[Samba] Re: Request patch for samba 2.2.2

2004-06-09 Thread Torsten 
Hello!
Well you are asking for a bit tricky questions. Concerning the release 
of Samba you may install version 2.2.9 or 3.0.4 -- depending on your 
needs. The vendor of your linux may have an updated rpm package for you.

I know it is a bit odd to make the way through the manuals etc, but 
having got an open source tools this should be understandable...

-- Torsten.
Udomchai Srisuk (LAD:1Logic) wrote:
Dear Sir/Madam,
I'm request patch for samba 2.2.2  on Sun Server (Solaris)
If you require futher information, Please let me know.
Regards.
Udomchai S.
===
PKGINST:  samba
  NAME:  SMB based file/printer sharing
  CATEGORY:  system
  ARCH:  sparc
   VERSION:  2.2.2
   BASEDIR:  /usr/local
VENDOR:  Samba Team
  DESC:  File and printer sharing for Windows workstations
PSTAMP:  nose20011019112615
  INSTDATE:  Nov 21 2001 06:03
   HOTLINE:  Please contact your local UNIX support group
 EMAIL:  [EMAIL PROTECTED]
STATUS:  completely installed
 FILES:432 installed pathnames
 9 shared pathnames
26 directories
40 executables
 42471 blocks used (approx)


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Mail Delivery (failure geen_reply@office.casema.nl)

2004-06-09 Thread geen_reply 
Geachte heer, mevrouw,

Dit e-mailadres wordt niet aktief bijgehouden. Indien u rechtstreeks een
bestelling wilt plaatsen voor kabelinternet of de beschikbaarheid van
kabelinternet bij u thuis wilt controleren, kunt u terecht op onze
website www.casema.nl of via onze gratis telefonische ingang
0800-1884. Voor vragen over de status van uw order kunt u terecht op
datzelfde gratis telefoonnummer: 0900-8896.


Met vriendelijke groet,

Casema Klantenservice
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Request patch for samba 2.2.2

2004-06-09 Thread Richard Sharpe 
On Tue, 8 Jun 2004, Udomchai Srisuk (LAD:1Logic) wrote:

 I'm request patch for samba 2.2.2  on Sun Server (Solaris)

There is no such patch. Since you ask for a patch, you most likely are
happy to work with source. You should upgrade to 3.0.4, but if you must
continue with the 2.2.x stream, then you should move to 2.2.9.

Regards
-
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba ldap with smbldap-tools cant join domain.

2004-06-09 Thread Lance Levsen 
On Tue, 2004-06-08 at 23:48, Muhammad Reza wrote:

 passdb backend = ldapsam:ldap://127.0.0.1/
 ldap admin dn = cn=Manager,dc=mragroup,dc=net
 ldap suffix = dc=mragroup,dc=net
 ldap group suffix = ou=Groups

Currently samba needs the groups to be in the same directory branch as
the users. Move your machine accounts from ou=Computers to
ou=Users,dc=mragroup,dc=net. I should think that will help. Don't forget
to change the pam/nss confs too.

 ldap user suffix = ou=Users
 ldap machine suffix = ou=Computers
 ldap idmap suffix = ou=Users

 Is there something i missed ? i assumed that samba now can connect to 
 ldap service, and  i have an Adminstrator account at ldap DIT  and at 
 secret.tdb with right password why still i can join my windows machine ? 
 i even add mahine name to DIT.
 
 Please help me, any suggest is very appriciate, and sorry for my poor 
 english
 
 regards
 reza 

Cheers,
lance
-- 
Lance Levsen, Catprint Computing
Linux Systems and programming
gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Windows rejects name registration

2004-06-09 Thread Thorsten Witt 
Dear people of samba,
my problem seems to be a firewalled WinXP in our net.
Our Samba is the Debian testing (Samba 3.x).
It is configured to hold the browsing list and to
become master. The nmbd.log shows:
[2004/06/09 08:17:38, 0] 
nmbd/nmbd_incomingdgrams.c:process_local_master_announce(311)
  process_local_master_announce: Server PRAEPLAB at IP 129.217.168.62 
is announcing itself as a local master browser for workgroup EIA and we 
think we are master. Forcing election.
[2004/06/09 08:17:38, 2] 
nmbd/nmbd_become_lmb.c:unbecome_local_master_browser(280)
  unbecome_local_master_browser: unbecoming local master for workgroup 
EIA on subnet 129.217.168.21
[2004/06/09 08:17:38, 0] 
nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
  *

  Samba name server NETCHEF has stopped being a local master browser 
for workgroup EIA on subnet 129.217.168.21

  *
[2004/06/09 08:17:40, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
  send_election_dgram: Sending election packet for workgroup EIA on 
subnet 129.217.168.21
[2004/06/09 08:17:41, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
  send_election_dgram: Sending election packet for workgroup EIA on 
subnet 129.217.168.21
[2004/06/09 08:17:41, 2] nmbd/nmbd_elections.c:run_elections(201)
  run_elections:  Won election for workgroup EIA on subnet 
129.217.168.21 
[2004/06/09 08:17:41, 2] 
nmbd/nmbd_become_lmb.c:become_local_master_browser(537)
  become_local_master_browser: Starting to become a master browser for 
workgroup EIA on subnet 129.217.168.21
[2004/06/09 08:17:44, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
  send_election_dgram: Sending election packet for workgroup EIA on 
subnet 129.217.168.21
[2004/06/09 08:17:46, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
  send_election_dgram: Sending election packet for workgroup EIA on 
subnet 129.217.168.21
[2004/06/09 08:17:46, 2] 
nmbd/nmbd_elections.c:check_for_master_browser_fail(108)
  check_for_master_browser_fail: Forcing election on workgroup EIA 
subnet 129.217.168.21
[2004/06/09 08:17:47, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
  send_election_dgram: Sending election packet for workgroup EIA on 
subnet 129.217.168.21
[2004/06/09 08:17:47, 0] 
nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 129.217.168.62 rejected our name 
registration of EIA1d IP 129.217.168.21 with error code 6.
[2004/06/09 08:17:47, 0] 
nmbd/nmbd_become_lmb.c:become_local_master_fail2(417)
  become_local_master_fail2: failed to register name EIA1d on subnet 
129.217.168.21. Failed to become a local master browser.
[2004/06/09 08:17:47, 2] 
nmbd/nmbd_become_lmb.c:unbecome_local_master_browser(280)
  unbecome_local_master_browser: unbecoming local master for workgroup 
EIA on subnet 129.217.168.21
[2004/06/09 08:17:47, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283)
  standard_fail_register: Failed to register/refresh name EIA1d on 
subnet 129.217.168.21
[2004/06/09 08:17:50, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
  send_election_dgram: Sending election packet for workgroup EIA on 
subnet 129.217.168.21
[2004/06/09 08:17:52, 2] nmbd/nmbd_elections.c:send_election_dgram(41)

I think that the PRAEPLAB PC is firewalled, but i have no control over 
it. Is there any way, to become the local master against this PC?
Eventually staying local master by brute force or kicking the bad PC
of the net?

Thanks in advance
Thorsten Witt
--
Thorsten Witt
Universitaet Dortmund
Fachbereich Physik  DELTA
Experimentelle Physik 1
Raum P2-E0-517
Otto-Hahn-Straße 4
D-44221 Dortmund (Germany)
Tel.: +49-(0)231-755-3495/5397
Fax : +49-(0)231-755-3657
email: [EMAIL PROTECTED]
http://e1.physik.uni-dortmund.de
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] getent passwd wbinfo -u not working

2004-06-09 Thread Christoph Scheeder 
Hi,
remeber, after compiling and installing samba you have to copy the files
nsswitch/libnss_winbind.so and nsswitch/libnss_wins.so to /lib/ and
ln -sf /lib/libnss_winbind.so /lib/libnss_winbind.so.2
ln -sf /lib/libnss_wins.so /lib/libnss_wins.so.2
then copy nsswitch/pam_winbind.so to /lib/security/ and finally do a
ldconfig.
you'll have to do these steps manually after each compile and install,
as these files are omitted by make install
Christoph
Sahibzada Junaid Noor schrieb:
HI,
   i had messed up with the pam.d so i did a fresh
install.
 now after this fresh install some how getent passwd
and wbinfo -u is not working.
the rest of the commands
kinit
net ads join
are ok. 

[EMAIL PROTECTED] samba]# wbinfo -u
Error looking up domain users
and getent passwd simply returns me to the prompt
after listing the names of the local users and groups
any know how whats going on?
=
  Sahibzada Junaid Noor  
  Ph   #  (+92) (051) 5950 940
  Cell #   (+92) (0333) 5223586
  Qazi plaza,Third Floor,Commerical Market,Chaklala Scheme 3,
  Rawalpindi
  Islamic Republic of Pakistan 




	
		
__
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/ 
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] SAMBA and LDAP Schema's

2004-06-09 Thread Vaughan Rivett 
Hi there!

I am wanting to get hold of a list of the various schema settings for 
Samba as a PDC with an LDAP backend database.

I need a break down of all the object classes, the attributes and which of 
the attributes are required/optional.

I have taken some of my information from:
http://www.samba.org/samba/docs/man/howto/passdb.html#id2532816 under the 
section on LDAPSAM

I have been able to get my system to the point that I can browse the 
network, open the machine and view the shares.  I am then able to log in 
when I am prompted for a password.  The problem that I have is that I 
cannot get a windows machine to join the domain.

I am using IBM/Lotus Domino Server as my LDAP server.  I have had to 
extent the schema to cater for what I think is required.  However, it has 
been a bit hit and miss.


Regards


Vaughan Rivett
http://www.wadzi.biz
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba client filesize problems

2004-06-09 Thread Jonathan Andrews 
Filesize problems with samba client on Redhat 9 and W2k machine.

The original smbclient did this so I upgraded to the latest, it didn't
help. The server is W2k with an NTFS volume, these are video files - the
windows software breaks the files at the 2G limit, but for some
reason some are reported as 2G others as huge !!

One day I might own 25T of disk, but not today.

Anyone any ideas ?

Thanks,
Jon


[EMAIL PROTECTED] bin]# smbmount
Usage: mount.smbfs service mountpoint [-o options,...]
Version 2.2.9
[EMAIL PROTECTED] bin]# uname -a
Linux jonspc 2.4.20-8 #1 Thu Mar 13 17:18:24 EST 2003 i686 athlon i386
GNU/Linux

[EMAIL PROTECTED] record]# ls -lt
total 25793202411
-rwxr-xr-x1 root root 18446744071562071792 Jun  9 02:46
Channel 4 - 2004,06,09 00,23,13_001.mpg
-rwxr-xr-x1 root root 2147477442 Jun  9 01:34 Channel 4 -
2004,06,09 00,23,13.mpg
-rwxr-xr-x1 root root 894211652 Jun  8 23:39 BBC TWO -
2004,06,08 13,47,17_007.mpg
-rwxr-xr-x1 root root 2147464426 Jun  8 23:02 BBC TWO -
2004,06,08 13,47,17_006.mpg
-rwxr-xr-x1 root root 18446744071562081966 Jun  8 21:37 BBC
TWO - 2004,06,08 13,47,17_005.mpg
-rwxr-xr-x1 root root 2147475408 Jun  8 20:11 BBC TWO -
2004,06,08 13,47,17_004.mpg
-rwxr-xr-x1 root root 18446744071562073774 Jun  8 18:54 BBC
TWO - 2004,06,08 13,47,17_003.mpg
-rwxr-xr-x1 root root 18446744071562089104 Jun  8 17:24 BBC
TWO - 2004,06,08 13,47,17_002.mpg
-rwxr-xr-x1 root root 2147456882 Jun  8 16:07 BBC TWO -
2004,06,08 13,47,17_001.mpg
-rwxr-xr-x1 root root 2147476444 Jun  8 14:58 BBC TWO -
2004,06,08 13,47,17.mpg
-rwxr-xr-x1 root root 2147470716 Jun  8 02:52 BBC FOUR -
2004,06,08 00,54,21_001.mpg
-rwxr-xr-x1 root root 2147483360 Jun  8 01:51 BBC FOUR -
2004,06,08 00,54,21.mpg
-rwxr-xr-x1 root root 18446744071562079614 Jun  7 23:01 BBC
TWO - 2004,06,07 14,07,54_006.mpg
-rwxr-xr-x1 root root 18446744071562080616 Jun  7 21:41 BBC
TWO - 2004,06,07 14,07,54_005.mpg
-rwxr-xr-x1 root root 2147459392 Jun  7 20:20 BBC TWO -
2004,06,07 14,07,54_004.mpg
-rwxr-xr-x1 root root 18446744071562069142 Jun  7 19:01 BBC
TWO - 2004,06,07 14,07,54_003.mpg
-rwxr-xr-x1 root root 18446744071562082462 Jun  7 17:43 BBC
TWO - 2004,06,07 14,07,54_002.mpg
-rwxr-xr-x1 root root 2147468096 Jun  7 16:28 BBC TWO -
2004,06,07 14,07,54_001.mpg
-rwxr-xr-x1 root root 2147482130 Jun  7 15:17 BBC TWO -
2004,06,07 14,07,54.mpg
-rwxr-xr-x1 root root 18446744071562080378 Jun  7 02:40
Channel 4 - 2004,06,07 00,17,59_001x.mpg
-rwxr-xr-x1 root root 1643224088 Jun  7 00:12 Channel 4 -
2004,06,06 22,06,18_001.mpg
-rwxr-xr-x1 root root 2147474490 Jun  6 23:17 Channel 4 -
2004,06,06 22,06,18.mpg
-rwxr-xr-x1 root root 763302994 Jun  4 09:56 five -
2004,06,04 09,33,34.mpg
-rwxr-xr-x1 root root 953933946 May 23 23:05 ITV 1 -
2004,05,23 22,35,15.mpg
-rwxr-xr-x1 root root 1592166170 May 15 01:02 Sky Travel -
2004,05,15 00,02,25.mpg
-rwxr-xr-x1 root root 954005116 May 13 22:34 ITV 1 -
2004,05,13 22,04,40.mpg
-rwxr-xr-x1 root root 899231922 May  6 23:38 Channel 4 -
2004,05,06 23,08,26.mpg
-rwxr-xr-x1 root root 120173424 May  1 11:11 Cristina
millan.mpg
-rwxr-xr-x1 root root 2147483315 Apr 18 12:08 BBC ONE -
2004,04,18 11,08,42.mpg
-rwxr-xr-x1 root root 526759144 Apr 15 22:02 Channel 4 -
2004,04,15 21,44,43.mpg
-rwxr-xr-x1 root root 43353716 Apr 15 21:41 Channel 4 -
2004,04,15 21,39,30.mpg
-rwxr-xr-x1 root root 718703370 Apr 11 18:35 Sky Travel -
2004,04,11 18,05,34.mpg
-rwxr-xr-x1 root root 35889464 Apr 11 18:02 Sky Travel -
2004,04,11 18,01,06.mpg
-rwxr-xr-x1 root root 2147461254 Apr 10 00:17 Sky Travel -
2004,04,09 23,01,13.mpg
-rwxr-xr-x1 root root 856571274 Apr  9 01:58 BBC THREE -
2004,04,09 01,29,21.mpg
-rwxr-xr-x1 root root 1588864206 Apr  8 00:16 ITV 1 -
2004,04,07 16,38,32_006.mpg
-rwxr-xr-x1 root root 18446744071562080022 Apr  7 23:26 ITV
1 - 2004,04,07 16,38,32_005.mpg
-rwxr-xr-x1 root root 2147479956 Apr  7 22:18 ITV 1 -
2004,04,07 16,38,32_004.mpg
-rwxr-xr-x1 root root 18446744071562071902 Apr  7 20:02 ITV
1 - 2004,04,07 16,38,32_002.mpg
-rwxr-xr-x1 root root 18446744071562073792 Apr  7 18:54 ITV
1 - 2004,04,07 16,38,32_001.mpg
-rwxr-xr-x1 root root 2147468954 Apr  7 12:41 BBC TWO -
2004,04,07 11,01,30.mpg
-rwxr-xr-x1 root root 332269870 Apr  3 07:29 Channel 4 -
2004,04,03 07,18,04.mpg
-rwxr-xr-x1 root root 404056246 Apr  3 07:16 Channel 4 -
2004,04,03 07,02,36.mpg
-rwxr-xr-x1 root root 662680375 Apr  1 02:01 Channel 4 -
2004,04,01 01,39,16.mpg
-rwxr-xr-x1 root root 589524842 Mar 25 06:02 BBC TWO -

Re: [Samba] Weird Domain listings

2004-06-09 Thread Jeremias Müller 
Paul Espinosa wrote:
I'm having an issue with my samba Domains.  When I browse to Microsoft
Windows Network with either Windows 2000 or WinXP I see two copies of the
Domain.  I see the proper domain (I'm using Matrix for testing) 
Matrix and
I see another Matrix   that appears to have 5 or 6 spaces or a tab
appended onto the end.  The domain w/o the spaces is the proper one, 
the one
with the spaces doesn't contain any servers or workstation.

This seems to have started after upgrading to samba 3.0.4.
Has anyone seen this before?  And if so what's the solution to this, I 
don't
want my users to get confused.

Thanks,
Paul Espinosa
Hi,
I had the same problem.
After commenting out the charset options in smb.conf and removing 
browse.dat and wins.dat,
it was solved for me.
Remember to stop the smb service befor the changes and start afterwards.

Jeremias M.
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] install samba problem

2004-06-09 Thread Donald 
I downloaded Samba 3.0.4 rpm for Red Hat 9.0. On install, the system
prepares for installation, then closes. Nothing has been installed.
I have removed the previous versionm of samba, which made no difference.
Any advise will be greatly appreciated.
Donald  
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] detailed file permissions

2004-06-09 Thread Thierry ITTY 
hello 

I have several linux samba servers (mainly 2.2.8) which I'm very satisfied of

I'm asked to set NT-like permissions on some files or directories, such as
: explicit delete permission, explicit create permission (for example we
want to allow users to update files but not to create new ones or delete
existing ones)

I think posix ACLs don't provide this, and I didn't find any kind of
mapping. Is this possible with latest versions (samba 3) ?

tia

Thierry
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Can you help us....

2004-06-09 Thread Vijaya Kumar V 
Hi guys,

I am using Redhat Linux ES 3 in my system.  When i try to install Samba 3.0.2-7 it is 
giving a erros 
stating it is depending on libacl.so.1(ACL_1.0) and libattr.so.1(ATTR_1.0).  I have 
tried these files for 
download, but i couldnt get it.

Can u tell me where can i get these files.

And one more problem i am getting in another machine.. when i try to mount a windows 
machine in my 
linux machine which has samba 2.2 it is giving following error:
3075: session request to 192.168.31.228 failes (Called name not present)
3075: session request to 192 failed (Called name not present)

i am able to mount linux machines.. how to solve this issues...

any help will be greatly appreciated... thanks in advance...

regards,
Vijaya Kumar .V

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] detailed file permissions

2004-06-09 Thread Hamish 
We have samba 3.0.3  using posix acls, it does not seem to allow the 
same functionality of nt acls though - they do map to the nt security 
dialog which is useful, but only using combinations of rwx. I do not 
think it is possible to set explicit delete permissions with posix acls.
I would be very interested if you find a solution to the (create new but 
not delete old) issue!

Thierry ITTY wrote:
hello 

I have several linux samba servers (mainly 2.2.8) which I'm very satisfied of
I'm asked to set NT-like permissions on some files or directories, such as
: explicit delete permission, explicit create permission (for example we
want to allow users to update files but not to create new ones or delete
existing ones)
I think posix ACLs don't provide this, and I didn't find any kind of
mapping. Is this possible with latest versions (samba 3) ?
tia
Thierry
 

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Can anyone help us....

2004-06-09 Thread Vijaya Kumar V 
Hi guys,

I am using Redhat Linux ES 3 in my system.  When i try to install Samba 3.0.2-7 it is 
giving a erros
stating it is depending on libacl.so.1(ACL_1.0) and libattr.so.1(ATTR_1.0).  I have 
tried these files for
download, but i couldnt get it.

Can u tell me where can i get these files.

And one more problem i am getting in another machine.. when i try to mount a windows 
machine in my
linux machine which has samba 2.2 it is giving following error:
3075: session request to 192.168.31.228 failes (Called name not present)
3075: session request to 192 failed (Called name not present)

i am able to mount linux machines.. how to solve this issues...

any help will be greatly appreciated... thanks in advance...

regards,
Vijaya Kumar .V

- End forwarded message -

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Fw: error on UID

2004-06-09 Thread babu . kish 





Hi all,

I have samba version 3.0.0 installed on soalris box, I get following error
on message file  and log file of each access, will some one  can help me on
this error

smbd[20339]: [ID 702911 daemon.error]   getsmbfilepwent: malformed password
entry (uid not number)


Babukish

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] web interface to samba file sharing

2004-06-09 Thread Andrei Mikhailovsky 
Hello everyone!
I was just wondering if there is such tool that will allow samba file 
sharing to be done via web interface?

So instead of making a remote samba connection to a server on the 
internet, the person just goes to the server's web page, logs in to 
samba share and is allowed to upload/download files.

Any help or suggestions are welcome )
--
Andrei Mikhailovsky
Arhont
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] SAMBA and LDAP Schema's

2004-06-09 Thread ww m-pubsyssamba 
Not hit and miss! there are complete listings of all schema changes needed in the 
source code for each
release of Samba 3.0 (not sure if this has been static since 3 was released). There 
are files formatted
for OpenLDAP and SunONE LDAP (in the examples directory), you should be able to derive 
all the info you 
need from these for any other LDAP server you wish to use,

thanks Andy.

Hi there!

I am wanting to get hold of a list of the various schema settings for 
Samba as a PDC with an LDAP backend database.

I need a break down of all the object classes, the attributes and which of 
the attributes are required/optional.

I have taken some of my information from:
http://www.samba.org/samba/docs/man/howto/passdb.html#id2532816 under the 
section on LDAPSAM

I have been able to get my system to the point that I can browse the 
network, open the machine and view the shares.  I am then able to log in 
when I am prompted for a password.  The problem that I have is that I 
cannot get a windows machine to join the domain.

I am using IBM/Lotus Domino Server as my LDAP server.  I have had to 
extent the schema to cater for what I think is required.  However, it has 
been a bit hit and miss.


Regards


Vaughan Rivett

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] VMWare; WinXP guest can browse every machine except host Debian, and vice versa

2004-06-09 Thread Clifford Heath 
The setup:
My VMWare host is Debian 2.4.24, and runs Samba 3.0.2a-Debian,
on fixed IP address 10.0.0.9. Other computers can see and use
services on this server. Samba is browse master and domain master
browser for the workgroup. An external host runs dnscache and
a tinydns for the local domain.
VMWare is 3.2.0 build-2230, configured with bridged networking
only (though I previously tried both NAT and host-only).
My guest is now WindowsXP (I tried 98 also, same problem as
I'll describe). It's in the same workgroup, and has a fixed
IP address 10.0.0.11. I'm logged in as administrator, as I
haven't created any additional accounts yet. I enabled WINS
to the host (in desparation, I don't know what it does).
Guest can ping host, and vice versa, and both can do DNS
lookups with or without the local domain suffix (same as
workgroup name).
The problem:
Both host and guest can see all other computers on the LAN and
use their services, but neither can see or connect to the other.
I've run Ethereal on XP and tcpdump on Debian, and packets from
nmb lookups and browse requests are visible from both ends, but
I always get host not found errors. I can show the dumps if it
helps. I'm not seeing errors in the nmb or smb logs.
What could possibly be wrong?
What more can I do to diagnose it?
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] pdbedit

2004-06-09 Thread Ninti Systems 
I have a couple of questions about pdbedit.

I am having trouble using pdbedit in shell scripts.

First, on a freshly installed system with no-one in the tdbsam database,
trying to add multiple machine accounts via a loop construct in a shell
script fails with a message that the database can't be found/doesn't
exist. I then added root manually just to get the system going, which
solves that problem. 

Once the first user is added, my script seems to get stuck in an
infinite loop trying to add the first machine, but I can add a machine
manually.

Is pdbedit usable in shell scripts? I understand that normal users need
a password added, but I can't see why machine accounts can't just be
added automatically.

Does pdbedit have to be run manually for some reason?

Is there some way of initialising the tdbsam database without manually
adding a first user?

Mick



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] SIDs

2004-06-09 Thread Ninti Systems 
I'm wondering where the three 10 digit numbers that make up an SID come
from. In other words, the X's in the example below:

S-1-5-21-XX-XX-XX-2202

Can these just be made up?

Does every SID on a system have to have the same numbers in these
positions?

Thanks
Mick



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] use password server= when security=ADS or not???

2004-06-09 Thread Alex de Vaal 
Dear list,

I’m using samba 3.0.4 on a RHL9 server as domain member in a W2k3 ADS (native)
environment.
The shares on the Samba server are used by XP clients and these clients get the
shares via scripting while they logon on the ADS.
In the ADS domain there are several ADS servers (on remote locations, connected
via routers) that have the same global catalog. This means that an XP client that
logon on the ADS will get a response from the “fastest” server on the network. The
XP clients and the Samba domain member are on remote locations and connected
to the ADS environment via routers too.

The smb.conf file that I use on the Samba domain members doesn’t contain the
“password server” statement; this means that samba handles as follows about
“password server” according to the man pages:
If the “password server” option is set to the character '*' (is the same as no password
server), then Samba will attempt to auto-locate the Primary or Backup Domain
controllers to authenticate against by doing a query for the name
“WORKGROUP1C” and then contacting each server returned in the list of IP
addresses from the name resolution source. This means that Samba uses the old
NETBIOS name and this is not in our DNS and a broadcast is not allowed on our
routers!

In the man page of samba also reside about “password server” the following:
The advantage of using “security = domain” is that if you list several hosts in the
“password server” option then smbd will try each in turn till it finds one that 
responds.
This is useful in case your primary server goes down.
Does this also work, when “security = ADS”?  I’d like that the samba domain server
tries to contact each password server in the list till it finds one that responds.

Can you tell me what is preferable? I use Samba 3.0.4 on RHL9 compiled with MIT
1.3.1-7 kerberos and CUPS, Kerberos and winbind is used for authentication against
the ADS server.

Here is my smb.conf file (only the global section):

[global]
workgroup = 
realm = .COM
server string = %h server (Samba %v)
security = ADS
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M
%u
domain master = No
dns proxy = No
idmap uid = 1-2
idmap gid = 1-2
template homedir = /data/hom/%U
template shell = /bin/bash
printer admin = root, '@.COM\Domain Admins',
@.COM\DEP_ADMIN_GERMANY
oplocks = No
level2 oplocks = No



Regards,
Alex.

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Windows rejects name registration

2004-06-09 Thread Jochen Hoechner 
Hi Thorsten,
pls add the following statement to your smb.conf:
   os level = 128
This let your samba machine win the master browser election.
Kind Rgds
Jochen
--On Mittwoch, 9. Juni 2004 09:41 9r +0200 Thorsten Witt 
[EMAIL PROTECTED] wrote:

Dear people of samba,
my problem seems to be a firewalled WinXP in our net.
Our Samba is the Debian testing (Samba 3.x).
It is configured to hold the browsing list and to
become master. The nmbd.log shows:
[2004/06/09 08:17:38, 0]
nmbd/nmbd_incomingdgrams.c:process_local_master_announce(311)
   process_local_master_announce: Server PRAEPLAB at IP 129.217.168.62 is
announcing itself as a local master browser for workgroup EIA and we
think we are master. Forcing election.
[2004/06/09 08:17:38, 2]
nmbd/nmbd_become_lmb.c:unbecome_local_master_browser(280)
   unbecome_local_master_browser: unbecoming local master for workgroup
EIA on subnet 129.217.168.21
[2004/06/09 08:17:38, 0]
nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
   *
   Samba name server NETCHEF has stopped being a local master browser for
workgroup EIA on subnet 129.217.168.21
   *
[2004/06/09 08:17:40, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
   send_election_dgram: Sending election packet for workgroup EIA on
subnet 129.217.168.21
[2004/06/09 08:17:41, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
   send_election_dgram: Sending election packet for workgroup EIA on
subnet 129.217.168.21
[2004/06/09 08:17:41, 2] nmbd/nmbd_elections.c:run_elections(201)
   run_elections:  Won election for workgroup EIA on subnet
129.217.168.21 
[2004/06/09 08:17:41, 2]
nmbd/nmbd_become_lmb.c:become_local_master_browser(537)
   become_local_master_browser: Starting to become a master browser for
workgroup EIA on subnet 129.217.168.21
[2004/06/09 08:17:44, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
   send_election_dgram: Sending election packet for workgroup EIA on
subnet 129.217.168.21
[2004/06/09 08:17:46, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
   send_election_dgram: Sending election packet for workgroup EIA on
subnet 129.217.168.21
[2004/06/09 08:17:46, 2]
nmbd/nmbd_elections.c:check_for_master_browser_fail(108)
   check_for_master_browser_fail: Forcing election on workgroup EIA
subnet 129.217.168.21
[2004/06/09 08:17:47, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
   send_election_dgram: Sending election packet for workgroup EIA on
subnet 129.217.168.21
[2004/06/09 08:17:47, 0]
nmbd/nmbd_nameregister.c:register_name_response(130)
   register_name_response: server at IP 129.217.168.62 rejected our name
registration of EIA1d IP 129.217.168.21 with error code 6.
[2004/06/09 08:17:47, 0]
nmbd/nmbd_become_lmb.c:become_local_master_fail2(417)
   become_local_master_fail2: failed to register name EIA1d on subnet
129.217.168.21. Failed to become a local master browser.
[2004/06/09 08:17:47, 2]
nmbd/nmbd_become_lmb.c:unbecome_local_master_browser(280)
   unbecome_local_master_browser: unbecoming local master for workgroup
EIA on subnet 129.217.168.21
[2004/06/09 08:17:47, 0]
nmbd/nmbd_namelistdb.c:standard_fail_register(283)
   standard_fail_register: Failed to register/refresh name EIA1d on
subnet 129.217.168.21
[2004/06/09 08:17:50, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
   send_election_dgram: Sending election packet for workgroup EIA on
subnet 129.217.168.21
[2004/06/09 08:17:52, 2] nmbd/nmbd_elections.c:send_election_dgram(41)
I think that the PRAEPLAB PC is firewalled, but i have no control over
it. Is there any way, to become the local master against this PC?
Eventually staying local master by brute force or kicking the bad PC
of the net?
Thanks in advance
Thorsten Witt
--
Thorsten Witt
Universitaet Dortmund
Fachbereich Physik  DELTA
Experimentelle Physik 1
Raum P2-E0-517
Otto-Hahn-Straße 4
D-44221 Dortmund (Germany)
Tel.: +49-(0)231-755-3495/5397
Fax : +49-(0)231-755-3657
email: [EMAIL PROTECTED]
http://e1.physik.uni-dortmund.de


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SUSE 9.1 Samba

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kit wrote:
| Samba does not use encrypted passwords by default,
While this was true under Samba 2.2 and previous
releases, Samba 3.0 does enable encrypted passwords
by default.

- --
cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key   http://www.plainjoe.org/gpg_public.asc
...a hundred billion castaways looking for a home. --- Sting
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAxweeIR7qMdg1EfYRAg8YAKC53RUryn8WfP8Jpqkv6g/1mLFciACdGSiI
jwH5/ZvmfXYrhn34uUA1Fcc=
=gSKH
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba client filesize problems

2004-06-09 Thread Paul Gienger 
The smbclient (package is usually samba-client in most distros) is 
different from the mount.smbfs module.  What you are using when you are 
doing a mount of a samba share is using a kernel module which (at least 
in 2.4) is limited to 2GB. 

Jonathan Andrews wrote:
Filesize problems with samba client on Redhat 9 and W2k machine.
The original smbclient did this so I upgraded to the latest, it didn't
help. The server is W2k with an NTFS volume, these are video files - the
windows software breaks the files at the 2G limit, but for some
reason some are reported as 2G others as huge !!
One day I might own 25T of disk, but not today.
Anyone any ideas ?
Thanks,
Jon
[EMAIL PROTECTED] bin]# smbmount
Usage: mount.smbfs service mountpoint [-o options,...]
Version 2.2.9
[EMAIL PROTECTED] bin]# uname -a
Linux jonspc 2.4.20-8 #1 Thu Mar 13 17:18:24 EST 2003 i686 athlon i386
GNU/Linux
[EMAIL PROTECTED] record]# ls -lt
total 25793202411
-rwxr-xr-x1 root root 18446744071562071792 Jun  9 02:46
Channel 4 - 2004,06,09 00,23,13_001.mpg
-rwxr-xr-x1 root root 2147477442 Jun  9 01:34 Channel 4 -
2004,06,09 00,23,13.mpg
-rwxr-xr-x1 root root 894211652 Jun  8 23:39 BBC TWO -
2004,06,08 13,47,17_007.mpg
-rwxr-xr-x1 root root 2147464426 Jun  8 23:02 BBC TWO -
2004,06,08 13,47,17_006.mpg
-rwxr-xr-x1 root root 18446744071562081966 Jun  8 21:37 BBC
TWO - 2004,06,08 13,47,17_005.mpg
-rwxr-xr-x1 root root 2147475408 Jun  8 20:11 BBC TWO -
2004,06,08 13,47,17_004.mpg
-rwxr-xr-x1 root root 18446744071562073774 Jun  8 18:54 BBC
TWO - 2004,06,08 13,47,17_003.mpg
-rwxr-xr-x1 root root 18446744071562089104 Jun  8 17:24 BBC
TWO - 2004,06,08 13,47,17_002.mpg
-rwxr-xr-x1 root root 2147456882 Jun  8 16:07 BBC TWO -
2004,06,08 13,47,17_001.mpg
-rwxr-xr-x1 root root 2147476444 Jun  8 14:58 BBC TWO -
2004,06,08 13,47,17.mpg
-rwxr-xr-x1 root root 2147470716 Jun  8 02:52 BBC FOUR -
2004,06,08 00,54,21_001.mpg
-rwxr-xr-x1 root root 2147483360 Jun  8 01:51 BBC FOUR -
2004,06,08 00,54,21.mpg
-rwxr-xr-x1 root root 18446744071562079614 Jun  7 23:01 BBC
TWO - 2004,06,07 14,07,54_006.mpg
-rwxr-xr-x1 root root 18446744071562080616 Jun  7 21:41 BBC
TWO - 2004,06,07 14,07,54_005.mpg
-rwxr-xr-x1 root root 2147459392 Jun  7 20:20 BBC TWO -
2004,06,07 14,07,54_004.mpg
-rwxr-xr-x1 root root 18446744071562069142 Jun  7 19:01 BBC
TWO - 2004,06,07 14,07,54_003.mpg
-rwxr-xr-x1 root root 18446744071562082462 Jun  7 17:43 BBC
TWO - 2004,06,07 14,07,54_002.mpg
-rwxr-xr-x1 root root 2147468096 Jun  7 16:28 BBC TWO -
2004,06,07 14,07,54_001.mpg
-rwxr-xr-x1 root root 2147482130 Jun  7 15:17 BBC TWO -
2004,06,07 14,07,54.mpg
-rwxr-xr-x1 root root 18446744071562080378 Jun  7 02:40
Channel 4 - 2004,06,07 00,17,59_001x.mpg
-rwxr-xr-x1 root root 1643224088 Jun  7 00:12 Channel 4 -
2004,06,06 22,06,18_001.mpg
-rwxr-xr-x1 root root 2147474490 Jun  6 23:17 Channel 4 -
2004,06,06 22,06,18.mpg
-rwxr-xr-x1 root root 763302994 Jun  4 09:56 five -
2004,06,04 09,33,34.mpg
-rwxr-xr-x1 root root 953933946 May 23 23:05 ITV 1 -
2004,05,23 22,35,15.mpg
-rwxr-xr-x1 root root 1592166170 May 15 01:02 Sky Travel -
2004,05,15 00,02,25.mpg
-rwxr-xr-x1 root root 954005116 May 13 22:34 ITV 1 -
2004,05,13 22,04,40.mpg
-rwxr-xr-x1 root root 899231922 May  6 23:38 Channel 4 -
2004,05,06 23,08,26.mpg
-rwxr-xr-x1 root root 120173424 May  1 11:11 Cristina
millan.mpg
-rwxr-xr-x1 root root 2147483315 Apr 18 12:08 BBC ONE -
2004,04,18 11,08,42.mpg
-rwxr-xr-x1 root root 526759144 Apr 15 22:02 Channel 4 -
2004,04,15 21,44,43.mpg
-rwxr-xr-x1 root root 43353716 Apr 15 21:41 Channel 4 -
2004,04,15 21,39,30.mpg
-rwxr-xr-x1 root root 718703370 Apr 11 18:35 Sky Travel -
2004,04,11 18,05,34.mpg
-rwxr-xr-x1 root root 35889464 Apr 11 18:02 Sky Travel -
2004,04,11 18,01,06.mpg
-rwxr-xr-x1 root root 2147461254 Apr 10 00:17 Sky Travel -
2004,04,09 23,01,13.mpg
-rwxr-xr-x1 root root 856571274 Apr  9 01:58 BBC THREE -
2004,04,09 01,29,21.mpg
-rwxr-xr-x1 root root 1588864206 Apr  8 00:16 ITV 1 -
2004,04,07 16,38,32_006.mpg
-rwxr-xr-x1 root root 18446744071562080022 Apr  7 23:26 ITV
1 - 2004,04,07 16,38,32_005.mpg
-rwxr-xr-x1 root root 2147479956 Apr  7 22:18 ITV 1 -
2004,04,07 16,38,32_004.mpg
-rwxr-xr-x1 root root 18446744071562071902 Apr  7 20:02 ITV
1 - 2004,04,07 16,38,32_002.mpg
-rwxr-xr-x1 root root 18446744071562073792 Apr  7 18:54 ITV
1 - 2004,04,07 16,38,32_001.mpg
-rwxr-xr-x1 root root 2147468954 Apr  7 12:41 BBC TWO -
2004,04,07 11,01,30.mpg
-rwxr-xr-x1 root root 332269870 Apr  3 07:29 Channel 4 -
2004,04,03 07,18,04.mpg

Re: [Samba] use password server= when security=ADS or not???

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex de Vaal wrote:
| In the man page of samba also reside about password server
| the following: The advantage of using security = domain
| is that if you list several hosts in the password server
| option then smbd will try each in turn till it finds one
| that responds.  This is useful in case your primary
| server goes down. Does this also work, when security = ADS
| ?  Id like that the samba domain server
| tries to contact each password server in the list
| till it finds one that responds.
When 'security = ads', Samba uses the password server
for any NTLM authentication as well as ldap queries.
Krb5 ticket verification is handled by the krb5 libs
(outside of Samba).


cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key   http://www.plainjoe.org/gpg_public.asc
...a hundred billion castaways looking for a home. --- Sting
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFAxwoIIR7qMdg1EfYRAvkDAKDYQO/mAu95G9PiCeJD3tgTb1dO+wCWMrAX
/nEyM0szfBeuTK/iEoOCRQ==
=WipS
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] pdbedit

2004-06-09 Thread Ninti Systems 
Sorry folks, a typo was causing the looping problem.

I'd still like to know if pdbedit needs initialising in some way after
installation, or if it is ready to go. It still looks like at least one
user needs to be added manually before pdbedit can be used in a script.

Thanks
Mick

On Wed, 2004-06-09 at 21:48, Ninti Systems wrote:
 I have a couple of questions about pdbedit.
 
 I am having trouble using pdbedit in shell scripts.
 
 First, on a freshly installed system with no-one in the tdbsam database,
 trying to add multiple machine accounts via a loop construct in a shell
 script fails with a message that the database can't be found/doesn't
 exist. I then added root manually just to get the system going, which
 solves that problem. 
 
 Once the first user is added, my script seems to get stuck in an
 infinite loop trying to add the first machine, but I can add a machine
 manually.
 
 Is pdbedit usable in shell scripts? I understand that normal users need
 a password added, but I can't see why machine accounts can't just be
 added automatically.
 
 Does pdbedit have to be run manually for some reason?
 
 Is there some way of initialising the tdbsam database without manually
 adding a first user?
 
 Mick
-- 
--
Ninti Systems: Smart IT Solutions
Michael Hall
Mobile: 0429 095 392
Ph/Fax: 08 8953 1442   
Email:  office at ninti dot com dot au
Web:http://ninti.com.au
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] printing to WinXP

2004-06-09 Thread Scriman 

Hi All!
I know, this question already was many time, but i can't find it on
internet.
I have: 
First host: Linux slackware-9.1 with samba-2.2.8a.
Second host: WinXP Home Edition with shared printer (with no password).
Both computers connected in local net. When i printing from linux to
winxp by typing command:

# /usr/bin/smbspool smb://prodavec/ml-1430 1 1 1 1 --

i get NT_STATUS_ACCESS_DENIED. 
But other peoples say, that it must print out one blank page.

Please, say me, what i need to do?

Thanks.

 --
Wed Jun  9 20:07:55 ALMST 2004
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] authentification in ads2003

2004-06-09 Thread Benoit Moeremans 
Hello,
*This msg was already sent yesterday on this ml, but some i found some
faults in the mail.*

**If anyone can help me... the only thing i'm thinking now is to throw away
the servers**


I installed Samba 3.0.4 + kerberos 5 + winbind to make the debian woody
server joining
the Active directory service.

Everything seems to be ok, except the authentification. If i try to go to
the share of the linux server from a windows box, it asks me the password.
And of course, no
way to log in.

Here is the config:

*nsswitch.conf*

passwd: compat winbind
group:  compat winbind
shadow: compat

hosts:  files dns
networks:   files

protocols:  db files
services:   db files
ethers: db files
rpc:db files

netgroup:   nis




*samba*

[global]


   workgroup = TEST
   realm = CAR.BE.TEST.COM.LOCAL
   server string = %h server (Samba %v)
;  wins support = no
;  wins server = w.x.y.z
   dns proxy = no
;  name resolve order = lmhosts host wins bcast
   use spnego = yes
   log file = /var/log/samba/log.%m
   max log size = 1000
;  syslog only = no
   syslog = 0
   panic action = /usr/share/samba/panic-action %d

# separate domain and username with '+', like DOMAIN+username
winbind separator = +
# use uids from 1 to 2 for domain users
idmap uid = 1-2
# use gids from 1 to 2 for domain groups
idmap gid = 1-2
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes

   security = ADS
   encrypt passwords = yes
   passdb backend = tdbsam guest
   obey pam restrictions = yes
   password server = car-pdc
   netbios name = rantanplan
;  guest account = nobody
   invalid users = root
;  unix password sync = no
;  passwd program = /usr/bin/passwd %u#   passwd chat =
*Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
;  pam password change = no
;  load printers = yes
;  preserve case = yes
;  short preserve case = yes
;  include = /home/samba/etc/smb.conf.%m
# SO_RCVBUF=8192 SO_SNDBUF=8192
   socket options = TCP_NODELAY
;  message command = /bin/sh -c '/usr/bin/linpopup %f %m %s; rm %s' 

;  domain master = auto
   idmap uid = 1-2
   idmap gid = 1-2
;   template shell = /bin/bash
[admin]
comment = Administration Directory
path = /home/benoit
admin users =  TEST+bmo
browseable = yes
public = no
writable = yes
guest only = no
valid users = TEST+bmo

*kerberos*
[libdefaults]
default_realm = CAR.BE.TEST.COM

[realms]
CAR.BE.TEST.COM = {
kdc = car-pdc.car.be.test.com
default_domain = car.be.test.com
}
#[domain_realms]
#.kerberos.server=CAR.BE.TEST.COM

# The following krb5.conf variables are only for MIT Kerberos.
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true


v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}


[login]
krb4_convert = true
krb4_get_tickets = true


*winbind* (logs)

2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain CAR CAR.BE.TEST.COM.LOCAL S-0-0
[2004/06/07 13:38:57, 1] libsmb/clikrb5.c:ads_krb5_mk_req(306)
  krb5_cc_get_principal failed (No credentials cache found)
[2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain BUILTIN  S-1-5-32
[2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain RANTANPLAN  S-1-5-21-837388855-3362161430-1770541169

I found also some trace in the log.smbd

  smbd version 3.0.4 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/06/09 10:29:16, 0] lib/util_sock.c:get_peer_addr(978)
  getpeername failed. Error was Transport endpoint is not connected
[2004/06/09 10:34:28, 0] smbd/server.c:main(757)


All commands like kinit, net ads join, wbinfo -u (-g), getent etc works.
From the linux server, no problem to go to the shares of the domain
controller (wich is a windows 2003 server).
Do i have to make the keytab for kerberos by myself for each ssamba server,
or does it create itself whith the net ads join cmd?

Any help would be welcome.
Regards,

Benoit




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] install samba problem

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Donald wrote:
| I downloaded Samba 3.0.4 rpm for Red Hat 9.0. On install,
| the system prepares for installation, then closes.
| Nothing has been installed. I have removed the previous versionm
| of samba, which made no difference.
|
| Any advise will be greatly appreciated.
I would suggest turning on more verbose output to rpm when installing
the package (i.i rpm -Uvvh samba-3.0.4-1_rh9.i386.rpm).
Might help give you an idea of whats failing.

cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key   http://www.plainjoe.org/gpg_public.asc
...a hundred billion castaways looking for a home. --- Sting
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAxxCoIR7qMdg1EfYRAm77AKCeDO8i4yk8VyXepuF2M2IUljNwzACfZLc1
8qqaUZH44vAyUQWzJbxlkJk=
=0fle
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba, LDAP and machine account weirdness....

2004-06-09 Thread Andrew Bartlett 
On Wed, 2004-06-09 at 06:34, Chris Bradshaw wrote:
 Hi
 
 I am using Samba 3.0.2 with LDAP as the passdb backend for both user accounts
 and for machine accounts.
 
 I have noticed something which looks a bit strange. It seems that at least some
 machines (I don't think all machines, but can't be sure as of yet) appear to be
 having sambaPwdCanChange and sambaPwdLastChange modified in their account entry
 in the LDAP tree.
 
 I thought that the only time any machine account attributes would be
 added/altered is when the machine account is initially added. 

No, machines will change their password regularly.  I noticed this
issue, and added a check/hack to make such a change (which does not
actually change the password) a no-op.

 One machine seems to be having these attributes in its machine account altered
 every 15 minutes.other machines seem to only have this occur once or twice.
 
 Another strange thing I have noticed is that for all of these machines, both the
 sambaLMPassword and sambaNTPassword hashes are identical.I thought that
 these would/should always be different (open to correction on this ;-)

For historical reasons, Samba sets the NT and LM passwords to the new NT
machine account password, on a machine password change.

 Everything seems to work OK, but this is generating some load on our LDAP
 servers (master and replicas) and also I am concerned that perhaps we have been
 hacked or perhaps a Windoze virus is causing this to happen. 
 
 However, I am not aware of any viruses which attack an NT domain server and
 cause machine accounts to be altered.besides, the virus would need to know a
 login/password with sufficient privilege to update the machine account via samba.
 
 Could this be a hack or a virus? 
 
 Or is there any setting in Windoze (registry or something) which would cause a
 machine to try to update its machine account in some way?
 
 Or is there anything else which might cause this (eg: a difference in the time
 on samba and LDAP servers?)?
 
 Sorry if this seems a but vague and lacking any more detail, but I am baffled
 myself.

Upgrade to the latest Samba, where this is fixed (that is, my hack
avoids the load issues).  I wonder if the fixes for the MS04-11 issues
might also have fixed this.

Andrew Bartlett


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba just Slow with AutoCad?

2004-06-09 Thread Rashkae 
Hi.

Does your new system use ReiserFS?

When these ~20 second delays happen, can you see if there's a spike of
System CPU time useage on the server?

I've not heard of it happening over a network share, but some poorly
behaved applications can trigger a 'feature', (actually, a
performance optimization) with ReiserFS on Newer (2.6) kernels that
will make the kernel spin it's wheels for a number of seconds.  If
this might be the case for you, you can disable it by mounting a
ReiserFS volume with a nolargeio=1 option.  (If you want to test this,
it appears to to be safe to remount.  That is, mount /home -o
remount,nolargeio=1 As an example.)

On Tue, Jun 08, 2004 at 12:26:25PM -0600, Brian Merrell wrote:
 I just came across some very interesting information.
 
 We samba running on an old HP PIII 900.  I just plugged it back in and we
 opened some backup files we
 had on it.  It works just fine with AutoCad.
 
 Linux gatekeeper 2.4.26 #5 Mon Apr 19 07:15:24 MDT 2004 i686 Pentium III
 (Coppermine) GenuineIntel GNU/Linux
 
 Samba Version 2.2.8a
 
 Our new machine is a Dual Opteron machine.
 
 Linux fileserv 2.6.5-gentoo-r1 #3 Sat May 29 13:32:03 MDT 2004 x86_64 5
 GNU/Linux
 
 Samba Version Version 3.0.2a
 
 The difference is that I need the hard drive space on our new server versus
 the 40 gigs we have on the older machine.
 
 The smb.conf file on the old machine is very very basic:
 
 [global]
 
 workgroup = TRISTATE
 security = SHARE
 
 [backup]
 
 path = /usr/backup
 writeable = Yes
 guest ok = Yes
 
 
 
 
 - Original Message - 
 From: Brian Merrell [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Tuesday, June 08, 2004 12:07 PM
 Subject: Re: [Samba] Samba just Slow with AutoCad?
 
 
  Terry, Thanks a lot for your reply.  We're really trying to solve this
  problem.
 
 
   Brian,
  
  
   1.   Which release of AutoCAD are you using?
 
  Autodesk Land Desktop 2004
  2004.0.0
  Service Pack 1
 
  
   2.   Are the support files for AutoCAD on the client or the server?
  
 
  On the clients.
 
   3.   Are you using cups?
  
 
  No.
 
   4.   Is it true that your plotter settings are not being saved with the
   drawing?  Was this true when you were using a windows server?
  
 
  They are being saved with the drawings.  They were also being saved with
  the drawings on the windows server.  (the windows server was actually just
  another client that shared it's HD).
 
   5.   Normally when AutoCAD is opening the print dialog box in an
 existing
   drawing, it is trying to find the printer that was used by the last
  session
   of Autocad. If it can't find that printer, it produces the printer
 none.
   Are you loading your printers from the server such that each client has
  the
   identical printer name?
  
 
  First of all, you're right.  The print dialog only produces the printer
  none when it's a new drawing.
  Otherwise, it saves the print settings.  But we still experience a delay
  independant of whether we
  are printing from a new drawing or an existing one.  The printers aren't
 on
  the server, and we do
  not have identical printer name.
 
   6.   Are the network directories being used by AutoCAD the same as being
   used by the other programs that don't exhibit the long save times?
  
 
  No.  AutoCad drawings are stored on a seperate harddrive and a different
  directory.  However,
  after reading this e-mail I moved a TIF image to the autocad directory and
  opened them from
  Adobe Photoshop.  I then modified and saved the drawing and there was no
  delay.  There was also no
  delay for opening a print dialog.  The problem continues to be only with
  AutoCad.
 
 
   We use AutoCAD 2000, 2002,  2004 with RH E3.0 and Samba 3.0.2-6.3E with
  no
   delays in saving or printing and have achieved better performance than
 the
   previous W2k server.  With a little more information we might be able to
   assist in finding the bottleneck.
  
   Terry
  
   -Original Message-
   From: [EMAIL PROTECTED]
   [mailto:[EMAIL PROTECTED] On
  Behalf
   Of Bob Turner
   Sent: Tuesday, June 08, 2004 10:45 AM
   To: 'Brian Merrell'; [EMAIL PROTECTED]
   Subject: RE: [Samba] Samba just Slow with AutoCad?
  
   Brian
  
   I might suggest a couple of setting changes on your XP machines:
  
   1) Open services and stop/disable Web Client
   2) Open windows explorer, go to toolsfolder options, click the View
 tab,
   and uncheck the Automatically search for network folders and printers
  
   (I'm assuming Windows XP Professional on these settings)
  
   Restart and try your printers again.
  
   Bob
  
  
  
   -Original Message-
   From: Brian Merrell [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, June 08, 2004 9:50 AM
   To: [EMAIL PROTECTED]
   Subject: Re: [Samba] Samba just Slow with AutoCad?
  
   Thanks for your response Jerry.
  
   Yes.  These are all windows XP machines.  We have about four printers
 here
   in the office (all HP hehe).  Only two computers have McAfee Firewalls

Re: [Samba] authentification in ads2003

2004-06-09 Thread Christoph Scheeder 
Hi,
i got that working on woddy, but against a win2000 ADS.
How?
- fetched the latest soure of MIT-kerberos from mit-server
  and installed in /usr/local, as the version comming with woody
  is to old , it does not support the neede enc-types.
- fetched samba-3.0.5-pre2 from svn and compiled it against the kerberos
  in /usr/local, and installed it.
- deleted all old databases of samba
- delete the samba-server from the ADS and rejoin it.
i found for me that in nsswitch.conf the lines
passwd: compat winbind
group:  compat winbind
will not work, replace compat with files
this way you should be able to get it working, but no garanty.
Christoph
Benoit Moeremans schrieb:
Hello,
*This msg was already sent yesterday on this ml, but some i found some
faults in the mail.*
**If anyone can help me... the only thing i'm thinking now is to throw away
the servers**
I installed Samba 3.0.4 + kerberos 5 + winbind to make the debian woody
server joining
the Active directory service.
Everything seems to be ok, except the authentification. If i try to go to
the share of the linux server from a windows box, it asks me the password.
And of course, no
way to log in.
Here is the config:
*nsswitch.conf*
passwd: compat winbind
group:  compat winbind
shadow: compat
hosts:  files dns
networks:   files
protocols:  db files
services:   db files
ethers: db files
rpc:db files
netgroup:   nis

*samba*
[global]
   workgroup = TEST
   realm = CAR.BE.TEST.COM.LOCAL
   server string = %h server (Samba %v)
;  wins support = no
;  wins server = w.x.y.z
   dns proxy = no
;  name resolve order = lmhosts host wins bcast
   use spnego = yes
   log file = /var/log/samba/log.%m
   max log size = 1000
;  syslog only = no
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
# separate domain and username with '+', like DOMAIN+username
winbind separator = +
# use uids from 1 to 2 for domain users
idmap uid = 1-2
# use gids from 1 to 2 for domain groups
idmap gid = 1-2
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes
   security = ADS
   encrypt passwords = yes
   passdb backend = tdbsam guest
   obey pam restrictions = yes
   password server = car-pdc
   netbios name = rantanplan
;  guest account = nobody
   invalid users = root
;  unix password sync = no
;  passwd program = /usr/bin/passwd %u#   passwd chat =
*Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
;  pam password change = no
;  load printers = yes
;  preserve case = yes
;  short preserve case = yes
;  include = /home/samba/etc/smb.conf.%m
# SO_RCVBUF=8192 SO_SNDBUF=8192
   socket options = TCP_NODELAY
;  message command = /bin/sh -c '/usr/bin/linpopup %f %m %s; rm %s' 
;  domain master = auto
   idmap uid = 1-2
   idmap gid = 1-2
;   template shell = /bin/bash
[admin]
comment = Administration Directory
path = /home/benoit
admin users =  TEST+bmo
browseable = yes
public = no
writable = yes
guest only = no
valid users = TEST+bmo
*kerberos*
[libdefaults]
default_realm = CAR.BE.TEST.COM
[realms]
CAR.BE.TEST.COM = {
kdc = car-pdc.car.be.test.com
default_domain = car.be.test.com
}
#[domain_realms]
#.kerberos.server=CAR.BE.TEST.COM
# The following krb5.conf variables are only for MIT Kerberos.
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
[login]
krb4_convert = true
krb4_get_tickets = true
*winbind* (logs)
2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain CAR CAR.BE.TEST.COM.LOCAL S-0-0
[2004/06/07 13:38:57, 1] libsmb/clikrb5.c:ads_krb5_mk_req(306)
  krb5_cc_get_principal failed (No credentials cache found)
[2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain BUILTIN  S-1-5-32
[2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain RANTANPLAN  S-1-5-21-837388855-3362161430-1770541169
I found also some trace in the log.smbd
  smbd version 3.0.4 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/06/09 10:29:16, 0] lib/util_sock.c:get_peer_addr(978)
  getpeername failed. Error was Transport endpoint is not connected
[2004/06/09 10:34:28, 0] smbd/server.c:main(757)
All commands like kinit, net ads join, wbinfo -u (-g),

[Samba] Samba 3.0 and winpopup?

2004-06-09 Thread Ken D'Ambrosio 
Hello, all.  I want to send a message to Windwos clients, a la 
smbclient -M, from my Samba 3.x box.  Is this possible?  I seem to 
recall (and apt-get seems to agree) that smbclient has been deprecated; 
however, I can't find the winpopup functionality in the net command.  
I suppose I could just compile the source for smbclient, and hope that 
it works, but if there's a right way to do it, that's the way I'd 
prefer to go.

Thanks much,
Ken D'Ambrosio
Sr. SysAdmin,
Xanoptix, Inc.
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Problem IDMAP Domain Member - PDC

2004-06-09 Thread Michael Gasch 
hi
im using precompiled samba v. 3.0.4 packages from SuSE 9.1 DVDs
all services (ldapsam, winbind, ... ) are compiled in
user mapping on the PDC SERVER (SID-RID to UID) work fine
the domain member server  FILESERV gets the local accounts via 
nsswitch from the ldap backend of SERVER
(tested with getent passwd)

he also gets and checks the samba users and passwords against the PDC 
(if i connect from a client to FILESERV), so he has no local 
password/user backend

if i create a new folder from (win xp) client on FILESERV i just see 
SID-(G)RID and not user xyzif
if i create a new folder from (win xp) client on SERVER i user xyz

the interesting parts of smb.conf on FILESERV are
[global]
   workgroup = NEVAN
   netbios name = FILESERV
   server string = NevanFS01 on Samba Version: %v
   username map = /etc/samba/username.map
   log level = 5
   log file = /var/lib/samba/log.%m
   max log size = 1
   passdb backend = ldapsam:ldap://server:389;
   ldap passwd sync = yes
   ldap suffix = dc=eva,dc=mpg,dc=de
   ldap admin dn = cn=manager,dc=eva,dc=mpg,dc=de
   #ldap filter = ((objectclass=sambaSamAccount)(uid=%u))
   ldap machine suffix = ou=machines
   ldap user suffix  = ou=users
   ldap group suffix = ou=groups
   ldap replication sleep = 2000
   idmap backend = ldap:ldap://server:389
   ldap idmap suffix = ou=idmap
   idmap uid = 1000-5000
   idmap gid = 1000-5000
#  interfaces = eth0 lo
#  bind interfaces only = yes
   guest ok = no
   guest account = Guest
   security = domain
   local master = no
   os level = 32
   domain master = no
   domain logons = no
   encrypt passwords = yes
   password server = server
   socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
   wins support = yes
   dns proxy = no
local user/group accounts are from 0 (root) and 500 - 600
i also changed
idmap uid = 1000-5000
idmap gid = 1000-5000
to
idmap uid = 0-5000
idmap gid = 0-5000
but he cannot resolve SIDs
i just wonder, if theres a way around winbind?
because i already red the docs but can't get it working (see log)
please help
thx
LOG (wbinfo -S 667)
--
[2004/06/09 19:22:06, 3] 
nsswitch/winbindd_misc.c:winbindd_interface_version(261)
  [11062]: request interface version
[2004/06/09 19:22:06, 3] 
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297)
  [11062]: request location of privileged pipe
[2004/06/09 19:22:06, 5] nsswitch/winbindd.c:winbind_client_read(465)
  read failed on sock 19, pid 11062: EOF
[2004/06/09 19:22:06, 3] nsswitch/winbindd_sid.c:winbindd_uid_to_sid(303)
  [11062]: uid to sid 667
[2004/06/09 19:22:06, 5] lib/smbldap.c:smbldap_search(932)
  smbldap_search: base = [ou=idmap,dc=eva,dc=mpg,dc=de], filter = 
[((objectClass=sambaIdmapEntry)(uidNumber=667))], scope =
 [2]
[2004/06/09 19:22:06, 0] sam/idmap_ldap.c:ldap_get_sid_from_id(525)
  ldap_get_sid_from_id: mapping not found for uidNumber: 667
[2004/06/09 19:22:06, 1] nsswitch/winbindd_sid.c:winbindd_uid_to_sid(356)
  Could not convert uid 667 to rid

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Smbd hangs entire machine forcing reset

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
|   When I copy a massive amount of files (~50GB) to
| the Samba server from a Windows 2K client, somewhere
| during that process (seemingly around 2 hours into the copy
| each time), my Linux box COMPLETELY locks up. I must
| hard reset it.
Matthew,
This sounds more like a kernel bug or hardware issue.
a user-space app should not be able to cause the kernel
to lock.

cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key   http://www.plainjoe.org/gpg_public.asc
...a hundred billion castaways looking for a home. --- Sting
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAxyKrIR7qMdg1EfYRAtK/AKC2iEO2o2ieuZTYa1TanLPHQ+SU4gCeMZ9P
Ayas5mn/RPQStlOZ1I3c+BA=
=NCpL
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: Antwort: Re: [Samba] requiresignorseal

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
|
| I also tested with 3.0.5pre1, and I also have to change
| the regvalue, otherwise I get the error, that there is no
| domain controller or the computer account is unknowen.
I've not seen any other reports of this.  Are you sure
its not a local configuration error ?

cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key   http://www.plainjoe.org/gpg_public.asc
...a hundred billion castaways looking for a home. --- Sting
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAxyN7IR7qMdg1EfYRAt6aAJ9FEqLv59nxKDFj5+s85xfKGYq4ZwCeIVgX
dfxMzPegBY2xUL/xrIFWl4c=
=FCIr
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re[2]: [Samba] pdbedit

2004-06-09 Thread Collen Blijenberg MLHJ 
Well, i used pdbedit in my GUI-usermanager...
and that is an bash script-based proggy...
so yeah i guess u can use it in scripts. (very easyly)

i don't get the part about, pdbedit needs to initialised ?
as long your samba is configed right, pdbedit will follow..
(atleast that is the idea).
-
Collen Blijenberg   (Montessori Lyceum Herman Jordan)

Wednesday, June 9, 2004, 2:59:49 PM, you wrote:

NS Sorry folks, a typo was causing the looping problem.

NS I'd still like to know if pdbedit needs initialising in some way after
NS installation, or if it is ready to go. It still looks like at least one
NS user needs to be added manually before pdbedit can be used in a script.

NS Thanks
NS Mick

NS On Wed, 2004-06-09 at 21:48, Ninti Systems wrote:
 I have a couple of questions about pdbedit.
 
 I am having trouble using pdbedit in shell scripts.
 
 First, on a freshly installed system with no-one in the tdbsam database,
 trying to add multiple machine accounts via a loop construct in a shell
 script fails with a message that the database can't be found/doesn't
 exist. I then added root manually just to get the system going, which
 solves that problem. 
 
 Once the first user is added, my script seems to get stuck in an
 infinite loop trying to add the first machine, but I can add a machine
 manually.
 
 Is pdbedit usable in shell scripts? I understand that normal users need
 a password added, but I can't see why machine accounts can't just be
 added automatically.
 
 Does pdbedit have to be run manually for some reason?
 
 Is there some way of initialising the tdbsam database without manually
 adding a first user?
 
 Mick
NS -- 
NS --
NS Ninti Systems: Smart IT Solutions
NS Michael Hall
NS Mobile: 0429 095 392
NS Ph/Fax: 08 8953 1442   
NS Email:  office at ninti dot com dot au
NS Web:http://ninti.com.au
NS --


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Excel could not save

2004-06-09 Thread Jamrock 

Jeremy Allison [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 On Mon, Jun 07, 2004 at 10:55:52AM +0800,
[EMAIL PROTECTED] wrote:
  Hi,
 
  My user always report that they have problem with Excel file, they
sometimes
  cannot save the file and excel reported File did not save message.  I
have
  no idea what is the problem.  They are using MS office 97, 2000 on win98
to
  win2000.  Server is running Samba3.0.4 on RH8,  kernel 2.4.20.  Smb.conf
as
  following:

 I have a patch that may fix this issue. Mail me if you are
 familiar with building Samba from source code and I'll pass
 it on to you. I'm looking for testers to make sure this works
 correctly in the next version of Samba (3.0.5).

 Thanks,

 Jeremy.
 -- 


Jeremy,

Could you let us know the nature of the problem?  I am trying to get my
Excel spread sheets to work properly.

Thanks.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] use password server= when security=ADS or not???

2004-06-09 Thread Alex de Vaal 
On 9 Jun 2004 at 8:00, Gerald (Jerry) Carter wrote:

 | In the man page of samba also reside about  password server 
 | the following: The advantage of using  security = domain 
 | is that if you list several hosts in the  password server 
 | option then smbd will try each in turn till it finds one
 | that responds.  This is useful in case your primary
 | server goes down. Does this also work, when  security = ADS 
 | ?  I d like that the samba domain server
 | tries to contact each password server in the list
 | till it finds one that responds.
 
 When 'security = ads', Samba uses the password server
 for any NTLM authentication as well as ldap queries.
 Krb5 ticket verification is handled by the krb5 libs
 (outside of Samba).

Right.

I'm using winbind (which is the Samba-3 NTLM authentication daemon) in my 
configuration, so in my case it is better to specify at password server all the DNS 
names of my ADS servers instead of leaving it blank?

I know that Krb5 ticket is handled by the krb5 libs. I have no krb5.conf specified, so 
it 
uses the DNS for resolving the KDC servers (the ADS servers create SRV records in 
DNS for each KDC in the realm)

In my case password server= is not specified in smb.conf. I see however 
sometimes strange things in winbindd.log on a remote Samba domain member 
server that it can't find sometimes the LDAP server, port 445 and port 139, because 
the connection to the ADS server is sometimes very slow (is a router connection).
I was wondering if it is better to specify all the ADS servers in the realm at 
password 
server=, so it is looking for the other servers in the realm if the connection to an 
ADS server is slow.


Winbindd.log
==

[2004/06/08 19:28:41, 1] libads/ldap.c:ads_connect(222)
  Failed to get ldap server info
[2004/06/08 19:28:50, 1] lib/util_sock.c:open_socket_out(757)
  timeout connecting to 10.2.20.240:445
[2004/06/08 19:29:07, 1] libsmb/cliconnect.c:cli_start_connection(1388)
  session request to NHADM01 failed (Call timed out: server did not respond after 
1 milliseconds)
[2004/06/08 19:29:15, 1] lib/util_sock.c:open_socket_out(757)
  timeout connecting to 10.2.20.240:139
[2004/06/08 19:29:15, 1] libsmb/cliconnect.c:cli_connect(1297)
  Error connecting to 10.2.20.240 (Operation already in progress)
[2004/06/08 19:29:15, 1] libsmb/cliconnect.c:cli_start_connection(1377)
  cli_full_connection: failed to connect to *SMBSERVER20 (10.2.20.240)
[2004/06/08 19:29:34, 1] libsmb/cliconnect.c:cli_start_connection(1408)
  failed negprot
[2004/06/08 19:29:43, 1] lib/util_sock.c:open_socket_out(757)
  timeout connecting to 10.2.20.240:445
[2004/06/08 19:29:52, 1] lib/util_sock.c:open_socket_out(757)
  timeout connecting to 10.2.20.240:139
[2004/06/08 19:29:52, 1] libsmb/cliconnect.c:cli_connect(1297)
  Error connecting to 10.2.20.240 (Operation already in progress)
[2004/06/08 19:29:52, 1] libsmb/cliconnect.c:cli_start_connection(1377)
  cli_full_connection: failed to connect to NHADM0120 (10.2.20.240)
[2004/06/08 19:30:02, 0] rpc_client/cli_pipe.c:rpc_api_pipe(424)
  cli_pipe: return critical error. Error was Call timed out: server did not respond 
after 
1 milliseconds
[2004/06/08 19:30:35, 1] libads/ldap.c:ads_connect(222)
  Failed to get ldap server info
[2004/06/08 19:30:39, 1] nsswitch/winbindd_user.c:winbindd_getpwuid(246)
  could not lookup sid S-1-5-21-1130960580-3026470530-2041411792-1380
[2004/06/08 19:30:39, 1] nsswitch/winbindd_user.c:winbindd_getpwuid(246)
  could not lookup sid S-1-5-21-1130960580-3026470530-2041411792-1380
[2004/06/08 19:30:59, 1] libads/ldap.c:ads_connect(222)
  Failed to get ldap server info
[2004/06/08 19:31:11, 1] lib/util_sock.c:open_socket_out(757)
  timeout connecting to 10.2.20.240:445

and somewhat later.

[2004/06/08 20:45:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 20:46:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 20:46:28, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 20:55:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:01:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:01:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:05:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:15:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:15:53, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:16:28, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist
[2004/06/08 21:25:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032)
  user 'root' does not exist

which is normal... (in 3.0.4) ;-)

Regards,
Alex.

-- 
To

Re: [Samba] Samba just Slow with AutoCad?

2004-06-09 Thread Brian Merrell 
Yes I am user reiserFS on the AutoCad Shares (Jerry, are you?)
The older machine is running ext3.

The CPU usage goes up, but I definately wouldn't call it a spike.
It goes to about 1% which is probably normal.

I did use the nolargeio=1 option and it did increase performance.. but..

I tried timing the time it takes to save.  It takes the older machine about
1.25 seconds
to save a 606KB drawing and it takes ~3 seconds for the new fancy machine.

Could this be due to ReiserFS?


- Original Message - 
From: Rashkae [EMAIL PROTECTED]
To: Brian Merrell [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, June 09, 2004 7:56 AM
Subject: Re: [Samba] Samba just Slow with AutoCad?


 Hi.

 Does your new system use ReiserFS?

 When these ~20 second delays happen, can you see if there's a spike of
 System CPU time useage on the server?

 I've not heard of it happening over a network share, but some poorly
 behaved applications can trigger a 'feature', (actually, a
 performance optimization) with ReiserFS on Newer (2.6) kernels that
 will make the kernel spin it's wheels for a number of seconds.  If
 this might be the case for you, you can disable it by mounting a
 ReiserFS volume with a nolargeio=1 option.  (If you want to test this,
 it appears to to be safe to remount.  That is, mount /home -o
 remount,nolargeio=1 As an example.)

 On Tue, Jun 08, 2004 at 12:26:25PM -0600, Brian Merrell wrote:
  I just came across some very interesting information.
 
  We samba running on an old HP PIII 900.  I just plugged it back in and
we
  opened some backup files we
  had on it.  It works just fine with AutoCad.
 
  Linux gatekeeper 2.4.26 #5 Mon Apr 19 07:15:24 MDT 2004 i686 Pentium III
  (Coppermine) GenuineIntel GNU/Linux
 
  Samba Version 2.2.8a
 
  Our new machine is a Dual Opteron machine.
 
  Linux fileserv 2.6.5-gentoo-r1 #3 Sat May 29 13:32:03 MDT 2004 x86_64 5
  GNU/Linux
 
  Samba Version Version 3.0.2a
 
  The difference is that I need the hard drive space on our new server
versus
  the 40 gigs we have on the older machine.
 
  The smb.conf file on the old machine is very very basic:
 
  [global]
 
  workgroup = TRISTATE
  security = SHARE
 
  [backup]
 
  path = /usr/backup
  writeable = Yes
  guest ok = Yes
 
 
 
 
  - Original Message - 
  From: Brian Merrell [EMAIL PROTECTED]
  To: [EMAIL PROTECTED]
  Sent: Tuesday, June 08, 2004 12:07 PM
  Subject: Re: [Samba] Samba just Slow with AutoCad?
 
 
   Terry, Thanks a lot for your reply.  We're really trying to solve this
   problem.
  
  
Brian,
   
   
1.   Which release of AutoCAD are you using?
  
   Autodesk Land Desktop 2004
   2004.0.0
   Service Pack 1
  
   
2.   Are the support files for AutoCAD on the client or the server?
   
  
   On the clients.
  
3.   Are you using cups?
   
  
   No.
  
4.   Is it true that your plotter settings are not being saved with
the
drawing?  Was this true when you were using a windows server?
   
  
   They are being saved with the drawings.  They were also being saved
with
   the drawings on the windows server.  (the windows server was actually
just
   another client that shared it's HD).
  
5.   Normally when AutoCAD is opening the print dialog box in an
  existing
drawing, it is trying to find the printer that was used by the last
   session
of Autocad. If it can't find that printer, it produces the printer
  none.
Are you loading your printers from the server such that each client
has
   the
identical printer name?
   
  
   First of all, you're right.  The print dialog only produces the
printer
   none when it's a new drawing.
   Otherwise, it saves the print settings.  But we still experience a
delay
   independant of whether we
   are printing from a new drawing or an existing one.  The printers
aren't
  on
   the server, and we do
   not have identical printer name.
  
6.   Are the network directories being used by AutoCAD the same as
being
used by the other programs that don't exhibit the long save times?
   
  
   No.  AutoCad drawings are stored on a seperate harddrive and a
different
   directory.  However,
   after reading this e-mail I moved a TIF image to the autocad directory
and
   opened them from
   Adobe Photoshop.  I then modified and saved the drawing and there was
no
   delay.  There was also no
   delay for opening a print dialog.  The problem continues to be only
with
   AutoCad.
  
  
We use AutoCAD 2000, 2002,  2004 with RH E3.0 and Samba 3.0.2-6.3E
with
   no
delays in saving or printing and have achieved better performance
than
  the
previous W2k server.  With a little more information we might be
able to
assist in finding the bottleneck.
   
Terry
   
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
   Behalf
Of Bob Turner
Sent: Tuesday, June 08, 2004 10:45 AM
To: 'Brian Merrell'; [EMAIL PROTECTED]
Subject: RE: [Samba] Samba just Slow with

[Samba] Problem with authenticating a computer to a samba share

2004-06-09 Thread Björn Giesler 
Hi,
I have a Win2k Server Active Directory Domain Controller, and an 
Exchange server running on the same machine. I want to use NTBACKUP to 
back up the mailboxes to a Samba machine running as ADC slave. This 
doesn't work, and I get the message

Username DOMAIN\MACHINE$ is invalid on this system
in the Samba logs.
How can I make MACHINE known to Samba? Since MACHINE is the domain 
controller, I can't add it to the ADC host list, and it's the one that 
supplies the passwords...

Anyone seen/done this before?
Thanks a lot in advance,
Björn
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

AW: [Samba] Samba just Slow with AutoCad?

2004-06-09 Thread Arno Seidel 
Hi,

we had a similar problem with a reiserfs partition an
SGI´s FailSafe , it took to long to save a internal database of failsafe
because of this the ha services moved from one node to the other and back
again (until we stoped
failsafe) after we changed the partition to ext2 /ext3 this problem
dissapeared.

Maybe this could be the same reason. just a thought.

 -Ursprüngliche Nachricht-
 Von: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] Auftrag von
 Brian Merrell
 Gesendet: Mittwoch, 9. Juni 2004 17:09
 An: [EMAIL PROTECTED]
 Betreff: Re: [Samba] Samba just Slow with AutoCad?


 Yes I am user reiserFS on the AutoCad Shares (Jerry, are you?)
 The older machine is running ext3.

 The CPU usage goes up, but I definately wouldn't call it a spike.
 It goes to about 1% which is probably normal.

 I did use the nolargeio=1 option and it did increase performance.. but..

 I tried timing the time it takes to save.  It takes the older
 machine about
 1.25 seconds
 to save a 606KB drawing and it takes ~3 seconds for the new
 fancy machine.

 Could this be due to ReiserFS?


 - Original Message -
 From: Rashkae [EMAIL PROTECTED]
 To: Brian Merrell [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Sent: Wednesday, June 09, 2004 7:56 AM
 Subject: Re: [Samba] Samba just Slow with AutoCad?


  Hi.
 
  Does your new system use ReiserFS?
 
  When these ~20 second delays happen, can you see if there's a spike of
  System CPU time useage on the server?
 
  I've not heard of it happening over a network share, but some poorly
  behaved applications can trigger a 'feature', (actually, a
  performance optimization) with ReiserFS on Newer (2.6) kernels that
  will make the kernel spin it's wheels for a number of seconds.  If
  this might be the case for you, you can disable it by mounting a
  ReiserFS volume with a nolargeio=1 option.  (If you want to test this,
  it appears to to be safe to remount.  That is, mount /home -o
  remount,nolargeio=1 As an example.)
 
  On Tue, Jun 08, 2004 at 12:26:25PM -0600, Brian Merrell wrote:
   I just came across some very interesting information.
  
   We samba running on an old HP PIII 900.  I just plugged it back in and
 we
   opened some backup files we
   had on it.  It works just fine with AutoCad.
  
   Linux gatekeeper 2.4.26 #5 Mon Apr 19 07:15:24 MDT 2004 i686
 Pentium III
   (Coppermine) GenuineIntel GNU/Linux
  
   Samba Version 2.2.8a
  
   Our new machine is a Dual Opteron machine.
  
   Linux fileserv 2.6.5-gentoo-r1 #3 Sat May 29 13:32:03 MDT
 2004 x86_64 5
   GNU/Linux
  
   Samba Version Version 3.0.2a
  
   The difference is that I need the hard drive space on our new server
 versus
   the 40 gigs we have on the older machine.
  
   The smb.conf file on the old machine is very very basic:
  
   [global]
  
   workgroup = TRISTATE
   security = SHARE
  
   [backup]
  
   path = /usr/backup
   writeable = Yes
   guest ok = Yes
  
  
  
  
   - Original Message -
   From: Brian Merrell [EMAIL PROTECTED]
   To: [EMAIL PROTECTED]
   Sent: Tuesday, June 08, 2004 12:07 PM
   Subject: Re: [Samba] Samba just Slow with AutoCad?
  
  
Terry, Thanks a lot for your reply.  We're really trying to
 solve this
problem.
   
   
 Brian,


 1.   Which release of AutoCAD are you using?
   
Autodesk Land Desktop 2004
2004.0.0
Service Pack 1
   

 2.   Are the support files for AutoCAD on the client or
 the server?

   
On the clients.
   
 3.   Are you using cups?

   
No.
   
 4.   Is it true that your plotter settings are not being
 saved with
 the
 drawing?  Was this true when you were using a windows server?

   
They are being saved with the drawings.  They were also being saved
 with
the drawings on the windows server.  (the windows server
 was actually
 just
another client that shared it's HD).
   
 5.   Normally when AutoCAD is opening the print dialog box in an
   existing
 drawing, it is trying to find the printer that was used
 by the last
session
 of Autocad. If it can't find that printer, it produces the printer
   none.
 Are you loading your printers from the server such that
 each client
 has
the
 identical printer name?

   
First of all, you're right.  The print dialog only produces the
 printer
none when it's a new drawing.
Otherwise, it saves the print settings.  But we still experience a
 delay
independant of whether we
are printing from a new drawing or an existing one.  The printers
 aren't
   on
the server, and we do
not have identical printer name.
   
 6.   Are the network directories being used by AutoCAD the same as
 being
 used by the other programs that don't exhibit the long save times?

   
No.  AutoCad drawings are stored on a seperate harddrive and a
 different
directory.  However,
after reading this e-mail I moved a TIF image to the
 autocad directory
 and
opened them

[Samba] RE: XP Joining domain

2004-06-09 Thread Sam Barasch 
Hi Derek.

What's interesting about these errors is that the Join seems to succeed, but
that the machine password in the smbpasswd file is not modified.

We're still using the 2.2.x stream of samba, and I've been meaning to try
the 3.0.x versions, but haven't gotten around to it yet.  I hope my
suggestions still apply to the version of samba you're using.

At first blush, it looks like you're having some permissions problems
editing the smbpasswd file and creating the machine account passwd for the
XP machine joining the domain.

Let me review items you've tried

1) Manually creating unix account and adding machine account to smbpasswd
file with smbpasswd -am xptest$  (your unix passwd entry looked fine)
2) The unix root account has an smbpasswd, and you're using that when
prompted.  (We've never been able to get domain admins to join machines
(because smbpasswd file is writable by only root)
3) It does look like the smbpasswd machine account has been disabled - have
you tried re-enabling it and rejoining the machine?  Smbpasswd -e xptest$

Because the smbpasswd file doesn't get modified, I suspect some kind of
permissions problem.

When trying to join the domain, have you already connected to the samba
server using a different set of credentials?  In our version of samba, only
one set of credentials is allowed - try doing a 'net use /delete *'  (or
something like that) from the PC to be sure you haven't unwittingly opened a
connection to the samba server before trying to join the domain.

Good luck--

Sam Barasch
Computer Systems Support
Dept. of Biostatistics 
University of Wisconsin in Madison 


 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]
 Behalf Of Derek Harkness
 Sent: Monday, June 07, 2004 11:20 AM
 To: [EMAIL PROTECTED]
 Subject: [Samba] XP Joining domain


 I'm attempting to join a Samba 3.0.4 domain on a Debian linux box, 
 with
 a Windows XP client.

 Problems
 1) Can only get the join to work if I use the root account.  On Win2k 
 I
 can use any account in the Domain Admins group.
 2) The join succeeds, the unix account and the smb account are created
 but the smb account is disabled, and the password contains all s.
 Joining the domain works fine from Win2k.

 I've tried adjusting the Signing entries.  I tried manually creating
 the machine accounts, and I get a can't access machine account error 
 on
 login.

 Any thoughts?

 Thanks!
 Derek

 This world is a comedy to those who think and a tragedy to those who
 feel.


 My lack of knowledge is only exceeded by my lack of concern.
 --Anonymous GE Engineer

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: XP Joining domain

2004-06-09 Thread Derek Harkness 
I think I found the problem.  Late yesterday afternoon I discovered 
that useradd on Linux works differently then useradd on Solaris.  I'm 
migration from Samba 2.2 on Sun to Samba 3.0 on Linux.  When useradd on 
Solaris adds a new user it finds the last uid number and increments it. 
 The Linux version just finds the first unused in the password file, 
this became a problem because some of my user information is in the 
local password file and some is in ldap.  So the Linux useradd was 
adding duplication uid numbers.  This was easily corrected, and XP 
started working just fine.

The interesting thing here is that win2k never had a problem.  So I'm 
guessing that XP does a bit more checking when it joins the domain.

Thanks so much for everyone's help!!
Derek
On Jun 9, 2004, at 12:00 PM, Sam Barasch wrote:
Hi Derek.
What's interesting about these errors is that the Join seems to 
succeed, but
that the machine password in the smbpasswd file is not modified.

We're still using the 2.2.x stream of samba, and I've been meaning to 
try
the 3.0.x versions, but haven't gotten around to it yet.  I hope my
suggestions still apply to the version of samba you're using.

At first blush, it looks like you're having some permissions problems
editing the smbpasswd file and creating the machine account passwd for 
the
XP machine joining the domain.

Let me review items you've tried
1) Manually creating unix account and adding machine account to 
smbpasswd
file with smbpasswd -am xptest$  (your unix passwd entry looked fine)
2) The unix root account has an smbpasswd, and you're using that when
prompted.  (We've never been able to get domain admins to join machines
(because smbpasswd file is writable by only root)
3) It does look like the smbpasswd machine account has been disabled - 
have
you tried re-enabling it and rejoining the machine?  Smbpasswd -e 
xptest$

Because the smbpasswd file doesn't get modified, I suspect some kind of
permissions problem.
When trying to join the domain, have you already connected to the samba
server using a different set of credentials?  In our version of samba, 
only
one set of credentials is allowed - try doing a 'net use /delete *'  
(or
something like that) from the PC to be sure you haven't unwittingly 
opened a
connection to the samba server before trying to join the domain.

Good luck--
Sam Barasch
Computer Systems Support
Dept. of Biostatistics
University of Wisconsin in Madison
 -Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Behalf Of Derek Harkness
Sent: Monday, June 07, 2004 11:20 AM
To: [EMAIL PROTECTED]
Subject: [Samba] XP Joining domain
I'm attempting to join a Samba 3.0.4 domain on a Debian linux box,
with
a Windows XP client.
Problems
1) Can only get the join to work if I use the root account.  On Win2k
I
can use any account in the Domain Admins group.
2) The join succeeds, the unix account and the smb account are 
created
but the smb account is disabled, and the password contains all s.
Joining the domain works fine from Win2k.

I've tried adjusting the Signing entries.  I tried manually creating
the machine accounts, and I get a can't access machine account error
on
login.
Any thoughts?
Thanks!
Derek
This world is a comedy to those who think and a tragedy to those who
feel.

My lack of knowledge is only exceeded by my lack of concern.
--Anonymous GE Engineer

When the people fear the government you have tyranny... when the 
government fears the people you have liberty. 
   --Thomas Jefferson


PGP.sig
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba just Slow with AutoCad?

2004-06-09 Thread Brian Merrell 
The time it takes to save seems to get worse the longer drawing is open and
being used.  We're already back to seeing 10 second saves this morning.

I will probably try using ext3 instead of reiserFS this weekend, unless
someone out there has AutoCad working fine with reiserFS this is
my best guess as to what the problem is.


- Original Message - 
From: Brian Merrell [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, June 09, 2004 9:09 AM
Subject: Re: [Samba] Samba just Slow with AutoCad?


 Yes I am user reiserFS on the AutoCad Shares (Jerry, are you?)
 The older machine is running ext3.

 The CPU usage goes up, but I definately wouldn't call it a spike.
 It goes to about 1% which is probably normal.

 I did use the nolargeio=1 option and it did increase performance.. but..

 I tried timing the time it takes to save.  It takes the older machine
about
 1.25 seconds
 to save a 606KB drawing and it takes ~3 seconds for the new fancy
machine.

 Could this be due to ReiserFS?


 - Original Message - 
 From: Rashkae [EMAIL PROTECTED]
 To: Brian Merrell [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Sent: Wednesday, June 09, 2004 7:56 AM
 Subject: Re: [Samba] Samba just Slow with AutoCad?


  Hi.
 
  Does your new system use ReiserFS?
 
  When these ~20 second delays happen, can you see if there's a spike of
  System CPU time useage on the server?
 
  I've not heard of it happening over a network share, but some poorly
  behaved applications can trigger a 'feature', (actually, a
  performance optimization) with ReiserFS on Newer (2.6) kernels that
  will make the kernel spin it's wheels for a number of seconds.  If
  this might be the case for you, you can disable it by mounting a
  ReiserFS volume with a nolargeio=1 option.  (If you want to test this,
  it appears to to be safe to remount.  That is, mount /home -o
  remount,nolargeio=1 As an example.)
 
  On Tue, Jun 08, 2004 at 12:26:25PM -0600, Brian Merrell wrote:
   I just came across some very interesting information.
  
   We samba running on an old HP PIII 900.  I just plugged it back in and
 we
   opened some backup files we
   had on it.  It works just fine with AutoCad.
  
   Linux gatekeeper 2.4.26 #5 Mon Apr 19 07:15:24 MDT 2004 i686 Pentium
III
   (Coppermine) GenuineIntel GNU/Linux
  
   Samba Version 2.2.8a
  
   Our new machine is a Dual Opteron machine.
  
   Linux fileserv 2.6.5-gentoo-r1 #3 Sat May 29 13:32:03 MDT 2004 x86_64
5
   GNU/Linux
  
   Samba Version Version 3.0.2a
  
   The difference is that I need the hard drive space on our new server
 versus
   the 40 gigs we have on the older machine.
  
   The smb.conf file on the old machine is very very basic:
  
   [global]
  
   workgroup = TRISTATE
   security = SHARE
  
   [backup]
  
   path = /usr/backup
   writeable = Yes
   guest ok = Yes
  
  
  
  
   - Original Message - 
   From: Brian Merrell [EMAIL PROTECTED]
   To: [EMAIL PROTECTED]
   Sent: Tuesday, June 08, 2004 12:07 PM
   Subject: Re: [Samba] Samba just Slow with AutoCad?
  
  
Terry, Thanks a lot for your reply.  We're really trying to solve
this
problem.
   
   
 Brian,


 1.   Which release of AutoCAD are you using?
   
Autodesk Land Desktop 2004
2004.0.0
Service Pack 1
   

 2.   Are the support files for AutoCAD on the client or the
server?

   
On the clients.
   
 3.   Are you using cups?

   
No.
   
 4.   Is it true that your plotter settings are not being saved
with
 the
 drawing?  Was this true when you were using a windows server?

   
They are being saved with the drawings.  They were also being saved
 with
the drawings on the windows server.  (the windows server was
actually
 just
another client that shared it's HD).
   
 5.   Normally when AutoCAD is opening the print dialog box in an
   existing
 drawing, it is trying to find the printer that was used by the
last
session
 of Autocad. If it can't find that printer, it produces the printer
   none.
 Are you loading your printers from the server such that each
client
 has
the
 identical printer name?

   
First of all, you're right.  The print dialog only produces the
 printer
none when it's a new drawing.
Otherwise, it saves the print settings.  But we still experience a
 delay
independant of whether we
are printing from a new drawing or an existing one.  The printers
 aren't
   on
the server, and we do
not have identical printer name.
   
 6.   Are the network directories being used by AutoCAD the same as
 being
 used by the other programs that don't exhibit the long save times?

   
No.  AutoCad drawings are stored on a seperate harddrive and a
 different
directory.  However,
after reading this e-mail I moved a TIF image to the autocad
directory
 and
opened them from
Adobe Photoshop.  I then modified and saved the drawing and there
was
 no
delay.

[Samba] Automated response from the Paragon Software (SHDD) Support Service

2004-06-09 Thread Paragon Software Smart Handheld Devices Division 

 
___English___

Dear Customer,

 This is an automated response from the Paragon Software Support
Service. Please do not reply this message.

Your e-mail message has been successfully received. Please be
patient, your request will be processed within two-three business days
and will be replied.

Our support hours are Monday-Friday 11.00-19.00 GMT+3.

You can find both technical, as well as general, product information,
in the following areas:
1)  The Paragon Software web site  (http://www.penreader.com).
Useful links:
Dictionaries http://www.penreader.com/technologies/Dictionaries.html
Localization http://www.penreader.com/technologies/Localization.html
Gameshttp://www.penreader.com/technologies/Games.html
Utilitieshttp://www.penreader.com/technologies/Utilities.html
Handwriting  http://www.penreader.com/technologies/Handwriting.html
News http://www.penreader.com/company/news.html

2)  Your Getting Started Manual
3)  Help files that were installed with the product
 
 If you paid for software online and do not know, how to get your
purchase, please, check Your e-mail box. 
There must be a message from e-care System of Paragon Software with 
a link, password and login, where you can download a program.

Paragon Software (Smart Handheld Devices Division)
phones - +7 (095) 408-61-79, 408-76-77
e-mail: [EMAIL PROTECTED]
Web - http://www.penreader.com


Russian_

 ,

Paragon
Software. , . 

   
-  .

:
- 11.00-19.00 GMT+3.

  :
1)web- (http://www.penreader.com/ru/index.html);
 :
  http://www.penreader.com/ru/technologies/Dictionaries.html
  http://www.penreader.com/ru/technologies/Localization.html
 http://www.penreader.com/ru/technologies/Games.html
  http://www.penreader.com/ru/technologies/Utilities.html
http://www.penreader.com/ru/technologies/Handwriting.html
  http://www.penreader.com/ru/company/news.html

2)   ;
3)  Help files.

   -  
, ,,  e-mail 
 .   
 Paragon Software,   ,
  ,   .

Paragon Software (Smart Handheld Devices Division)
 +7 (095) 408-61-79, 408-76-77
e-mail: [EMAIL PROTECTED]
Web - http://www.penreader.com/ru/index.html

11.03.2004 You wrote/ :
[EMAIL PROTECTED] Please have a look at the attached file.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] bundled version not configured?

2004-06-09 Thread Guy Steuart 
I am trying to backup files from a linux box to a windows box.
The linux seems to be bundles with Samba2.2.8.
It also seems not to work as I can't start the daemon or even find some of the 
expected files. Is it likely it was never installed or configured?
How do I get it running or is it better to download a new version and should I 
uninstall first? How?
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba just Slow with AutoCad?

2004-06-09 Thread Rashkae 
On Wed, Jun 09, 2004 at 10:18:22AM -0600, Brian Merrell wrote:

 
  I tried timing the time it takes to save.  It takes the older machine
 about
  1.25 seconds
  to save a 606KB drawing and it takes ~3 seconds for the new fancy
 machine.
 
  Could this be due to ReiserFS?
 

In my experience, and by every benchmark measure I've seen so far,
ReiserFS performance is far superior to ext3.  The problem I mentioned
that gets fixed with nolargeio option is a bizare abnomally.
Reportedly, it affects older versions of Kmail and the Linux version
of NeverWinter Nights.  I thought it would be worth trying.

Since that was obviously not the problem, I'll let the real Samba
experts take back the floor :)

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RES: [Samba] authentification in ads2003

2004-06-09 Thread Estevam Henrique Carvalho 
I also have made this configuration working with w2k, the problem is related
do enc-types used by w2k3.
I have seen a lot of people complaining about the same issue. Can the samba
gurus help the community ??? What are the right configuration to put a Samba
3.0.x working as a Active Directory 2003 member and be accessible through
\\samba name\share name ?!

Please Jerry Carter, Andrew Batlett e other, gave us some light...

-Mensagem original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Em nome de
Christoph Scheeder
Enviada em: quarta-feira, 9 de junho de 2004 11:05
Para: Benoit Moeremans
Cc: [EMAIL PROTECTED]
Assunto: Re: [Samba] authentification in ads2003

Hi,

i got that working on woddy, but against a win2000 ADS.

How?
- fetched the latest soure of MIT-kerberos from mit-server
   and installed in /usr/local, as the version comming with woody
   is to old , it does not support the neede enc-types.
- fetched samba-3.0.5-pre2 from svn and compiled it against the kerberos
   in /usr/local, and installed it.
- deleted all old databases of samba
- delete the samba-server from the ADS and rejoin it.

i found for me that in nsswitch.conf the lines

passwd: compat winbind
group:  compat winbind

will not work, replace compat with files

this way you should be able to get it working, but no garanty.
Christoph

Benoit Moeremans schrieb:
 Hello,
 *This msg was already sent yesterday on this ml, but some i found some
 faults in the mail.*
 
 **If anyone can help me... the only thing i'm thinking now is to throw
away
 the servers**
 
 
 I installed Samba 3.0.4 + kerberos 5 + winbind to make the debian woody
 server joining
 the Active directory service.
 
 Everything seems to be ok, except the authentification. If i try to go to
 the share of the linux server from a windows box, it asks me the password.
 And of course, no
 way to log in.
 
 Here is the config:
 
 *nsswitch.conf*
 
 passwd: compat winbind
 group:  compat winbind
 shadow: compat
 
 hosts:  files dns
 networks:   files
 
 protocols:  db files
 services:   db files
 ethers: db files
 rpc:db files
 
 netgroup:   nis
 
 
 
 
 *samba*
 
 [global]
 
 
workgroup = TEST
realm = CAR.BE.TEST.COM.LOCAL
server string = %h server (Samba %v)
 ;  wins support = no
 ;  wins server = w.x.y.z
dns proxy = no
 ;  name resolve order = lmhosts host wins bcast
use spnego = yes
log file = /var/log/samba/log.%m
max log size = 1000
 ;  syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
 
 # separate domain and username with '+', like DOMAIN+username
 winbind separator = +
 # use uids from 1 to 2 for domain users
 idmap uid = 1-2
 # use gids from 1 to 2 for domain groups
 idmap gid = 1-2
 # allow enumeration of winbind users and groups
 winbind enum users = yes
 winbind enum groups = yes
 
security = ADS
encrypt passwords = yes
passdb backend = tdbsam guest
obey pam restrictions = yes
password server = car-pdc
netbios name = rantanplan
 ;  guest account = nobody
invalid users = root
 ;  unix password sync = no
 ;  passwd program = /usr/bin/passwd %u#   passwd chat =
 *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
 ;  pam password change = no
 ;  load printers = yes
 ;  preserve case = yes
 ;  short preserve case = yes
 ;  include = /home/samba/etc/smb.conf.%m
 # SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY
 ;  message command = /bin/sh -c '/usr/bin/linpopup %f %m %s; rm %s' 
 
 ;  domain master = auto
idmap uid = 1-2
idmap gid = 1-2
 ;   template shell = /bin/bash
 [admin]
 comment = Administration Directory
 path = /home/benoit
 admin users =  TEST+bmo
 browseable = yes
 public = no
 writable = yes
 guest only = no
 valid users = TEST+bmo
 
 *kerberos*
 [libdefaults]
 default_realm = CAR.BE.TEST.COM
 
 [realms]
 CAR.BE.TEST.COM = {
 kdc = car-pdc.car.be.test.com
 default_domain = car.be.test.com
 }
 #[domain_realms]
 #.kerberos.server=CAR.BE.TEST.COM
 
 # The following krb5.conf variables are only for MIT Kerberos.
 default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
 default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
 permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
 krb4_config = /etc/krb.conf
 krb4_realms = /etc/krb.realms
 kdc_timesync = 1
 ccache_type = 4
 forwardable = true
 proxiable = true
 
 
 v4_instance_resolve = false
 v4_name_convert = {
 host = {
 rcmd = host
 ftp = ftp
 }
 plain = {
 something = something-else
 }
 }
 
 
 [login]
 krb4_convert = true
 krb4_get_tickets = true
 
 
 *winbind*

RES: [Samba] Problem with authenticating a computer to a samba sh are

2004-06-09 Thread Estevam Henrique Carvalho 
What do you mean with ADC Slave, security=ads in smb.conf ? 

-Mensagem original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Em nome de Björn
Giesler
Enviada em: quarta-feira, 9 de junho de 2004 12:32
Para: [EMAIL PROTECTED]
Assunto: [Samba] Problem with authenticating a computer to a samba share

Hi,

I have a Win2k Server Active Directory Domain Controller, and an 
Exchange server running on the same machine. I want to use NTBACKUP to 
back up the mailboxes to a Samba machine running as ADC slave. This 
doesn't work, and I get the message

Username DOMAIN\MACHINE$ is invalid on this system

in the Samba logs.

How can I make MACHINE known to Samba? Since MACHINE is the domain 
controller, I can't add it to the ADC host list, and it's the one that 
supplies the passwords...

Anyone seen/done this before?

Thanks a lot in advance,
Björn
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


= 
Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você
não for o destinatário ou a pessoa autorizada a receber esta mensagem, não
deverá utilizar, copiar, alterar, divulgar a informação nela contida ou
tomar qualquer ação baseada nessas informações. Se você recebeu esta
mensagem por engano, por favor avise imediatamente o remetente, respondendo
o e-mail e em seguida apague-o. Agradecemos sua cooperação. 

This message may contain confidential and/or privileged information. If you
are not the addressee or authorized to receive this for the addressee, you
must not use, copy, disclose, change, take any action based on this message
or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation. 
= 
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] smbldap - backup

2004-06-09 Thread System User 
Hi,

I'm wondering what is the best option to backup the ldap backend of my
samba server without having to bring ldap offline?  Until now, I didn't
find a lot of documentation about best practices on this subject.

Does anybody here have a suggestion?

Thank you.


Etienne-Hugues Fortin
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Winbind Authentication Problem

2004-06-09 Thread L. Mark Stone 
Had planned to use LDAP and replace an NT4 domain, but trouble with a 
software vendor (long story) means we need to keep the NT4 domain and 
use winbind for share authentication for the next few months.

So, I religiously followed the TOSHARG winbind chapter, stopping short 
of making changes to /etc/pam.d files.

I can browse and see shares from the Samba box via KDE's LAN browser, 
but authentication doesn't work.

When browsing from a Windows box, I don't even get that far.

I have set up several Samba boxes, but never used Winbind before, so I 
expect I'm missing something simple here.

Using Samba 3.0.4-5 rpms compiled by Sernet (SuSE) on SuSE Pro 9.0 with 
all updates.

Factoids:
The box appears in NT4's Server Manager highlighted (so it's a domain 
member server as far as the domain is concerned.)  Net Neighborhood on 
a Windows box shows an icon for the Samba server.

From the Samba box running smbclient -L SHIRAZ generates a password 
prompt (doesn't matter what I put in) and then an error session setup 
failed: NT_STATUS_CANT_ACCESS_DOMAIN_INFO

From a Windows machine on the network, doing a Start  Run  \\SHIRAZ 
[Enter] generates an error dialog box that reads:  configuration 
information could not be read from the domain controller, either 
because the machine is unavailable, or access has been denied.

The /var/log/messages file on the Samba server shows (I'm editing here): 
nsswitch/winbindd_util.c:get_trust_pw(1024) could not fetch trust 
account password for my domain MCCM

Here's /etc/pam.d/samba:
#%PAM-1.0
auth required   pam_unix.so
account  required   pam_unix.so


Here's smb.conf (may wordwrap):
[global]
workgroup = MCCM
interfaces = 127.0.0.1 172.22.6.0/24 192.168.20.0/24 192.168.21.0/24 
eth0
bind interfaces only = true
#   printing = cups
#   printcap name = cups
#   load printers = yes
winbind separator = '\'
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%D/%U
security = domain
password server = *
wins server = 172.22.6.11
encrypt passwords = yes

[Accounting]
comment = Company Financial Reports
path = /data/Company/Accounting
valid users = @Accounting
read only = Yes

[AcctPrivate]
comment = Accounting Department Use Only
path = /data/Company/AcctPrivate
valid users = @Accounting-Private

[Billing]
comment = Billing Department Working Files
path = /data/Company/Billing
valid users = @Billing

[IT_Dept]
comment = Techie Stuff You May Need
path = /data/Company/IT_Dept
valid users = @Domain Users

[IT_Private]
comment = For IT Department Use Only
path = /data/Company/IT_Private
valid users = @IT_Dept

[Lab]
comment = For Lab Department Use Only
path = /data/Company/Lab
valid users = @Lab

[LabPrivate]
comment = Lab Management Use Only
path = /data/Company/LabPrivate
valid users = @Lab
# Change valid users to head of lab!

[Public]
comment = Public Documents
path = /data/Company/Public
valid users = @Domain Users

[Research]
comment = For Research Department Use Only
path = /data/Company/Public
valid users = @Domain Users
# Correct valid users to members of research local group.


And here's nsswitch.conf:

passwd: files winbind
shadow: files
group:  files winbind

passwd: compat ldap
group:  compat ldap

hosts:  files dns wins
networks:   files dns

services:   files
protocols:  files
rpc:files
ethers: files
netmasks:   files
netgroup:   files
publickey:  files

bootparams: files
automount:  files nis
aliases:files



All ideas gratefully accepted!

Thanks!
Mark

-- 
_
A Message From...  L. Mark Stone

Reliable Networks of Maine, LLC
477 Congress Street, 5th Floor
Portland, ME 04101
Tel: (207) 772-5678
Web: http://www.RNoME.com

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] security = ads: problem join XP Pro?

2004-06-09 Thread Etienne-Hugues Fortin 
Hi,

I've configured Samba 3.0.4 with Openldap 2.1.22 to use my samba server as
a PDC.  At first, I had some problem with the user administrator.  I've
then found the workaround a few days ago.  Now that this is fixed, I'm
trying to join a XP Pro workstation to my domain.  I've done multiple test
and never succeeded.  I'm always getting XP Pro to complain about not
being able to find a domain and talking about a SRV entry in my DNS (which
is dynamic as required when using dhcp at the same time).

So, this morning, in a desesperate attempt, I changed security = ads to
security = domain and retry to join the domain from XP Pro.  To my
surprise, it worked fine.  I've reread the documentation and it's still
saying that we should use security = domain when our server is acting as a
BDC, not a PDC.

I still have to do more test tonight to see if everything is working but
right now, I'm more curious to understand why my samba server (which is
now acting as a BDC) is accepting a join request while it's not when it's
acting as a PDC.  Is that normal?  Should I keep my server in security =
domain mode?

Thank you.


Etienne-Hugues Fortin
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: RES: [Samba] Problem with authenticating a computer to a samba sh are

2004-06-09 Thread Björn Giesler 
Am 09.06.2004 um 19:55 schrieb Estevam Henrique Carvalho:
What do you mean with ADC Slave, security=ads in smb.conf ?
Yes, exactly. Encrypt passwords=yes, password server=MACHINE from my 
previous mail.

Regards,
Björn
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] security = ads: problem join XP Pro?

2004-06-09 Thread Tom Skeren 
Does your DNS server have the following entries:
If not it won't work.
_ldap._tcp.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
_ldap._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 389 
server.fsklaw.net.
_ldap._tcp.pdc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
_ldap._tcp.gc._msdcs.fsklaw.net. 600 IN SRV 0 100 3268 server.fsklaw.net.
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.fsklaw.net. 600 IN SRV 0 100 3268 
server.fsklaw.net.
_ldap._tcp.dddc-59fe-434d-8cca-f00ca06b564d.domains._msdcs.fsklaw.net. 600 IN SRV 
0 100 389 server.fsklaw.net.
gc._msdcs.fsklaw.net. 600 IN A 192.168.62.1
42254cae-00e0-4814-a063-af2189b41e2b._msdcs.fsklaw.net. 600 IN CNAME server.fsklaw.net.
_kerberos._tcp.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 
88 server.fsklaw.net.
_ldap._tcp.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 
server.fsklaw.net.
_kerberos._tcp.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
_kerberos._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 88 
server.fsklaw.net.
_gc._tcp.fsklaw.net. 600 IN SRV 0 100 3268 server.fsklaw.net.
_gc._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 3268 
server.fsklaw.net.
_kerberos._udp.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
_kpasswd._tcp.fsklaw.net. 600 IN SRV 0 100 464 server.fsklaw.net.
_kpasswd._udp.fsklaw.net. 600 IN SRV 0 100 464 server.fsklaw.net.
fsklaw.net. 600 IN A 192.168.61.1
gc._msdcs.fsklaw.net. 600 IN A 192.168.61.1

Etienne-Hugues Fortin wrote:
Hi,
I've configured Samba 3.0.4 with Openldap 2.1.22 to use my samba server as
a PDC.  At first, I had some problem with the user administrator.  I've
then found the workaround a few days ago.  Now that this is fixed, I'm
trying to join a XP Pro workstation to my domain.  I've done multiple test
and never succeeded.  I'm always getting XP Pro to complain about not
being able to find a domain and talking about a SRV entry in my DNS (which
is dynamic as required when using dhcp at the same time).
So, this morning, in a desesperate attempt, I changed security = ads to
security = domain and retry to join the domain from XP Pro.  To my
surprise, it worked fine.  I've reread the documentation and it's still
saying that we should use security = domain when our server is acting as a
BDC, not a PDC.
I still have to do more test tonight to see if everything is working but
right now, I'm more curious to understand why my samba server (which is
now acting as a BDC) is accepting a join request while it's not when it's
acting as a PDC.  Is that normal?  Should I keep my server in security =
domain mode?
Thank you.
Etienne-Hugues Fortin
 


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbldap - backup

2004-06-09 Thread Etienne-Hugues Fortin 
Hi,

 Really more of an openldap question... however

That's true but I assume that anybody that is using Samba with ldap would
benefit knowing this.

 You can do 'slapcat' from the command line of your ldap box and it will
 output the data in an ldif format.  Redirect that into a file for
 backing up.  You would probably want to get your openldap configuration
 directory (typically /etc/openldap on linux servers where you didn't
 compile from source).  If you ever needed to restore from that file you
 pipe it into a slapadd command and you're done restoring.

I didn't realized that slapcat was really showing everything in a format
that was usable for a future import (slapadd).  I'll go to bed a little
bit more knowledgable about ldap.  That's good.

Hopefully it will be useful for somebody else as well.


Thank you Paul for your fast answer.


Etienne-Hugues


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] security = ads: problem join XP Pro?

2004-06-09 Thread Etienne-Hugues Fortin 
 Does your DNS server have the following entries:
 If not it won't work.

It's the first time I'm seeing this list.  I know that XP Pro was asking
for something like _ldap._tcp.domainname but even googling on this
didn't helped me getting what you just sent.

I'll add this to my DNS.  Just to make sure everything is clear, I have to
replace the first fsklwaw.net with my own domain and then, I'm replacing
the server.fsklaw.net with my fully qualified hostname for my samba server
acting as the PDC.  Everything else would stay identical.  Is that right?


Etienne-Hugues


 _ldap._tcp.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
 _ldap._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 389
 server.fsklaw.net.
 _ldap._tcp.pdc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
 _ldap._tcp.gc._msdcs.fsklaw.net. 600 IN SRV 0 100 3268 server.fsklaw.net.
 _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.fsklaw.net. 600 IN SRV
 0 100 3268 server.fsklaw.net.
 _ldap._tcp.dddc-59fe-434d-8cca-f00ca06b564d.domains._msdcs.fsklaw.net.
 600 IN SRV 0 100 389 server.fsklaw.net.
 gc._msdcs.fsklaw.net. 600 IN A 192.168.62.1
 42254cae-00e0-4814-a063-af2189b41e2b._msdcs.fsklaw.net. 600 IN CNAME
 server.fsklaw.net.
 _kerberos._tcp.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 88
 server.fsklaw.net.
 _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.fsklaw.net. 600 IN
 SRV 0 100 88 server.fsklaw.net.
 _ldap._tcp.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
 _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.fsklaw.net. 600 IN SRV
 0 100 389 server.fsklaw.net.
 _kerberos._tcp.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
 _kerberos._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100
 88 server.fsklaw.net.
 _gc._tcp.fsklaw.net. 600 IN SRV 0 100 3268 server.fsklaw.net.
 _gc._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 3268
 server.fsklaw.net.
 _kerberos._udp.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
 _kpasswd._tcp.fsklaw.net. 600 IN SRV 0 100 464 server.fsklaw.net.
 _kpasswd._udp.fsklaw.net. 600 IN SRV 0 100 464 server.fsklaw.net.
 fsklaw.net. 600 IN A 192.168.61.1
 gc._msdcs.fsklaw.net. 600 IN A 192.168.61.1



 Etienne-Hugues Fortin wrote:

Hi,

I've configured Samba 3.0.4 with Openldap 2.1.22 to use my samba server
 as
a PDC.  At first, I had some problem with the user administrator.  I've
then found the workaround a few days ago.  Now that this is fixed, I'm
trying to join a XP Pro workstation to my domain.  I've done multiple
 test
and never succeeded.  I'm always getting XP Pro to complain about not
being able to find a domain and talking about a SRV entry in my DNS
 (which
is dynamic as required when using dhcp at the same time).

So, this morning, in a desesperate attempt, I changed security = ads to
security = domain and retry to join the domain from XP Pro.  To my
surprise, it worked fine.  I've reread the documentation and it's still
saying that we should use security = domain when our server is acting as
 a
BDC, not a PDC.

I still have to do more test tonight to see if everything is working but
right now, I'm more curious to understand why my samba server (which is
now acting as a BDC) is accepting a join request while it's not when it's
acting as a PDC.  Is that normal?  Should I keep my server in security =
domain mode?

Thank you.


Etienne-Hugues Fortin





 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] security = ads: problem join XP Pro?

2004-06-09 Thread Paul Gienger 
Are you running any windows servers in your setup or just one samba box 
and the clients?

Assuming the latter, which sounds like you unless I'm badly mis-reading 
you here, you don't *need* any special DNS entries to make things work.  
Perhaps you could attach your smb.conf file?  It sounds like your 
security parameter is way out of whack, which could be causing your 
issues. 
security = domain
 is for when you have a functioning NT network to add this machine to 
that holds your login info.  I've successfully added a 3.0 machine to a 
2.2.x network and then not had to do any passdb setup on it.
security = ads
 is for configuring authentication against an existing 2000 (/2003?) AD 
network, which you haven't mentioned here.

You probably want (from TOSHaRG):
preferred master = yes
domain master = yes
local master = yes
security = user
domain logons = yes
Etienne-Hugues Fortin wrote:
Does your DNS server have the following entries:
If not it won't work.
   

It's the first time I'm seeing this list.  I know that XP Pro was asking
for something like _ldap._tcp.domainname but even googling on this
didn't helped me getting what you just sent.
I'll add this to my DNS.  Just to make sure everything is clear, I have to
replace the first fsklwaw.net with my own domain and then, I'm replacing
the server.fsklaw.net with my fully qualified hostname for my samba server
acting as the PDC.  Everything else would stay identical.  Is that right?
Etienne-Hugues
 

_ldap._tcp.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
_ldap._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 389
server.fsklaw.net.
_ldap._tcp.pdc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
_ldap._tcp.gc._msdcs.fsklaw.net. 600 IN SRV 0 100 3268 server.fsklaw.net.
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.fsklaw.net. 600 IN SRV
0 100 3268 server.fsklaw.net.
_ldap._tcp.dddc-59fe-434d-8cca-f00ca06b564d.domains._msdcs.fsklaw.net.
600 IN SRV 0 100 389 server.fsklaw.net.
gc._msdcs.fsklaw.net. 600 IN A 192.168.62.1
42254cae-00e0-4814-a063-af2189b41e2b._msdcs.fsklaw.net. 600 IN CNAME
server.fsklaw.net.
_kerberos._tcp.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 88
server.fsklaw.net.
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.fsklaw.net. 600 IN
SRV 0 100 88 server.fsklaw.net.
_ldap._tcp.dc._msdcs.fsklaw.net. 600 IN SRV 0 100 389 server.fsklaw.net.
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.fsklaw.net. 600 IN SRV
0 100 389 server.fsklaw.net.
_kerberos._tcp.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
_kerberos._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100
88 server.fsklaw.net.
_gc._tcp.fsklaw.net. 600 IN SRV 0 100 3268 server.fsklaw.net.
_gc._tcp.Default-First-Site-Name._sites.fsklaw.net. 600 IN SRV 0 100 3268
server.fsklaw.net.
_kerberos._udp.fsklaw.net. 600 IN SRV 0 100 88 server.fsklaw.net.
_kpasswd._tcp.fsklaw.net. 600 IN SRV 0 100 464 server.fsklaw.net.
_kpasswd._udp.fsklaw.net. 600 IN SRV 0 100 464 server.fsklaw.net.
fsklaw.net. 600 IN A 192.168.61.1
gc._msdcs.fsklaw.net. 600 IN A 192.168.61.1

Etienne-Hugues Fortin wrote:
   

Hi,
I've configured Samba 3.0.4 with Openldap 2.1.22 to use my samba server
as
a PDC.  At first, I had some problem with the user administrator.  I've
then found the workaround a few days ago.  Now that this is fixed, I'm
trying to join a XP Pro workstation to my domain.  I've done multiple
test
and never succeeded.  I'm always getting XP Pro to complain about not
being able to find a domain and talking about a SRV entry in my DNS
(which
is dynamic as required when using dhcp at the same time).
So, this morning, in a desesperate attempt, I changed security = ads to
security = domain and retry to join the domain from XP Pro.  To my
surprise, it worked fine.  I've reread the documentation and it's still
saying that we should use security = domain when our server is acting as
a
BDC, not a PDC.
I still have to do more test tonight to see if everything is working but
right now, I'm more curious to understand why my samba server (which is
now acting as a BDC) is accepting a join request while it's not when it's
acting as a PDC.  Is that normal?  Should I keep my server in security =
domain mode?
Thank you.
Etienne-Hugues Fortin
 

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
   

 

--
Paul Gienger Office:701-281-1884
Applied Engineering Inc. Cell:  701-306-6254
Information Systems Consultant   Fax:   701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Need Information

2004-06-09 Thread M- Usman 
Dear Sir / Madam,
Hello

I am now a day working on Samba Server 2.2.x to act Like PDC Server.
i am very much work but when i use windows 2000 for its client it wont works

it register it self but after i reboot system its says that no Windows cannot find 
that Domain or Domain is available or your machine is not register...etc

So Kindly help me in this meter as soon as possible.

Best Regards
M-Usman


_
Linux.Net --Open Source to everyone
Powered by Linare Corporation
http://www.linare.com/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Error Joining Domain

2004-06-09 Thread Michael Padilla 

hello

im trying to setup a test PDC using SAMBA 3 and used one example from samba
docs and encountered this problem, by the way my test client runs on win2k
prof:

Windows Error!!
   A duplicate name exists on the network

i can not log-in and i cannot browse my PDC and shared folders. then i run
smbclient -L localhost %U on the PDC and it showed three server names, 3
workgroups and three master, all including the PDC. the other win2k clients
are configured in workgroup for the meantime before i join them to the
domain but this error appears. its the 1st time im trying to join the pc on
the domain. heres my sample smb.conf

[global]
workgroup = CUBAO
passwd chat = *New*Password* \
%n\n*Re-enter*new*password* %n\n *Password*changed*
username map = /etc/samba/smbusers
syslog = 0
name resolve order = wins bcast hosts
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd \
-s /bin/false -d /dev/null %u
logon script = scripts\login.bat
logon path =
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
printing = CUPS

any ideas thanks..

mike

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] security = ads: problem join XP Pro?

2004-06-09 Thread Etienne-Hugues Fortin 
Hi Paul,

It's the second option that I'm having.  I'm pretty sure security = user
will fix the problem.  Is it me or in previous version of samba, security
= user was for workgroup only?

Below is my smb.conf.  Note that I've changed the security to reflect what
you suggested but it was exactly the same before except for the security =
ads that was there.

It's has now became a very long file based on the various documents that I
read, trying to figure what was my problem.  However, now that I made a
lot of cleanup in the file and regrouped the settings by section, I think
it make sense.

Thank you for your time.


Etienne-Hugues


[global]
;unix charset = LOCALE
workgroup = cyberspicace
netbios name = fs01
server string = fs01
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
wins support = yes

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes
domain logons = yes

;security and logging settings
security = user
encrypt passwords = yes
unix password sync = yes
passdb backend = ldapsam:ldap://fs01.cyberspicace.com
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445

;security - interface
interfaces = eth0 192.168.1.0/24 lo 127/8
bind interfaces only = yes

;services
name resolve order = wins bcast hosts
time server = yes
printcap name = CUPS
printing = cups
show add printer wizard = yes

;various scripts
passwd program = /var/lib/samba/sbin/smbldap-passwd.pl -o %u
passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel.pl %u
add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%'g
add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u'
'%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl -x
'%u'
'%g'
set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g'
'%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:

;access
admin users = @Domain Admins
printer admin = @Domain Admins

;ldap backend
ldap suffix = dc=cyberspicace,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=cyberspicace,dc=com
idmap backend = ldap:ldap://fs01.cyberspicace.com
idmap uid = 1-2
idmap gid = 1-2
map acl inherit = Yes

include = /etc/samba/shares.conf



 Are you running any windows servers in your setup or just one samba box
 and the clients?

 Assuming the latter, which sounds like you unless I'm badly mis-reading
 you here, you don't *need* any special DNS entries to make things work.
 Perhaps you could attach your smb.conf file?  It sounds like your
 security parameter is way out of whack, which could be causing your
 issues.
 security = domain
   is for when you have a functioning NT network to add this machine to
 that holds your login info.  I've successfully added a 3.0 machine to a
 2.2.x network and then not had to do any passdb setup on it.
 security = ads
   is for configuring authentication against an existing 2000 (/2003?) AD
 network, which you haven't mentioned here.

 You probably want (from TOSHaRG):
 preferred master = yes
 domain master = yes
 local master = yes
 security = user
 domain logons = yes


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Reasonable Throughput

2004-06-09 Thread Josh Skains 
One thing that it seems hard to define is what a reasonable expectation of throughput 
on a 100Mbps Ethernet that a samba server should be running at. Currently, I seem to 
be getting about 4.8Mbps for a single client (NetBench).

There is a switch between the server and the client I was testing with. Thoughts?

Thanks,
JMS
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] security = ads: problem join XP Pro?

2004-06-09 Thread Paul Gienger 
Where are you getting with adding the machines?  You should get a posix 
user added with machinename$ for the uid, then that user will be 
modified to include the sambaSamAccount data. 

I would suggest these for 'official' resources:
http://us2.samba.org/samba/docs/man/howto/samba-pdc.html*
*and
http://us2.samba.org/samba/docs/man/guide/
**
there are a couple  of comments below:
[global]
;unix charset = LOCALE
workgroup = cyberspicace
netbios name = fs01
server string = fs01
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
wins support = yes
;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes
domain logons = yes
;security and logging settings
security = user
encrypt passwords = yes
unix password sync = yes
passdb backend = ldapsam:ldap://fs01.cyberspicace.com
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
;security - interface
interfaces = eth0 192.168.1.0/24 lo 127/8
bind interfaces only = yes
 

not necessarily related to your problem, but you could probably do away 
with these if you're on a protected LAN.  Lets try to not be any more 
restrictive than we have to, at least not while testing.

;services
name resolve order = wins bcast hosts
time server = yes
printcap name = CUPS
printing = cups
show add printer wizard = yes
;various scripts
passwd program = /var/lib/samba/sbin/smbldap-passwd.pl -o %u
passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel.pl %u
add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%'g
add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u'
'%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl -x
'%u'
'%g'
set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g'
'%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
 

You didn't mention, did you configure the smbldap-tools package?  I 
would assume that you did, but covering all the bases here.

logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
;access
admin users = @Domain Admins
printer admin = @Domain Admins
;ldap backend
ldap suffix = dc=cyberspicace,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=cyberspicace,dc=com
 

Did you store the password for the admin dn with smbpasswd -w ...
idmap backend = ldap:ldap://fs01.cyberspicace.com
idmap uid = 1-2
idmap gid = 1-2
 

Don't need these unless you're using winbind.
map acl inherit = Yes
include = /etc/samba/shares.conf

 

Are you running any windows servers in your setup or just one samba box
and the clients?
Assuming the latter, which sounds like you unless I'm badly mis-reading
you here, you don't *need* any special DNS entries to make things work.
Perhaps you could attach your smb.conf file?  It sounds like your
security parameter is way out of whack, which could be causing your
issues.
security = domain
 is for when you have a functioning NT network to add this machine to
that holds your login info.  I've successfully added a 3.0 machine to a
2.2.x network and then not had to do any passdb setup on it.
security = ads
 is for configuring authentication against an existing 2000 (/2003?) AD
network, which you haven't mentioned here.
You probably want (from TOSHaRG):
preferred master = yes
domain master = yes
local master = yes
security = user
domain logons = yes
   

 

--
Paul Gienger Office:701-281-1884
Applied Engineering Inc. Cell:  701-306-6254
Information Systems Consultant   Fax:   701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbldap - backup

2004-06-09 Thread William Jojo 


I would recommend reading Jerry's LDAP System Administration book -
Chapter 5 specifically the section on creating a replica and then using
the replica in read-only mode to do the export so the data doesn't change
under you...


my $.02


Bill




On Wed, 9 Jun 2004, Etienne-Hugues Fortin wrote:

 Hi,

  Really more of an openldap question... however

 That's true but I assume that anybody that is using Samba with ldap would
 benefit knowing this.

  You can do 'slapcat' from the command line of your ldap box and it will
  output the data in an ldif format.  Redirect that into a file for
  backing up.  You would probably want to get your openldap configuration
  directory (typically /etc/openldap on linux servers where you didn't
  compile from source).  If you ever needed to restore from that file you
  pipe it into a slapadd command and you're done restoring.

 I didn't realized that slapcat was really showing everything in a format
 that was usable for a future import (slapadd).  I'll go to bed a little
 bit more knowledgable about ldap.  That's good.

 Hopefully it will be useful for somebody else as well.


 Thank you Paul for your fast answer.


 Etienne-Hugues


 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: RES: [Samba] authentification in ads2003

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Estevam Henrique Carvalho wrote:
| I also have made this configuration working with w2k, the
| problem is related do enc-types used by w2k3.  I have seen
| a lot of people complaining about the same issue. Can the samba
| gurus help the community ??? What are the right configuration
| to put a Samba 3.0.x working as a Active Directory 2003
| member and be accessible through \\samba name\share name ?!
|
| Please Jerry Carter, Andrew Batlett e other, gave us
| some light...
|
...
|[realms]
|CAR.BE.TEST.COM = {
|kdc = car-pdc.car.be.test.com
|default_domain = car.be.test.com
|}
|#[domain_realms]
|#.kerberos.server=CAR.BE.TEST.COM
|
|# The following krb5.conf variables are only for MIT Kerberos.
|default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
|default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
|permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
I never set these three options any more.  I fact, my entire
krb5.conf consists of:
- 
[libdefaults]
~dns_fallback = true
- 
It's probably the permitted_enctypes line that is causing
problems.

cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key   http://www.plainjoe.org/gpg_public.asc
...a hundred billion castaways looking for a home. --- Sting
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAx2zvIR7qMdg1EfYRAhWgAKDrDFs/WAqvORDU0uXNWIsc8n42cACgnShz
cJWYHIbZpG8rbUxNiBXKSQI=
=o3ev
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Change OpenLdap to Oracle OID

2004-06-09 Thread Andrade Guerra, Marcelo 
Any know if i can migrate Samba Users And computers account´s  from OpenLdap to OID 
and use OID with Samba???

Regards



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Can't print multiple copies from XP to Samba 2.2.8a on Linux, hp 932c

2004-06-09 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Kratz wrote:
| When we hook the printer directly to a xp machine, printing
| multiple copies does work, but printing over the network to
| samba will only ever print a single copy no matter what.
Make sure that you've initialized the printer data for
that queue on the Samba box.
Also make sure that you can print multiple copies
after to a a local version of the printer even
after unselecteding the Enmable Advanced Printer
Features checkbox in the advanced tab of the printer
properties window.  It could be that this feature only
works with EMF jobs and not standard RAW/PCL/PS.  Just
a guess.

cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAx26rIR7qMdg1EfYRApmUAKDpNKjDKSlk4EAlDVNS5uCNw87yrwCeJ5PU
X08DmaEyNfxss+UuAabsgMA=
=4yCt
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RES: RES: [Samba] Problem with authenticating a computer to a sam ba sh are

2004-06-09 Thread Estevam Henrique Carvalho 
Have you ran net ads join -U w2k admin user name ?
Did the machine name appear under Computer OU in the Active Directory ?
Could you, from the same Win box that runs NTBACKUP, run \\samba-server ?
What are the results for the commands wbinfo -u, wbinfo -g, wbinfo -t ?
Before run NTBACKUP, have you mapped the samba share(s) with a valid domain
user ?


-Mensagem original-
De: Björn Giesler [mailto:[EMAIL PROTECTED] 
Enviada em: quarta-feira, 9 de junho de 2004 15:54
Para: Estevam Henrique Carvalho
Cc: [EMAIL PROTECTED]
Assunto: Re: RES: [Samba] Problem with authenticating a computer to a samba
sh are


Am 09.06.2004 um 19:55 schrieb Estevam Henrique Carvalho:
 What do you mean with ADC Slave, security=ads in smb.conf ?

Yes, exactly. Encrypt passwords=yes, password server=MACHINE from my 
previous mail.

Regards,
Björn


= 
Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você
não for o destinatário ou a pessoa autorizada a receber esta mensagem, não
deverá utilizar, copiar, alterar, divulgar a informação nela contida ou
tomar qualquer ação baseada nessas informações. Se você recebeu esta
mensagem por engano, por favor avise imediatamente o remetente, respondendo
o e-mail e em seguida apague-o. Agradecemos sua cooperação. 

This message may contain confidential and/or privileged information. If you
are not the addressee or authorized to receive this for the addressee, you
must not use, copy, disclose, change, take any action based on this message
or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation. 
= 
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Need help configuring Samba3/LDAP PDC

2004-06-09 Thread Aaron Ogden 
Hello all,
I'm following along in chapter 6 of John Terpstra's Samba 3 By Example 
and I've got everything working great up until the point where I join 
the machine to the new domain (step 17 on page 155).  The command *net 
rpc join -U Administrator* fails with the errors below.

palpatine:/var/lib/samba/sbin # net -d 4 rpc join -U Administrator
[2004/06/09 15:13:35, 3] param/loadparm.c:lp_load(3881)
 lp_load: refreshing parameters
[2004/06/09 15:13:35, 3] param/loadparm.c:init_globals(1309)
 Initialising global parameters
[2004/06/09 15:13:35, 3] param/params.c:pm_process(566)
 params.c:pm_process() - Processing configuration file 
/etc/samba/smb.conf
[2004/06/09 15:13:35, 3] param/loadparm.c:do_section(3379)
 Processing section [global]
 doing parameter unix charset = LOCALE
 doing parameter workgroup = GXT
 doing parameter netbios name = GXTPDC
[2004/06/09 15:13:35, 4] param/loadparm.c:handle_netbios_name(2723)
 handle_netbios_name: set global_myname to: GXTPDC
 doing parameter interfaces = eth0, lo
 doing parameter bind interfaces only = Yes
 doing parameter passdb backend = ldapsam:ldap://ldap.gxt.com
 doing parameter username map = /etc/samba/smbusers
 doing parameter log level = 1
 doing parameter syslog = 0
 doing parameter log file = /var/log/samba/%m
 doing parameter max log size = 50
 doing parameter smb ports = 139 445
 doing parameter name resolve order = wins bcast hosts
 doing parameter time server = Yes
 doing parameter printcap name = CUPS
 doing parameter show add printer wizard = No
 doing parameter add user script = 
/var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
 doing parameter delete user script = 
/var/lib/samba/sbin/smbldap-userdel.pl '%u'
 doing parameter add group script = 
/var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
 doing parameter delete group script = 
/var/lib/samba/sbin/smbldap-groupdel.pl '%g'
 doing parameter add user to group script = 
/var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g'
 doing parameter delete user from group script = 
/var/lib/samba/sbin/smbldap-groupmod.pl -x '%u' '%g'
 doing parameter set primary group script = 
/var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u'
 doing parameter add machine script = 
/var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
 doing parameter shutdown script = /var/lib/samba/scripts/shutdown.sh
 doing parameter abort shutdown script = /sbin/shutdown -c
 doing parameter logon script = scripts\logon.bat
 doing parameter logon path = \\%L\profiles\%U
 doing parameter logon drive = X:
 doing parameter domain logons = Yes
 doing parameter preferred master = Yes
 doing parameter wins support = Yes
 doing parameter ldap suffix = dc=gxt,dc=com
 doing parameter ldap machine suffix = ou=people
 doing parameter ldap user suffix = ou=people
 doing parameter ldap group suffix = ou=groups
 doing parameter ldap idmap suffix = ou=idmap
 doing parameter ldap admin dn = cn=admin,dc=gxt,dc=com
 doing parameter idmap backend = ldap://ldap.gxt.com
 doing parameter idmap uid = 1-2
 doing parameter idmap gid = 1-2
 doing parameter map acl inherit = Yes
 doing parameter printing = cups
 doing parameter printer admin = Administrator
[2004/06/09 15:13:35, 4] param/loadparm.c:lp_load(3913)
 pm_process() returned Yes
[2004/06/09 15:13:35, 2] lib/interface.c:add_interface(79)
 added interface ip=172.17.0.240 bcast=172.17.3.255 nmask=255.255.252.0
[2004/06/09 15:13:35, 2] lib/interface.c:add_interface(79)
 added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
[2004/06/09 15:13:35, 3] libsmb/cliconnect.c:cli_start_connection(1373)
 Connecting to host=GXTPDC
[2004/06/09 15:13:35, 3] lib/util_sock.c:open_socket_out(735)
 Connecting to 172.17.0.240 at port 445
[2004/06/09 15:13:35, 4] lib/time.c:get_serverzone(122)
 Serverzone is 18000
[2004/06/09 15:13:35, 4] rpc_client/cli_netlogon.c:cli_net_req_chal(45)
 cli_net_req_chal: LSA Request Challenge from GXTPDC to GXTPDC: 
1F9217647828E59B
[2004/06/09 15:13:35, 4] libsmb/credentials.c:cred_session_key(59)
 cred_session_key
[2004/06/09 15:13:35, 4] libsmb/credentials.c:cred_create(90)
 cred_create
[2004/06/09 15:13:35, 4] rpc_client/cli_netlogon.c:cli_net_auth2(102)
 cli_net_auth2: srv:\\GXTPDC acct:GXTPDC$ sc:6 mc: GXTPDC chal 
B3BA8E48EB059670 neg: 400701ff
[2004/06/09 15:13:35, 3] rpc_client/cli_netlogon.c:cli_nt_setup_creds(283)
 cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED
[2004/06/09 15:13:35, 3] libsmb/trusts_util.c:just_change_the_password(43)
 just_change_the_password: unable to setup creds (NT_STATUS_ACCESS_DENIED)!
[2004/06/09 15:13:35, 1] utils/net_rpc.c:run_rpc_command(141)
 rpc command function failed! (NT_STATUS_ACCESS_DENIED)
Password:
[2004/06/09 15:14:11, 3] libsmb/cliconnect.c:cli_start_connection(1373)
 Connecting to host=GXTPDC
[2004/06/09 15:14:11, 3] lib/util_sock.c:open_socket_out(735)
 Connecting to 172.17.0.240 at port 445
[2004/06/09 15:14:11, 3] libsmb/cliconnect.c:cli_session_setup_spnego(705)
 Doing spnego session setup (blob

Re: [Samba] Need help configuring Samba3/LDAP PDC

2004-06-09 Thread [EMAIL PROTECTED] 
Aaron Ogden wrote:
Hello all,
I'm following along in chapter 6 of John Terpstra's Samba 3 By 
Example and I've got everything working great up until the point 
where I join the machine to the new domain (step 17 on page 155).  The 
command *net rpc join -U Administrator* fails with the errors below.

palpatine:/var/lib/samba/sbin # net -d 4 rpc join -U Administrator
[2004/06/09 15:13:35, 3] param/loadparm.c:lp_load(3881)
 lp_load: refreshing parameters
[2004/06/09 15:13:35, 3] param/loadparm.c:init_globals(1309)
 Initialising global parameters
[2004/06/09 15:13:35, 3] param/params.c:pm_process(566)
 params.c:pm_process() - Processing configuration file 
/etc/samba/smb.conf
[2004/06/09 15:13:35, 3] param/loadparm.c:do_section(3379)
 Processing section [global]
 doing parameter unix charset = LOCALE
 doing parameter workgroup = GXT
 doing parameter netbios name = GXTPDC
[2004/06/09 15:13:35, 4] param/loadparm.c:handle_netbios_name(2723)
 handle_netbios_name: set global_myname to: GXTPDC
 doing parameter interfaces = eth0, lo
 doing parameter bind interfaces only = Yes
 doing parameter passdb backend = ldapsam:ldap://ldap.gxt.com
 doing parameter username map = /etc/samba/smbusers
 doing parameter log level = 1
 doing parameter syslog = 0
 doing parameter log file = /var/log/samba/%m
 doing parameter max log size = 50
 doing parameter smb ports = 139 445
 doing parameter name resolve order = wins bcast hosts
 doing parameter time server = Yes
 doing parameter printcap name = CUPS
 doing parameter show add printer wizard = No
 doing parameter add user script = 
/var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
 doing parameter delete user script = 
/var/lib/samba/sbin/smbldap-userdel.pl '%u'
 doing parameter add group script = 
/var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
 doing parameter delete group script = 
/var/lib/samba/sbin/smbldap-groupdel.pl '%g'
 doing parameter add user to group script = 
/var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g'
 doing parameter delete user from group script = 
/var/lib/samba/sbin/smbldap-groupmod.pl -x '%u' '%g'
 doing parameter set primary group script = 
/var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u'
 doing parameter add machine script = 
/var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
 doing parameter shutdown script = /var/lib/samba/scripts/shutdown.sh
 doing parameter abort shutdown script = /sbin/shutdown -c
 doing parameter logon script = scripts\logon.bat
 doing parameter logon path = \\%L\profiles\%U
 doing parameter logon drive = X:
 doing parameter domain logons = Yes
 doing parameter preferred master = Yes
 doing parameter wins support = Yes
 doing parameter ldap suffix = dc=gxt,dc=com
 doing parameter ldap machine suffix = ou=people
 doing parameter ldap user suffix = ou=people
 doing parameter ldap group suffix = ou=groups
 doing parameter ldap idmap suffix = ou=idmap
 doing parameter ldap admin dn = cn=admin,dc=gxt,dc=com
 doing parameter idmap backend = ldap://ldap.gxt.com
 doing parameter idmap uid = 1-2
 doing parameter idmap gid = 1-2
 doing parameter map acl inherit = Yes
 doing parameter printing = cups
 doing parameter printer admin = Administrator
[2004/06/09 15:13:35, 4] param/loadparm.c:lp_load(3913)
 pm_process() returned Yes
[2004/06/09 15:13:35, 2] lib/interface.c:add_interface(79)
 added interface ip=172.17.0.240 bcast=172.17.3.255 nmask=255.255.252.0
[2004/06/09 15:13:35, 2] lib/interface.c:add_interface(79)
 added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
[2004/06/09 15:13:35, 3] libsmb/cliconnect.c:cli_start_connection(1373)
 Connecting to host=GXTPDC
[2004/06/09 15:13:35, 3] lib/util_sock.c:open_socket_out(735)
 Connecting to 172.17.0.240 at port 445
[2004/06/09 15:13:35, 4] lib/time.c:get_serverzone(122)
 Serverzone is 18000
[2004/06/09 15:13:35, 4] rpc_client/cli_netlogon.c:cli_net_req_chal(45)
 cli_net_req_chal: LSA Request Challenge from GXTPDC to GXTPDC: 
1F9217647828E59B
[2004/06/09 15:13:35, 4] libsmb/credentials.c:cred_session_key(59)
 cred_session_key
[2004/06/09 15:13:35, 4] libsmb/credentials.c:cred_create(90)
 cred_create
[2004/06/09 15:13:35, 4] rpc_client/cli_netlogon.c:cli_net_auth2(102)
 cli_net_auth2: srv:\\GXTPDC acct:GXTPDC$ sc:6 mc: GXTPDC chal 
B3BA8E48EB059670 neg: 400701ff
[2004/06/09 15:13:35, 3] 
rpc_client/cli_netlogon.c:cli_nt_setup_creds(283)
 cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED
[2004/06/09 15:13:35, 3] 
libsmb/trusts_util.c:just_change_the_password(43)
 just_change_the_password: unable to setup creds 
(NT_STATUS_ACCESS_DENIED)!
[2004/06/09 15:13:35, 1] utils/net_rpc.c:run_rpc_command(141)
 rpc command function failed! (NT_STATUS_ACCESS_DENIED)
Password:
[2004/06/09 15:14:11, 3] libsmb/cliconnect.c:cli_start_connection(1373)
 Connecting to host=GXTPDC
[2004/06/09 15:14:11, 3] lib/util_sock.c:open_socket_out(735)
 Connecting to 172.17.0.240 at port 445
[2004/06/09 15:14:11, 3] 
libsmb/cliconnect.c:cli_session_setup_spnego(705)
 Doing

RE: [Samba] Reasonable Throughput

2004-06-09 Thread Tom Hibbert 
On 100mbit networks I regularly get speeds of 9.1MBps (Samba or FTP have
equal speeds which is good). This is common even when using low end
network cards like the Realtek 8139. Comparably with the same hardware
and WinXP involved on at least one side of the link I get 5.4MBps.

Last year I had the opportunity to do some real world throughput testing
using some fairly high end gear. Both machines were connected with Intel
Pro1000 network cards through a 3com switch. Using a P4 workstation
running Windows 2000 and a Xeon server running Samba 3.0a I achieved a
throughput of 440MBps, the theoretical maximum of the hardware (3ware
Escalade raid controller). Using the same server and workstation I could
only push 200MBps. This speed was achieved under the Airbox TV broadcast
software sucking down multiple MPEG2 streams off the RAID array. I also
ran Netbench to verify the throughput speeds.

If you are experiencing lower throughput than this the first place to
look is cabling. Also be wary of the Davicom and Macronix network cards
as I often found specimens that were sub standard and could only push
5MBps. Also the switch is a contributing factor so try crossing over and
comparing speeds.


Tom
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Josh
Skains
Sent: Thursday, 10 June 2004 7:48 a.m.
To: [EMAIL PROTECTED]
Subject: [Samba] Reasonable Throughput

One thing that it seems hard to define is what a reasonable expectation
of throughput on a 100Mbps Ethernet that a samba server should be
running at. Currently, I seem to be getting about 4.8Mbps for a single
client (NetBench).

There is a switch between the server and the client I was testing with.
Thoughts?

Thanks,
JMS
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Password trouble with LDAP (eDirectory)

2004-06-09 Thread Erik Holst Trans 
Hi Bruce,
Thanks for your replys.
I got i working.. allmost
Think i forgot a few things such as a root account in LDAP and 
adminstrator account in /etc/passwd.

There is a little thing with join'ed workstations.
I can only login as root, login's on other accounts get a WRONG PASSWORD 
message in the log ?

Windows 9x works great on all accounts.
//Erik
[EMAIL PROTECTED] wrote:
Sorry, I have no idea what is causing this problem.  I wish
you luck in resolving the problem.
Bruce
From: Erik Holst Trans [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: [Samba] Password trouble with LDAP (eDirectory)
Date: Mon, 07 Jun 2004 11:28:02 +0200
- Original Message Follows -
Hi,
I just tied to lower the sambaPwdMustChange value, and
then the windows
  client correctly says the password is expired, and
prompts for a new one.
But the update fails because the server still does't
accept the password
 (the old one)
So the sambaPwdMustChange shold be fine.
Below is the Administrator LDAP entry.
I am know that the home path's are wrong, but that shold
not have  anything to do with my problem.
BTW. the Samba version is 3.0.4
Best regards
Erik Holst Trans

version: 1
# LDIF Export for: uid=Administrator,o=it-trans
# Generated by phpLDAPadmin on June 7, 2004 11:17 am
# Server: SLSS (ldap://127.0.0.1)
# Search Scope: base
# Total Entries: 1
# Entry 1: uid=Administrator,o=it-trans
dn:uid=Administrator,o=it-trans
sambaPrimaryGroupSID:
S-1-5-21-511030576-2330128811-1600862552-512 sambaSID:
S-1-5-21-511030576-2330128811-1600862552-2996
sambaHomePath: \\SLSS\homes sambaHomeDrive: H:
sambaKickoffTime: 2147483647
sambaLogoffTime: 2147483647
sambaLogonTime: 0
sambaPwdMustChange: 2147483647
sambaPwdCanChange: 1086598595
sambaPwdLastSet: 1086598595
sambaAcctFlags: [U]
sambaNTPassword: 2D20D252A479F485CDF5E171D93985BF
sambaLMPassword: 598DDCE2660D3193AAD3B435B51404EE
loginShell: /bin/bash
homeDirectory: /home/
gecos: Netbios Domain Administrator
gidNumber: 512
uidNumber: 0
uid: Administrator
sn: Administrator
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
objectClass: organizationalPerson
objectClass: Person
objectClass: ndsLoginProperties
objectClass: Top
cn: Administrator
ACL: 2#entry#[Public]#messageServer
ACL: 2#entry#[Root]#groupMembership
ACL: 2#entry#[Root]#networkAddress
ACL: 2#subtree#uid=Administrator,o=it-trans#[All
Attributes Rights] ACL: 6#entry#uid=Administrator
,o=it-trans#loginScript ACL: 6#entry#uid=Administrator
,o=it-trans#printJobConfiguration

[EMAIL PROTECTED] wrote:
From: Erik Holst Trans [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [Samba] Password trouble with LDAP (eDirectory)
Date: Mon, 07 Jun 2004 02:25:03 +0200

When i try to logon as a user with the correct password,
access is  denied and the log says
  check_ntlm_password:  Authentication for user
[administrator] -  [administrator] FAILED with error
NT_STATUS_NO_SUCH_USER
Just a quick thought ... has the password expired?
Check ldap attribute sambaPwdMustChange.

--
To unsubscribe from this list go to the following URL and
read the instructions:
http://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Excel could not save

2004-06-09 Thread Jeremy Allison 
On Wed, Jun 09, 2004 at 10:04:42AM -0400, Jamrock wrote:
 
 Could you let us know the nature of the problem?  I am trying to get my
 Excel spread sheets to work properly.

It looks like a timing issue in the client that causes Execl files
to be opened in read-only mode. Opening them again usually fixes
it. I think I've fixed this in current SVN but I'm getting people to
test first.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba and USB Hard Drive

2004-06-09 Thread Phillip Williams 
I am trying to get a usb drive to be shared via Samba. When ever a
client logs in they are prompted for the Guest accounts password.

All other samba shares are set up the same (via webadmin)
and they all work fine.

Any ideas?

Thank you,

Phillip

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Terpstra Samba Workshops - Seattle, WA. 6/10-11

2004-06-09 Thread Alex Monteiro 
Hello Samba List-

Apologies for the late notice on this.  We have seats available for John
H. Terpstra's Samba workshops on Thursday and Friday this week in Seattle,
WA.  He is conducting Samba 101 and Advanced Samba Thursday and Windows
NT4/200X Migration to Samba-3 on Friday.  Attendees receive a copy of
Samba-3 By Example as part of the workshop(s).

You can view class information here:
http://freedomtechnologycenter.org/classes/samba/

We are extending special discounts to Samba.org list members.  Contact me
at any time at 866-643-3733 or direct at 650-814-4899 to enroll.

Class beings promptly at 9:00am each day until 5:30pm.  Classroom location
is as follows:

Computer Classrooms in Seattle - Allied Business Systems
Yarrow Bay Office Park - Quad One North
10604 NE 38th Place, Suite 118
Kirkland, WA 98033
(425) 576-9747

Thank you,
Alex

--
Alex Monteiro
Program Manager - Freedom Technology Center
Toll Free:  866-643-3733  Fax: 650-964-4268

Offering the world's best in Open Source training.
http://www.freedomtechnologycenter.org

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba 3.0.5 pre1 cannot ad windows xp machine to domain

2004-06-09 Thread Glenn Arnold 
Hi all,

I can add my W2K machines to the Samba 3.0.5pre1 with no problems, but I
can not add my XP machines.  Existing XP machines work fine, but when I
try to add new XP machine it does not work.  Here is my smb.conf and pc
from the log.smbd

Thanks
-Glenn
[global]
netbios name = HSFNP01
workgroup = MTHCS
security = user
os level = 64
domain master = yes
local master = yes
preferred master = yes
time server = yes
;passdb backend = tdbsam
passdb backend = tdbsam
unix extensions = yes
encrypt passwords = yes
domain logons = yes
logon script = logon.bat
logon drive = H:
logon home = \\%L\%U
logon path =
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
wins support = no
wins server = 10.100.0.10
veto files = /*.eml/*.nws/riched20.dll/
lanman auth = yes
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user script = /usr/sbin/useradd -d /dev/null -g 502 -c 'Machine
Account' -s /bin/false -M %u
oplocks = yes
load printers = yes
printing = cups
printer admin = Administrator, @ntadmin
idmap uid = 15000-2
idmap gid = 15000-2
winbind separator = -
winbind use default domain = No

[netlogon]
path = /smbsrvr/netlogon/scripts
guest ok = yes
write list = ntadmin

[homes]
comment = Home Directories
browseable = no
read only = no
hide dot files = yes
veto files =
/*.mp3/*.exe/*.com/*.js/*.bat/*.cmd/*.wsh/*.lnk/*.scr/*.zip/.*/
dos file times = yes

[C$]
valid users = @root
path = /smbsrvr
read only = no
create mask = 0770
directory mask = 0770
force group = +ntadmin
force directory mode = 0770
dos file times = yes

[Apps]
read only = no
path = /smbsrvr/Apps

[Students]
path = /smbsrvr/Students
read only = no
create mask = 0770
directory mask = 0770
force group = +HSSTUDENTS
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[AdminTools$]
path = /smbsrvr/AdminTools
read only = no
create mask = 0770
directory mask = 0770
force group = Domain Administrators
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[printers]
comment = All Printers
path = /var/spool/samba
printable = yes
browseable = no
guest ok = yes

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = root, @ntadmin


[%G]
path = /home/groups/%G/
read only = no
force group = %G

[home$]
writeable = yes
write list = +ntadmin,@MTHS-Domain Admins,@ntadmin,@root
path = /home
force directory mode = 0770
force group = +ntadmin
dos file times = yes
create mask = 0770
directory mask = 0770
valid users = +ntadmins,+root,@MTHS-Domain
Admins,@ntadmin,@root

[ezaudit]
path = /smbsrvr/ezaudit
read only = no
browseable = yes
available = yes
write list = +HSBUILDING,+HSSTAFF,+HSSTUDENTS
admin users = +ntadmin,+wheel

[HSGUIDANCE]
path = /smbsrvr/Guidance
writelist = +HSGUIDANCE
read only = no
create mask = 0770
directory mask = 0770
force group = +HSGUIDANCE
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[HS PRINCIPAL]
path = /smbsrvr/hsprincipal
writelist = +HSPRINCIPAL
read only = no
create mask = 0770
directory mask = 0770
force group = +HSPRINCIPAL
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[CIP]
path = /smbsrvr/CIP
writelist = +HSSTAFF
read only = no
create mask = 0770
directory mask = 0770
force group = +HSSTAFF
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[POISE ISSUES]
path = /smbsrvr/Poise Issues
writelist = +BUILDING SECRETARIES
read only = no
create mask = 0770
directory mask = 0770
force group = +BUILDING SECRETARIES
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[HSDISCIPLINE]
path = /smbsrvr/Discipline
writelist = +BUILDING SECRETARIES
read only = no
create mask = 0770
directory mask = 0770
force group = +BUILDING SECRETARIES
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[YEARBOOK]
path = /smbsrvr/yearbook
writelist = +HSYEARBOOK
read only = no
create mask = 0770
directory mask = 0770
force group = +HSYEARBOOK
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[INSTALL]
comment = Mt. Healthy Software
path = /smbsrvr/Install
read only = No
guest only = Yes

[ADMINTOOLS$]
path = /smbsrvr/AdminTools
writelist = +ntadmin
read only = no
create mask = 0770
directory mask = 0770
force group = +ntadmin
force create mode = 0770
dos filetimes = yes

[2004/06/09 20:34:13, 0] lib/util_sock.c:send_smb(630)
  Error writing 4 bytes to client. -1. (Connection reset by peer)
[2004/06/09 20:37:41, 0] lib/util_sock.c:get_peer_addr(978)
  getpeername failed. Error was Transport endpoint is not connected
[2004/06/09 20:37:41, 0] lib/util_sock.c:get_peer_addr(978)
  getpeername failed. Error was Transport endpoint is not connected
[2004/06/09 20:37:41, 0]

[Samba] URGENT : Installation Problem

2004-06-09 Thread ton kian keong 
PRE-INSTALLATION
 
OS : HP-UX 11i
 
We can use samba-3.0.4.tar.gz transfer to Unix server on a folder call samba using 
root (administrator account) . 
 
We use tar -xvf samba-3.0.4.tar. to unzip the file. 
 
A folder is created name samba-3.0.4. it folder consists of files docs , packaging , 
source testsuite , make , manifest , README , roadmap , examples , pcp , swat , 
COPYING , make-install , Read-Manifest-Now , REVISION , WHATSNEW
 
 
 
INSTALLATION
We use make install command on /path but fail , error message  don't know how to make 
install  . 
 
What way to carry on the installation of samba ?
 
PLEASE HELP ? Hope to get answer as fast as possible !!!
 
Any expert we can refer to ? 


-
Do you Yahoo!?
Friends.  Fun. Try the all-new Yahoo! Messenger
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SWAT - Could not connect to port 901

2004-06-09 Thread Greg Folkert 
On Wed, 2004-06-09 at 20:09, Bruce wrote:
 I'm using Suse 9.1 professional.
 
 I've got Samba *almost* up and running. But, I'm a newbie and need Swat to 
 configure a few things. I've gone to /etc/services and made sure that I 
 have the entry swat 901/tcp I have checked /etc/xinetd.d/swat and added 
 port = 901 and changed it to disable = no I have gone through the steps 
 in the documentation on setting up swat. It all looks correct.
 
 But when I try to run the program, I get the message:
 An error occured while loading localhost:901
 Could not connect to host localhost (Port 901)
 
 I have all the files installed. I get the same response whether I use 
 localhost or 127.0.0.1. I have restarted xinetd.  I'm not using a firewall. 
 This is all behind a NAT router that serves as our firewall. When I give 
 the iptables -nL command, I get:
 Chain Input policy Accept
 Chain Forward policy Accept
 Chain Output policy Accept
 
 I ran netstat -a and got 230 lines. There was no reference to 901.
 
 I have even gotten Samba and Swat running twice before. Does anyone know 
 what is wrong?
After you edited the files... did you restart xinetd?


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Clustered Samba print shares

2004-06-09 Thread Tim 
I hope someone can shed some light on this. I've posted this before but I'm 
still looking for an answer.

Basically, I'm looking for help in configuring Samba 3.02a in an active/passive 
cluster (failover).

Currently I have two nodes running Solaris 8. Only one is active at a time. The 
active node is running Samba. It's netbios name is printserver1. Printerserver1 
is also DNS name of the virtual IP that I failover between nodes. I added this 
node to our NT 4.0 domain and all is well. The print spool directory is a 
shared disk that is also failed over between nodes.

The failover process itself (using VCS) works fine and is fairly quick. 
However, I currently have the second nodes Netbios name set to Printerserver2. 
This was because I ran into issues trying to use the same name as the other 
node. At one point, I tried coping over the secrets.tdb file from 
Printerserver1 to Printerserver2 and then failing over the cluster. This didn't 
work either (bad secret when running wbinfo -t).

What am I missing? Seems like some of you have had success with this?

Thanks,
Tim

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] macromedia homesite cannot browse share - no path

2004-06-09 Thread Rimian Perkins 
Hello,

I have my samba share running and I can access everything just fine from
my windows XP work station.

However I have a problem with macromedia homesite. I can see but not
open the share because homesite thinks I do not have access.

I have captured the network traffic with a sniffer and it seems the path
is a problem..

Here is a snip of my network traffic where 192.168.0.9 is my linux sever
and 192.168.0.20 is my work station:

192.168.0.20 192.168.0.9 SMB Tree Connect AndX Request, Path:
\\SERVER\IPC$
192.168.0.9 192.168.0.20 SMB Tree Connect AndX Response
192.168.0.20 192.168.0.9 SMB Tree Connect AndX Request, Path: \
192.168.0.20 192.168.0.9 SMB Tree Connect AndX Response, Error:
STATUS_ACCESS_DENIED

It seems the Path: \ is the problem.

Does anyone know where this path is pointing to or any way of helping me
understand what is happening?

Kind Regards,
Rimian 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

svn commit: samba r1096 - trunk/source/smbd

2004-06-09 Thread jra 
Author: jra
Date: 2004-06-09 21:03:38 + (Wed, 09 Jun 2004)
New Revision: 1096

Modified:
   trunk/source/smbd/open.c
Log:
Fix errno being incorrectly set. Noticed by Richard.
Jeremy.


WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1096nolog=1

svn commit: samba r1097 - branches/SAMBA_3_0/source/smbd

2004-06-09 Thread jra 
Author: jra
Date: 2004-06-09 21:03:50 + (Wed, 09 Jun 2004)
New Revision: 1097

Modified:
   branches/SAMBA_3_0/source/smbd/open.c
Log:
Fix errno being incorrectly set. Noticed by Richard.
Jeremy.


WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1097nolog=1

svn commit: samba r1098 - branches/SAMBA_4_0/source/torture/raw

2004-06-09 Thread jra 
Author: jra
Date: 2004-06-10 01:08:54 + (Thu, 10 Jun 2004)
New Revision: 1098

Modified:
   branches/SAMBA_4_0/source/torture/raw/chkpath.c
Log:
Extended raw chkpath to catch regressions.
Jeremy.


WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1098nolog=1

svn commit: samba-web r91 - trunk/support

2004-06-09 Thread deryck 
Author: deryck
Date: 2004-06-10 04:50:23 + (Thu, 10 Jun 2004)
New Revision: 91

Removed:
   trunk/support/guatemala.html
Modified:
   trunk/support/countries.html
   trunk/support/germany.html
   trunk/support/greece.html
   trunk/support/hongkong.html
   trunk/support/hungary.html
   trunk/support/us.html
Log:
Removing non-replying support providers,
and added two new companies (US/Germany).

WebSVN: 
http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=91nolog=1