004/04/03 15:26:52, 1] utils/net_ads.c:ads_startup(181) ads_connect: Connection refused [2004/04/03 15:26:52, 2] libsmb/namequery.c:name_query(484) Got a positive name query response from 127.0.0.1 ( 192.168.0.4 ) [2004/04/03 15:26:52, 1] utils/net_rpc.c:run_rpc_command(138) rpc command function failed! (NT_STATUS_ACCESS_DENIED) Create of workstation account failed User specified does not have administrator privileges Unable to join domain . [2004/04/03 15:26:53, 2] utils/net.c:main(767) return code = 1 smb.conf: passdb backend = ldapsam:ldap://** ldap suffix = dc=***,dc=*** ldap machine suffix = ou=computers ldap user suffix = ou=users ldap admin dn = cn=admin,dc=netfoo,dc=org ldap ssl = no ldap delete dn = no workgroup = ** netbios name = *** comment = ldap samba test server security = user null passwords = yes encrypt passwords = yes domain master = yes domain logons = yes preferred master = yes os level = 255 wins support = yes public = No browseable = yes writable = yes If anyone
[Samba] Tipo de arquivo proibido !!
Por favor, não responda a esta mensagem, uma vez que a mesma é enviada por uma caixa postal não monitorada. Um arquivo contido em mensagem enviada pelo(a) Sr(a) foi excluído por ser de tipo proibido para tráfego de mensagens eletrônicas no STJ. From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] File(s): details.doc .scr Matching filename: *.scr -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba (2.2.8a or 3.0.2a) + WinXP not updating roaming profiles on logout
The profile share is necessary for Win2k/WinXP clients, otherwise they won't know where to save the profiles to. Jim Shanks [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I have working 3.0.2a and 2.2.8a domain controllers. The only thing that I see that is significantly different in your conifguration to our configuration is that we have a [profiles] share. [profiles] comment = Personal Profile Folder path = \\%L\%U\profile read only = No profile acls = Yes browseable = No Hope it helps, Jim I have a linux box running samba configured as my PDC with roaming profiles. Everything was running great until I upgraded to WinXP instead of Win2K. Now, when I log out of my XP session, my profile doesn't get uploaded to the server. The local copy remains in effect until I reboot. When I log out, the following message gets sent to the event logger: [quote] Windows has detected that Offline Caching is enabled on the Roaming Profile share - to avoid potential profile corruption, Offline Caching must be disabled on shares where roaming user profiles are stored. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. [/quote] I searched around and found an email which suggested adding the following to my profiles share to fix this warning message (not sure if it's supposed to fix my problem, but I figured it was worth a shot): csc policy = disabled share modes = no The warning still occurs (yes, I restarted samba and I restarted windows). Here's my smb.conf file with comments stripped [global] workgroup = HOME netbios name = ERADICATOR server string = Samba Server %v printcap name = lpstat load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 guest account = guest security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth1 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\%U\profile logon home = \\%L\%U logon drive = I: add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u domain admin group = root @wheel domain guest group = nobody guest @nobody @nogroup @guest wins support = yes dns proxy = no [homes] comment = Home Directories browseable = no writable = yes profile acls = yes csc policy = disabled share modes = no [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients). lpq command = lpq -P %p lprm command = cancel %p-%j [download] comment = Downloads path = /usr/local/download public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [music] comment = Music path = /home/jeremy/Music public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [movies] comment = Movies path = /home/jeremy/Movies public = yes writable = no write list = @adm create mode = 0664 directory mode = 2775 force create mode = 0660 force directory mode = 2770 [root] comment = Root Directory path = / read only = No [raid0] comment = RAID 0 path = /mnt/raid0 read only = No --- As another note, I get the following message in log.machine name since going to samba3... [2004/04/05 23:16:16, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [jeremy] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705) aerith (192.168.0.3) connect to service jeremy initially as user jeremy (uid=1000, gid=4) (pid 22991) --- Thanks in advance for any help you have to offer. It is very much appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net join domain but nothing happens
I am trying to join a Windows 2000 domain using net join but nothing happens. The cursor moves to the next line and flashes like something is happening, I have been looking with tcpdump but there is no traffic coming accross that interface when I do the following: net join -S PDC -U Administrator The OS is Debian samba 3.0.2a-1 winbind 3.0.2a-1 Jim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-3 by Example now available
On Tue, 2004-04-06 at 16:31, Harry, Jill wrote: Hi All, Thanks to everyone who has written wanting more information on when Samba-3 by Example by John Terpstra will be available. The good news is that it is available right now through your local bookstore or online sites like Amazon.com. There are already a couple of very positive comments posted to Amazon. These indicate that if you want to get Samba-3 up and running, you'll find the book very useful. We certainly hope this is the case. Please send any comments about the book to me and John. We're always interestd in feedback. Thanks again for your interest. Jill Harry Executive Editor AW/PHPTR 5585 Bear Creek Drive Catheys Valley, CA 95306 209-374-3402 209-374-3406 fax [EMAIL PROTECTED] www.phptr.com My copy shipped today! WhooHoo!! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: members server cant find bdc for logon service
Matthias Eichler wrote: members server cant find bdc for logon service Hello, I have exactly the same problem you have. I wonder i you found a solution. I came to the conclusion it is a bug in Samba. I have a setup very similar to yours (Samba PDC and BDC). If I have a Windows member server I can mount its shares with the PDC down, but if the member server is Samba then I can't mount its shares bacause it refuses to authenticate against the BDC. The worst part is that tried changing the PDC into a BDC setting domain master = no and it does work (with the former BDC down). I tried with the following versions: 3.0.1, 3.0.2a, 3.0.3pre2 and none of them worked. I even tried with 2.2.8a and it also didn't work. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Undeliverable: Re: List
Your message To: [EMAIL PROTECTED] Subject: Re: List Sent:Wed, 7 Apr 2004 06:47:42 +0200 did not reach the following recipient(s): [EMAIL PROTECTED] on Wed, 7 Apr 2004 06:41:49 +0200 The recipient name is not recognized The MTS-ID of the original message is: c=nl;a=400net;p=ptt telecom;l=TMAIL050S0404070441H4PNL26H MSEXCH:IMS:PTT Telecom:Telecom:TMAIL050S 0 (000C05A6) Unknown Recipient [Filename: , Content-Type: multipart/mixed] The attachment file in the message has been removed by eManager. --_=_NextPart_002_01C41C5B.B9EFB4B4 Content-Type: text/plain; charset=windows-1252 For more information see the attached document. Thank you +++ X-Attachment-Type: document +++ X-Attachment-Status: no virus found +++ Powered by the new MCAfee OnlineAntiVirus +++ Homepage: www.mcafee.com --_=_NextPart_002_01C41C5B.B9EFB4B4 Content-Type: text/plain Content-Transfer-Encoding: 7bit [Filename: InterScan_SafeStamp.txt, Content-Type: text/plain] The attachment file in the message has been removed by eManager. --_=_NextPart_002_01C41C5B.B9EFB4B4-- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbclient - NT_STATUS_LOGON_FAILURE
Hi all, I have a problem with using smbclient, my current setup as follows: - Linux login/password: excalibur xxx Windows login/password: MYDOMAIN\darrenk yyy - Linux smb service - did not change anything in smb.conf except to make it use plain passwords: ; encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd - Windows 2000 - apply plain password registry fix I can successfully access Linux folders from Windows 2000: - Start - Run - \\222.76.129.238 - Type in Linux login name/password at Windows prompt: excalibur/xxx - Successfully get access to Linux folder If I wanted to do the reverse, ie. access Windows share (c:\test) via Linux, I thought this would do it: smbclient //excalibur2/test -U \\MYDOMAIN\darrenk I entered yyy when prompted for password, but this is what I get: [EMAIL PROTECTED] root]# smbclient //excalibur2/test -U \\MYDOMAIN\darrenk added interface ip=222.76.129.238 bcast=222.76.129.255 nmask=255.255.255.0 Got a positive name query response from 222.76.129.234 ( 222.76.129.234 ) Password: session setup failed: NT_STATUS_LOGON_FAILURE Is the syntax correct or is there more to the big picture? What else am I doing wrong? Thanks very much, Excalibur _ Free email, web pages, news, entertainment, weather and MORE! Check out --- http://wowmail.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbusers and smbpasswd
Hi all, I have a problem with using smbclient, my current setup as follows: - Linux 9 login/password: excalibur xxx Windows 2000 login/password: MYDOMAIN\darrenk yyy - Linux smb service - did not change anything in smb.conf except to make it use plain passwords: ; encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd - Windows 2000 - apply plain password registry fix I can successfully access Linux folders from Windows 2000: - Start - Run - \\222.76.129.238 - Type in Linux login name/password at Windows prompt: excalibur/xxx - Successfully get access to Linux folder If I wanted other Windows users to share the Linux login of excalibur, I thought this would do it: smbaddusers excalibur:newuser I was then prompted for a new password which I entered zzz. The command was successful and there is now an entry in smbusers and also smbpasswd: excalibur = newuser However when trying to access Linux from Windows, I still cannot get in ... tried the following combinations: 1. newuser + zzz - no 2. newuser + excalibur's password - no 3. excalibur + zzz- no 4. excalibur + excalibur's password - YES I was expecting that this newuser will be treated as a normal Windows user, authenticated with the password zzz and then mapped to excalibur on Linux, is this assumption correct? What else am I doing wrong? Thanks very much, Excalibur _ Free email, web pages, news, entertainment, weather and MORE! Check out --- http://wowmail.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
svn commit: samba r63 - branches/SAMBA_3_0/source
Author: vlendec Date: 2004-04-06 06:22:59 + (Tue, 06 Apr 2004) New Revision: 63 Modified: branches/SAMBA_3_0/source/Makefile.in Log: Remove -lcrypto from wbinfo. Sorry. Volker
svn commit: samba r64 - trunk/source
Author: vlendec Date: 2004-04-06 06:23:55 + (Tue, 06 Apr 2004) New Revision: 64 Modified: trunk/source/Makefile.in Log: Remove -lcrypto from wbinfo. Sorry. Volker
svn commit: samba r65 - branches/SAMBA_4_0/source/ntvfs/simple
Author: tridge Date: 2004-04-06 08:02:55 + (Tue, 06 Apr 2004) New Revision: 65 Modified: branches/SAMBA_4_0/source/ntvfs/simple/svfs.h branches/SAMBA_4_0/source/ntvfs/simple/svfs_util.c branches/SAMBA_4_0/source/ntvfs/simple/vfs_simple.c Log: added support for file streams in the simple NTVFS backend
svn commit: samba r66 - branches/SAMBA_4_0/source/client
Author: tridge Date: 2004-04-06 08:05:04 + (Tue, 06 Apr 2004) New Revision: 66 Modified: branches/SAMBA_4_0/source/client/client.c Log: fixed a segv when printing an error from a session setup failure. This was caused by the cli to cli-tree conversion a while ago
svn commit: samba r67 - branches/SAMBA_4_0/source/rpc_server
Author: tridge Date: 2004-04-06 08:07:07 + (Tue, 06 Apr 2004) New Revision: 67 Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h branches/SAMBA_4_0/source/rpc_server/handles.c Log: added a destroy hook in the policy handle - wire handle code to allow backends to cleanup handle data
svn commit: samba r68 - branches/SAMBA_4_0/source/bin
Author: tridge Date: 2004-04-06 08:11:07 + (Tue, 06 Apr 2004) New Revision: 68 Modified: branches/SAMBA_4_0/source/bin/ Log: added some ignores
svn commit: samba r69 - in branches/SAMBA_3_0/source: auth include libsmb nsswitch rpc_parse rpc_server smbd utils
Author: abartlet Date: 2004-04-06 08:11:16 + (Tue, 06 Apr 2004) New Revision: 69 Modified: branches/SAMBA_3_0/source/auth/auth_ntlmssp.c branches/SAMBA_3_0/source/auth/auth_sam.c branches/SAMBA_3_0/source/auth/auth_util.c branches/SAMBA_3_0/source/include/auth.h branches/SAMBA_3_0/source/libsmb/ntlmssp.c branches/SAMBA_3_0/source/libsmb/smbencrypt.c branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c branches/SAMBA_3_0/source/rpc_parse/parse_net.c branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c branches/SAMBA_3_0/source/smbd/sesssetup.c branches/SAMBA_3_0/source/utils/ntlm_auth.c Log: Global rename of 'nt_session_key' - 'user_session_key'. The session key could be anything, and may not be based on anything 'NT'. This is also what microsoft calls it.
svn commit: samba r70 - in trunk/source: include lib param passdb utils
Author: idra Date: 2004-04-06 08:12:14 + (Tue, 06 Apr 2004) New Revision: 70 Modified: trunk/source/include/passdb.h trunk/source/include/smbldap.h trunk/source/lib/privileges.c trunk/source/lib/smbldap.c trunk/source/param/loadparm.c trunk/source/passdb/pdb_interface.c trunk/source/passdb/pdb_ldap.c trunk/source/passdb/pdb_tdb.c trunk/source/utils/net_privileges.c Log: Upon AndrewB and Volker request now Privileges are indexed by SID in passdb. Everything should work like before, all the operations have been tested: - adding a Privilege to a SID - removing a Privilege from a SID - listing Privileges - running smbd and testing Privileges are honoured (right now the only way to test it is by gioving the SeMachineAccountPrivilege to a user and then add a workstation to the domain useing that users credentials). If I messed up something just drop me an email. Have Fun. Simo.
svn commit: samba r71 - hooks
Author: metze Date: 2004-04-06 08:59:54 + (Tue, 06 Apr 2004) New Revision: 71 Added: hooks/README Log: add a README file to hooks/ metze
svn commit: samba r72 - in trunk/source: auth include lib libsmb nsswitch rpc_server smbd utils
Author: abartlet Date: 2004-04-06 09:16:57 + (Tue, 06 Apr 2004) New Revision: 72 Modified: trunk/source/auth/auth_ntlmssp.c trunk/source/auth/auth_sam.c trunk/source/auth/auth_util.c trunk/source/include/auth.h trunk/source/lib/pam_errors.c trunk/source/lib/talloc.c trunk/source/libsmb/cliconnect.c trunk/source/libsmb/ntlm_check.c trunk/source/libsmb/ntlmssp.c trunk/source/libsmb/smb_signing.c trunk/source/libsmb/smbencrypt.c trunk/source/nsswitch/winbindd_nss.h trunk/source/nsswitch/winbindd_pam.c trunk/source/rpc_server/srv_netlog_nt.c trunk/source/smbd/sesssetup.c trunk/source/utils/ntlm_auth.c Log: Merge PAM error map updates, the NTLMv2, SMB signing and session key rename work from Samba 3.0 Andrew Bartlett
svn commit: samba r73 - in branches/SAMBA_3_0: . source
Author: jerry Date: 2004-04-06 09:27:43 + (Tue, 06 Apr 2004) New Revision: 73 Modified: branches/SAMBA_3_0/WHATSNEW.txt branches/SAMBA_3_0/source/VERSION Log: bumping version to 3.0.3pre3
svn commit: samba r74 - trunk/examples/LDAP
Author: idra Date: 2004-04-06 09:52:25 + (Tue, 06 Apr 2004) New Revision: 74 Modified: trunk/examples/LDAP/samba.schema Log: Heads up. With the new privilege layout I had to change our schema wrt privileges stuff. So - if you were testing privileges with ldapsam you should remove all the privileges from your database before you load this schema (usa ldapdelete on the privileges dn). - if you were testing privileges with tdbsam, please remove the privileges from the tdb, probably doing an import export with pdbedit is the easiest thing as pdbedit still does not move privileges over. Simo.
svn commit: samba r75 - branches/SAMBA_3_0/source/pam_smbpass
Author: jerry Date: 2004-04-06 11:27:59 + (Tue, 06 Apr 2004) New Revision: 75 Modified: branches/SAMBA_3_0/source/pam_smbpass/pam_smb_auth.c Log: patch from Cal Heldenbrand [EMAIL PROTECTED] for 'pam_smbpass migrate'
svn commit: samba r76 - in branches/SAMBA_3_0/source: client include libsmb
Author: ab Date: 2004-04-06 11:45:02 + (Tue, 06 Apr 2004) New Revision: 76 Modified: branches/SAMBA_3_0/source/client/smbmount.c branches/SAMBA_3_0/source/include/smb.h branches/SAMBA_3_0/source/libsmb/clientgen.c Log: Fix smbfs problem with Tree Disconnect issued before smbfs starts its work. We use cli_state.smb_rw_error to pass this specific case into cli_close_connection() from smbmount as smb_rw_error can have only selected number of states and it is ignored in cli_close_connection(). Compiled and tested by Lars Mueller from SuSE on x86, x86_64, ppc, ppc64, s390 and s390x.
svn commit: samba r77 - branches/SAMBA_3_0/source/client
Author: sfrench Date: 2004-04-06 12:57:41 + (Tue, 06 Apr 2004) New Revision: 77 Modified: branches/SAMBA_3_0/source/client/mount.cifs.c Log: Fix path canonicalization of the mount target path and help text display in the cifs mount helper
svn commit: samba r78 - trunk/source/client
Author: sfrench Date: 2004-04-06 13:04:05 + (Tue, 06 Apr 2004) New Revision: 78 Modified: trunk/source/client/mount.cifs.c Log: sync mount.cifs fixes from SAMBA_3_0
svn commit: samba r79 - trunk/source/pam_smbpass
Author: jerry Date: 2004-04-06 13:06:11 + (Tue, 06 Apr 2004) New Revision: 79 Modified: trunk/source/pam_smbpass/pam_smb_auth.c Log: patch from Cal Heldenbrand [EMAIL PROTECTED] for 'pam_smbpass migrate'
svn commit: samba r80 - in trunk/source: smbd torture
Author: jra Date: 2004-04-06 14:24:05 + (Tue, 06 Apr 2004) New Revision: 80 Modified: trunk/source/smbd/trans2.c trunk/source/torture/torture.c Log: Make EA's case independent - fix smbtorture to test for this. Jeremy.
svn commit: samba r81 - in branches/SAMBA_3_0/source: smbd torture
Author: jra Date: 2004-04-06 14:24:13 + (Tue, 06 Apr 2004) New Revision: 81 Modified: branches/SAMBA_3_0/source/smbd/trans2.c branches/SAMBA_3_0/source/torture/torture.c Log: Make EA's case independent - fix smbtorture to test for this. Jeremy.
svn commit: samba r82 - trunk/source/passdb
Author: mimir Date: 2004-04-06 15:57:56 + (Tue, 06 Apr 2004) New Revision: 82 Modified: trunk/source/passdb/pdb_interface.c trunk/source/passdb/pdb_tdb.c Log: 1) Completed basic interface for trust passwords manipulation via passdb - tdbsam_update_trust_passwd and tdbsam_delete_trust_password functions 2) Fix to method pointers accessing
svn commit: samba r83 - trunk/source/utils
Author: mimir Date: 2004-04-06 16:00:11 + (Tue, 06 Apr 2004) New Revision: 83 Modified: trunk/source/utils/pdbedit.c Log: 1) Implementation of updating and deleting trust password entry (update_trustpw and delete_trustpw) 2) More error messages when wrong arguments passed from command line rafal
svn commit: samba r84 - in branches/SAMBA_3_0/source: libsmb nsswitch utils
Author: abartlet Date: 2004-04-06 16:44:24 + (Tue, 06 Apr 2004) New Revision: 84 Modified: branches/SAMBA_3_0/source/libsmb/nterr.c branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c branches/SAMBA_3_0/source/utils/ntlm_auth.c Log: Implement --required-membership-of=, an ntlm_auth option that restricts all authentication to members of this particular group. Also implement an option to allow ntlm_auth to get 'squashed' error codes, which are safer to communicate to remote network clients. Andrew Bartlett
svn commit: samba r85 - branches/SAMBA_3_0/source/nsswitch
Author: abartlet Date: 2004-04-06 16:45:38 + (Tue, 06 Apr 2004) New Revision: 85 Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h Log: Update the winbind interface version, as I just extended the struct. Andrew Bartlett
CVS update: sambaweb
Date: Tue Apr 6 18:59:49 2004 Author: sfrench Update of /home/cvs/sambaweb In directory dp.samba.org:/tmp/cvs-serv19755 Modified Files: Linux_CIFS_client.html Log Message: Update cifs vfs web page for 1.0.6 Revisions: Linux_CIFS_client.html 1.51 = 1.52 http://www.samba.org/cgi-bin/cvsweb/sambaweb/Linux_CIFS_client.html.diff?r1=1.51r2=1.52
svn commit: samba r87 - branches/SAMBA_3_0/source/utils
Author: jra Date: 2004-04-06 21:13:53 + (Tue, 06 Apr 2004) New Revision: 87 Modified: branches/SAMBA_3_0/source/utils/ntlm_auth.c Log: Fix the build that Andrew Bartlett broke. Andrew - don't check *ANYTHING* in unless you have done a make clean; make. Jeremy.
svn commit: samba r88 - branches/SAMBA_3_0/source/client
Author: sfrench Date: 2004-04-06 21:56:59 + (Tue, 06 Apr 2004) New Revision: 88 Modified: branches/SAMBA_3_0/source/client/mount.cifs.c Log: Add missing guest mount option for mount.cifs
svn commit: samba r89 - trunk/source/client
Author: sfrench Date: 2004-04-06 21:58:01 + (Tue, 06 Apr 2004) New Revision: 89 Modified: trunk/source/client/mount.cifs.c Log: Add missing mount option guest
svn commit: samba r90 - trunk/source
Author: paulg Date: 2004-04-06 22:00:09 + (Tue, 06 Apr 2004) New Revision: 90 Modified: trunk/source/configure.in Log: Update VOS _POSIX_C_SOURCE macro to 200112L.
svn commit: samba r91 - in branches/SAMBA_3_0/source: lib rpc_server
Author: jmcd Date: 2004-04-06 22:02:47 + (Tue, 06 Apr 2004) New Revision: 91 Modified: branches/SAMBA_3_0/source/lib/util_sid.c branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c Log: Fix lsalookupnames. Previously we'd fail if we didn't find the name, but we never checked if it was a domain user and didn't find a local one.
svn commit: samba r92 - in trunk/source: lib rpc_server
Author: jmcd Date: 2004-04-06 22:02:51 + (Tue, 06 Apr 2004) New Revision: 92 Modified: trunk/source/lib/util_sid.c trunk/source/rpc_server/srv_lsa_nt.c Log: Fix lsalookupnames. Previously we'd fail if we didn't find the name, but we never checked if it was a domain user and didn't find a local one.
svn commit: samba r93 - branches/SAMBA_3_0/source
Author: paulg Date: 2004-04-06 22:12:21 + (Tue, 06 Apr 2004) New Revision: 93 Modified: branches/SAMBA_3_0/source/configure.in Log: Update VOS _POSIX_C_SOURCE macro to 200112L.
svn commit: samba r94 - trunk/source/utils
Author: jmcd Date: 2004-04-06 22:23:06 + (Tue, 06 Apr 2004) New Revision: 94 Modified: trunk/source/utils/pdbedit.c Log: Fix the build that mimir broke! Function was declared as delete_trustpw, but called as delete_trustpw_entry.
Re: svn commit: samba r94 - trunk/source/utils
On Tue, Apr 06, 2004 at 10:23:06PM +, [EMAIL PROTECTED] wrote: Author: jmcd Date: 2004-04-06 22:23:06 + (Tue, 06 Apr 2004) New Revision: 94 Modified: trunk/source/utils/pdbedit.c Log: Fix the build that mimir broke! Function was declared as delete_trustpw, but called as delete_trustpw_entry. Sorry, just tried to fix that when I noticed you commited the fix. The latter was the original function name, and it seems I didn't change it completely... -- Rafal Szczesniak Samba Team member http://www.samba.org
CVS update: samba-docs/docbook/manpages
Date: Tue Apr 6 22:33:01 2004 Author: sfrench Update of /home/cvs/samba-docs/docbook/manpages In directory dp.samba.org:/tmp/cvs-serv26785 Modified Files: mount.cifs.8.xml Log Message: Correct mount.cifs.8 man page Revisions: mount.cifs.8.xml1.3 = 1.4 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/mount.cifs.8.xml.diff?r1=1.3r2=1.4
svn commit: samba r95 - trunk/source/passdb
Author: mimir Date: 2004-04-06 22:42:32 + (Tue, 06 Apr 2004) New Revision: 95 Modified: trunk/source/passdb/pdb_ldap.c Log: Put in a placeholders for trust password manipulation in LDAP backend. rafal
svn commit: samba r96 - in branches/SAMBA_3_0/source: client libsmb smbd
Author: jra Date: 2004-04-06 23:01:09 + (Tue, 06 Apr 2004) New Revision: 96 Modified: branches/SAMBA_3_0/source/client/client.c branches/SAMBA_3_0/source/libsmb/clifile.c branches/SAMBA_3_0/source/smbd/nttrans.c branches/SAMBA_3_0/source/smbd/trans2.c Log: Stupid f%'n UNIX extensions SETPATHINFO normally takes as it's param entry the filename to be acted upon Unless it's UNIX extensions create hardlink, or UNIX extensions create symlink. Then it's param - newfile name data - oldfile name. This caused me to stuff them up in 3.0.2 (and the client commands link and symlink). Fixed them, everything is now called oldname and newname - thus specifying which name should already exist (hint - the old one...) and which will be created (newname). Jeremy.
svn commit: samba r97 - in trunk/source: client libsmb smbd
Author: jra Date: 2004-04-06 23:09:38 + (Tue, 06 Apr 2004) New Revision: 97 Modified: trunk/source/client/client.c trunk/source/libsmb/clifile.c trunk/source/smbd/nttrans.c trunk/source/smbd/trans2.c Log: Stupid f%'n UNIX extensions SETPATHINFO normally takes as it's param entry the filename to be acted upon Unless it's UNIX extensions create hardlink, or UNIX extensions create symlink. Then it's param - newfile name data - oldfile name. This caused me to stuff them up in 3.0.2 (and the client commands link and symlink). Fixed them, everything is now called oldname and newname - thus specifying which name should already exist (hint - the old one...) and which will be created (newname). Jeremy.
svn commit: samba r98 - in trunk/source: include lib passdb rpc_server utils
Author: idra Date: 2004-04-06 23:20:11 + (Tue, 06 Apr 2004) New Revision: 98 Modified: trunk/source/include/passdb.h trunk/source/lib/privileges.c trunk/source/passdb/passdb.c trunk/source/passdb/pdb_interface.c trunk/source/passdb/pdb_ldap.c trunk/source/passdb/pdb_tdb.c trunk/source/passdb/util_sam_sid.c trunk/source/rpc_server/srv_lsa_nt.c trunk/source/utils/net_privileges.c Log: enable us to add privileges through usrmgr.exe !! there still a lot to do: - add code to remove privileges :-) - test all cases with both tdbsam and ldapsam - fix the user rights calls that are mixed in a single interface in usrmgr.exe -SSS