RE: [Samba] Windows XP , Fedora 1 and Home Network!?!?!
> > This is my smb.conf file...thanks for the help! > > # This is the main Samba configuration file. You should read the > # smb.conf(5) manual page in order to understand the options listed > # here. Samba has a huge number of configurable options (perhaps too > # many!) most of which are not shown in this example > # > # Any line which starts with a ; (semi-colon) or a # (hash) > # is a comment and is ignored. In this example we will use a # > # for commentry and a ; for parts of the config file that you > # may wish to enable > # > # NOTE: Whenever you modify this file you should run the command > "testparm" > # to check that you have not made any basic syntactic errors. > # I would suggest that you read closely the above section of your smb.conf file. Particularly the part about comments, you do not appear to have any shares apart from [homes] defined, also run "testparm" You need something like the following in your smb.conf (Note no ;'s in the first col.) [public] path = /usr/somewhere/else/public public = yes only guest = yes writable = yes printable = no -- John > #=== Global Settings > = > [global] > > # workgroup = NT-Domain-Name or Workgroup-Name >workgroup = HOMEWRECKERS > > # server string is the equivalent of the NT Description field >server string = Linux Server > > # This option is important for security. It allows you to restrict > # connections to machines which are on your local network. The > # following example restricts access to two C class networks and > # the "loopback" interface. For more examples of the syntax see > # the smb.conf man page > ; hosts allow = 192.168.1. 192.168.2. 127. 192.168.0.102 > > # if you want to automatically load your printer list rather > # than setting them up individually then you'll need this >printcap name = /etc/printcap >load printers = yes > > # It should not be necessary to spell out the print system type unless > # yours is non-standard. Currently supported print systems include: > # bsd, sysv, plp, lprng, aix, hpux, qnx > ; printing = bsd > > # Uncomment this if you want a guest account, you must add this to > /etc/passwd > # otherwise the user "nobody" is used > ; guest account = pcguest > > # this tells Samba to use a separate log file for each machine > # that connects >log file = /var/log/samba/%m.log > > # Put a capping on the size of the log files (in Kb). >max log size = 50 > > # Security mode. Most people will want user level security. See > # security_level.txt for details. >security = user > # Use password server option only with security = server > ; password server = > > # Password Level allows matching of _n_ characters of the password for > # all combinations of upper and lower case. > ; password level = 8 > ; username level = 8 > > # You may wish to use password encryption. Please read > # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. > # Do not enable this option unless you have read those documents > ; encrypt passwords = no > ; smb passwd file = /etc/samba/smbpasswd > > # The following are needed to allow password changing from Windows to > # update the Linux system password also. > # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. > # NOTE2: You do NOT need these to allow workstations to change only > #the encrypted SMB passwords. They allow the Unix password > #to be kept in sync with the SMB password. > ; unix password sync = Yes > ; passwd program = /usr/bin/passwd %u > ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* > %n\n *passwd:*all*authentication*tokens*updated*successfully* > > # Unix users can map to different SMB User names > ; username map = /etc/samba/smbusers > > # Using the following line enables you to customise your configuration > # on a per machine basis. The %m gets replaced with the netbios name > # of the machine that is connecting > ; include = /etc/samba/smb.conf.%m > > # Most people will find that this option gives better performance. > # See speed.txt and the manual pages for details >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > # Configure Samba to use multiple interfaces > # If you have multiple network interfaces then you must list them > # here. See the man page for details. > ; interfaces = 192.168.12.2/24 192.168.13.2/24 > > # Configure remote browse list synchronisation here > # request announcement to, or browse list sync from: > # a specific host or from / to a whole subnet (see below) > ; remote browse sync = 192.168.3.25 192.168.5.255 > # Cause this host to announce itself to local subnets here > ; remote announce = 192.168.1.255 192.168.2.44 > > # Browser Control Options: > # set local master to no if you don't want Samba to become a master > # browser on your network. Otherwise the normal election rules apply > ; local master = n
[Samba] ldapsam authentication methods
Hi, Can anyone tell me if ldapsam supports authentication methods other than a simple bind to an ldap server? I've read through the documentation, but couldn't find any mention of other authentication methods. thanks, Andrew -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP , Fedora 1 and Home Network!?!?!
Hey, I am new to Linux, and I am caught up in an issue with Samba. I have two computers. One is a Win XP Pro and the other is Fedora Core 1 sharing a cable modem connection via a D-Link Router. With these to computers I want to be able to share files in-between the two of us. With samba I can see my XP computer with no problems. I just have to type in a user name and password. My problem comes in that the XP computer cannot see me at all. When bringing up the XP computer it is listed in Nautilus as smb://adam/c/downloads/. I can copy files from the XP computer to my Fedora computer but I cannot copy a file from my computer to his computer. I saw somewhere on a site that I had to make a registry entry for the XP computer which I did with no go. With mapping a network drive would I do the \\homewreckers\pub? With the router would I have to Any other suggestions would be wonderful. Sorry if I didn't give enough information. This is my smb.conf file...thanks for the help! # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = HOMEWRECKERS # server string is the equivalent of the NT Description field server string = Linux Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. 192.168.0.102 # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server ; password server = # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = no ; smb passwd file = /etc/samba/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only #the encrypted SMB passwords. They allow the Unix password #to be kept in sync with the SMB password. ; unix password sync = Yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names ; username map = /etc/samba/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /etc/samba/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255
[Samba] Erratic behavior with smbmount
I'm running Linux Fedora Core 2 with Samba 3.0.3-5 installed. I'm experiencing some strange behavior when I try to mount a FAT32 share on a Win2k workstation. After a fresh reboot, when I try smbmount (or mount.smb) everything seems to work (no error messages). Then when I try to access the mountpoint - via Nautilus or by doing "ls" in a terminal - the system freezes. If I try smbumount I get "Device or resource busy." I have to use "umount -l" to unmount the share. What's weird is that the behavior is very erratic. If I start and stop nmb and smb a few times, and change some minor parameters with SWAT, and then try again, then smbmount works fine - I can browse the share with Nautilus, drag-and-drop, etc. Once I reboot, it all starts again. Here are the results of testparm: # Global parameters [global] workgroup = UCHI server string = %L running samba %v username map = /etc/samba/smbusers.map socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ldap ssl = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 [homes] comment = home on neronga path = %H valid users = %S read only = No hide special files = Yes hide unreadable = Yes hide unwriteable files = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [files] comment = network files on neronga path = /export/samba/files read only = No guest ok = Yes __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ERRSRV Non-specific error code
Hi We have version 1.9 on HPUX 10:20 trying to copy from win2000 (just upgraded from winNT). My observations seem to indicate that smallish files cannot be retrieved with get but can with mget, whilst largeish files cannot be retrieved with mget but can with get. The mget results in a truncated files (81679 bytes). This does not make a lot of sense to me. I will appreciate hearing from anyone who can suggest where the issue may lie. thanks trevor smb: \> ls . D 0 Tue Jun 1 09:38:50 2004 .. D 0 Tue Jun 1 09:38:50 2004 aldtot.txt 30 Thu May 27 14:47:56 2004 aldtran.txt4165 Thu May 27 14:58:19 2004 Apr-04 D 0 Fri May 7 11:42:37 2004 Attache Testing D 0 Thu May 27 16:34:16 2004 mftot.txt32 Fri May 7 10:17:04 2004 mftran.txt94062 Fri May 7 10:07:36 2004 NOV-03 D 0 Sat Feb 14 06:47:54 2004 Original Test Data D 0 Sat Feb 14 06:47:54 2004 Production D 0 Sat Feb 14 06:47:54 2004 racbtot.txt 30 Thu May 6 13:28:04 2004 racbtran.txt396 Thu May 6 13:28:04 2004 Test Data D 0 Sat Feb 14 06:47:55 2004 49026 blocks of size 2097152. 2177 blocks available smb: \> smb: \> prompt prompting is now off smb: \> get mftot.txt getting file \mftot.txt of size 32 bytes as mftot.txt Error ERRSRV - ERRerror (Non-specific error code.) reading remote file Error reading file \mftot.txt. Got 0 bytes (31.2469 kb/s) (average 968.12 kb/s) smb: \> mget mftot.txt getting file \mftot.txt of size 32 bytes as mftot.txt (31.2469 kb/s) (average 967.069 kb/s) smb: \> get mftran.txt getting file \mftran.txt of size 94062 bytes as mftran.txt (5741.05 kb/s) (average 1051.19 kb/s) smb: \> mget mftran.txt getting file \mftran.txt of size 94062 bytes as mftran.txt Error ERRSRV - ERRerror (Non-specific error code.) reading remote file Error reading file \mftran.txt. Got 81679 bytes (7654.72 kb/ Disclaimer. This e-mail is private and confidential. If you are not the intended recipient, please advise us by return e-mail immediately, and delete the e-mail and any attachments without using or disclosing the contents in any way. The views expressed in this e-mail are those of the author, and do not represent those of this company unless this is clearly indicated. You should scan this e-mail and any attachments for viruses. This company accepts no liability for any direct or indirect damage or loss resulting from the use of any attachments to this e-mail. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printer accounting/quota ?
Hi all, Thanks for the reply's, looks very interresting i will catch up on these shortly. I will let you know how i solve the case. BTW. Today i had a look at the IT facilities at the school, and it turned out that they have 2 old Netware 4.11 servers running, that i have to migrate and replace. They also run an older version of ZenWorks for application an policy distribution. So now i am also looking for a replacement for the applicataion distribution as well. Thats probably not that easy. Best regards Erik Holst Trans Erik Holst Trans wrote: Hi all, I am about to install a Samba server at a local school, and i need some advice and/or experience from others who have worked on a installation of that type/size. My plan is to roll-out a Samba server (of course), with LDAP back-end, and a number of printer queue's via CUPS. There will be aprox. 1000 user accounts, mostly students. The school has asked for a solution that would make theme able to control the amount of paper each student is allowed to use eg. hard-quota. AFAIK, there is no solution in the Samba or CUPS tool-box itself, so i Googled a little and found the PyKota project: http://www.librelogiciel.com/software/PyKota/action_Presentation Unfortunately i do not have any experience with it, but it seems like a good solution because it is able to store the accounting data in LDAP, and monitor the printers life-time page counter. Any advice or info about how it is done else where would be deeply apriciated. Thanks and best regards, Erik Holst Trans -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can I disable offline folders?
On Wed, 2004-06-02 at 02:57, ww m-pubsyssamba wrote: > Just what I was after! (I was searching for "offline folders"), many thanks Probably not relevant to your setup, but for Samba as a DC, I had a similar problem: I had terrible trouble with this - no matter what the server had, the clients (WinXP) were insisting on making 'My Documents' (which I redirected to the server) offline. I used the attached NT4 system policy file to really, really kill it (from the client side). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net CLASS MACHINE CATEGORY !!OfflineFiles POLICY !!OfflineFileControl KEYNAME Software\Policies\Microsoft\NetCache PART !!DisableOfflineFiles CHECKBOX VALUENAME "Enabled" VALUEON NUMERIC 0 VALUEOFF NUMERIC 1 END PART END POLICY POLICY !!OfflineFileControlKey KEYNAME Software\Microsoft\Windows\CurrentVersion\NetCache PART !!DisableOfflineFilesKey CHECKBOX VALUENAME "Enabled" VALUEON NUMERIC 0 VALUEOFF NUMERIC 1 END PART END POLICY END CATEGORY [Strings] OfflineFiles="Offline Files" OfflineFileControl="Control Offline Files (Policy)" OfflineFileControlKey="Control Offline Files (Key)" DisableOfflineFiles="Disable Offline Files (Policy)" DisableOfflineFilesKey="Disable Offline Files (Key)" signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Directory listing delay with WinXP and IPtables
hi Take a look at this document. It should help you solve your problem: http://www.linuxhomenetworking.com/linux-hn/samba-trouble.htm inseart the rules for firewall as decribed there and i expect u will have ur problem solved. i have solved it and listen i dont know wot is the concept wot was the problem that these rules solved so if u find any concept plz let me know Regards Azeem _ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] weired problem while connecting
thanks Mr. Paul Gienger please tell me how can i do it on clients Regards Azeem From: Paul Gienger <[EMAIL PROTECTED]> To: azeem ahmad <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: [Samba] weired problem while connecting Date: Tue, 01 Jun 2004 17:21:24 -0500 Your clients seem to be doing the usual web client searching. You have a couple of options. 1. Go to each client machine and disable the webclient service. I've had mixed results with this, and it's a lot of leg work for you. 2. Configure a web server on your samba box and let the traffic in on port 80. What you do by doing this is that your webserver sees the requests for some address and offers a quick and definitive no to the request rather than the client waiting for a timeout. Elegant solution? Not so much. Gets the job done with the least amount of leg work both now and on new clients? Yes. azeem ahmad wrote: hi all i m connecting to my samba server from a windows xp client. whenever i started my firewall script the client used to take 4 minutes to connect to the samba server and i run IRIS (sniffer) on my windows xp box it captures a packet as shown below - OPTIONS / HTTP/1.1 translate: f User-Agent: Microsoft-WebDAV-MiniRedir/5.1.2600 Host: Subzero Content-Length: 0 Connection: Keep-Alive HTTP/1.0 504 Gateway Time-out Server: squid/2.5.STABLE1 Mime-Version: 1.0 Date: Mon, 31 May 2004 18:13:57 GMT Content-Type: text/html Content-Length: 1056 Expires: Mon, 31 May 2004 18:13:57 GMT X-Squid-Error: ERR_CONNECT_FAIL 110 X-Cache: MISS from proxy.ravians-hostel.net Connection: keep-alive ERROR The requested URL could not be retrieved While trying to retrieve the URL: http://subzero/ The following error was encountered: Connection Failed The system returned: (110) Connection timed out The remote host or network may be down. Please try the request again. Your cache administrator is Mumraiz-Khan. Generated Mon, 31 May 2004 18:13:57 GMT by proxy.ravians-hostel.net (squid/2.5.STABLE1) - but if i disable transparent redirection from my firewall then it takes about 20 seconds or dont run the firewall then it browses the samba server noramally. the firewall script is as below. and also in the latter two conditions IRIS doesnt caputre this packet shown above here is the firewall - echo 1 > /proc/sys/net/ipv4/ip_forward iptables -F iptables -t nat -F modprobe ip_nat_ftp iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 42 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 88 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 88 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 135 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 389 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 636 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 3268 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 3269 -j ACCEPT iptables -P INPUT DROP iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -P FORWARD DROP iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 21-j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5000 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5001 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5005 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5050 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 6660:6670 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 7000 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 28805 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 51215 -j ACCEPT iptables -t nat -A POSTROUTING -o ppp0 -
Re: [Samba] weired problem while connecting
Your clients seem to be doing the usual web client searching. You have a couple of options. 1. Go to each client machine and disable the webclient service. I've had mixed results with this, and it's a lot of leg work for you. 2. Configure a web server on your samba box and let the traffic in on port 80. What you do by doing this is that your webserver sees the requests for some address and offers a quick and definitive no to the request rather than the client waiting for a timeout. Elegant solution? Not so much. Gets the job done with the least amount of leg work both now and on new clients? Yes. azeem ahmad wrote: hi all i m connecting to my samba server from a windows xp client. whenever i started my firewall script the client used to take 4 minutes to connect to the samba server and i run IRIS (sniffer) on my windows xp box it captures a packet as shown below - OPTIONS / HTTP/1.1 translate: f User-Agent: Microsoft-WebDAV-MiniRedir/5.1.2600 Host: Subzero Content-Length: 0 Connection: Keep-Alive HTTP/1.0 504 Gateway Time-out Server: squid/2.5.STABLE1 Mime-Version: 1.0 Date: Mon, 31 May 2004 18:13:57 GMT Content-Type: text/html Content-Length: 1056 Expires: Mon, 31 May 2004 18:13:57 GMT X-Squid-Error: ERR_CONNECT_FAIL 110 X-Cache: MISS from proxy.ravians-hostel.net Connection: keep-alive ERROR The requested URL could not be retrieved While trying to retrieve the URL: http://subzero/ The following error was encountered: Connection Failed The system returned: (110) Connection timed out The remote host or network may be down. Please try the request again. Your cache administrator is Mumraiz-Khan. Generated Mon, 31 May 2004 18:13:57 GMT by proxy.ravians-hostel.net (squid/2.5.STABLE1) - but if i disable transparent redirection from my firewall then it takes about 20 seconds or dont run the firewall then it browses the samba server noramally. the firewall script is as below. and also in the latter two conditions IRIS doesnt caputre this packet shown above here is the firewall - echo 1 > /proc/sys/net/ipv4/ip_forward iptables -F iptables -t nat -F modprobe ip_nat_ftp iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 42 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 88 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 88 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 135 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 389 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 636 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 3268 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 3269 -j ACCEPT iptables -P INPUT DROP iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -P FORWARD DROP iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 21-j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5000 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5001 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5005 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5050 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 6660:6670 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 7000 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 28805 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 51215 -j ACCEPT iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE - Regards Azeem _ Add photos to your messages w
[Samba] weired problem while connecting
hi all i m connecting to my samba server from a windows xp client. whenever i started my firewall script the client used to take 4 minutes to connect to the samba server and i run IRIS (sniffer) on my windows xp box it captures a packet as shown below - OPTIONS / HTTP/1.1 translate: f User-Agent: Microsoft-WebDAV-MiniRedir/5.1.2600 Host: Subzero Content-Length: 0 Connection: Keep-Alive HTTP/1.0 504 Gateway Time-out Server: squid/2.5.STABLE1 Mime-Version: 1.0 Date: Mon, 31 May 2004 18:13:57 GMT Content-Type: text/html Content-Length: 1056 Expires: Mon, 31 May 2004 18:13:57 GMT X-Squid-Error: ERR_CONNECT_FAIL 110 X-Cache: MISS from proxy.ravians-hostel.net Connection: keep-alive ERROR The requested URL could not be retrieved While trying to retrieve the URL: http://subzero/ The following error was encountered: Connection Failed The system returned: (110) Connection timed out The remote host or network may be down. Please try the request again. Your cache administrator is Mumraiz-Khan. Generated Mon, 31 May 2004 18:13:57 GMT by proxy.ravians-hostel.net (squid/2.5.STABLE1) - but if i disable transparent redirection from my firewall then it takes about 20 seconds or dont run the firewall then it browses the samba server noramally. the firewall script is as below. and also in the latter two conditions IRIS doesnt caputre this packet shown above here is the firewall - echo 1 > /proc/sys/net/ipv4/ip_forward iptables -F iptables -t nat -F modprobe ip_nat_ftp iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 42 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 88 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 88 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 135 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 389 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 636 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 3268 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 3269 -j ACCEPT iptables -P INPUT DROP iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -P FORWARD DROP iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 21-j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5000 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5001 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5005 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 5050 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 6660:6670 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 7000 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 28805 -j ACCEPT iptables -A FORWARD -i eth0 -p tcp --dport 51215 -j ACCEPT iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE - Regards Azeem _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] USB Drive and Samba on Mandrake 9.2
I have a mandrake 9.2 box that has a USB drive attached. The drive is mounted and working just fine from the linux box. When I set up the share via Web Admin it looks like any other share. When I try to access it from a windows machine (XP Pro) it wants a password for the Guest account. What am I doing wrong? -Phillip -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Master browser elections
I am new to this list - so if this has been discussed previously (and/or exenstively) please forgive me. I am running OSX (10.2 and 10.3) on various computers. We have been having a number of problems with the PC workgroup being populated correctly. To help resolve some of these issues, I would like to turn off the ability of our OSX boxes to participate in master browser elections. I would still like the OSX boxes to be visible and accessable by the PCs in the workgroup. How do I go about this? Thanks. Chip Scheide Systems Coordinator Children's Hospital of Pittsburgh -- Notify Immediately if you do NOT receive this email. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] mysql passwd backend
Quoting "Collen Blijenberg " <[EMAIL PROTECTED]>: > Dunno, try to comment out all mysql collumns.. > (mysql:host -till- mysql:unknow_3) > and fire up your debug level.. to get more info.. Commenting out the columns seemed to help. Why does the Samba Collection HOWTO say to include those? *Very confused* Thanks for your help, Collen! chris verges [EMAIL PROTECTED] 404-909-5486 Ham Radio: KG4YSN -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2 passwords when loging from Windows 98 to samba PDC
Hi, What I do is: del C:\windows\*.pwl from a DOS prompt, then log the user in. When it asks for the password the second time, make sure it's blank and click on OK. You won't have to go through this again. If this wasn't what you were asking for, sorry. Bob [EMAIL PROTECTED] wrote: > > Hello. > > I have setup a local network where Windows 98 > workstations authenticates against a samba > server PDC running on linux, and it is working. > > But there is a little annoyance: Windows 98 > is handling 2 passwords: > > 1) the network password (used with the samba PDC) > > 2) the windows password (used with the Windows >desktop) > > Windows users can change their passwords from > the workstation, but the desktop password is > kept locally. If they change the passwords > in one workstation and then login in another > workstation, the passwords will be different. > > I would like to eliminate the need for second > password and kepp only the first. Is it possible? > > If not, I would like to keep the desktop > passwords at the samba server. Is that possible? > > Regards. > > Romildo > > -- Assured Computing, Inc. When you need to be sure. http://www.assuredcomp.com/ P.O. Box 40814 Eugene, OR 97404 Voice - 541-868-0331 FAX - 541-463-1627 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Prescription Fedex Tracking Number
Checking on order number 040503131300855. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] homes share mapping problem in samba 3
The homes share is not mapping properly anymore once upgrading to samba 3. This works without problems in samba 2.2.8a and 3.0.0. However I have seen this problem consistently in 3.0.1, 3.0.2, 3.0.3 and 3.0.4; if I go back to 2.2.8a then the problem goes away. I have searched the newsgroups and others have had the same problem, but no one had found a solution and said that "homes" as a mapping was no longer supported (which I am hoping is not the case). >From windows 2000 clients, I have an NT profile home drive mapping to \\MachineName\homes. When I sign on this does not map and I get a message in the log.smbd file of "Can't become connected user!". If mapping manually it says "network path not found". If I change this to \\MachineName\Username (where Username is my login ID) then it works fine; it is the generic "homes" mapping that broke in 3.0.1 and up. Any help would be greatly appreciated...is this a bug, or is this officially not supported anymore in samba 3? [2004/06/01 15:30:59, 2] smbd/uid.c:(205) change_to_user: Invalid vuid used 103 or vuid not permitted access to share. [2004/06/01 15:30:59, 0] smbd/service.c:(541) Can't become connected user! [2004/06/01 15:30:59, 2] smbd/service.c:(72 [homes] share not available for this user because it was not found or created at session setup time smb.conf: [global] workgroup = EHSAMBA security = domain password server = pusehc0j pusehc0k name resolve order = wins host bcast deadtime = 5 encrypt passwords = yes invalid users = nobody local master = no lm announce = False wins server = 191.29.78.41 lock dir = /pw/export/prod/svr4/samba/locks delete readonly = yes log level = 1 [homes] comment = Home Directories read list = nobody read only = No create mask = 0777 directory mask = 0755 browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Printer accounting/quota ?
I'd look into PrintBill. It's very similar to PyKota, but I found it worked better in my situation. Both are good solutions though. I just found PrintBill was a little easier to install and configure. Shannon Johnson Network Support Specialist / Systems Administrator Dept. of Mechanical and Nuclear Engineering 224 Reber Building University Park, PA 16802 Phone: (814) 865-8267 > -Original Message- > From: Erik Holst Trans [mailto:[EMAIL PROTECTED] > Sent: Monday, May 31, 2004 6:39 PM > To: [EMAIL PROTECTED] > Subject: [Samba] Printer accounting/quota ? > > Hi all, > > I am about to install a Samba server at a local school, and i need some > advice and/or experience from others who have worked on a installation > of that type/size. > > My plan is to roll-out a Samba server (of course), with LDAP back-end, > and a number of printer queue's via CUPS. > There will be aprox. 1000 user accounts, mostly students. > > The school has asked for a solution that would make theme able to > control the amount of paper each student is allowed to use eg. hard-quota. > > AFAIK, there is no solution in the Samba or CUPS tool-box itself, so i > Googled a little and found the PyKota project: >http://www.librelogiciel.com/software/PyKota/action_Presentation > > Unfortunately i do not have any experience with it, but it seems like a > good solution because it is able to store the accounting data in LDAP, > and monitor the printers life-time page counter. > > > Any advice or info about how it is done else where would be deeply > apriciated. > > > Thanks and best regards, > Erik Holst Trans > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [LONG] Word 95 behaves strange in file dialog
On 30.05.2004 22:29, Peter Schaefer wrote: Hello! I'm having problems with Word 95 (yes, we still use Office 95) running on W2K SP4. Samba is 3.0.4 running on Debian Testing (package from unstable). However, the problem appeared with 3.0.2a also and 3.0.5 didn't fix this. It was definitely not there with Samba 2.x versions. W2K and Office95 are both German versions. Behaviour: -- In Word, open the "File Open" dialog. It will present the "C:\" folder. However, the default location that is expected to be shown is on a mapped network drive ("H:\Documents"). Clicking on the "H:" drive folder within the selection box drops back to "C:\" immediately, without error. Ok, now close the file dialog, open the "Options" dialog and select the tab where you can set the default documents and template paths. When you open an folder selection dialog by the "Change..."-button you get a "Access denied error" as soon as a network drive is selected (regardless which one). Logging during this time with log level 3 gets the following into log.smbd: [2004/05/30 14:18:51, 3] smbd/process.c:process_smb(890) Transaction 8701 of length 92 [2004/05/30 14:18:51, 3] smbd/process.c:switch_message(685) switch message SMBntcreateX (pid 4474) [2004/05/30 14:18:51, 3] passdb/lookup_sid.c:fetch_sid_from_uid_cache(152) fetch sid from uid cache 1000 -> S-1-5-21-522452230-244634628-243641563-3000 [2004/05/30 14:18:51, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(226) fetch sid from gid cache 102 -> S-1-5-21-522452230-244634628-243641563-513 [2004/05/30 14:18:51, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(226) fetch sid from gid cache 102 -> S-1-5-21-522452230-244634628-243641563-513 [2004/05/30 14:18:51, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(226) fetch sid from gid cache 103 -> S-1-5-21-522452230-244634628-243641563-512 [2004/05/30 14:18:51, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(226) fetch sid from gid cache 1000 -> S-1-5-21-522452230-244634628-243641563-3001 [2004/05/30 14:18:51, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (1000, 102) - sec_ctx_stack_ndx = 0 [2004/05/30 14:18:51, 3] smbd/open.c:open_directory(1356) open_directory: unable to stat name = .. Error was Erfolg [2004/05/30 14:18:51, 3] smbd/error.c:error_packet(118) error packet at smbd/trans2.c() cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED So, what looks weird for me is "Error was *Erfolg*" because this partially German wording translates to "Error was *Success*". WTF? The icing - All this happens only to a few users and only if Word is started using the Office95 quick launch bar. If Word is started via the start menu or directly in explorer by double-clicking the executable all is ok... Of course the said network drives are all reachable via Windows Explorer and within a command prompt. I'm aware of possible UNC path problems, but even hiding the network neighbourhood and editing the registry to change the UNC paths to mapped drives representation didn't help... So, i'm at the end of my capabilities; i just want to be sure that no bigger problem lures here, waiting to bite me later (in other applications that word). So, ok, replying to myself and referring to http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&safe=off&; frame=right&th=41b0ffcb61810f73& seekm=1XxUd-67p-39%40gated-at.bofh.it#link2 : This is a known issue (bug 1345) and has been fixed in the patchset at http://samba.org/~jerry/patches/post-3.0.4/samba-3.0.4.patch FWIW. Regards, Peter -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Groups Under "Domain" Security
I thought we were leaving it up to winbind to authenticate the users, but if that's not how winbind works I'll have to check into this. We modified our /etc/pam.d files and /etc/nsswitch.conf so that it would use winbind for all user/group authentication. Hope that's the information you are looking for! Thanks for your help. -Joshua On Tue, 1 Jun 2004, Jason Gray wrote: > What password backend are you using to authenticate users? smbpasswd, > ldapsam, tdb... > > Jason -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Accessing Windows Printer
This may not be the best place to pose this question... if not, I apologize. I've got a Windows server with a couple printers set up on it. They're both shared, but need a username and password to access them (guest and nobody are both disabled). Is it possible to set up an SMB printer on the Linux clients so that the printer on the Windows server uses the username and password from the login to print? (I'm sure there's a better way to phrase that, but I can't think of it at the moment.) Shannon Shannon Johnson Network Support Specialist / Systems Administrator Dept. of Mechanical and Nuclear Engineering 224 Reber Building University Park, PA 16802 Phone: (814) 865-8267 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Groups Under "Domain" Security
What password backend are you using to authenticate users? smbpasswd, ldapsam, tdb... Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joshua D. Scott Sent: Tuesday, June 01, 2004 12:06 PM To: Samba Mailing List Subject: [Samba] Groups Under "Domain" Security We are running Redhat 9, 2.4.20-30.9 kernel, Samba 3.0.0 and Winbind 3.0.0. Security is set to "Domain" and we are trying to set up shares which will be available to valid NT 4.0 users and groups. Winbind appears to be working, and you can use the commands "getent group" and "getend passwd" to see that it is communicating with the NT domain for user and group information. We successfully set up a share that only allowed the group "Domain Users" to connect and write to it. Our problem is that when we replace this group name with any other, they cannot access the share even if it's a known valid group. For example, we tried a test NT domain group called "SMBWRITE". We managed to work around the problem by grabbing a lists of groups with the "getent group" command, changing all the group names to lowercase, and then writing the list to /etc/group on the samba server. Once this was done we could access a share as a "SMBWRITE" group member, or any other. Is there a bug in samba 3.0.0 or winbind which prevents domain authenticated groups from working properly? Do we need to continue this work around of keeping a local (to Redhat) group list, or have we simply misconfigured something? I can post our smb.conf if this will help. Thanks! -Joshua -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Groups Under "Domain" Security
We are running Redhat 9, 2.4.20-30.9 kernel, Samba 3.0.0 and Winbind 3.0.0. Security is set to "Domain" and we are trying to set up shares which will be available to valid NT 4.0 users and groups. Winbind appears to be working, and you can use the commands "getent group" and "getend passwd" to see that it is communicating with the NT domain for user and group information. We successfully set up a share that only allowed the group "Domain Users" to connect and write to it. Our problem is that when we replace this group name with any other, they cannot access the share even if it's a known valid group. For example, we tried a test NT domain group called "SMBWRITE". We managed to work around the problem by grabbing a lists of groups with the "getent group" command, changing all the group names to lowercase, and then writing the list to /etc/group on the samba server. Once this was done we could access a share as a "SMBWRITE" group member, or any other. Is there a bug in samba 3.0.0 or winbind which prevents domain authenticated groups from working properly? Do we need to continue this work around of keeping a local (to Redhat) group list, or have we simply misconfigured something? I can post our smb.conf if this will help. Thanks! -Joshua -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2 passwords when loging from Windows 98 to samba PDC
Hello. I have setup a local network where Windows 98 workstations authenticates against a samba server PDC running on linux, and it is working. But there is a little annoyance: Windows 98 is handling 2 passwords: 1) the network password (used with the samba PDC) 2) the windows password (used with the Windows desktop) Windows users can change their passwords from the workstation, but the desktop password is kept locally. If they change the passwords in one workstation and then login in another workstation, the passwords will be different. I would like to eliminate the need for second password and kepp only the first. Is it possible? If not, I would like to keep the desktop passwords at the samba server. Is that possible? Regards. Romildo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: FIX: Re: [Samba] prerequisites for winbind (Samba-3.0.4-SuSE-9.0)
Hallo, Cool, figured it out this night or better this morning (6 o'ckock ;-) , too. Maybe wbinfo -a / -u seems not to work because of our missing/uncomplete PAM or nsswitch configuration, but we don't need it vor squid auth... my accounts/groups come from pam_ldap & nss_ldap & Co My biggest mistake was running this from within mc (Midnight Commander) e.g. wbinfo -a User.xy%3xyz which expanses to something likewbinfo -a User.xyxyz and enver works. But from pure command line it succeeds ;-) At the time of writing of my post last evening, I additionally mixed up my Administrator/uid=0 - Account, so I couldn't join from Win2k-Workstation, which days ago was alredy working for nearly four month... shit happens ;-) (I'm writing my diplom thesis) Yours Malte Tuesday, June 1, 2004, 11:06:31 AM, you wrote: FD> hello, I'v the same problem with wbinfo -{u,g} but winbind works FD> when used with squid, also wbinfo -a Administrator%XX FD> work. FD> [EMAIL PROTECTED] root]# wbinfo -a Administrator%X FD> plaintext password authentication succeeded FD> challenge/response password authentication succeeded FD> but FD> [EMAIL PROTECTED] root]# wbinfo -u FD> Error looking up domain users FD> [EMAIL PROTECTED] root]# wbinfo -g FD> Error looking up domain groups FD> francesco. FD> Malte Woelky wrote: >>Hi there, >> >> >>I'm not able to get winbind to work, although searched google and studied >>and tried nearly every howto >>and forum entry on the net the last week it simply doesn't work and I don't >>understand >>why >> >>My Samba3-Domain SUPZ (samba & ldap Linux PDC, Windows Clients) works >>perfektly >>with all ldap users, groups (linux and from windows) and computer accounts >>(Win2000 WS). >> >>I'm using samba3-3.0.4-1.i586.rpm (etc) for SuSE 9.0 and smpldap-tools 0.8.4 >>form www.idealx.org >> >> >> >>But I cannot get the winbind stuff zu work. I'm trying to integrate winbind >>for ntlm_auth and Squid. >> >> >> >> >> >>What do prequisites do I need for winbind? >> >> >> >> >> >>my smb.conf (only winbind, logon & ldap related stuff) >> >>-- >>[...] >> >>logon script = \\supzli02pdc\netlogon\logon.bat >>logon path = >>logon drive = H: >>logon home = >>domain logons = Yes >>os level = 65 >>preferred master = Yes >>domain master = Yes >>wins support = Yes >> >>add user script = /usr/local/sbin/smbldap-useradd -m >>add group script = /usr/local/sbin/smbldap-groupadd -p >>add user to group script = /usr/local/sbin/smbldap-groupmod -m >>delete user from group script = /usr/local/sbin/smbldap-groupmod -x >>set primary group script = /usr/local/sbin/smbldap-usermod -g >>add machine script = /usr/local/sbin/smbldap-useradd -w >> >>passdb backend = ldapsam:ldap://192.168.10.50/ >>passwd program = /usr/local/sbin/smbldap-passwd %u >>passwd chat = *New*password* %n\n *Retype*new*password* %n\n >>*all*authentication*tokens*updated* >>username map = /etc/samba/smbusers >> >>ldap suffix = dc=supz,dc=schulenge,dc=de >>ldap machine suffix = ou=Computers >>ldap user suffix = ou=Users >>ldap group suffix = ou=Groups >>ldap admin dn = cn=admin,dc=schulenge,dc=de >>ldap ssl = no >>ldap passwd sync = Yes >>ldap delete dn = Yes >> >>winbind use default domain = yes >>winbind trusted domains only = yes >>#winbind separator = + >>#winbind nested groups = no >>idmap uid = 5-6 >>idmap gid = 5-6 >>template shell = /bin/bash >>template homedir = /home/%D/%U >>winbind enum groups = yes >>winbind enum users = yes >>winbind enable local accounts = yes >>winbind cache time = 10 >> >>[...] >>-- >> >>I always get the following errors: >> >>-- >>supzli02pdc:/ # wbinfo -t >>checking the trust secret via RPC calls failed >>error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) >>Could not check secret >> >>supzli02pdc:/etc/samba # wbinfo -u >>Error looking up domain users >> >>supzli02pdc:/ # wbinfo -a SUPZ\\Hans.Meiserestme >>plaintext password authentication failed >>error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc0da) >>error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO >>Could not authenticate user SUPZ\Hans.Meiserestme with plaintext password >>challenge/response password authentication failed >>error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc0da) >>error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO >>Could not authenticate user SUPZ\Hans.Meiserestme with challenge/response >>- >> >> >> >>=> tried setting an user vor wbinfo, but this doesn't help: >> >> >> >>supzli02pdc:/ # wbinfo --set-auth-user=administrator >>Password: >>Press any key to continue... >>supzli02pdc:/ # wbinfo --get-auth-
RE: [Samba] Directory listing delay with WinXP and IPtables
I have made a change to my samba servers by placing smb port = 139. The effect I was trying to stop was a transport end point connect log error. This did stop the log error but I noticed zero difference in the behaviour on my win XP boxes. I have 120 XP, 10 win2k boxes 5 samba servers plus 2 samba servers as a clustered PDC on the network. I have read on groups else-where that if you stop port 445 on the PDC the XP boxes won't be able to communicate with the non-pdc samba servers. I haven't tried to stop port 445 on the PDC to see if this is the case. Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, May 31, 2004 7:17 PM To: Randy S Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Directory listing delay with WinXP and IPtables I'd be curious to know whether the behaviour for XP Pro changes if you put the following parameter into smb.conf smb ports = 139 This tells samba not to respond to port 445 traffic. I'm assumming that samba is not participating in an active directory. Mark > Sorry if this has been covered before. > > I setup a new Samba server using RedHat EL 3, and samba 3.0.2-6.3E (the > version that comes with Redhat). > > We were seeing an intermittant 20 seconcd delay when grabbing a > directory listing, but only from XP, win 2k was fine. > > I couldn't completely nail down when the delay occured but it seemed to > be when the directory or share hadn't been accessed in a while, ~15mins > ??. There was never a problem or delay seeing the samba server on the > browse list. > > I turned off iptables and the delay has been drastically reduced, now > down to 2 secs, which is acceptable. > > Obviously I'd like to turn iptables back on. > > I'm wondering if there are any special port openings or other iptables > settings that need adjustments with XP; or if there are adjustments I > need to make to the XP clients. I've already tried the > RemoteComputer\NameSpace\ regkey fix to no avail. > > It's a very basic iptables setup. I opened up the standard samba ports. > I've listed the output of 'iptables --list' below. > > Any ideas? > > TTIA > > /randoms/ > > 'iptables --list' output : > > Chain INPUT (policy ACCEPT) > target prot opt source destination > RH-Firewall-1-INPUT all -- anywhere anywhere > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > RH-Firewall-1-INPUT all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain RH-Firewall-1-INPUT (2 references) > target prot opt source destination > ACCEPT all -- anywhere anywhere > ACCEPT icmp -- anywhere anywhere icmp any > ACCEPT ipv6-crypt-- anywhere anywhere > ACCEPT ipv6-auth-- anywhere anywhere > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT tcp -- anywhere anywhere state NEW > tcp dpt:netbios-ns > ACCEPT udp -- anywhere anywhere state NEW > udp dpt:netbios-ns > ACCEPT tcp -- anywhere anywhere state NEW > tcp dpt:netbios-dgm > ACCEPT udp -- anywhere anywhere state NEW > udp dpt:netbios-dgm > ACCEPT tcp -- anywhere anywhere state NEW > tcp dpt:netbios-ssn > ACCEPT udp -- anywhere anywhere state NEW > udp dpt:netbios-ssn > ACCEPT tcp -- anywhere anywhere state NEW > tcp dpt:microsoft-ds > ACCEPT udp -- anywhere anywhere state NEW > udp dpt:microsoft-ds > ACCEPT tcp -- anywhere anywhere state NEW > tcp dpt:497 > ACCEPT udp -- anywhere anywhere state NEW > udp dpt:497 > ACCEPT tcp -- anywhere anywhere state NEW > tcp dpt:ssh > REJECT all -- anywhere anywhere reject-with > icmp-host-prohibited > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Using Samba and Rational ClearCase Tools
Hi Eric, Thanks for your help. We actually figured out our problem. We had a variable set to "Read Only" which was preventing us from getting to our data. Thanks again for your help and prompt response! April -Original Message- From: Eric Boehm [mailto:[EMAIL PROTECTED] Sent: Friday, May 28, 2004 6:06 PM To: Sharpe, Annik A Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Using Samba and Rational ClearCase Tools On Fri, May 28, 2004 at 04:59:05PM -0400, Sharpe, Annik A wrote: > "April" == Sharpe, Annik A <[EMAIL PROTECTED]> writes: April> Hello, We are using Samba to connect our ClearCase server April> to the Windows environment. Our original configuration was April> one server hosting all our VOBs and Views. We have Samba April> configured to allow mapping of shares to our ClearCase April> Windows Clients. Everything was working fine. Now we have April> set up a second server to host all our Views separate from April> the VOBs. So we have a View server and a separate VOB April> separate. When we setup the View server we installed Samba April> on that server, copied the config file from the original April> setup to the new server and the only configuration change April> made was in the Global parameters, the NetBios Name to be April> the new server name. April> We are able to map a network drive to our new server. We April> are able to create a View on the UNIX server, region April> synchronize on the Win Client side and mount a VOB. However April> when we try to create a new file we get a window stating April> "Access Denied." If we try to check out an existing file we April> get an "Error checking out {filename}. Unable to update April> view {viewname}: Permission Denied. Unable to check out April> {filename}." April> We are able to complete all these steps within the UNIX April> environment, we are only having problems from the Windows April> environment and so we are assuming it has to do with our April> Samba configuration. This is usually caused by a permission problem. Did you copy username.map from the VOB server to the View server? What are the exact details in the view_log on the client? Is there anything in the error_log? What is the ALBD Account? Is there a corresponding UNIX account? Do you realize that performance of views through Samba will probably be 50-200+% worse than a local view? If you increase the Samba debug level to 3 and repeat the operation, what is in the Samba log? Do you have 'log file = /usr/local/samba/var/log.%m' in your smb.conf? This will make it easier to debug. -- Eric M. Boehm /"\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can I disable offline folders?
Just what I was after! (I was searching for "offline folders"), many thanks cheers Andy. > > our NT server guy has just asked me if I can disable/prevent offline = >folder support on a Samba share. This >is something which is configurable on a Windows 2000/2003 server share. = >Any help much appreciated, Have you tried 'csc policy' ? (See the man page for smb.conf(5) ) BBCi at http://www.bbc.co.uk/ This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated. If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received. Further communication will signify your consent to this. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SMB->NFS
We are trying to make a gateway from SMB -> NFS. (We are SUN Solaris users and we can't at least we don't know how to mount smb file systems (not like ftp)) We had made a NFS -> SMB gateway successfully. Any suggestions will appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can I disable offline folders?
ww m-pubsyssamba schrieb: Hi all, our NT server guy has just asked me if I can disable/prevent offline folder support on a Samba share. This is something which is configurable on a Windows 2000/2003 server share. Any help much appreciated, thanks Andy. csc policy = disable should be what you looking for -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can I disable offline folders?
> > our NT server guy has just asked me if I can disable/prevent offline = >folder support on a Samba share. This >is something which is configurable on a Windows 2000/2003 server share. = >Any help much appreciated, Have you tried 'csc policy' ? (See the man page for smb.conf(5) ) Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] CIFS/9000 or Samba migration
Selon Jeremy Allison <[EMAIL PROTECTED]>: > On Tue, Jun 01, 2004 at 04:29:36PM +0200, Lapin(c) wrote: > > > > Hi team, > > > > we'd like to migrate from ASU to Samba on HP-UX. > > is there anyone with some feedback on such a case ? > > i'm looking for information on the pros and cons of Samba3 vs CIFS/9000 as > well. > > > > Many thanks for your answers > > The CIFS/9000 Team at HP can probably answer that (I sit near them :-). > I'd contact HP and ask if I were you. > > Jeremy. > > Right :) ! I'm doing that. thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] CIFS/9000 or Samba migration
On Tue, Jun 01, 2004 at 04:29:36PM +0200, Lapin(c) wrote: > > Hi team, > > we'd like to migrate from ASU to Samba on HP-UX. > is there anyone with some feedback on such a case ? > i'm looking for information on the pros and cons of Samba3 vs CIFS/9000 as well. > > Many thanks for your answers The CIFS/9000 Team at HP can probably answer that (I sit near them :-). I'd contact HP and ask if I were you. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Upgrading from 2.2.7 to 3.0.3
I had sent this message once before but since the samba list is so busy I figured it probably got lost in the shuffle. Here it is again. Is there a how-to out there which could walk me through upgrading a working Samba 2.2.7/Openldap server to Samba 3.0.3/Openldap server? I can get Samba 3.0.3 and Openldap to work with a new install however when I attempt to import my old LDAP database I have to change the user's password and rejoin the workstations to the domain. Do I have to do this or should it be pretty seamless? I converted my ldif file by running ./convertsambaaccount --sid S15. --input old.ldif --output new.ldif and imported into my LDAP database however I can't login unless I change the user's password. I have around 1000 users and 1000+ workstations so changing every password isn't an option. Any help would be appreciated. Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can I disable offline folders?
Hi all, our NT server guy has just asked me if I can disable/prevent offline folder support on a Samba share. This is something which is configurable on a Windows 2000/2003 server share. Any help much appreciated, thanks Andy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : [Samba] changing smbpasswd password rules
The min password length in smb.conf is for unix password, you must modify the parameter with this command $ pdbedit -P "min password length" -C 3 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+-> | | Jeff Kraeger <[EMAIL PROTECTED]> | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 01/06/2004 17:02 | | | | |-+-> >---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] changing smbpasswd password rules | >---| Where does smbpasswd get its password rules from? I need to change them! I need to allow for passwords as short as 3 characters. I've changed my unix rules to allow users using passwd to change their password correctly but samba will not. I'm using encrypted passwords so min password length = 3 doesn't do anything, right? I keep getting RAP86 errors and the log says password too short account policy min password len = 5 How do I change this to 3 - do I need to recompile? If so what file needs to change? Thanks, Jeff Kraeger -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] changing smbpasswd password rules
On Tue, 01 Jun 2004 11:02:51 -0400 Jeff Kraeger <[EMAIL PROTECTED]> wrote: > Where does smbpasswd get its password rules from? pdbedit is what you need. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] changing smbpasswd password rules
Where does smbpasswd get its password rules from? I need to change them! I need to allow for passwords as short as 3 characters. I've changed my unix rules to allow users using passwd to change their password correctly but samba will not. I'm using encrypted passwords so min password length = 3 doesn't do anything, right? I keep getting RAP86 errors and the log says password too short account policy min password len = 5 How do I change this to 3 - do I need to recompile? If so what file needs to change? Thanks, Jeff Kraeger -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win98 ==> Samba printing problem
On Fri, 21 May 2004 01:44 , Adina S <[EMAIL PROTECTED]> sent: >I used cups and Adobe drivers. I downloaded the >drivers from www.adobe.com, then a PostScript for HP >(I have that kind of printer), instaled localy the >driver on a win 98 machine, stored the files on the >samba server in /usr/share/cups/drivers and after that >cupaddsmb created the driver, pt it in print$ share, >WIN40/0 directory. >Hope this helps >--- fredex [EMAIL PROTECTED]> wrote: >> Using SAmba 3.0.2 and Cups 1.1.17. >> >> How does one configure a W98 box to print to a samba >> shared printer? >> >> Per my previous postings I can't figure it out, and >> the methods I've >> used on older Sambas don't work. Have you shared the printer out? creating it in cups is the first step, then you need to create it as a samba share. Once you do that, you should be able to connect to the printer \\servername\sambashare that may be too basic of what issue you are experiencing, but I couldnt tell from your request >> >> I've been thru the lengthy discussion in the samba >> with cups documentation, >> which tells how to do it for NT or later, but not >> 9x. >> >> I've posted the smb.conf before, won't put it here, >> for brevity. >> >> I'd appreciate a clue. >> >> Thanks. >> -- >> Fred Smith -- [EMAIL PROTECTED] >> - >> The eyes of the Lord are >> everywhere, >> keeping watch on the wicked and >> the good. >> - Proverbs 15:3 (niv) >> - >> > >> ATTACHMENT part 1.2 application/pgp-signature >> -- >> To unsubscribe from this list go to the following >> URL and read the >> instructions: >http://lists.samba.org/mailman/listinfo/samba > > > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Apostrophe's in Windows usernames
I saw the posting for the attached issue from Dec 8, 2003 and made the changes to smbd/password.c and include/smb.h but am still having a problem with a user attaching to our Samba server with an apostrophe in his name. We use a usermap file and it looks like the apostrophe is being stripped out of the map file when the Windows ID is trying to be mapped. The entry in the user name map file is bvec32 = o'brienta, but a level 10 log shows: user_in_list: checking user |bvevc32| against |obrienta| so the authentication fails. I'm assuming that a change needs to be made to username.c, but I'm not sure what ... We're running 3.0.2a on Solaris 8. Any help? Mike Mike Auleta Boeing IDS, Philadelphia 610-591-3916 Who's the more foolish, the fool or the fool who's following him? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] CIFS/9000 or Samba migration
Hi team, we'd like to migrate from ASU to Samba on HP-UX. is there anyone with some feedback on such a case ? i'm looking for information on the pros and cons of Samba3 vs CIFS/9000 as well. Many thanks for your answers Fred -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SuSe 9.1 samba quota questions
I have downloaded samba 3.0.4 from suse FTP site. README.SuSE (/usr/share/doc/packages/samba) files says Quota support doesnt work. Some people are reporting they are using samba quota feature. What are the issues with SuSE OS? Is there a way I can use Quota on SuSE (by re-compiling with quota option). Can you share your experience with samba 3 quota support? Thanks SR -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Terminal Server
Hi, look at www.codeweavers.com. With their Server version you turn your Linux Terminal Server into one that runs also many Windows programs. Schlomo On Tue, 1 Jun 2004, Adam Tauno WIlliams wrote: > > Is Samba only a Windows File Server/Domain Controller, or can it act as terminal > > server for windows clients too? > > No, you need a M$ OS to be a M$ Terminal server (if you intend to run > M$ apps). > > -- Regards, Schlomo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] kerberos5 / gssapi support in mount.cifs?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Timo Veith wrote: | Am Montag, 24. Mai 2004 15:06 schrieb Gerald (Jerry) Carter: | |>Timo Veith wrote: |>| Hi, |>| |>| allow me another question. Is it planned or already |>| implemented to support gssapi with mount.cifs? |> |>It is planned according to what I understand from Steve French. |>Just not done yet. | | | And what about the "user" mount option? | | Where can I read about that, do you have a link to that? Either the mount.cifs(8) man page or try the mailing list http://lists.samba.org/mailman/listinfo/linux-cifs-client cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAvIYlIR7qMdg1EfYRAqcDAJ9Xn6teuBs81a4aFbQIHLuf78WLmwCdGoKN DAggerqQXuHCy04L3J1y0to= =w9/i -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Terminal Server
> Is Samba only a Windows File Server/Domain Controller, or can it act as terminal > server for windows clients too? No, you need a M$ OS to be a M$ Terminal server (if you intend to run M$ apps). -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbstatus information and layout
Hi, I am working on a product that collects information about what is happening on the operating system. I was wondering if the information provided by the smbstatus command is available in a programmatic way? The reason for asking this is that I have access to several systems using samba and each one is running a different version and I have seen two distinct formats for the data. If there is no programmatic way to find this, I have looked at the man pages and have not seen anything. Does anyone know how many layouts have been used by this command and if so what versions they changed at? Thanks in advance. Phil Dodd Computer Associates Software Engineer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and Terminal Server
Is Samba only a Windows File Server/Domain Controller, or can it act as terminal server for windows clients too? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba-3.0.2a openldap-2.1
Hi there! Thank you for your mail! I hope you don't mind if I send it back to the list. Quoting Reinhard Sojka <[EMAIL PROTECTED]>: > Hi Peter, > > did you give Samba the LDAP password for the LDAP admin? If not, do a > "smbpasswd -w " on your Samba server. > Like I said in my mail before. I have the same password in secret.tdb as in slapd.conf and I've done a "smbpasswd -w " command which will generate the encrypted secret.tdb file. > I have no experience with Samba and encrypted LDAP, but is the line > "passdb backend = ldapsam:ldap://l1.dbb.su.se"; in the smb.conf really > correct? I assume that ldapsam:ldaps://l1.dbb.su.se will suit better. > Correct (I think) and I saw that in my own mail and changed it with no differances. The strange thing is tha I can create a new user or group with smbldap-useradd.pl or smbldap-groupadd.pl with home directory but I can't log in > cheers, > Reinhard > > -- > Reinhard Sojka <[EMAIL PROTECTED]> > System- & Networkadmin > Parlamentsdirektion > +43 1 40110 2824 > Peter Nyberg Institutionen för Biokemi och Biofysik (DBB) Sv.Arrhenius vägen 12 106 91 Stockholm Tel: 08-16 24 69 Mobil: 070 339 24 69 Fax 08 153679 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: Same Problem.... RE: [Samba] Can see server, but can't see shares. Whazzup?
Hi, I have two installations: On the one I have a very funny phenomen: If I change same parameters and restart smbd a several times then I get access with xp... and there is no logic in it. With the w2k clients in the network we have no problems. In the other network where we have xp and 98 there is no chance of accessing the smbd server, but the problem starts before that, because I sometimes I can not even see the members of the workgroup in the network, sometimes I can... If I can see the members of the network, then I normally get the error message that I do not have the right to access the network. It is a vicious circle, where I do not see where the solution starts CU Matthias -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Flávio Henrique Sent: Friday, May 28, 2004 5:34 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Same Problem RE: [Samba] Can see server,but can't see shares. Whazzup? Hi Jim Sorry for inserting me in the discussion, but I have the same problem here and I tryed to set os level = 10 wins support = no and nothing changes... I tryed to disable the wins support in win98 clients... do not work too.. I don't have any WinNT/XP/2k in my network, just win98 clients I will thank you for any tips... I'm using Samba 3.0.2a on Mandrake 9.2 Flávio Henrique. Here is my smb.conf # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2004/05/28 08:41:01 # Global parameters [global] workgroup = PROVENDA server string = Samba Server %v map to guest = Bad User passwd program = /usr/bin/passwd3 %u client plaintext auth = No log level = 1 log file = /var/log/samba3/log.%m max log size = 1000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = cups logon script = logon.bat logon path = logon home = domain logons = Yes os level = 100 lm announce = No preferred master = Yes domain master = Yes enhanced browsing = No dns proxy = No wins support = Yes ldap ssl = start tls printer admin = @adm create mask = 02777 force create mode = 02777 directory mask = 02777 force directory mode = 02777 printing = cups [printers] comment = All Printers path = /var/spool/samba3 create mask = 0700 guest ok = Yes max print jobs = 5000 printable = Yes print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. use client driver = Yes browseable = No [print$] path = /var/lib/samba3/printers write list = @adm, root guest ok = Yes [c] path = /servidor/c read only = No [netlogon] path = /servidor/netlogon write list = root browseable = No [openoffice] path = /servidor/openoffice [iso9001] path = /servidor/c/iso9001 read only = No inherit permissions = Yes [win98] path = /servidor/win98 [documentos] path = /servidor/documentos read only = No [d] path = /d read only = No [homes] comment = Home Directories read only = No hide special files = Yes hide unreadable = Yes hide unwriteable files = Yes browseable = No [drivers] path = /servidor/drivers -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP not joining domain
Hi I have a small problem with joining a XP box to a Samba domain, which I hope that someone can put some light on. The setup: Samba 3.0.4 using ldap for users. All users are created with both posix and samba accounts. Users can login with ssh (pam/nss), smbclient and net use \\pdc\share /USER:username (also from XP pro). W2k workstations can join the domain. When I try to join a XP (pro) workstation I get the following in the log: [2004/06/01 11:51:47, 2] lib/smbldap.c:smbldap_search_domain_info(1344) Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))] [2004/06/01 11:51:47, 2] lib/smbldap.c:smbldap_open_connection(639) smbldap_open_connection: connection opened [2004/06/01 11:51:47, 2] smbd/sesssetup.c:setup_new_vc_session(602) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/06/01 11:51:47, 2] smbd/sesssetup.c:setup_new_vc_session(602) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/06/01 11:51:47, 2] passdb/pdb_ldap.c:init_sam_from_ldap(483) init_sam_from_ldap: Entry found for user: root [2004/06/01 11:51:48, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded [2004/06/01 11:51:48, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2477) Returning domain sid for domain SAMBA -> S-1-5-21-3689821868-1502956241-3879604288 [2004/06/01 11:51:52, 2] smbd/server.c:exit_server(568) Closing connections It appears that the PDC returns the domain SID and the client just chooses to ignore it i.e. closing the connection. I have tried both with and without the signorseal registry change. The most recent info seems to indicate that it is not needed, but I was not sure. The machine account gets created automatically. I have tried to create it manually (using smbldap-useradd -w from IDEALIX's smbldap tools), but with the same result. The global section of the smb.conf file are included below. I have searched the archives and google but found nothing except one other having the same problem, but no solution was found. Does anyone have any ideas? Best regards Mikael M. Hansen smb.conf: [global] workgroup = SAMBA interfaces = eth0, lo bind interfaces only = Yes passdb backend = 'ldapsam:ldap://ldap1.cs.auc.dk ldap://ldap2.cs.auc.dk' passwd program = /var/lib/samba/sbin/smbldap-passwd-auto %u passwd chat = *New*password*:* %n\n *Retype*new*password*:* %n\n passwd chat debug = Yes username map = /etc/samba/smbusers unix password sync = Yes log level = 2 smb ports = 139 445 name resolve order = wins hosts bcast add user script = /var/lib/samba/sbin/smbldap-useradd -a -m '%u' delete user script = /var/lib/samba/sbin/smbldap-userdel %u add group script = /var/lib/samba/sbin/smbldap-groupadd -p '%g' delete group script = /var/lib/samba/sbin/smbldap-groupdel '%g' add user to group script = /var/lib/samba/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /var/lib/samba/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /var/lib/samba/sbin/smbldap-usermod -h '%g' '%u' add machine script = /var/lib/samba/sbin/smbldap-useradd -w '%u' logon script = scripts\logon.bat logon path = \\%L\%U\.profile logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=cs,dc=aau,dc=dk ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = "cn=Manager,dc=cs,dc=aau,dc=dk" ldap ssl = start tls ldap passwd sync = Yes idmap backend = ldap:ldap://ldap1.cs.auc.dk idmap uid = 1-2 idmap gid = 1-2 map acl inherit = Yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba problems
Suddenly (at least I cannot remember any change) I cannot use the Network server with samba as I get the following message Impossible to show smb:/// as Nautilus cannot contact SMB master browser. Please check if a SMB server is operating on local network And here are results of a testparm. [EMAIL PROTECTED] antoniomontagnani]# testparm Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[Aurat]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] server string = PC Antonio null passwords = Yes username map = /etc/samba/user.map log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 10 dns proxy = No guest ok = Yes hosts allow = 192.168.0.0/24 [homes] comment = Home Directories read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [Aurat] comment = Copia directory HP path = /home/antoniomontagnani/HP read only = No -- Antonio Montagnani === Working with Mozilla 1.6 on Linux Fedora Core 1 === Utilizzo Mozilla 1.6 su Linux Fedora Core 1 === -- Antonio Montagnani === Working with Mozilla 1.6 on Linux Fedora Core 1 === Utilizzo Mozilla 1.6 su Linux Fedora Core 1 === -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba-3.0.2a openldap-2.1
Hi! -I've separated samba-3.0.2a and openldap-2.1 on two computers with Slackware 9.1 -smbldap_populate.pl genertated all standard groups and the Administrator account -The ldap seams to work now ldapsearch -H ldap://l1.dbb.su.se/ -b dc=dbb,dc=su,dc=se -x ldap_bind: Confidentiality required (13) additional info: TLS confidentiality required -This is like it should be since the server require TLS ldapsearch -H ldaps://l1.dbb.su.se/ -b dc=dbb,dc=su,dc=se -x -Generates all in the ldap database -But when I try to do: [EMAIL PROTECTED]:/usr/local/samba/bin# ./net rpc group LIST global -U administrator Password: The username or password was not correct. -And [EMAIL PROTECTED]:/usr/local/samba/bin# ./smbclient -L localhost -U administrator Password: session setup failed: NT_STATUS_LOGON_FAILURE -I'm very confused. Isn't the password the same as in secret.tdb and slapd.conf? -In my log.smbd i can see this: [2004/06/01 11:03:50, 1] lib/smbldap.c:smbldap_retry_open(896) Connection to LDAP Server failed for the 1 try! [2004/06/01 11:03:50, 0] lib/smbldap.c:smbldap_search_suffix(1113) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Inappropriate authentication) -If I do a: [EMAIL PROTECTED]:/usr/local/samba/bin# ./testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions # Global parameters [global] workgroup = DBB server string = Samba PDC running %v update encrypted = Yes passdb backend = ldapsam:ldap://l1.dbb.su.se username map = /etc/samba/smbusers socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 printcap name = /etc/cups/printers.conf add user script = /usr/local/sbin/smbldap-useradd -m "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" logon script = logon.bat logon path = \\%L\profiles\%U logon drive = H: logon home = \\%L\%U\.profile domain logons = Yes os level = 255 preferred master = Yes domain master = Yes wins support = Yes ldap suffix = dc=dbb,dc=su,dc=se ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap idmap suffix = ou=Users ldap admin dn = "cn=Manager,dc=dbb,dc=su,dc=se" ldap ssl = start tls ldap passwd sync = Yes ldap delete dn = Yes idmap uid = 15000-2 idmap gid = 15000-2 winbind separator = + path = /home/Users hosts allow = 130.237.179.0/24 printing = cups [EMAIL PROTECTED]:/usr/local/samba/bin# I welcome all kinds of help or ideas! Peter Nyberg Institutionen för Biokemi och Biofysik (DBB) Sv.Arrhenius vägen 12 106 91 Stockholm Tel: 08-16 24 69 Mobil: 070 339 24 69 Fax 08 153679 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Weird issue with Windows 2003 server connecting to samba
Dear all, Does anyone have any suggestions as to how to fix the following conundrum We have the following setup Using samba version 2.2.8 on a server with three network cards 192.168.0.241/24 10/100 Local network for administration 192.168.10.241/24 10/100 ASP client network 192.168.11.241/24 Fibre network for link to websites and data backups Samba server is configured to use all 3 interfaces. Linked to this server we have a Windows 2000 server 192.168.0.254/24 10/100 Local network for administration 192.168.11.254/24 Fibre network for link from websites and data backups X.X.X.254 Public ip address for web access There is an entry in winnt/system32/drivers/etc/hosts that points to the 192.168.11.241 address of the samba server. On this box all requests from the website to the samba server connect , as they should, through the fibre network. Here is where the problem begins We have added a windows 2003 server to run websites configured as follows 192.168.0.250/24 10/100 Local network for administration 192.168.11.250/24 Fibre network for link from websites and data backups X.X.X.254 Public ip address for web access There is an entry in winnt/system32/drivers/etc/hosts that points to the 192.168.11.241 address of the samba server. Connections from this server choose any interface i=on the windows server to make the connection, chosen randomly from all three. We have changed the bind order of the network cards to place the fibre card as the first card. We have entered manual metrics, assigning 1 to the fibre card and 20 to the other 2 cards. We have added a persistant static route to the samba server through the fibre interface card. None of this makes any difference. The windows server still randomly selects an interface to connect through. We have tried re-installing the operating system on another server, just incase, but this produces the same results. We need to tie this to the fibre network for performance. Any ideas on what to try to fix this would be appreciated Spencer Clark Legal Disclaimer: Internet communications are not secure and therefore we as a company do not accept legal responsibility for the contents of this message. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba Legal Disclaimer: Internet communications are not secure and therefore we as a company do not accept legal responsibility for the contents of this message. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] WinRAR archiver cannot create russian filename on samba share (bug 1407)
WinRAR (ver 3.x) cannot create russian filenames on Samba shares - it got error: cannot create тест.rar Access is denied. But it can successfully create filename, contains only english characters. https://bugzilla.samba.org/show_bug.cgi?id=1407 Anybody has the same problem? Thanks a lot! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba