Re: [Samba] RV: Samba(PDC) - LDAP problem only with W2KAS and XP clients
Read this: http://www.diariolinux.com/articulos/printable.php?f=17 Vicente Vives. Gonzalo Britti escribió: Please!!! does anyone know what's going on? I really need to solve this problem and don't know how and didn't find bug report that matched with my description. - Original Message - From : Gonzalo Britti [mailto:[EMAIL PROTECTED] Sent : Sábado, 11 de Septiembre de 2004 04:24 p.m. To : '[EMAIL PROTECTED]' Subject : Samba(PDC) - LDAP problem only with W2KAS and XP clients Hi, my name is Gonzalo, I have the following problem: I have a Samba 2.2.8a configured as a PDC server running on Solaris 9 and pointing to a users database acceded by LDAP (SunOne Directory Server 5.2). Everything works very well while I register hosts with W2000 Proffesional in the Domain. The problem appears when I want to join the domain with WXP or W2K AS hosts (I didn't prove with W2000S but I supposed It'll be the same). The registration process into the domain looks to work fine but it does not, Windows shows "Wellcome to MYDOMAIN Domain", when I restart the PC and want to start a session with a domain user, the W2K Server o WXP shows the next message: "The system cannot begin its session at this time because domain MYDOMAIN not this available" or something like that... In the log of the samba I've found that during the registration to the domain, the following error is reported: [2004/08/15 18:53:45, 2] rpc_parse/parse_samr.c:samr_io_userinfo_ctr(6285) samr_io_userinfo_ctr: unknown switch level 0x1a [2004/08/15 18:53:45, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(670) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. I don't know if this could help but hers is a copy of my smb.conf file [global] workgroup = MYDOMAIN netbios name = MAIN server string = Samba PDC Server interfaces = 192.168.1.1/24 bind interfaces only = Yes encrypt passwords = Yes passwd program = /opt/samba/bin/change_LDAP_passwd.sh %u passwd chat = *New*Password:* %n\n *Re-enter*new*Password:* %n\n *changed* unix password sync = Yes log level = 2 log file = /opt/local/samba/var/log.%m max log size = 50 domain admin group = smbadm domain logons = Yes os level = 80 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap server = 192.168.1.1 ldap port = 389 ldap suffix = o=myorg,o=root ldap admin dn = uid=admin,ou=People,o=myorg,o=root ldap ssl = no hosts allow = 192.168.1.0/255.255.255.0 profile acls = Yes [homes] comment = Home Directories valid users = %S read only = No browseable = No [netlogon] comment = Network Logon Service path = /opt/samba/lib/netlogon guest ok = Yes share modes = No I can attach all the logs of the LDAP, if somebody thinks that those can help. if someone can help me, thanks in advance, Gonzalo. - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Corrupted userid in mail folders - Crisis
> Hi, > another thing popes to my mind, > check if a nscd process is running on your box. > if yes stop it and remove it from the startup-scripts. > It is not compatible with with samba and windbindd and > may create strange effects. > Christoph Yes, nscd was running, but I have stopped it now. What is nscd? Also, further to our discussion before, the userid actually get's changed Look at this: [EMAIL PROTECTED] root]# ls -l /home/RHENGHS/canhal total 12 drwx-- 7 monsla Domain Users 4096 Aug 17 13:48 Maildir/ drwx-- 2 monsla Domain Users 4096 Feb 23 2002 tmp/ drwxr-xr-x 2 monsla Domain Users 4096 Jun 20 2002 webpage/ [EMAIL PROTECTED] root]# ls -ln /home/RHENGHS/canhal total 12 drwx-- 7 10585 1 4096 Aug 17 13:48 Maildir/ drwx-- 2 10585 1 4096 Feb 23 2002 tmp/ drwxr-xr-x 2 10585 1 4096 Jun 20 2002 webpage/ [EMAIL PROTECTED] root]# getent passwd canhal canhal:x:10167:1::/home/RHENGHS/canhal:/bin/bash So you can see that the correct user should be 10167, not 10585 Also SMB hangs after a few hours. When I left last night, everything had been running fine for about 2 hours. When I got to work this morning, no-one was authenticated. When I tried to ls a user dir, I got not response. On issuing the reboot command I saw on the console that there was no process SMB. Here are the SMB messages in syslog. Sep 22 07:49:05 inet nmbd[3724]: [2004/09/22 07:49:05, 0] libsmb/nmblib.c:send_udp(758) Sep 22 07:54:07 inet nmbd[3724]: [2004/09/22 07:54:07, 0] libsmb/nmblib.c:send_udp(758) Sep 22 07:55:28 inet smbd[9813]: [2004/09/22 07:55:28, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:55:28 inet smbd[9813]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:55:28 inet smbd[9813]: [2004/09/22 07:55:28, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:55:28 inet smbd[9813]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:55:28 inet smbd[9813]: [2004/09/22 07:55:28, 0] lib/util_sock.c:write_socket_data(388) Sep 22 07:55:28 inet smbd[9813]: write_socket_data: write failure. Error = Connection reset by peer Sep 22 07:55:28 inet smbd[9813]: [2004/09/22 07:55:28, 0] lib/util_sock.c:write_socket(413) Sep 22 07:55:28 inet smbd[9813]: write_socket: Error writing 4 bytes to socket 16: ERRNO = Connection reset by peer Sep 22 07:55:28 inet smbd[9813]: [2004/09/22 07:55:28, 0] lib/util_sock.c:send_smb(605) Sep 22 07:55:28 inet smbd[9813]: Error writing 4 bytes to client. -1. (Connection reset by peer) Sep 22 07:55:29 inet smbd[9815]: [2004/09/22 07:55:29, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:55:29 inet smbd[9815]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:55:29 inet smbd[9815]: [2004/09/22 07:55:29, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:55:29 inet smbd[9815]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:55:29 inet smbd[9815]: [2004/09/22 07:55:29, 0] lib/util_sock.c:write_socket_data(388) Sep 22 07:55:29 inet smbd[9815]: write_socket_data: write failure. Error = Connection reset by peer Sep 22 07:55:29 inet smbd[9815]: [2004/09/22 07:55:29, 0] lib/util_sock.c:write_socket(413) Sep 22 07:55:29 inet smbd[9815]: write_socket: Error writing 4 bytes to socket 16: ERRNO = Connection reset by peer Sep 22 07:55:29 inet smbd[9815]: [2004/09/22 07:55:29, 0] lib/util_sock.c:send_smb(605) Sep 22 07:55:29 inet smbd[9815]: Error writing 4 bytes to client. -1. (Connection reset by peer) Sep 22 07:56:02 inet nmbd[3724]: [2004/09/22 07:56:02, 0] libsmb/nmblib.c:send_udp(758) Sep 22 07:56:30 inet smbd[9832]: [2004/09/22 07:56:30, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:56:30 inet smbd[9832]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:56:30 inet smbd[9832]: [2004/09/22 07:56:30, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:56:30 inet smbd[9832]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:56:30 inet smbd[9832]: [2004/09/22 07:56:30, 0] lib/util_sock.c:write_socket_data(388) Sep 22 07:56:30 inet smbd[9832]: write_socket_data: write failure. Error = Connection reset by peer Sep 22 07:56:30 inet smbd[9832]: [2004/09/22 07:56:30, 0] lib/util_sock.c:write_socket(413) Sep 22 07:56:30 inet smbd[9832]: write_socket: Error writing 4 bytes to socket 16: ERRNO = Connection reset by peer Sep 22 07:56:30 inet smbd[9832]: [2004/09/22 07:56:30, 0] lib/util_sock.c:send_smb(605) Sep 22 07:56:30 inet smbd[9832]: Error writing 4 bytes to client. -1. (Connection reset by peer) Sep 22 07:56:53 inet smbd[9845]: [2004/09/22 07:56:53, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:56:53 inet smbd[9845]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:56:53 inet smbd[9845]: [2004/09/22 07:56:53, 0] lib/util_sock.c:get_peer_addr(952) Sep 22 07:56:53 inet smbd[9845]: getpeername failed. Error was Transport endpoint is not connected Sep 22 07:56:53 inet smbd[9
Re: [Samba] Re: Corrupted userid in mail folders - Crisis
On Wednesday 22 September 2004 00:28, Roland Giesler wrote: > > John H Terpstra wrote: > > > On Tuesday 21 September 2004 11:38, Igor Belyi wrote: > > >>Just for clarification, do you happen to have "idmap backend" > > >>parameter in your smb.conf? > > > > > > You only need that if you are running LDAP and have > > > > multiple servers > > > > > and want > > > the same SID/uid mapping on all servers. In that case there > > > > should be no > > > > > winbindd_idmap.tdb file. > > > > There's also a possibility that it isn't used and file could > > have been > > left there when winbindd was reconfigured from using local > > file to using > > LDAP. I haven't seen smb.conf in this thread and somehow > > everyone stated > > to assume that mappings are stored locally. I just want to make sure > > that this assumption is correct. > > You're right, I don't use LDAP and haven't ever. > > The idmap paramater doesn't appear in smb.conf Then verify that your winbindd_idmap.tdb file is not deleted. Also, use the tdbbackup utility to validate its integrity. See the man page. This file stores the Windows SID to UNIX uid/gid mappings. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: Corrupted userid in mail folders - Crisis
> John H Terpstra wrote: > > On Tuesday 21 September 2004 11:38, Igor Belyi wrote: > >>Just for clarification, do you happen to have "idmap backend" > >>parameter in your smb.conf? > > > > You only need that if you are running LDAP and have > multiple servers > > and want > > the same SID/uid mapping on all servers. In that case there > should be no > > winbindd_idmap.tdb file. > > There's also a possibility that it isn't used and file could > have been > left there when winbindd was reconfigured from using local > file to using > LDAP. I haven't seen smb.conf in this thread and somehow > everyone stated > to assume that mappings are stored locally. I just want to make sure > that this assumption is correct. You're right, I don't use LDAP and haven't ever. The idmap paramater doesn't appear in smb.conf Roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Updated 2.2.8a to 3.0.7-1 and Cups went South
On Tuesday 21 September 2004 23:13, David Rankin wrote: > Mates, > > On my Suse 9.0 pro installation, I updated Samba from 2.2.8a to 3.0.7. > The upgrade went flawlessly, Samba is happily sharing all the files it was > before. However, I can no longer print via cups. I have a HP LJ4 attached > to the Linux box that worked great before the upgrade. I have 2 XP clients. > Now from the Windows side, I get the printer status showing 'access denied, > unable to connect' I can browse all the shares without problems. ... > Any ideas what I need to set the permissions or ownership to? Sure! The permission on /var/spool/samba needs to be: chmod 01777 /var/spool/samba - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba Losing election
On Tue, 2004-09-21 at 13:10, Edilson Santos wrote: > Craig, > > The my server samba (samba 2.2.7a, red hat 9.0) is losing election for workstations > winxp(I have workstations win98 and winxp), see my nmbd.log and my smb.conf. > > [2004/07/29 16:18:52, 0] > nmbd/nmbd_incomingdgrams.c:process_master_browser_announce(403) > process_master_browser_announce: Cannot find workgroup HMAR on subnet > UNICAST_SUBNET > [2004/07/29 17:53:42, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) > find_response_record: response packet id 32409 received with no matching record. > [2004/07/29 17:55:21, 0] nmbd/nmbd.c:process(502) > Got SIGHUP dumping debug info. > [2004/07/29 17:55:21, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(289) > dump_workgroups() >dump workgroup on subnet 10.0.0.203: netmask=255.255.0.0: > HMAR(1) current master browser = AUDITORIA2 > NOE 40099b0b (Samba Server) > > The name of my server is noe and my workgroup/domain is Hmar > > [global] > >workgroup = HMAR >netbios name = noe >netbios aliases = noe >server string = Samba Server > ; comment = PDC Suporte Tecnico >admin users = root > ; hosts allow = 192.168.1. 192.168.2. 127. >printcap name = /etc/printcap >load printers = yes >printing = cups > >log file = /var/log/samba/%m.log >max log size = 100 > ; debug level = 0 >security = user > >encrypt passwords = yes >smb passwd file = /etc/samba/smbpasswd > >unix password sync = Yes >passwd program = /usr/bin/passwd %u >passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* > >pam password change = yes >obey pam restrictions = yes > >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > local master = yes > os level = 100 > announce as = NT Server > domain master = yes > preferred master = yes > domain logons = yes >logon script = %U.bat > > logon path = \\%N\profilesxp\%u >dns proxy = no > > default service = homes > > > I dont know what can to be! - you need a wins server wins support = yes #OR# wins server = xxx.xxx.xxx.xx name resolve order = wins files dns #good thing to have too! make sure the desktop machines point to that wins server Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Updated 2.2.8a to 3.0.7-1 and Cups went South
Mates, On my Suse 9.0 pro installation, I updated Samba from 2.2.8a to 3.0.7. The upgrade went flawlessly, Samba is happily sharing all the files it was before. However, I can no longer print via cups. I have a HP LJ4 attached to the Linux box that worked great before the upgrade. I have 2 XP clients. Now from the Windows side, I get the printer status showing 'access denied, unable to connect' I can browse all the shares without problems. A tail of /var/log shows: Sep 21 23:45:14 skyline smbd[6803]: [2004/09/21 23:45:14, 0] printing/printing.c:print_job_start(2103) Sep 21 23:45:14 skyline smbd[6803]: print_job_start: insufficient permissions to open spool file /var/spool/samba/smbprn.0008.VNOJIk. Sep 21 23:46:04 skyline smbd[6803]: [2004/09/21 23:46:04, 0] printing/printing.c:print_job_start(2103) Sep 21 23:46:04 skyline smbd[6803]: print_job_start: insufficient permissions to open spool file /var/spool/samba/smbprn.0009.EfTyaH. Sep 21 23:46:29 skyline smbd[6803]: [2004/09/21 23:46:29, 0] smbd/service.c:make_connection(800) Sep 21 23:46:29 skyline smbd[6803]: ripper (192.168.6.100) couldn't find service ::{2227a280-3aea-1069-a2de-08002b30309d} Sep 21 23:49:08 skyline smbd[6803]: [2004/09/21 23:49:08, 0] printing/printing.c:print_job_start(2103) Sep 21 23:49:08 skyline smbd[6803]: print_job_start: insufficient permissions to open spool file /var/spool/samba/smbprn.0010.vrhiRO. The permissions are: skyline:/var/spool # ls -al total 4 drwxr-xr-x 17 root root 448 May 17 22:30 . drwxr-xr-x 17 root root 432 Apr 13 22:49 .. drwx--2 at at 72 Apr 13 21:39 atjobs drwx--2 at at 48 Sep 23 2003 atspool drwxrwx---2 mail mail 48 Sep 23 2003 clientmqueue drwx--4 root root 120 Apr 13 21:44 cron drwx--x---3 lp lp 3072 Sep 17 14:24 cups drwxr-xr-x 17 fax uucp 496 Apr 21 01:51 fax lrwxrwxrwx1 root root7 Apr 13 21:16 locks -> ../lock drwxr-xr-x2 lp lp 48 Sep 23 2003 lpd drwxrwxrwt2 root root 72 Sep 15 11:32 mail drwxrwxr-x9 news news 216 Apr 13 22:36 news drwxr-xr-x 14 root root 336 Apr 13 21:43 postfix drwxr-xr-x2 root root 48 Sep 16 05:17 samba drwx--4 uucp root 96 Apr 13 22:42 smtpd drwxr-xr-x3 uucp uucp 72 Apr 13 21:16 uucp drwxrwxrwt2 root root 72 Apr 13 22:41 uucppublic drwxr-xr-x4 root root 96 Apr 13 22:06 voice Any ideas what I need to set the permissions or ownership to? -- David C. Rankin, J.D., P.E. Rankin * Bertin, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba w/ ldap - groups scalability and performance
I have a suggestion. I think you can partition off the groups by putting them in sub OU's of your groups OU. Alternatively you could use some Balanceing Domain Controllers with disconnected authentication. This entails setting up Balanceing Domain Controllers, each with a local LDAP slave server. Makeking everything local (replicated from the main LDAP server) for each of your BDC's should improve performance as you can then have several machines answering requests for groups without them haveing to constantly query the main LDAP server. I am having problems with samba and ldap as concerns groups. We have ... perhaps only those groups where the user is a member? -- - | I can be reached on the following Instant Messenger services: | |---| | MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llings Jabber: [EMAIL PROTECTED]| - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: windows program over a samba share
http://us4.samba.org/samba/docs/man/Samba-Guide/secure.html#ch4appscfg Basically: Step 1: Find out if your application has a "network install" feature. I find it likely that JBuilder does at some level but JBuilder *Personal* may not. Step 2: Create a file share. Step 3: Map the share to a drive letter on the systems you want to run the apps. Step 4: Do a network install to the mapped drive letter. Sometimes you can improvise if there is no network install feature. Step 5: If there was a network install option available, you may now be required to do a "per user" install. Frequently this is automatic but I don't know if this is possible, but I'd like to install a window program (in the specific JBuilder Personal) over a samba share, and then to mount a network share as a disk from windows clients, so they can use the program. Is it possible? Any idea on how to share windows programs from a linux server? -- - | I can be reached on the following Instant Messenger services: | |---| | MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llings Jabber: [EMAIL PROTECTED]| - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba as Active Directory replacement - is it possible?
Uh... perhaps you are confused? OpenLDAP is a databaseing system unto itself albeit not a relational or SQL based one. I'm actually considering a similar exercise. I understand to run OpenLDAP you would need some database like PostGRE or mySQL (someone, can't remember who, said you need PostGRE) -- - | I can be reached on the following Instant Messenger services: | |---| | MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llings Jabber: [EMAIL PROTECTED]| - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] What is required for User/Domain managers?
What is required for password change and admin from windows? I think password chat might be good for my PDC to have but what else? Jim C. -- - | I can be reached on the following Instant Messenger services: | |---| | MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llings Jabber: [EMAIL PROTECTED]| - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Invalid Password or Username
where is keenan woodmansee? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] kernel: smb_proc_readdir_long: name=, result=-2, rcls=1, err=123
I have a problem where I mount a share from a win2k3 Box, when I do an ls in the directory I either get No files listed, or only get the first 129 of 300 files As soon as I type ls, I get the following in /var/log/messages Sep 22 10:53:34 monet1 kernel: smb_proc_readdir_long: name=, result=-2, rcls=1, err=123 I have done a bit of searching around and some people Have had similar problems with older versions of the samba 2 tree uname -a Linux monet1.ngv.vic.gov.au 2.4.21-20.ELsmp #1 SMP Wed Aug 18 20:46:40 EDT 2004 i686 i686 i386 GNU/Linux Which is redhat linux ES rpm -q samba samba-3.0.6-2.3E Which is redhats latest build. Any ideas? Adam -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SFU Samba Permission Denied
On Tue, Sep 21, 2004 at 05:09:50PM -0500, Edward Spragins wrote: > I recently ran into a problem accessing Samba shares from SFU. From > SFU's /net directory, I could read from files, move files, create > directories and even append to files using >>. But, when I tried to > create a file, I received a "Permission Denied" message. > > After looking at the logs I found something which looked out of place. > > I am currently using (I tried many different variations): > WindowsXP SP1; SFU version 3.5 > RedHat version 7.2; Samba version 3.0.7 > > Below is from the client log after turning the debug level to 10: > > [2004/09/21 15:06:46, 10] smbd/posix_acls.c:set_nt_acl(2990) > set_nt_acl: called for file test1.txt > [2004/09/21 15:06:46, 5] smbd/posix_acls.c:unpack_nt_owners(909) > unpack_nt_owners: validating owner_sids. > [2004/09/21 15:06:46, 10] passdb/lookup_sid.c:sid_to_uid(401) > sid_to_uid: winbind lookup for non-local sid > S-1-5-21-1951701912-1418144344-1147873810-2551 failed > [2004/09/21 15:06:46, 3] smbd/posix_acls.c:unpack_nt_owners(927) > unpack_nt_owners: unable to validate owner sid for > S-1-5-21-1951701912-1418144344-1147873810-2551 > > unpack_nt_owners returns False which causes set_nt_acl to return False > which leads to the Permission Denied error message. > > Only SFU clients cause Samba to call set_nt_acl on this share. The > share, btw, is on an ext3 file system with no ACL support. Can you send me an ethereal capture trace of this activity (from client mount of the drive to "permission denied" message), plus the Samba debug level 10 log. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Slow Printing from XP clients with SP2?
On Tue, 21 Sep 2004, Oliver Joachim wrote: Hi everyone, I had this problem, too. I solved it by creating a "local port" in the printers folder on xp sp2 client (don't browse thru Network!), attaching this port to the UNC-Path on my Samba 3.07 Server, e.g. \\linuxsrv\hp_laserjet1150. Then install your printer , put it on file: or lpt1: during installation. Now point this printer to the local port. From this moment, it worked flawless. Please let me know if this works for you (and excuse my grammar...). greetz, Oliver Oliver, Thanks for your recommendation, it fixed my printing problems! Cheers, Rohan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] join ldap pdc domain "Access is denied."
I am trying to join a W2k Workstation to a samba PDC (SuSE9.1 samba-3.0.4, openldap2-2.2.6, samba-winbind-3.0.4) following the book Samba-3 By Example, by John H. Terpstra. The error is "Access is denied." on the Windows, when trying to join the domain from My Computer->Properties->Identification->Member of->Domain->WASTE2. Administrator is mapped to a uid=0: getent passwd |grep Admin Administrator:x:0:512:Netbios Domain Administrator:/home/:/bin/false From the workstation I can map a share with user=Administrator and passwd=not24get This is the slapd log for the transaction (I did not see the logs in /var/log/samba/log.* grow): Sep 21 16:49:06 amanda slapd[19418]: conn=1 fd=8 ACCEPT from IP=127.0.0.2:34839 (IP=0.0.0.0:389) Sep 21 16:49:06 amanda slapd[19418]: conn=2 fd=9 ACCEPT from IP=127.0.0.2:34840 (IP=0.0.0.0:389) Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=0 BIND dn="cn=Manager,dc=stilen,dc=com" method=128 Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=0 BIND dn="cn=Manager,dc=STILEN,dc=COM" mech=SIMPLE ssf=0 Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=0 RESULT tag=97 err=0 text= Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=1 SRCH base="dc=STILEN,dc=COM" scope=2 deref=0 filter="(&(objectClass=sambaDomain)(sambaDomainName=waste2))" Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=1 SRCH attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid sambaSID sambaAlgorithmicRidBase objectClass Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 21 16:49:06 amanda slapd[19418]: conn=2 op=0 BIND dn="cn=Manager,dc=stilen,dc=com" method=128 Sep 21 16:49:06 amanda slapd[19418]: conn=2 op=0 BIND dn="cn=Manager,dc=STILEN,dc=COM" mech=SIMPLE ssf=0 Sep 21 16:49:06 amanda slapd[19418]: connection_input: conn=2 deferring operation: binding Sep 21 16:49:06 amanda slapd[19418]: conn=2 op=0 RESULT tag=97 err=0 text= Sep 21 16:49:06 amanda slapd[19418]: conn=2 op=1 SRCH base="dc=STILEN,dc=COM" scope=2 deref=0 filter="(&(objectClass=sambaDomain)(sambaDomainName=waste2))" Sep 21 16:49:06 amanda slapd[19418]: conn=2 op=1 SRCH attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid sambaSID sambaAlgorithmicRidBase objectClass Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=2 SRCH base="dc=STILEN,dc=COM" scope=2 deref=0 filter="(&(uid=administrator)(objectClass=sambaSamAccount))" Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=2 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime Sep 21 16:49:06 amanda slapd[19418]: conn=2 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 21 16:49:06 amanda slapd[19418]: conn=2 fd=9 closed Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 21 16:49:06 amanda slapd[19418]: conn=3 fd=9 ACCEPT from IP=127.0.0.1:34841 (IP=0.0.0.0:389) Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=0 BIND dn="cn=Manager,dc=STILEN,dc=COM" method=128 Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=0 BIND dn="cn=Manager,dc=STILEN,dc=COM" mech=SIMPLE ssf=0 Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=0 RESULT tag=97 err=0 text= Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=1 SRCH base="ou=People,dc=stilen,dc=com" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=administrator))" Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=2 SRCH base="ou=People,dc=stilen,dc=com" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=administrator))" Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=3 SRCH base="ou=Groups,dc=stilen,dc=com" scope=1 deref=0 filter="(&(objectClass=posixGroup)(|(memberUid=Administrator)(uniqueMember=uid=administrator,ou=people,dc=stilen,dc=com)))" Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=3 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 21 16:49:06 amanda slapd[19418]: conn=3 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=3 SRCH base="ou=Groups,dc=STILEN,dc=COM" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))" Sep 21 16:49:06 amanda slapd[19418]: conn=1 op=3 SRCH attr=gidNumber
Re: [Samba] Samba as Active Directory replacement - is it possible?
On Tue, 2004-09-21 at 20:49, Tomasz Chmielewski wrote: > Hello, > > I've been trying to figure out if it's possible to replace Active > Directory with Samba (+ OpenLDAP, Kerberos, DNS etc.) on Linux - but > from what I've found I'm not sure. > > Is it possible, or partially possible (I don't need every feature of AD)? > What additional software (besides Samba) will I need? > > What functionality will I loose? > > Where can I find any HOWTOS/documents on this? I spent an hour googling > but found nothing promising so far. It all very much depends on what you want to do with it. Samba 3.0 is an NT4 level domain controller, as far as windows clients see it, but is fully backed by whatever directory server you attach it to. So, if you just want to move to a directory based system, with the benefits of directory management, then the standard Samba 3.0 will do what you want. If you would like to add kerberos, then it is possible with snapshots of Heimdal kerberos for unix clients to use their 'Samba' passwords for keberos. These are kept in the same directory (and indeed same entries) as Samba's passwords. https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap The other area of ongoing work is in Samba4, were we have demonstrated an 'Active Directory' join of WinXP SP2 to Samba4. This is an ongoing area of research, but also an area that is moving surprisingly fast. More assistance (programming wise) is always appreciated :-) Andrew Bartlett signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: login from XP
Sorry, forgot the attachment. Carlos Angeles wrote: Hello, I'm having a problem logging in to the Samba domain from an XP machine. The machine is added to the domain but after reboot I can't login. I've done the signorseal registry hack but I'm still not able to login. The error I get when logging in is this: "Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. If this message continues to appear, contact your system administrator for assistance." The event viewer on the XP machine shows this Netlogon error: "This computer could not authenticate with \\SERVER, a Windows domain controller for domain DOMAIN, and therefore this computer might deny requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator." I've included a capture file that includes smb.conf, output of pdbedit -Lv, and log.nmbd. Thanks for your help, Carlos cat smb.conf # Global parameters [global] ;basic server settings workgroup = swan netbios name = bermuda server string = Samba PDC running %v SO_RCVBUF=16384 SO_SNDBUF=16384 ;security and logging settings security = user domain logons = yes encrypt passwords = Yes log level = 8 max log size = 50 restrict anonymous = 2 admin users = root @ntadmins hosts allow = 192.168. 127.0.0.1 interfaces = hme0 lo0 ;sync UNIX passwords passdb backend = tdbsam:/usr/local/samba/private/passdb.tdb unix password sync = Yes passwd program = /bin/passwd %u passwd chat = "*passwd: Changing password for*" \\n "*New password:*" %n\\n "*Re-enter new Password:*" %n\\n "*passwd: password successfully changed for*" ;add user/machine accounts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -d /dev/null -G machines -c "Machine account" -s /bin/false %u ;user profiles and home directory logon script = netlogon.bat logon path = \\%L\%U\profile logon drive = J: ;PDC and master browser settings os level = 99 preferred master = yes domain master = yes idmap uid = 15000-2 idmap gid = 15000-2 local master = yes wins support = yes [homes] comment = Home Directory path = /export/home/%F valid users = %S read only = No create mask = 0755 hide files = .* browseable = No dont descend = .* [netlogon] comment = Network Logon Service path = /export/home/netlogon admin users = @ntadmins write list = @ntadmins guest ok = Yes browseable = No [Profiles] path = /export/home/%S/profile writeable = yes read only = No create mask = 0600 directory mask = 0700 browseable = No [EMAIL PROTECTED]/usr/local/samba/lib# pdbedit -Lv INFO: Current debug levels: all: True/8 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 doing parameter max log size = 50 doing parameter restrict anonymous = 2 doing parameter admin users = root @ntadmins doing parameter hosts allow = 192.168. 127.0.0.1 doing parameter interfaces = hme0 lo0 doing parameter server schannel = yes doing parameter server signing = auto doing parameter passdb backend = tdbsam:/usr/local/samba/private/passdb.tdb doing parameter unix password sync = Yes doing parameter passwd program = /bin/passwd %u doing parameter passwd chat = "*passwd: Changing password for*" \\n "*New password:*" %n\\n "*Re-enter new Password:*" %n\\n "*passwd: password successfully changed for*" doing parameter add user script = /usr/sbin/useradd -m %u doing parameter delete user script = /usr/sbin/userdel -r %u doing parameter add group script = /usr/sbin/groupadd %g doing parameter delete group script = /usr/sbin/groupdel %g doing parameter add user to group script = /usr/sbin/usermod -G %g %u doing parameter add machine script = /usr/sbin/useradd -d /dev/null -G machines -c "Machine account" -s /bin/false %u doing parameter logon script = netlogon.bat doing parameter logon path = \\%L\%U\profile doing parameter logon drive = J: doing parameter os level = 99 doing parameter preferred master
RE: [Samba] Samba server authenticating to NetWare server?
> Subject: Re: [Samba] Samba server authenticating to NetWare server? > > Le mardi 21 Septembre 2004 15:29, Chris Richardson a écrit : > > Can someone confirm that I can't do what I want to do: > > > > - Have a SuSE 9.1 Linux box running Samba 3.0 exporting shares by SMB. > > - Have users log into Windows boxes running a NetWare client, > > authenticating by NDS to a Netware 6.5 server. Or if you want to wait a bit Novell are going to bring out Open server which syncs POSIX, samba sids (samba 3.x) & Netware credentials in edirectory. But you will apparently have to wait till after Jan 2005. How much work do you want to do? Geoff. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: login from XP
Forgot the attachment :o > Hello, > > I'm having a problem logging in to the Samba domain from an XP machine. The machine > is added to the domain but after reboot I can't login. I've done the signorseal > registry hack but I'm still not able to login. The error I get when logging in is > this: > > "Windows cannot connect to the domain, either because the domain controller is down > or otherwise unavailable, or because your computer account was not found. Please > try again later. If this message continues to appear, contact your system > administrator for assistance." > > The event viewer on the XP machine shows this Netlogon error: > > "This computer could not authenticate with \\SERVER, a Windows domain controller for > domain DOMAIN, and therefore this computer might deny requests. This inability to > authenticate might be caused by another computer on the same network using the same > name or the password for this computer account is not recognized. If this message > appears again, contact your system administrator." > > I've included a capture file that includes smb.conf, output of pdbedit -Lv, and > log.nmbd. > > Thanks for your help, > Carlos > > cat smb.conf # Global parameters [global] ;basic server settings workgroup = swan netbios name = bermuda server string = Samba PDC running %v SO_RCVBUF=16384 SO_SNDBUF=16384 ;security and logging settings security = user domain logons = yes encrypt passwords = Yes log level = 8 max log size = 50 restrict anonymous = 2 admin users = root @ntadmins hosts allow = 192.168. 127.0.0.1 interfaces = hme0 lo0 ;sync UNIX passwords passdb backend = tdbsam:/usr/local/samba/private/passdb.tdb unix password sync = Yes passwd program = /bin/passwd %u passwd chat = "*passwd: Changing password for*" \\n "*New password:*" %n\\n "*Re-enter new Password:*" %n\\n "*passwd: password successfully changed for*" ;add user/machine accounts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -d /dev/null -G machines -c "Machine account" -s /bin/false %u ;user profiles and home directory logon script = netlogon.bat logon path = \\%L\%U\profile logon drive = J: ;PDC and master browser settings os level = 99 preferred master = yes domain master = yes idmap uid = 15000-2 idmap gid = 15000-2 local master = yes wins support = yes [homes] comment = Home Directory path = /export/home/%F valid users = %S read only = No create mask = 0755 hide files = .* browseable = No dont descend = .* [netlogon] comment = Network Logon Service path = /export/home/netlogon admin users = @ntadmins write list = @ntadmins guest ok = Yes browseable = No [Profiles] path = /export/home/%S/profile writeable = yes read only = No create mask = 0600 directory mask = 0700 browseable = No [EMAIL PROTECTED]/usr/local/samba/lib# pdbedit -Lv INFO: Current debug levels: all: True/8 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 doing parameter max log size = 50 doing parameter restrict anonymous = 2 doing parameter admin users = root @ntadmins doing parameter hosts allow = 192.168. 127.0.0.1 doing parameter interfaces = hme0 lo0 doing parameter server schannel = yes doing parameter server signing = auto doing parameter passdb backend = tdbsam:/usr/local/samba/private/passdb.tdb doing parameter unix password sync = Yes doing parameter passwd program = /bin/passwd %u doing parameter passwd chat = "*passwd: Changing password for*" \\n "*New password:*" %n\\n "*Re-enter new Password:*" %n\\n "*passwd: password successfully changed for*" doing parameter add user script = /usr/sbin/useradd -m %u doing parameter delete user script = /usr/sbin/userdel -r %u doing parameter add group script = /usr/sbin/groupadd %g doing parameter delete group script = /usr/sbin/groupdel %g doing parameter add user to group script = /usr/sbin/usermod -G %g %u doing parameter add machine script = /usr/sbin/useradd -d /dev/null -G machines -c "Machine account" -s /bin/false %u doing parameter logon script = netlogon.bat doing parameter logon path = \\%L\%U\profile doing parameter logon drive = J: doing parameter os level =
[Samba] login from XP
Hello, I'm having a problem logging in to the Samba domain from an XP machine. The machine is added to the domain but after reboot I can't login. I've done the signorseal registry hack but I'm still not able to login. The error I get when logging in is this: "Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. If this message continues to appear, contact your system administrator for assistance." The event viewer on the XP machine shows this Netlogon error: "This computer could not authenticate with \\SERVER, a Windows domain controller for domain DOMAIN, and therefore this computer might deny requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator." I've included a capture file that includes smb.conf, output of pdbedit -Lv, and log.nmbd. Thanks for your help, Carlos -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Network Drives Dropping Out
Il 21/09/2004, alle ore 17:07, Adam Tauno WIlliams ha scritto: > The redXs mean the connection has been dropped probably due to idle Right. I just want to add that I also noticed this problem on Windows 2000 Pro clients where Roxio Easy CD Creator 5 was installed, with a slightly different behaviour: all network drives _always_ appeared as disconnected, right from boot up, although they were accessible. Uninstalling Easy CD Creator made the problem go away, and reinstalling it made it come back. I found other users with the same problem on the Roxio forum, but no solution. -- Ciao, Marco. ..."Skylarking", XTC 1986 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SFU Samba Permission Denied
I recently ran into a problem accessing Samba shares from SFU. From SFU's /net directory, I could read from files, move files, create directories and even append to files using >>. But, when I tried to create a file, I received a "Permission Denied" message. After looking at the logs I found something which looked out of place. I am currently using (I tried many different variations): WindowsXP SP1; SFU version 3.5 RedHat version 7.2; Samba version 3.0.7 Below is from the client log after turning the debug level to 10: [2004/09/21 15:06:46, 10] smbd/posix_acls.c:set_nt_acl(2990) set_nt_acl: called for file test1.txt [2004/09/21 15:06:46, 5] smbd/posix_acls.c:unpack_nt_owners(909) unpack_nt_owners: validating owner_sids. [2004/09/21 15:06:46, 10] passdb/lookup_sid.c:sid_to_uid(401) sid_to_uid: winbind lookup for non-local sid S-1-5-21-1951701912-1418144344-1147873810-2551 failed [2004/09/21 15:06:46, 3] smbd/posix_acls.c:unpack_nt_owners(927) unpack_nt_owners: unable to validate owner sid for S-1-5-21-1951701912-1418144344-1147873810-2551 unpack_nt_owners returns False which causes set_nt_acl to return False which leads to the Permission Denied error message. Only SFU clients cause Samba to call set_nt_acl on this share. The share, btw, is on an ext3 file system with no ACL support. Why is set_nt_acl being called? Bug? I tried compiling with no ACL support. I also tried several different share options that looked like they would prevent ACL support. But, SFU still causes Samba to try and set ACL's using set_nt_acl. If anyone has any ideas on how to bypass ACL checking/setting using compile or configuration options, please let me know. For now, I patched posix_acls.c to bypassed set_nt_acl and the SFU clients are working. Ed Spragins -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Audit
Il 21/09/2004, alle ore 17:43, rruegner ha scritto: > as a work around you can use the recycle module, > so whatever they delete you will have it Thanks, I already use it, and I use a cron scripts which regularly empties recycle dirs and logs down all deleted files. But: 1. empty directories (such as the one in my example) do not go to the recycle dir, they are directly deleted, as far as I can tell; 2. even if it worked, it would only be useful for deleted files, and not to track down who did the latest modification to file xyz etc. -- Ciao, Marco. ..."Outside", David Bowie 1995 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Folder Permissions
On Tue, 21 Sep 2004 15:27:50 -0600, Travis Bullock <[EMAIL PROTECTED]> wrote: > Thanks for the tip. > > A couple more issues. How do I query samba to see which version it is > running? if you installed from RPM - rpm -qa | grep samba if you installed from source - locate samba (then it should tell you a bunch) I think you can also look at log.smdb or log.nmdb and I am sure I made this the hardest possible - there is probably someting liek smb --version > > Also I understand the concept of chmod to reset permisssions on linux > folders but if I were to execute such a command to a folder I intend to > share with a Windows Domain, how do I specify Windows users and groups in > the chmod command when those users and groups aren't really established > within linux but merely queried from the PDC? man chgrp man chown one of the two (or both) you can chown user.group FILENAME and it handles both changes if you getent passwd or getent group , doesnt it show all your NT users? I did winbind once (way back when) and I believe set up properly, linux sees the groups/users > > Thanks dude. > > Travis > > > > -Original Message- > From: Chris McKeever [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 21, 2004 3:12 PM > To: Travis Bullock > Subject: Re: [Samba] Folder Permissions > > On Tue, 21 Sep 2004 15:09:29 -0600, Travis Bullock <[EMAIL PROTECTED]> > wrote: > > Hi, > > > > I have Samba up and running as well as winbind. I have ran some tests to > > confirm that yes indeed winbind is able to query the Windows NT 4.0 PDC > for > > user/group/password information. > > > > However I am having difficulty understanding how to set shares up in samba > > so that I can apply permissions to them using my Windows user information > > rather than creating each user on samba with the same password as windows > > etc etc. I thought winbind was supposed to eliminate this requirement and > > because the winbind daemon is able to successfully query the PDC I am > > surprised that it has not. > > > > When I try and access the share from a Windows client I get an "Access > > Denied" error. > > > > I have read through the Official HOW-TO but am still stumped on how to > > properly apply permissions to a samba share. > > first you need to set the LINUX permissions - I typically either make > it readable by everyone (and then control access by smb.conf) or I set > it to the correct user a/o group > > then you can control who can get into the shares VIA smb.conf > > what are your linux permissions on the folder? > > NOTE: I am using 2.2.8a - so your mileage may vary > > > > > Please help. > > > > Cheers, > > > > Travis > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP Pro SP2 issues
Hello everyone, I have foolishly installed SP2 on a XP Pro laptop and now I can't print to samba printers anymore. I have upgraded to samba 3.0.7 on my server but it still doesn't work. I see they have patched the 2.2.11 version for something that looks like my issue, but nothing for 3.0.7. I attempted to downgrade my server to 2.2.11, but let's just say that didn't go well. Source build vs. RPM initial install. Any ideas? Thanks. Pete -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Folder Permissions
On Tue, 21 Sep 2004 15:09:29 -0600, Travis Bullock <[EMAIL PROTECTED]> wrote: > Hi, > > I have Samba up and running as well as winbind. I have ran some tests to > confirm that yes indeed winbind is able to query the Windows NT 4.0 PDC for > user/group/password information. > > However I am having difficulty understanding how to set shares up in samba > so that I can apply permissions to them using my Windows user information > rather than creating each user on samba with the same password as windows > etc etc. I thought winbind was supposed to eliminate this requirement and > because the winbind daemon is able to successfully query the PDC I am > surprised that it has not. > > When I try and access the share from a Windows client I get an "Access > Denied" error. > > I have read through the Official HOW-TO but am still stumped on how to > properly apply permissions to a samba share. first you need to set the LINUX permissions - I typically either make it readable by everyone (and then control access by smb.conf) or I set it to the correct user a/o group then you can control who can get into the shares VIA smb.conf what are your linux permissions on the folder? NOTE: I am using 2.2.8a - so your mileage may vary > > Please help. > > Cheers, > > Travis > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Folder Permissions
Hi, I have Samba up and running as well as winbind. I have ran some tests to confirm that yes indeed winbind is able to query the Windows NT 4.0 PDC for user/group/password information. However I am having difficulty understanding how to set shares up in samba so that I can apply permissions to them using my Windows user information rather than creating each user on samba with the same password as windows etc etc. I thought winbind was supposed to eliminate this requirement and because the winbind daemon is able to successfully query the PDC I am surprised that it has not. When I try and access the share from a Windows client I get an "Access Denied" error. I have read through the Official HOW-TO but am still stumped on how to properly apply permissions to a samba share. Please help. Cheers, Travis -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] USRMGR.EXE & smbpasswd as password backend
Hi to everybody. I'm using samba 3.0.6 as PDC and everything is ok. I'm now trying to use some windows managing tool, as USRMGR to add user and group, but I'm finding some problem, in particular about some of the user configuration detail that I can't set. I've read that there is an usefull tool to manage all the user detail but I don't know how to set up the add script Essentially I ask to you if you know which parameters (for example %u as user name) are passed from USRMGR to SAMBA when you try to add an user or a group so I can create an appropriate script!!! I hope you can understand (sorry for my english)! Thanks to all -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Folder Permission
On RedHat 2.4 kernel try: use sendfile = no Sincerely, Szymon Machajewski MCSD, RHCT, CNA, MySQL Core, CompTIA Linux+ Grand Rapids Community College >>> Igor Belyi <[EMAIL PROTECTED]> 9/21/2004 3:14:09 PM >>> Pavel Santos wrote: > I'm sharing a few folders on a linux red hat 9 box and for some reason I can't open then from my windows computers. > I setup the smb users to be the same as the Windows users. Below is my share configuration in samba. Can you specify what did you do to make them the same? Did you look in samba logs to see if there's any error messages? Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend - working now
On Tuesday 21 September 2004 14:13, Gustavo Lima wrote: > John, > > Just berfore I explain how it worked a last question. In NT networks we > need to replicate WINS between PDCs. Is this needed in samba? How does it > work? Or I have to use the same WINS server to all PDC over WAN? Not clear > for me. You need to use one single WINS server. WINS replication is not yet fully implemented and is therefore not functional. - John T. > > I did this way. > > Joined the local domain. > > Created a machine account with smbldap-useradd -w dom2 on domain 1 machine. > > Then changed it´s password and at last changed the sambaAcctFlags in ldap > db to [I]. > > At this time the trusting was showed on list command. > > Then I did the same on the domain 2 machine. > > Ending the story I established the trust on dom1 with the command > > net rpc trustdom establish dom2 > > and put the dom2 machine account password. > > At last I repeated the process on machine dom2. > > Logged on WinXP and everything was working fine. > > Thank´s by the tips. Were very usefull. > > Gustavo -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend - working now
John, Just berfore I explain how it worked a last question. In NT networks we need to replicate WINS between PDCs. Is this needed in samba? How does it work? Or I have to use the same WINS server to all PDC over WAN? Not clear for me. I did this way. Joined the local domain. Created a machine account with smbldap-useradd -w dom2 on domain 1 machine. Then changed it´s password and at last changed the sambaAcctFlags in ldap db to [I]. At this time the trusting was showed on list command. Then I did the same on the domain 2 machine. Ending the story I established the trust on dom1 with the command net rpc trustdom establish dom2 and put the dom2 machine account password. At last I repeated the process on machine dom2. Logged on WinXP and everything was working fine. Thank´s by the tips. Were very usefull. Gustavo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Losing election
Craig, The my server samba (samba 2.2.7a, red hat 9.0) is losing election for workstations winxp(I have workstations win98 and winxp), see my nmbd.log and my smb.conf. [2004/07/29 16:18:52, 0] nmbd/nmbd_incomingdgrams.c:process_master_browser_announce(403) process_master_browser_announce: Cannot find workgroup HMAR on subnet UNICAST_SUBNET [2004/07/29 17:53:42, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 32409 received with no matching record. [2004/07/29 17:55:21, 0] nmbd/nmbd.c:process(502) Got SIGHUP dumping debug info. [2004/07/29 17:55:21, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(289) dump_workgroups() dump workgroup on subnet 10.0.0.203: netmask=255.255.0.0: HMAR(1) current master browser = AUDITORIA2 NOE 40099b0b (Samba Server) The name of my server is noe and my workgroup/domain is Hmar [global] workgroup = HMAR netbios name = noe netbios aliases = noe server string = Samba Server ; comment = PDC Suporte Tecnico admin users = root ; hosts allow = 192.168.1. 192.168.2. 127. printcap name = /etc/printcap load printers = yes printing = cups log file = /var/log/samba/%m.log max log size = 100 ; debug level = 0 security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 100 announce as = NT Server domain master = yes preferred master = yes domain logons = yes logon script = %U.bat logon path = \\%N\profilesxp\%u dns proxy = no default service = homes I dont know what can to be! Edilson -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: failed tcon_X with NT_STATUS_ACCESS_DENIED
On Tuesday 21 September 2004 13:20, Igor Belyi wrote: > [EMAIL PROTECTED] wrote: > > can someone please tell me why im getting this error, i can join my other > > AD servers just this one fails. > > ... > > > [2004/09/20 17:58:31, 3] libsmb/cliconnect.c:cli_start_connection(1376) > > Connecting to host=WIN2KSERVER > > [2004/09/20 17:58:31, 3] lib/util_sock.c:open_socket_out(752) > > Connecting to 192.168.0.10 at port 445 > > [2004/09/20 17:58:31, 1] libsmb/cliconnect.c:cli_full_connection(1476) > > failed tcon_X with NT_STATUS_ACCESS_DENIED > > [2004/09/20 17:58:31, 1] utils/net.c:connect_to_ipc_anonymous(191) > > Cannot connect to server (anonymously). Error was > > NT_STATUS_ACCESS_DENIED > > Could be a firewall blocking access to port 445 It could also mean that on this WIN2KSERVER anonymous access has been disabled via a registry (security) setting. That is a likely cause. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] All Roaming Profiles Point to Same User
In my Workplace we have samba 3.0.3 running on our server with Clients ranging from WinXP and Windows 2000 to MacOSX and Linux. After a server crash, and having to rebuild our Authentication server we have had a problem where specific Windows PC's will point to the same profile for all roaming users. The "set" command returns USERPROFILE=C:\Documents and Settings\user where user is whatever user's profile has become the default for all roaming profiles. This problem presents a huge security concern, as the data belonging to the user that becomes the default is now available to all roaming users on that system. This problem seems to remain with specific computers, those pc's on which the "default" user has logged in at a point in time. The problem follows all users that have logged into the affected PC, infecting their profiles on login. The only solution we currently have to this problem is the deletion of all profiles that have been involved. The problem has been seen in different departments with no known interaction, so the assumption is that this is a server problem. Have you encountered this problem before, or do you have any suggestions on how to solve this. Thanks. _ Express yourself instantly with MSN Messenger! Download today - it's FREE! hthttp://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend
On Tuesday 21 September 2004 13:09, Gustavo Lima wrote: > John, > > I cleanned all the entries from my ldap. Created the OUs again. > > Joined the local and the remote domain. > > dom1:/etc# net rpc join -S dom1 -U Administrator%passwd > dom1:/etc# net rpc join -S dom2 -U Administrator%passwd No. Each machine needs to join its own domain. - John T. > > Created the machine user: > > dom1:/etc/smbldap-tools# smbldap-useradd -a -i dom2 > New password : 123456 > Retype new password : 123456 > dom1:/etc/smbldap-tools# net rpc trustdom add dom2 123456 > Password: 123456 > > Then I listed the trusts: > > teste1:/etc/smbldap-tools# net rpc trustdom list > Password: (here, everything I type works) > Trusted domains list: > > none > > Trusting domains list: > > none > > Other tip? > > Gustavo -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: failed tcon_X with NT_STATUS_ACCESS_DENIED
no there is no firewall between these, thanks i found a problem (thanks to John Terpstra) with my windows AD servers, that may be my prob. im testing it now. thanks Igor Belyi <[EMAIL PROTECTED] k.ac93.org>To Sent by: [EMAIL PROTECTED] samba-bounces+ego cc [EMAIL PROTECTED] samba.org Subject [Samba] Re: failed tcon_X with NT_STATUS_ACCESS_DENIED 09/21/2004 03:20 PM [EMAIL PROTECTED] wrote: > can someone please tell me why im getting this error, i can join my other > AD servers just this one fails. ... > [2004/09/20 17:58:31, 3] libsmb/cliconnect.c:cli_start_connection(1376) > Connecting to host=WIN2KSERVER > [2004/09/20 17:58:31, 3] lib/util_sock.c:open_socket_out(752) > Connecting to 192.168.0.10 at port 445 > [2004/09/20 17:58:31, 1] libsmb/cliconnect.c:cli_full_connection(1476) > failed tcon_X with NT_STATUS_ACCESS_DENIED > [2004/09/20 17:58:31, 1] utils/net.c:connect_to_ipc_anonymous(191) > Cannot connect to server (anonymously). Error was > NT_STATUS_ACCESS_DENIED Could be a firewall blocking access to port 445 Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba This e-mail message is for the sole use of the intended recipient(s) and may contain proprietary, confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient (or an employee or agent responsible to deliver it to the intended recipient), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply e-mail. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Corrupted userid in mail folders - Crisis
On Tuesday 21 September 2004 13:06, Igor Belyi wrote: > John H Terpstra wrote: > > On Tuesday 21 September 2004 11:38, Igor Belyi wrote: > >>Just for clarification, do you happen to have "idmap backend" parameter > >>in your smb.conf? > > > > You only need that if you are running LDAP and have multiple servers and > > want the same SID/uid mapping on all servers. In that case there should > > be no winbindd_idmap.tdb file. > > There's also a possibility that it isn't used and file could have been > left there when winbindd was reconfigured from using local file to using > LDAP. I haven't seen smb.conf in this thread and somehow everyone stated > to assume that mappings are stored locally. I just want to make sure > that this assumption is correct. If samba was run before setting up the "idmap backend" parameter then a winbindd_idmap.tdb file would have been created. Simply delete it, it should not be used once the LDAP backend has been configured. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Corrupted userid in mail folders - Crisis
On Tuesday 21 September 2004 13:06, Igor Belyi wrote: > John H Terpstra wrote: > > On Tuesday 21 September 2004 11:38, Igor Belyi wrote: > >>Just for clarification, do you happen to have "idmap backend" parameter > >>in your smb.conf? > > > > You only need that if you are running LDAP and have multiple servers and > > want the same SID/uid mapping on all servers. In that case there should > > be no winbindd_idmap.tdb file. > > There's also a possibility that it isn't used and file could have been > left there when winbindd was reconfigured from using local file to using > LDAP. I haven't seen smb.conf in this thread and somehow everyone stated > to assume that mappings are stored locally. I just want to make sure > that this assumption is correct. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: failed tcon_X with NT_STATUS_ACCESS_DENIED
[EMAIL PROTECTED] wrote: can someone please tell me why im getting this error, i can join my other AD servers just this one fails. ... [2004/09/20 17:58:31, 3] libsmb/cliconnect.c:cli_start_connection(1376) Connecting to host=WIN2KSERVER [2004/09/20 17:58:31, 3] lib/util_sock.c:open_socket_out(752) Connecting to 192.168.0.10 at port 445 [2004/09/20 17:58:31, 1] libsmb/cliconnect.c:cli_full_connection(1476) failed tcon_X with NT_STATUS_ACCESS_DENIED [2004/09/20 17:58:31, 1] utils/net.c:connect_to_ipc_anonymous(191) Cannot connect to server (anonymously). Error was NT_STATUS_ACCESS_DENIED Could be a firewall blocking access to port 445 Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Folder Permission
Pavel Santos wrote: I'm sharing a few folders on a linux red hat 9 box and for some reason I can't open then from my windows computers. I setup the smb users to be the same as the Windows users. Below is my share configuration in samba. Can you specify what did you do to make them the same? Did you look in samba logs to see if there's any error messages? Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend
John, I cleanned all the entries from my ldap. Created the OUs again. Joined the local and the remote domain. dom1:/etc# net rpc join -S dom1 -U Administrator%passwd dom1:/etc# net rpc join -S dom2 -U Administrator%passwd Created the machine user: dom1:/etc/smbldap-tools# smbldap-useradd -a -i dom2 New password : 123456 Retype new password : 123456 dom1:/etc/smbldap-tools# net rpc trustdom add dom2 123456 Password: 123456 Then I listed the trusts: teste1:/etc/smbldap-tools# net rpc trustdom list Password: (here, everything I type works) Trusted domains list: none Trusting domains list: none Other tip? Gustavo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Corrupted userid in mail folders - Crisis
John H Terpstra wrote: On Tuesday 21 September 2004 11:38, Igor Belyi wrote: Just for clarification, do you happen to have "idmap backend" parameter in your smb.conf? You only need that if you are running LDAP and have multiple servers and want the same SID/uid mapping on all servers. In that case there should be no winbindd_idmap.tdb file. There's also a possibility that it isn't used and file could have been left there when winbindd was reconfigured from using local file to using LDAP. I haven't seen smb.conf in this thread and somehow everyone stated to assume that mappings are stored locally. I just want to make sure that this assumption is correct. Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend
On Tuesday 21 September 2004 11:29, Gustavo Lima wrote: > John, > > Thank´s for answering, but still the same problem. I think is better for us > to go step by step. > > Well, I joined the remote domain and the local domain with the net rpc join > command. Then after I tried to create the machine account with the command > net rpc trustdom add DOM2 654. Then I´m asked for another password: > > dom1:~# net rpc trustdom add DOM2 654 > Password: Before you do this, use the smbldap-useradd tool to create the trust account. Then set a pasword on it. That is the one you need to use. - John T. > > What password is this one asked after the command. Anything I put there > don´t give me an error but doesn´t give me a sucessfull output later on > "net rpc trustdom list". Still giving me "none" in trusting and trusted > domains list. So I think before trying to reach the end, I should have to > make a trusting domains add sucessfull. > > Can you tell me where is good docs about it or give me a step by step > configuration? > > Thank´s once again. > > Gustavo > - Original Message - > From: "John H Terpstra" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, September 21, 2004 12:53 PM > Subject: Re: [Samba] Trust relationship between two samba with ldap backend > > On Tuesday 21 September 2004 08:33, Gustavo Lima wrote: > > Hi All, > > > > I´m working hard on understing how to make trust relationship work > > between to samba servers with ldap backend. > > > > In my lab I have two Debian Sarge boxes running samba 3.0.7 with openldap > > 2.1.30. I joined each other domain with both machines. In the first one > > (DOM1) I created the machine account with the command > > smbldap-useradd -a -i > > > DOM2 and set it´s password. Did the same on the second box with > > smbldap-useradd -a -i DOM3. The strange thing is that these trust domain > > account doesn´t have the $ simbol in front of it. > > > > Next I´ve tried to add the trusting in DOM1 using the command "net rpc > > trustdom add DOM2 123" and retyped the passsword. And did with DOM2 "net > > rpc trustdom add DOM1 654" and retyped the password. > > > > And then I tried to establish the trust relationship in DOM1 doing "net > > rpc > > > trustdom establish DOM2" typed the password 654 and got the following > > error: > > > > [2004/09/21 10:53:19, 0] utils/net_rpc.c:rpc_trustdom_establish(3075) > > Couldn't verify trusting domain account. Error was NT_STATUS_OK > > > > Did the same on DOM2 and got the same error. > > > > Does anybody have a clue of what I´m doing wrong? > > First, before setting up the trust relationship, you need to join each > Samba server to its own domain. > > net rpc join > > Then the setting up of the trust should work. > > - John T. > > > Thank´s you all. > > > > Gustavo > > -- > John H Terpstra > Samba-Team Member > Phone: +1 (650) 580-8668 > > Author: > The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 > Samba-3 by Example, ISBN: 0131472216 > Hardening Linux, ISBN: 0072254971 > OpenLDAP by Example, ISBN: 0131488732 > Other books in production. > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Corrupted userid in mail folders - Crisis
On Tuesday 21 September 2004 11:38, Igor Belyi wrote: > John H Terpstra wrote: > >>Thing were running fine, at least that's what it appeared like. Then > >>sporadically people started getting authentication error when logging > >> into their IMAP mailboxes. Next the deputy principal reported that she > >> had received other people's mail. So I ran the following script to > >> reset all the folders: > > > > Also, make sure that the file winbindd_idmap.tdb never gets deleted. It > > stores the SID to UID mappings and if it gets zapped you will see the > > symptoms you have reported. > > Just for clarification, do you happen to have "idmap backend" parameter > in your smb.conf? You only need that if you are running LDAP and have multiple servers and want the same SID/uid mapping on all servers. In that case there should be no winbindd_idmap.tdb file. - John T. > > Igor -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] files being blanked by writing
I'm running Samba 2.2.8a on SuSE Linux 8.1 with kernel 2.4.19. I have a share defined by this on a web server to allow members of the jamigos group to edit web pages. [users] comment = User Web Pages path = /home valid users = @jamigos read only = No create mask = 0664 force create mode = 0664 directory mask = 0775 force directory mode = 0775 browseable = No I received a few complaints of save errors followed by missing web pages so I decided to check it out. Via this share, I opened the file /home/wasdnord/public_html/4133/1RIGHT.HTM with Mozilla. Here were the permissions at the filesystem level ahead of time. The group jamigos is one of my supplementary groups. drwxrwsr-x+ 2 wasdnordjamigos 104 Sep 21 11:38 ../4133 and stat shows permissions of 2775. -rw-rw-r--+ 1 wasdnordjamigos 2334 Oct 16 2003 1RIGHT.HTM and stat shows 0664. I made a small change, added a word to the bottom of the file, and tried to save it. This gave me the rather generic error of "Saving File failed!" via Mozilla Composer. I looked at the file on the server to see this: -rw-rw-r--+ 1 wasdnordjamigos 0 Sep 21 12:00 1RIGHT.HTM What was being reported to me as missing pages was actually files having their contents erased. I deleted the file and saved again, this time with no problems yielding: -rw-rw-r--+ 1 joines jamigos 2626 Sep 21 12:19 1RIGHT.HTM. It's not an issue of file permissions as I can make the changes with vi directly on the filesystme with no problem. It's not an editor issue as I tried both Mozilla and Kate on Linux whereas the problems reported to me were with a wide variety of editors including frontpage on windows. Once I own the file, it all works as expected. Just before trying this I turned the log level up to 3 and here's what I got: [2004/09/21 11:59:43, 3] smbd/dosmode.c:unix_mode(111) unix_mode(wasdnord/public_html/4133/1RIGHT.HTM) returning 0664 [2004/09/21 11:59:43, 3] smbd/oplock_linux.c:linux_set_kernel_oplock(186) linux_set_kernel_oplock: got kernel oplock on file wasdnord/public_html/4133/1RIGHT.HTM, dev = 805, inode = 8439294, file_id = 435 [2004/09/21 11:59:43, 2] smbd/open.c:open_file(247) joines opened file wasdnord/public_html/dnor.jpg read=Yes write=No (numopen=1) [2004/09/21 12:00:02, 2] smbd/open.c:open_file(247) joines opened file wasdnord/public_html/4133/1RIGHT.HTM read=Yes write=Yes (numopen=1) [2004/09/21 12:00:02, 3] smbd/trans2.c:call_trans2setfilepathinfo(2394) call_trans2setfilepathinfo(6) wasdnord/public_html/4133/1RIGHT.HTM info_level=1004 totdata=40 [2004/09/21 12:00:02, 3] smbd/error.c:error_packet(94) error string = Operation not permitted [2004/09/21 12:00:02, 3] smbd/error.c:error_packet(113) error packet at smbd/trans2.c(2859) cmd=50 (SMBtrans2) NT_STATUS_ACCESS_DENIED Naturally, there was tons of other stuff in the log at this level so I'm not even sure if these errors in the log are related to this particular problem. Any ideas? Thanks, Jason Joines = -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Corrupted userid in mail folders - Crisis
John H Terpstra wrote: Thing were running fine, at least that's what it appeared like. Then sporadically people started getting authentication error when logging into their IMAP mailboxes. Next the deputy principal reported that she had received other people's mail. So I ran the following script to reset all the folders: Also, make sure that the file winbindd_idmap.tdb never gets deleted. It stores the SID to UID mappings and if it gets zapped you will see the symptoms you have reported. Just for clarification, do you happen to have "idmap backend" parameter in your smb.conf? Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend
John, Thank´s for answering, but still the same problem. I think is better for us to go step by step. Well, I joined the remote domain and the local domain with the net rpc join command. Then after I tried to create the machine account with the command net rpc trustdom add DOM2 654. Then I´m asked for another password: dom1:~# net rpc trustdom add DOM2 654 Password: What password is this one asked after the command. Anything I put there don´t give me an error but doesn´t give me a sucessfull output later on "net rpc trustdom list". Still giving me "none" in trusting and trusted domains list. So I think before trying to reach the end, I should have to make a trusting domains add sucessfull. Can you tell me where is good docs about it or give me a step by step configuration? Thank´s once again. Gustavo - Original Message - From: "John H Terpstra" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 21, 2004 12:53 PM Subject: Re: [Samba] Trust relationship between two samba with ldap backend On Tuesday 21 September 2004 08:33, Gustavo Lima wrote: > Hi All, > > I´m working hard on understing how to make trust relationship work between > to samba servers with ldap backend. > > In my lab I have two Debian Sarge boxes running samba 3.0.7 with openldap > 2.1.30. I joined each other domain with both machines. In the first one > (DOM1) I created the machine account with the command smbldap-useradd -a -i > DOM2 and set it´s password. Did the same on the second box with > smbldap-useradd -a -i DOM3. The strange thing is that these trust domain > account doesn´t have the $ simbol in front of it. > > Next I´ve tried to add the trusting in DOM1 using the command "net rpc > trustdom add DOM2 123" and retyped the passsword. And did with DOM2 "net > rpc trustdom add DOM1 654" and retyped the password. > > And then I tried to establish the trust relationship in DOM1 doing "net rpc > trustdom establish DOM2" typed the password 654 and got the following > error: > > [2004/09/21 10:53:19, 0] utils/net_rpc.c:rpc_trustdom_establish(3075) > Couldn't verify trusting domain account. Error was NT_STATUS_OK > > Did the same on DOM2 and got the same error. > > Does anybody have a clue of what I´m doing wrong? First, before setting up the trust relationship, you need to join each Samba server to its own domain. net rpc join Then the setting up of the trust should work. - John T. > > Thank´s you all. > > Gustavo -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Corrupted userid in mail folders
Christoph Sheeder wrote: > > hi, > i had a similiar efect when i accidently placed the samba-tdb > files in a > folder which got clean up each and every time by an automatic > script. as winbindd does the mapping from AD-users/groups to local > userids/groupids not algorithmical a user gets a new id each > time the mapping db-gets deleted. For you, this results in a > change of the owner/group of the files. Christoph > I've checked out the file /var/cache/samba/winbindd_idmap.tdb and it does indeed contain the mappings of the windows UIDs to Linux userids. However that file had not been deleted ever as far as I know. Is it possible that a slow or congested network link or a bad network line could cause this behaviour? I have an old hub (10mb/s half-duplex.. Eek!) in the network, and since the internet link is only 64k, we link through that to our firewall machine. I'm thinking, if 30 or 40 people check their mail that line could cause a lot of collisions and errors. The question is: If winbind cannot authenticate/verify a user, will it give a wrong userid? Surely there is some error checking in the system, not allowing garbage to be accepted? Even if garbage was picked up, it wouldn't match other userids perfectly, would it?? I'm going to plug in a 100meg desktop switch into that section and see what happens... Roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Question on Load Balancing between password server
On Tuesday 21 September 2004 10:29, Yimin Chen wrote: > Hi John, > > > Thanks for the clarification! How often does smbd check the file's > time/date signiture? Everytime when a request needs to be transferred over? If I recall, every 20 seconds or so. Check the sources - its all in the sources Luke. :) - John T. > > > > Thanks! > Yimin > > John H Terpstra wrote: > > On Monday 20 September 2004 18:54, Yimin Chen wrote: > >>Hi, > >> > >>I saw the following documentation regarding how to specify multiple > >>domain controllers for Samba member server to authenticate a user: > >> > >>- > >>“password server = DOMPDC DOMBDC1 DOMBDC2 > >> > >>These are the primary and backup domain controllers Samba will attempt > >>to contact in order to authenticate users. Samba will try to contact > >>each of these servers in order, so you may want to rearrange this list > >>in order to spread out the authentication load among domain > >>controllers.” > >>- > >> > >>How can we rearrange the list while Samba server is already running? I > >>suppose there must be a way to Samba server to pick up the changes > >>without being restarted? > >> > >>Your suggestion is appreciated! > > > > smbd re-reads the smb.conf file when the time/date signature has changed. > > In other words, it is automatically re-read after a change is made. > > > > - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Corrupted userid in mail folders - Crisis
On Tuesday 21 September 2004 10:20, Roland Giesler wrote: > Christoph Scheeder asked > > > Hi, > > 1.) is this a new installation > > No, it was Mandrake 8.2 box, but was recently upgraded to Mandrake 10. > > > 2.) if not what was changed when the failure first occured? > > Thing were running fine, at least that's what it appeared like. Then > sporadically people started getting authentication error when logging into > their IMAP mailboxes. Next the deputy principal reported that she had > received other people's mail. So I ran the following script to reset all > the folders: Also, make sure that the file winbindd_idmap.tdb never gets deleted. It stores the SID to UID mappings and if it gets zapped you will see the symptoms you have reported. - John T. > > #!/bin/bash > > export IFS=: > > echo "Auto-creating home directories for windows domain users" > > getent passwd|grep ":10[0-9][0-9][0-9]"|while read USER FLAG USERUID > USERGID USER_LONG USERHOME USERSHELL; do > if [ -e $USERHOME ]; then > echo "Setting ownership of existing $USERHOME" > chown -R $USERUID.$USERGID $USERHOME > else > echo "Creating $USERHOME for $USER with $USERUID/$USERGID" > mkdir $USERHOME; > cp -a /etc/skel/* $USERHOME > chown -R $USERUID.$USERGID $USERHOME > fi > done; > > After this the all appeared to be fine. > > But then a few hours later thing got even worse. Even squid's cache file > got wrong ownership and stopped squid from spawning child processes. > > Eventually the machine hangs and I cannot see why. Btw is the a log where > hanging processes can be logged? Or could I enable logging to syslog? > > I restarted the machine about an hour ago and all folders seem fine now > > > 3.) please could you verify if the numeric user/group id's of > > the files in question change? use > > > > ls -ln > > > > on the files for this check. > > I would bet the numeric user/group id's don't change even when the > > usernames mapped to them change. > > please verify and post the result back to me. > > I'm checking that now. As soon as I have an id that's changed, I test and > post the result. > > Roland -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Filename problem (filenames containing slashes aka. \and /)
Hi Mark , what about a using a mac server, this should solve your problems and you should be able to compile samba 3 on mac os 10 too Regards Mark C. Casey schrieb: If I can add more to that... It needs to be accessible from both OS 9.x, 10.x and possibly (maybe) >from Windows. So, for me Samba seems like the best option since all three can access Samba. Netatalk seems to have the most elegant solution of file naming but that isn't accessible from Windows unless I have both Netatalk and Samba running on the same machine sharing the same directory. (which I currently do) I guess you need to see my other post to understand. The whole "test / sedrs \ sfg" and "test :2f sedrs \ sfg" thing. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mark C. Casey Sent: 21 September 2004 17:10 To: rruegner Cc: [EMAIL PROTECTED] Subject: RE: [Samba] Filename problem (filenames containing slashes aka. \and /) They use a mixture of OS 9.x (primary Mac OS they use) and 10.x. So NFS is probably out of the question. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 17:04 To: rruegner Cc: Mark C. Casey; [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as thought about your problem did you try nfs or ssh for this file types, as your users use mac os 10 this maybe a possible solution, but i am nearly sure that windows will fail to open it , if your try to catch them afterwards from a win client. but perhaps its a workaround Regards rruegner schrieb: Hi Mark, i had this problems too, when i worked with some grafics , i wrote a bash script which renamed there special filenames every day. Maybe a guru has an solution for you , but in case of /\ i dont know any Regards Mark C. Casey schrieb: Unfortunately this is something that is extremely important. There are LOTS of filenames which contain slashes. Some of these are also customer artwork, meaning we cannot go about renaming them either. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 14:50 To: Mark C. Casey Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Regards Mark C. Casey schrieb: I'm currently in the process of creating a fileserver so some mac guys at the company I work at can save files as a backup medium. (long story short i'm creating a fileserver running samba 3 with 1TB of storage) However, a lot of the files that they want backed up contain characters that samba refuses to accept (when I try transferring a file to the samba share with say the filename as "test \ test / test" the mac reports that it cannot transfer the file. I've been told there is a way to use UTF8 with Samba 3 so it can accept these, how can I do this? Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba as Active Directory replacement - is it possible?
I'm actually considering a similar exercise. I understand to run OpenLDAP you would need some database like PostGRE or mySQL (someone, can't remember who, said you need PostGRE) Roland > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On Behalf Of John H Terpstra > Sent: 21 September 2004 17:36 > To: [EMAIL PROTECTED] > Subject: Re: [Samba] Samba as Active Directory replacement - > is it possible? > > > On Tuesday 21 September 2004 04:49, Tomasz Chmielewski wrote: > > Hello, > > > > I've been trying to figure out if it's possible to replace Active > > Directory with Samba (+ OpenLDAP, Kerberos, DNS etc.) on > Linux - but > > from what I've found I'm not sure. > > > > Is it possible, or partially possible (I don't need every > feature of > > AD)? What additional software (besides Samba) will I need? > > > > What functionality will I loose? > > > > Where can I find any HOWTOS/documents on this? I spent an hour > > googling but found nothing promising so far. > > http://www.samba.org/samba/docs/Samba-Guide.pdf > > Check chapters 5,6,7,9 > > If you need more information contact me direct. > > - John T. > > > > > > > Tomek > > > > > -- > > Startuj z INTERIA.PL... >>> http://link.interia.pl/f1834 > > -- > John H Terpstra > Samba-Team Member > Phone: +1 (650) 580-8668 > > Author: > The Official Samba-3 HOWTO & Reference Guide, ISBN: > 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening > Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 > Other books in production. > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Question on Load Balancing between password server
Hi John, Thanks for the clarification! How often does smbd check the file's time/date signiture? Everytime when a request needs to be transferred over? Thanks! Yimin John H Terpstra wrote: On Monday 20 September 2004 18:54, Yimin Chen wrote: Hi, I saw the following documentation regarding how to specify multiple domain controllers for Samba member server to authenticate a user: - “password server = DOMPDC DOMBDC1 DOMBDC2 These are the primary and backup domain controllers Samba will attempt to contact in order to authenticate users. Samba will try to contact each of these servers in order, so you may want to rearrange this list in order to spread out the authentication load among domain controllers.” - How can we rearrange the list while Samba server is already running? I suppose there must be a way to Samba server to pick up the changes without being restarted? Your suggestion is appreciated! smbd re-reads the smb.conf file when the time/date signature has changed. In other words, it is automatically re-read after a change is made. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Corrupted userid in mail folders - Crisis
Christoph Scheeder asked > > Hi, > 1.) is this a new installation No, it was Mandrake 8.2 box, but was recently upgraded to Mandrake 10. > 2.) if not what was changed when the failure first occured? Thing were running fine, at least that's what it appeared like. Then sporadically people started getting authentication error when logging into their IMAP mailboxes. Next the deputy principal reported that she had received other people's mail. So I ran the following script to reset all the folders: #!/bin/bash export IFS=: echo "Auto-creating home directories for windows domain users" getent passwd|grep ":10[0-9][0-9][0-9]"|while read USER FLAG USERUID USERGID USER_LONG USERHOME USERSHELL; do if [ -e $USERHOME ]; then echo "Setting ownership of existing $USERHOME" chown -R $USERUID.$USERGID $USERHOME else echo "Creating $USERHOME for $USER with $USERUID/$USERGID" mkdir $USERHOME; cp -a /etc/skel/* $USERHOME chown -R $USERUID.$USERGID $USERHOME fi done; After this the all appeared to be fine. But then a few hours later thing got even worse. Even squid's cache file got wrong ownership and stopped squid from spawning child processes. Eventually the machine hangs and I cannot see why. Btw is the a log where hanging processes can be logged? Or could I enable logging to syslog? I restarted the machine about an hour ago and all folders seem fine now > 3.) please could you verify if the numeric user/group id's of > the files in question change? use > > ls -ln > > on the files for this check. > I would bet the numeric user/group id's don't change even when the > usernames mapped to them change. > please verify and post the result back to me. I'm checking that now. As soon as I have an id that's changed, I test and post the result. Roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Filename problem (filenames containing slashes aka. \and /)
If I can add more to that... It needs to be accessible from both OS 9.x, 10.x and possibly (maybe) from Windows. So, for me Samba seems like the best option since all three can access Samba. Netatalk seems to have the most elegant solution of file naming but that isn't accessible from Windows unless I have both Netatalk and Samba running on the same machine sharing the same directory. (which I currently do) I guess you need to see my other post to understand. The whole "test / sedrs \ sfg" and "test :2f sedrs \ sfg" thing. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mark C. Casey Sent: 21 September 2004 17:10 To: rruegner Cc: [EMAIL PROTECTED] Subject: RE: [Samba] Filename problem (filenames containing slashes aka. \and /) They use a mixture of OS 9.x (primary Mac OS they use) and 10.x. So NFS is probably out of the question. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 17:04 To: rruegner Cc: Mark C. Casey; [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as thought about your problem did you try nfs or ssh for this file types, as your users use mac os 10 this maybe a possible solution, but i am nearly sure that windows will fail to open it , if your try to catch them afterwards from a win client. but perhaps its a workaround Regards rruegner schrieb: > Hi Mark, > i had this problems too, when i worked with some grafics , > i wrote a bash script which renamed there special filenames every day. > Maybe a guru has an solution for you , but in case of /\ i dont know any > Regards > > Mark C. Casey schrieb: > >> Unfortunately this is something that is extremely important. >> >> There are LOTS of filenames which contain slashes. >> >> Some of these are also customer artwork, meaning we cannot go about >> renaming them either. >> >> Mark >> >> -Original Message- >> From: rruegner [mailto:[EMAIL PROTECTED] >> Sent: 21 September 2004 14:50 >> To: Mark C. Casey >> Cc: [EMAIL PROTECTED] >> Subject: Re: [Samba] Filename problem (filenames containing slashes aka. >> \ and /) >> >> >> Hi Mark, >> as far i know, >> \ / are interpreted as path signs, i am not clear why any software >> should interpret this in another way. >> using special signs as filenames are a bug in user brain not in the >> software of fileservers, whatever you use >> Regards >> >> Mark C. Casey schrieb: >> >>> I'm currently in the process of creating a fileserver so some mac >>> guys at the company I work at can save files as a backup medium. >>> (long story short i'm creating a fileserver running samba 3 with 1TB >>> of storage) >>> >>> However, a lot of the files that they want backed up contain >>> characters that samba refuses to accept (when I try transferring a >>> file to the samba share with say the filename as "test \ test / test" >>> the mac reports that it cannot transfer the file. >>> >>> I've been told there is a way to use UTF8 with Samba 3 so it can >>> accept these, how can I do this? >>> >>> Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Too many handles on this pipe
OK, I have managed to find the culprit for the [2004/09/21 16:43:01, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) create_policy_hnd: ERROR: too many handles (1025) on this pipe. error messages, to find this I changed the log file = samba.log.%m to get the machine name, and watched for the huge file. It turns out that this is my 2k3 server, I have no idea why it would be doing this, as there is nothing special that i can think of that the 2k3 box does. If anyone wants logs etc please ask, i'm stumped! Thanks, H EDIT: just for a laugh, i rejoined the domain, there have been no more of these messages! I will report again tomorrow... Hamish wrote: Hi Jerry The samba server is 3.0.7-SuSE from suse rpms, running on suse 9.0. It is running in domain member mode, auth against w2k3 server with winbind. It is just a file/print server, with nothing too fancy about it. Is there a way to find out which client is causing it? Thanks, Hamish Gerald (Jerry) Carter wrote: Hamish wrote: | I removed and reinstalled samba 3.0.3pre2-SuSE on a SuSE 9.0 | server in a failed attempt to upgrade to 3.0.5 (there | were many cryptic dependancy errors, after a day with | google, i gave up) Everything seemed to work ok after the | install (from suse rpms) but the logs are full of: | | [datetime,0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) | create_policy_hnd: ERROR: too many handles (1025) on this pipe. The client is trying to open an excessive number of handles on a given named pipe instance. Any idea what application is causing this ? And this special about your environment? cheers, jerry - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc "If we're adding to the noise, turn off this song"--Switchfoot (2003) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Filename problem (filenames containing slashes aka. \ and /)
They use a mixture of OS 9.x (primary Mac OS they use) and 10.x. So NFS is probably out of the question. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 17:04 To: rruegner Cc: Mark C. Casey; [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as thought about your problem did you try nfs or ssh for this file types, as your users use mac os 10 this maybe a possible solution, but i am nearly sure that windows will fail to open it , if your try to catch them afterwards from a win client. but perhaps its a workaround Regards rruegner schrieb: > Hi Mark, > i had this problems too, when i worked with some grafics , > i wrote a bash script which renamed there special filenames every day. > Maybe a guru has an solution for you , but in case of /\ i dont know any > Regards > > Mark C. Casey schrieb: > >> Unfortunately this is something that is extremely important. >> >> There are LOTS of filenames which contain slashes. >> >> Some of these are also customer artwork, meaning we cannot go about >> renaming them either. >> >> Mark >> >> -Original Message- >> From: rruegner [mailto:[EMAIL PROTECTED] >> Sent: 21 September 2004 14:50 >> To: Mark C. Casey >> Cc: [EMAIL PROTECTED] >> Subject: Re: [Samba] Filename problem (filenames containing slashes aka. >> \ and /) >> >> >> Hi Mark, >> as far i know, >> \ / are interpreted as path signs, i am not clear why any software >> should interpret this in another way. >> using special signs as filenames are a bug in user brain not in the >> software of fileservers, whatever you use >> Regards >> >> Mark C. Casey schrieb: >> >>> I'm currently in the process of creating a fileserver so some mac >>> guys at the company I work at can save files as a backup medium. >>> (long story short i'm creating a fileserver running samba 3 with 1TB >>> of storage) >>> >>> However, a lot of the files that they want backed up contain >>> characters that samba refuses to accept (when I try transferring a >>> file to the samba share with say the filename as "test \ test / test" >>> the mac reports that it cannot transfer the file. >>> >>> I've been told there is a way to use UTF8 with Samba 3 so it can >>> accept these, how can I do this? >>> >>> Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Filename problem (filenames containing slashes aka. \ and /)
Hi Mark, as thought about your problem did you try nfs or ssh for this file types, as your users use mac os 10 this maybe a possible solution, but i am nearly sure that windows will fail to open it , if your try to catch them afterwards from a win client. but perhaps its a workaround Regards rruegner schrieb: Hi Mark, i had this problems too, when i worked with some grafics , i wrote a bash script which renamed there special filenames every day. Maybe a guru has an solution for you , but in case of /\ i dont know any Regards Mark C. Casey schrieb: Unfortunately this is something that is extremely important. There are LOTS of filenames which contain slashes. Some of these are also customer artwork, meaning we cannot go about renaming them either. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 14:50 To: Mark C. Casey Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Regards Mark C. Casey schrieb: I'm currently in the process of creating a fileserver so some mac guys at the company I work at can save files as a backup medium. (long story short i'm creating a fileserver running samba 3 with 1TB of storage) However, a lot of the files that they want backed up contain characters that samba refuses to accept (when I try transferring a file to the samba share with say the filename as "test \ test / test" the mac reports that it cannot transfer the file. I've been told there is a way to use UTF8 with Samba 3 so it can accept these, how can I do this? Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Filename problem (filenames containing slashes aka. \and /)
I've since got it partially working with Netatalk. I can access it on OS 9 machines but not OS 10 for some reason. For example, I created a directory called "test / sedrs \ sfg" and according to ls the actual filename under linux is "test :2f sedrs \ sfg". So, it displays great on the Mac. So i'm sortof halfway there since the OS 10 machines cannot access the netatalk share. :D Still, I would prefer if there was a way to do this using Samba 3 instead. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of rruegner Sent: 21 September 2004 16:53 To: Simon Hobson Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \and /) Sorry Simon, for sure the users does what their os allows them to do, but that musnt be named as inteligent in anyway. Building filenames which are not compatibel between varias oses is simply brainbugged, in my proffesional setups, i never gave support to users which worked so.My oppinion is , thats simply their problem. If i would know a solution, i would work it out ,but i dont know a solution which will help out with creating filesnames in any case, so the simple advice not to do so, seems to me the best way, until some wonder may come . Regards Simon Hobson schrieb: > rruegner wrote: > >> as far i know, >> \ / are interpreted as path signs, i am not clear why any software >> should interpret this in another way. >> using special signs as filenames are a bug in user brain not in the >> software of fileservers, whatever you use > > > Except that the Mac uses neither (internally it uses ':' as a path > element separator) and both are valid for use in filenames (as are ?, *, > -, and a whole pile more). So in the context of the original query, > there is no element "bug in user brain" - the users have simply been > using what the OS allows. > > Interestingly, with OS X if I create a folder called Test/Folder, in a > terminal shell ls shows it as Test:Folder. > > Simon > > PS - and no this isn't an attempt to start a "my OS is better than > yours" war ! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] mapping multiple groups with: net groupmap?
Sorry if this is obvious but I'm not up to speed yet with Samba 3. Google turned up this command: net groupmap modify ntgroups="Domain users" unixgroup=users which would be all fine and dandy if everybody was in the same primary group, which they are not, since it completely defeats the purpose of having groups in the first place. On my system we currently have 87 groups (one per research group) and about 1300 registered users. There's no way I'm putting 1300 names on one line in a "group" file, even assuming that that sort of secondary group assignment would work here, which I doubt. I tried feeding the command above a comma separated list of groups, but that didn't work: Unable to lookup UNIX group users,biostaff. Make sure the group exists. So what is the magic command to tell Samba to map _ALL_ unix accounts to "Domain users"? That's I think what most of us need for the default value. Samba Version 3.0.6 Thanks. David Mathog [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust relationship between two samba with ldap backend
On Tuesday 21 September 2004 08:33, Gustavo Lima wrote: > Hi All, > > I´m working hard on understing how to make trust relationship work between > to samba servers with ldap backend. > > In my lab I have two Debian Sarge boxes running samba 3.0.7 with openldap > 2.1.30. I joined each other domain with both machines. In the first one > (DOM1) I created the machine account with the command smbldap-useradd -a -i > DOM2 and set it´s password. Did the same on the second box with > smbldap-useradd -a -i DOM3. The strange thing is that these trust domain > account doesn´t have the $ simbol in front of it. > > Next I´ve tried to add the trusting in DOM1 using the command "net rpc > trustdom add DOM2 123" and retyped the passsword. And did with DOM2 "net > rpc trustdom add DOM1 654" and retyped the password. > > And then I tried to establish the trust relationship in DOM1 doing "net rpc > trustdom establish DOM2" typed the password 654 and got the following > error: > > [2004/09/21 10:53:19, 0] utils/net_rpc.c:rpc_trustdom_establish(3075) > Couldn't verify trusting domain account. Error was NT_STATUS_OK > > Did the same on DOM2 and got the same error. > > Does anybody have a clue of what I´m doing wrong? First, before setting up the trust relationship, you need to join each Samba server to its own domain. net rpc join Then the setting up of the trust should work. - John T. > > Thank´s you all. > > Gustavo -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Filename problem (filenames containing slashes aka. \ and /)
Sorry Simon, for sure the users does what their os allows them to do, but that musnt be named as inteligent in anyway. Building filenames which are not compatibel between varias oses is simply brainbugged, in my proffesional setups, i never gave support to users which worked so.My oppinion is , thats simply their problem. If i would know a solution, i would work it out ,but i dont know a solution which will help out with creating filesnames in any case, so the simple advice not to do so, seems to me the best way, until some wonder may come . Regards Simon Hobson schrieb: rruegner wrote: as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Except that the Mac uses neither (internally it uses ':' as a path element separator) and both are valid for use in filenames (as are ?, *, -, and a whole pile more). So in the context of the original query, there is no element "bug in user brain" - the users have simply been using what the OS allows. Interestingly, with OS X if I create a folder called Test/Folder, in a terminal shell ls shows it as Test:Folder. Simon PS - and no this isn't an attempt to start a "my OS is better than yours" war ! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Upgrade Novell 4.11 to Samba 3.0.7 wisdom needed
Hello, I didn't think that Novell 4.11 used LDAP but could be wrong. Later versions use LDAP with their schema extensions. I went from Novell 5.1 to Samba 3.0.0. I moved users a little at a time removing the Novell client from client machines and reconfiguring networking. Since I am with a school system the HS students are dumped at the end of the year and accounts recreated in the fall. It was a difficult process but I feel worth it. Kent N Misty Stanley-Jones <[EMAIL PROTECTED]> wrote: > Has anybody done such a thing as this? I'm looking to make this transition as > smooth as possible. I have the new fileserver up and running, and I'm using > rsync to keep the Novell data current on the Samba server. Any words of > advice on transferring the users and groups and permissions over to the new > server in the least painful way possible? I have some idea that Novell uses > LDAP so that I should be able do it somehow. I don't want to screw this > upgrade up, and any help would be appreciated. I am hoping someone has > already done it before and has written a Howto or something about it. > > Thanks, > Misty > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Audit
Hi Marco, as a work around you can use the recycle module, so whatever they delete you will have it Regards Marco De Vitis schrieb: Il 20/09/2004, alle ore 15:55, rruegner ha scritto: hi, i have something like this in the logs [2004/04/22 08:35:55, 2] smbd/open.c:open_file(240) tanrit opened file tanrit/Vorlagen/winword2.doc read=Yes write=No (numopen=5) so its user time file what else do you miss? Some actions are not logged. My need came when an empty directory appeared from nowhere in the root of a samba share. My boss asked me to check what happened, but I could find no trace at all of the dir creation. Indeed, I just tried with Samba 3.0.7, log level = 2 and extd_audit active: from a Win2000 client I created and then deleted a directory inside a share, and nothing about this was logged. So it seems also audit modules are useless to me. :-/ Maybe more actions would be logged if using log level = 3, but this also creates loads of uninteresting (to me) log lines. The man page for smb.conf says that "This parameter has been extended since the 2.2.x series, now it allow to specify the debug level for multiple debug classes", but how can I know which debug classes are available to use, and how log level values affect them regarding logged operations? i tried to set /var/log/samba/%U.%m.log to have user at machine log but this fails, i guess of massive logging That's strange, I have almost the same setting and it works fine: log file = /var/log/samba/%m.%U.log -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Filename problem (filenames containing slashes aka. \ and /)
Hi Mark, i had this problems too, when i worked with some grafics , i wrote a bash script which renamed there special filenames every day. Maybe a guru has an solution for you , but in case of /\ i dont know any Regards Mark C. Casey schrieb: Unfortunately this is something that is extremely important. There are LOTS of filenames which contain slashes. Some of these are also customer artwork, meaning we cannot go about renaming them either. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 14:50 To: Mark C. Casey Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Regards Mark C. Casey schrieb: I'm currently in the process of creating a fileserver so some mac guys at the company I work at can save files as a backup medium. (long story short i'm creating a fileserver running samba 3 with 1TB of storage) However, a lot of the files that they want backed up contain characters that samba refuses to accept (when I try transferring a file to the samba share with say the filename as "test \ test / test" the mac reports that it cannot transfer the file. I've been told there is a way to use UTF8 with Samba 3 so it can accept these, how can I do this? Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Fw: [Samba] failed tcon_X with NT_STATUS_ACCESS_DENIED
On Tuesday 21 September 2004 07:11, [EMAIL PROTECTED] wrote: > I don't know if this got posted. > Sorry for the double. > Basically I have 4 Win AD servers I'm trying to use for password servers. > I can net join others but not this one. > All AD servers are identical and I have a computer account on all 4. > What does this error mean? Check the security settings on the AD server that will not permit you to join the domain. I suspect you will find it is locked down to prevent this type of access. - John T. > > Thank u ! > > I'm also getting intermittent password server not available and users > can't connect at random. I've tried samba 302-307 on solaris8 > > -- > Sent from my BlackBerry Wireless Handheld > > > > - Original Message - > From: samba-bounces+egold=fsa.com > Sent: 09/20/2004 06:01 PM > To: [EMAIL PROTECTED] > Subject: [Samba] failed tcon_X with NT_STATUS_ACCESS_DENIED > > > > > > can someone please tell me why im getting this error, i can join my other > AD servers just this one fails. > > > [EMAIL PROTECTED]:/usr/local/samba/var# net join -d 3 -w fsa.com -S > WIN2KSERVER -U Administrator > [2004/09/20 17:58:31, 3] param/loadparm.c:lp_load(3897) > lp_load: refreshing parameters > [2004/09/20 17:58:31, 3] param/loadparm.c:init_globals(1307) > Initialising global parameters > [2004/09/20 17:58:31, 3] param/params.c:pm_process(566) > params.c:pm_process() - Processing configuration file > "/usr/local/samba/lib/smb.conf" > [2004/09/20 17:58:31, 3] param/loadparm.c:do_section(3390) > Processing section "[Global]" > [2004/09/20 17:58:31, 2] lib/interface.c:add_interface(79) > added interface ip=192.168.0.5 bcast=192.168.0.255 nmask=255.255.255.0 > [2004/09/20 17:58:31, 3] libsmb/cliconnect.c:cli_start_connection(1376) > Connecting to host=WIN2KSERVER > [2004/09/20 17:58:31, 3] lib/util_sock.c:open_socket_out(752) > Connecting to 192.168.0.10 at port 445 > [2004/09/20 17:58:31, 1] libsmb/cliconnect.c:cli_full_connection(1476) > failed tcon_X with NT_STATUS_ACCESS_DENIED > [2004/09/20 17:58:31, 1] utils/net.c:connect_to_ipc_anonymous(191) > Cannot connect to server (anonymously). Error was > NT_STATUS_ACCESS_DENIED > Password: > > > > > This e-mail message is for the sole use of the intended recipient(s) and > may contain proprietary, confidential and/or privileged information. Any > unauthorized review, use, disclosure or distribution is prohibited. If you > are not the intended recipient (or an employee or agent responsible to > deliver it to the intended recipient), you may not copy or deliver this > message to anyone. In such case, you should destroy this message and kindly > notify the sender by reply e-mail. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problem adding users with smbpasswd
Pedro Silva wrote: smbpasswd -a $user $pass ldapsam_add_sam_account: SID 'S-1-5-21-3317586490-762025270-1437560638-12520' already in the base, with samba attributes Failed to add entry for user $user. Failed to modify password entry for user $user My guess is that your "add user script" generates 2-nd UNIX user with the same uid=5760. If you have "add user script" Samba will calculate RID (the value after the last '-' in the SID) as: "(uid*2) + rid_offset". This rid_offset can be changed with "algorithmic rid base" smb.conf parameter but is usually left as 1000. The first part of the SID is the SID of your Domain. Hope it helps, Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbmount hanging
John Thanks for your help, at last a person that will talk to me with suggestions. Apologies to the group I always thought smbfs was to do with the samba group, shows how little I know. I believe that smbfs links to cifs these days so will try to hunt down the group to do with cifs. Thanks again Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John H Terpstra Sent: 21 September 2004 16:24 To: [EMAIL PROTECTED] Subject: Re: [Samba] smbmount hanging Paul, If you are mounting shares that are on a Windows machine onto the file system of your Linux system then you are probably using smbfs - a Linux kernel file system driver. smbfs is not Samba. smbmount is a front-end utility that belongs to smbfs but shares some code with Samba. No-one on the Samba Team maintains these tools, they are maintained by the smbfs maintainers. Asking for help with smbfs on the Samba mailing list is a little like asking a Ford dealership to handle a warranty complaint for a GM automobile. smbfs is very old out-dated technology. cifsfs has replaced it in the Linux 2.6.x kernel. Suggest you look into cifsfs. Sorry, I do not wish to be rude, but you should check into cifsfs - it is more up to date compared with Samba-3.0.x. Cheers, John T. On Tuesday 21 September 2004 01:55, Paul Farrow wrote: > Reposted due to no response ... > > > Please please can someone shed some light on this one. > > I have mounted some windows 2003 shares onto the my linux box, > Supermicro dual xeon running fedora core 2 samba 3.0.6 using smbmount > and quite often the shares will die or just hang when there is a lot > of activity on them. > > Does anyone have any idea how to stop this happening? > > The errors that I get in smbmount.log is the following... > > tdb_lock failed on list 112 ltype=1 (bad file descriptor) > > > Looking on google only a few people have got this but no conclusive > resolution. > > I wondered if it meant that the file was in use exclusively from the > windows machine !!! > > Cheers > > Paul -- John H Terpstra, CTO PrimaStasys Inc. Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as Active Directory replacement - is it possible?
On Tuesday 21 September 2004 04:49, Tomasz Chmielewski wrote: > Hello, > > I've been trying to figure out if it's possible to replace Active > Directory with Samba (+ OpenLDAP, Kerberos, DNS etc.) on Linux - but > from what I've found I'm not sure. > > Is it possible, or partially possible (I don't need every feature of AD)? > What additional software (besides Samba) will I need? > > What functionality will I loose? > > Where can I find any HOWTOS/documents on this? I spent an hour googling > but found nothing promising so far. http://www.samba.org/samba/docs/Samba-Guide.pdf Check chapters 5,6,7,9 If you need more information contact me direct. - John T. > > > Tomek > > -- > Startuj z INTERIA.PL... >>> http://link.interia.pl/f1834 -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount hanging
Paul, If you are mounting shares that are on a Windows machine onto the file system of your Linux system then you are probably using smbfs - a Linux kernel file system driver. smbfs is not Samba. smbmount is a front-end utility that belongs to smbfs but shares some code with Samba. No-one on the Samba Team maintains these tools, they are maintained by the smbfs maintainers. Asking for help with smbfs on the Samba mailing list is a little like asking a Ford dealership to handle a warranty complaint for a GM automobile. smbfs is very old out-dated technology. cifsfs has replaced it in the Linux 2.6.x kernel. Suggest you look into cifsfs. Sorry, I do not wish to be rude, but you should check into cifsfs - it is more up to date compared with Samba-3.0.x. Cheers, John T. On Tuesday 21 September 2004 01:55, Paul Farrow wrote: > Reposted due to no response ... > > > Please please can someone shed some light on this one. > > I have mounted some windows 2003 shares onto the my linux box, Supermicro > dual xeon running fedora core 2 samba 3.0.6 using smbmount and quite often > the shares will die or just hang when there is a lot of activity on them. > > Does anyone have any idea how to stop this happening? > > The errors that I get in smbmount.log is the following... > > tdb_lock failed on list 112 ltype=1 (bad file descriptor) > > > Looking on google only a few people have got this but no conclusive > resolution. > > I wondered if it meant that the file was in use exclusively from the > windows machine !!! > > Cheers > > Paul -- John H Terpstra, CTO PrimaStasys Inc. Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Upgrade Novell 4.11 to Samba 3.0.7 wisdom needed
Has anybody done such a thing as this? I'm looking to make this transition as smooth as possible. I have the new fileserver up and running, and I'm using rsync to keep the Novell data current on the Samba server. Any words of advice on transferring the users and groups and permissions over to the new server in the least painful way possible? I have some idea that Novell uses LDAP so that I should be able do it somehow. I don't want to screw this upgrade up, and any help would be appreciated. I am hoping someone has already done it before and has written a Howto or something about it. Thanks, Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Network Drives Dropping Out
The redXs mean the connection has been dropped probably due to idle time, this is done in order to conserve resources on the server. This is normal. http://support.microsoft.com/default.aspx?scid=kb;en-us;297684 http://support.microsoft.com/default.aspx?scid=kb;EN-US;138365 > > I even have the red-crosses some times in my two-computer-home-network, > > but every time i double click the crossed-out share i can access it > > without problems. > >> I am looking after a site that is running redhat 7.2 and Samba 3.0.2a-1. > >> There is a mixture of Windows 98 and Windows XP clients on the network. > >> Recently the Windows XP clients have > >> been having problems with mapped network drives. The drives map fine but > >> certain times during the day users get access denied error messages when > >> accessing the drives. This lasts > >> for a few minutes and without having to touch anything they are back > >> working normally. Sometimes the drives in XP also come up with red > >> 'x' next > >> to them. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Corrupted userid in mail folders - Crisis
I run a network for a school as part of my duties and cannot resolve this problem. If I haven't given enough technical detail, please let me know, but I really need help with this. Thanks in advance Roland > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On Behalf Of Roland Giesler > Sent: 21 September 2004 14:48 > To: [EMAIL PROTECTED] > Subject: [Samba] Corrupted userid in mail folders > > > I have a Mandrake 10.0 Official server running Samba3, > Shorewall, Squid 2.5, Postfix and Courier-IMAP. > > Samba uses winbind to authenticate mail and proxy users > against a windows 2000 ADS server. > > I get corruption happening in the user's home directories and > elsewhere. The directory ownership changes all the time. One > moment a dir belongs to roland:Domain Users and the next > moment it's marjou:elahyl. The group and userid change, > causing absolute havoc with mail delivery as wrong mail lands > in people's mailboxes and users cannot be authenticated. > > My senior support technician is on honeymoon so I'm stuck. > > Restarting services makes no difference. > > If I run "getent passwd username" the results are 100% > correct. Also for "getend group groupname". > > Has anynone expereinced this or know of a fix. > > I'm somewhat clueless on some aspects, like I cannot check > the version of Samba, since the doesn't appear to be a > command switch for this. > > thanks > > Roland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Network Drives Dropping Out
Christoph Scheeder wrote: Hi, yes, we have seen this before. It seems not to be a samba issue, as one of our customers has had this symptoms in an winnt-only domain and they still persist after an upgrade of the DC to win2k. We have searched the complete network for problems, but couldn't find anything. running out of CAL's isn't the problem, and all the switches have been replaced. I even have the red-crosses some times in my two-computer-home-network, but every time i double click the crossed-out share i can access it without problems. It's not reproducible, nor does anything show up in the logs of samba. Not much help, i know. But you are not the only one facing this effect. Christoph Ditto herecan't seem to lock it down. [EMAIL PROTECTED] schrieb: Hi All, I am looking after a site that is running redhat 7.2 and Samba 3.0.2a-1. There is a mixture of Windows 98 and Windows XP clients on the network. Recently the Windows XP clients have been having problems with mapped network drives. The drives map fine but certain times during the day users get access denied error messages when accessing the drives. This lasts for a few minutes and without having to touch anything they are back working normally. Sometimes the drives in XP also come up with red 'x' next to them. Has anyone seen this before? Cheers -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trust relationship between two samba with ldap backend
Hi All, I´m working hard on understing how to make trust relationship work between to samba servers with ldap backend. In my lab I have two Debian Sarge boxes running samba 3.0.7 with openldap 2.1.30. I joined each other domain with both machines. In the first one (DOM1) I created the machine account with the command smbldap-useradd -a -i DOM2 and set it´s password. Did the same on the second box with smbldap-useradd -a -i DOM3. The strange thing is that these trust domain account doesn´t have the $ simbol in front of it. Next I´ve tried to add the trusting in DOM1 using the command "net rpc trustdom add DOM2 123" and retyped the passsword. And did with DOM2 "net rpc trustdom add DOM1 654" and retyped the password. And then I tried to establish the trust relationship in DOM1 doing "net rpc trustdom establish DOM2" typed the password 654 and got the following error: [2004/09/21 10:53:19, 0] utils/net_rpc.c:rpc_trustdom_establish(3075) Couldn't verify trusting domain account. Error was NT_STATUS_OK Did the same on DOM2 and got the same error. Does anybody have a clue of what I´m doing wrong? Thank´s you all. Gustavo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Filename problem (filenames containing slashes aka. \and /)
I'm still looking but is it possible to use mangled maps? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Simon Hobson Sent: 21 September 2004 15:10 To: [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \and /) rruegner wrote: >as far i know, >\ / are interpreted as path signs, i am not clear why any software >should interpret this in another way. >using special signs as filenames are a bug in user brain not in the >software of fileservers, whatever you use Except that the Mac uses neither (internally it uses ':' as a path element separator) and both are valid for use in filenames (as are ?, *, -, and a whole pile more). So in the context of the original query, there is no element "bug in user brain" - the users have simply been using what the OS allows. Interestingly, with OS X if I create a folder called Test/Folder, in a terminal shell ls shows it as Test:Folder. Simon PS - and no this isn't an attempt to start a "my OS is better than yours" war ! -- Simon Hobson MA MIEE, Technology Specialist Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101 Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount hanging
Reposted due to no response ... Call the kernel team, smbmount is their baby... unless I'm mistaken on what you're doing (besides spamming the list that is). -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] - The information contained in this message is privileged and intended only for the recipient names. If the reader is not a representative of the intended recipient, any review, dissemination or copying of this message or the information it contains is prohibited. If you have received this message in error, please immediately notify the sender, and delete the original message and attachments. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount hanging
Reposted due to no response ... Please please can someone shed some light on this one. I have mounted some windows 2003 shares onto the my linux box, Supermicro dual xeon running fedora core 2 samba 3.0.6 using smbmount and quite often the shares will die or just hang when there is a lot of activity on them. Does anyone have any idea how to stop this happening? The errors that I get in smbmount.log is the following... tdb_lock failed on list 112 ltype=1 (bad file descriptor) Looking on google only a few people have got this but no conclusive resolution. I wondered if it meant that the file was in use exclusively from the windows machine !!! Cheers Paul -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba Share Help Needed
Il 21/09/2004, alle ore 16:08, Ben ha scritto: > Question: How can I make the same directory only readable by the rest of > the users ? [pcbdata] comment = PCB Design Files path = /home/pcbadmin/pcbdata writable = no write list = pcbadmin -- Ciao, Marco. ..."Dancing", Mike Keneally & Beer for Dolphins 2000 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Filename problem (filenames containing slashes aka. \ and /)
rruegner wrote: as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Except that the Mac uses neither (internally it uses ':' as a path element separator) and both are valid for use in filenames (as are ?, *, -, and a whole pile more). So in the context of the original query, there is no element "bug in user brain" - the users have simply been using what the OS allows. Interestingly, with OS X if I create a folder called Test/Folder, in a terminal shell ls shows it as Test:Folder. Simon PS - and no this isn't an attempt to start a "my OS is better than yours" war ! -- Simon Hobson MA MIEE, Technology Specialist Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101 Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Share Help Needed
Hi, I have the following directory shared for the user "pcbadmin". He/she can mount and read/write without any difficulty: [pcbdata] comment = PCB Design Files path = /home/pcbadmin/pcbdata valid users = pcbadmin public = no writable = yes Question: How can I make the same directory only readable by the rest of the users ? TIA, Ben -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Audit
Il 20/09/2004, alle ore 15:55, rruegner ha scritto: > hi, i have something like this in the logs > [2004/04/22 08:35:55, 2] smbd/open.c:open_file(240) >tanrit opened file tanrit/Vorlagen/winword2.doc read=Yes write=No > (numopen=5) > so its user time file what else do you miss? Some actions are not logged. My need came when an empty directory appeared from nowhere in the root of a samba share. My boss asked me to check what happened, but I could find no trace at all of the dir creation. Indeed, I just tried with Samba 3.0.7, log level = 2 and extd_audit active: from a Win2000 client I created and then deleted a directory inside a share, and nothing about this was logged. So it seems also audit modules are useless to me. :-/ Maybe more actions would be logged if using log level = 3, but this also creates loads of uninteresting (to me) log lines. The man page for smb.conf says that "This parameter has been extended since the 2.2.x series, now it allow to specify the debug level for multiple debug classes", but how can I know which debug classes are available to use, and how log level values affect them regarding logged operations? > i tried to set > /var/log/samba/%U.%m.log > to have user at machine log but this fails, i guess of massive logging That's strange, I have almost the same setting and it works fine: log file = /var/log/samba/%m.%U.log -- Ciao, Marco. ..."Uncle Moe's Space Ranch", Garsed/Helmeric/Willis/Chambers/Kinsey 2001 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Filename problem (filenames containing slashes aka. \ and /)
Unfortunately this is something that is extremely important. There are LOTS of filenames which contain slashes. Some of these are also customer artwork, meaning we cannot go about renaming them either. Mark -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: 21 September 2004 14:50 To: Mark C. Casey Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Filename problem (filenames containing slashes aka. \ and /) Hi Mark, as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Regards Mark C. Casey schrieb: > I'm currently in the process of creating a fileserver so some mac guys at the > company I work at can save files as a backup medium. (long story short i'm creating > a fileserver running samba 3 with 1TB of storage) > > However, a lot of the files that they want backed up contain characters that samba > refuses to accept (when I try transferring a file to the samba share with say the > filename as "test \ test / test" the mac reports that it cannot transfer the file. > > I've been told there is a way to use UTF8 with Samba 3 so it can accept these, how > can I do this? > > Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Filename problem (filenames containing slashes aka. \ and /)
Hi Mark, as far i know, \ / are interpreted as path signs, i am not clear why any software should interpret this in another way. using special signs as filenames are a bug in user brain not in the software of fileservers, whatever you use Regards Mark C. Casey schrieb: I'm currently in the process of creating a fileserver so some mac guys at the company I work at can save files as a backup medium. (long story short i'm creating a fileserver running samba 3 with 1TB of storage) However, a lot of the files that they want backed up contain characters that samba refuses to accept (when I try transferring a file to the samba share with say the filename as "test \ test / test" the mac reports that it cannot transfer the file. I've been told there is a way to use UTF8 with Samba 3 so it can accept these, how can I do this? Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Filename problem (filenames containing slashes aka. \ and /)
I'm currently in the process of creating a fileserver so some mac guys at the company I work at can save files as a backup medium. (long story short i'm creating a fileserver running samba 3 with 1TB of storage) However, a lot of the files that they want backed up contain characters that samba refuses to accept (when I try transferring a file to the samba share with say the filename as "test \ test / test" the mac reports that it cannot transfer the file. I've been told there is a way to use UTF8 with Samba 3 so it can accept these, how can I do this? Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba server authenticating to NetWare server?
Le mardi 21 Septembre 2004 15:29, Chris Richardson a écrit : > Hello, Hello > I've been Googling and O'Reillying around this problem for the last > week without success, so I'm either stupid or it's not possible. My > money's still on stupid. > > Can someone confirm that I can't do what I want to do: > > - Have a SuSE 9.1 Linux box running Samba 3.0 exporting shares by SMB. > - Have users log into Windows boxes running a NetWare client, > authenticating by NDS to a Netware 6.5 server. If I remember well, since Netware > 5, the NDS can be interrogated by LDAP clients. > - Have the Windows users mount SMB shares with an encrypted password > that is authenticated by Samba against the NetWare server, either using NDS > or LDAP. I did it a year ago against a eDirectory server, but I needed to extend its schema with the samba-nds.schema (that is include in samba). > If I've understood what I've read so far, a Samba server receiving an > encrypted password with a mount request must have a local smbpasswd > file to validate it. Is there really no mechanism for passing the > authentication buck to an NDS or LDAP server? If you configure smbd to use LDAP as passdb, there might be no problem. Samba will read the encrypted password in the samba(NT|LM)Password attribute of the LDAP entry. Good luck -- Pierre Dinh-van -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.7; "string overflow by 1 (32 - 31) in safe_strcpy"
Hello, I'm using samba 3.0.4 (on RHL9) as a W2k3 domain member in an ADS realm. For printing I'm using CUPS of RHL9. The XP clients get the CUPS printers (CUPS redirects the printjob to the JetDirect card of the printer) and the appropriate PCL drivers installed via the "Point 'n Print" mechanism. The clients get their printers installed via de AD login script and the there are installed via de DNS name of the printer (e.g. \\dussel.nh-hoteles.com\DUSSEL_LASER01) A printer driver that is being used is, for example, the "HP LaserJet 4200 PCL 5e". The above works fine, XP clients get the printer installed ("DUSSEL_LASER01 on dussel" in their own "Printer and Faxes" folder and the appropriate drivers are installed on the client too. So far so good. After the upgrade to samba 3.0.7 however (had the same with 3.0.6) I see in the log files of the clients the following messages (a lot of them): \\192.168.100.151\DUSSEL_LASER01] [2004/09/21 12:10:34, 0] lib/util_str.c:safe_strcpy_fn(600) ERROR: string overflow by 1 (32 - 31) in safe_strcpy Besides that, the XP clients get a second printer installed "DUSSEL_LASER01 on 192.168.100.151" besides the "DUSSEL_LASER01 on dussel" printer (which is actually the same). I played a little with downgrading to 3.0.4 and upgrading 3.0.7 and the way the XP clients get their printers installed. This is what I encountered: - 3.0.4; printer installed via DNS name; "DUSSEL_LASER01 on dussel" as printer on client. - 3.0.7; printer installed via NETBIOS name (\\DUSSEL\DUSSEL_LASER01); "DUSSEL_LASER01 on dussel" as printer; "string overflow by 1" messages. - 3.0.7; printer installed via DNS name; "DUSSEL_LASER01 on dussel" and "DUSSEL_LASER01 on 192.168.100.151" as printer on client; "string overflow by 1" messages. Removing user profiles on the XP client: - 3.0.7; printer installed via DNS name; "DUSSEL_LASER01 on 192.168.100.151" as printer on client; "string overflow by 1" messages. How I have to deal with this new behavior of samba with CUPS? I'd like to upgrade my other samba sites to 3.0.7, but when I get troubles with printers on the clients some people are gonna shoot me :) I posted a similar message before, but I didn't get any response. I can't imagine that I'm the only one with the "string overflow by 1" messages and this behavior of 3.0.7 and CUPS... Or am I? :) Thanx for any answer. -- Regards, Alex de Vaal. Visit our Web site: http://www.nh-hotels.com This message is from NH HOTELES and it is private and confidential. Its content may be legally protected.Reception by a non-intended person does not waive legal protection rights. If you receive this message by mistake, please delete it from your system and report the sender. Although this message has been cleared for viruses using currently available virus definitions before sending, it is the responsibility of the receiver to ensure it is virus-free.Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Corrupted userid in mail folders
Roland Giesler schrieb: I have a Mandrake 10.0 Official server running Samba3, Shorewall, Squid 2.5, Postfix and Courier-IMAP. Samba uses winbind to authenticate mail and proxy users against a windows 2000 ADS server. I get corruption happening in the user's home directories and elsewhere. The directory ownership changes all the time. One moment a dir belongs to roland:Domain Users and the next moment it's marjou:elahyl. The group and userid change, causing absolute havoc with mail delivery as wrong mail lands in people's mailboxes and users cannot be authenticated. My senior support technician is on honeymoon so I'm stuck. Restarting services makes no difference. If I run "getent passwd username" the results are 100% correct. Also for "getend group groupname". Has anynone expereinced this or know of a fix. I'm somewhat clueless on some aspects, like I cannot check the version of Samba, since the doesn't appear to be a command switch for this. thanks Roland hi, i had a similiar efect when i accidently placed the samba-tdb files in a folder which got clean up each and every time by an automatic script. as winbindd does the mapping from AD-users/groups to local userids/groupids not algorithmical a user gets a new id each time the mapping db-gets deleted. For you, this results in a change of the owner/group of the files. Christoph -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba server authenticating to NetWare server?
Hello, I've been Googling and O'Reillying around this problem for the last week without success, so I'm either stupid or it's not possible. My money's still on stupid. Can someone confirm that I can't do what I want to do: - Have a SuSE 9.1 Linux box running Samba 3.0 exporting shares by SMB. - Have users log into Windows boxes running a NetWare client, authenticating by NDS to a Netware 6.5 server. - Have the Windows users mount SMB shares with an encrypted password that is authenticated by Samba against the NetWare server, either using NDS or LDAP. If I've understood what I've read so far, a Samba server receiving an encrypted password with a mount request must have a local smbpasswd file to validate it. Is there really no mechanism for passing the authentication buck to an NDS or LDAP server? If this is true, it looks like my options are: - Keep using our outdated, flaky NFS to Netware bridge until it drives me insane, - Use plain-text passwords with the mount requests, or, - Have separate local passwords on the Samba server. Any suggestions gratefully received. Chris -- Dr Chris Richardson - sysadmin, Structural Biology Section, icr.ac.uk -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Copying
>This is probably a permissions issue, but I just can't see a way of >getting round this other than logging in as each user and copying the >home directoris that way. I believe rsync will do what you want. I use it for backing up files from one machine to another. Here's the command i usually use: rsync -avvR --delete --rsh="ssh -c arcfour" /source remote:/remotedir where "source" is the source directory on the machine being copied, "remote" is the remote server name, and "remotedir" is where you want the files to go on the remote server. The "-c arcfour" in the ssh command seems to speed the transfer. On Tuesday 21 September 2004 04:47 am, Karl Wheeler wrote: >Hi, > >First up samba is great, I've been running samba for over three years >now and I've never had any seriuous probs. But now I have come up >against a problem that I can't solve. > >I've recently created a backup server that I want to copy my samba >shares too on a daily basis. ( I already do a tape backup of the main >server every day with no probs, but hey I'm paranoid OK :) > >I have mounted the relevant partitions from the backup server and > tried to copy over the files. This works OK for the '/shared/' > driectories but it won't work with the /home directories. > > >I'm gratefull for any help or comments ( and flaming, probably ) > >Thanx -- Dan Ramaley Digital Media Library Specialist (515) 271-1934 Cowles Library 140, Drake University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem adding users with smbpasswd
Hi! I've a working samba PDC with a ldap backend configured. I've tried to add some users to samba with smbpasswd -a command but I encountered a little problem. I've made a script that reads a file with user and password info and executes the following line: smpasswd -a $user $pass The problem that I encountered was that I had this information on two files. The first one I added without any problems but the second it started to say this: smbpasswd -a $user $pass ldapsam_add_sam_account: SID 'S-1-5-21-3317586490-762025270-1437560638-12520' already in the base, with samba attributes Failed to add entry for user $user. Failed to modify password entry for user $user In fact if i do an ldap search the sid already exists for another user added in the first file. Why is samba using the same SID's? Pedro Silva -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] nmbd logging in 3.0.6 ?
Hello everybody, -| -| Due to a config typo, I could not find any log.nmbd og log.smbd. -| -| When I realized my own error, I was able to establish -| -| the log.smbd when starting the daemon with the -l (or --logfile) -| -| parameter. This, however, works only for smbd - nmbd seems -| -| to ignore the mentioned parameter totally. -| -| -| -| Cheers, Joern. -| -| -| i have the same problem. I'm running successfully two server -| instances on one host and want to redirect the logfiles for -| each instance. -| This works for smbd but not for nmbd or winbindd. -| (i assume, they ignore the command line -l switch) I just upgraded to 3.0.7 and it seems to be fixed. Mit freundlichem Gruß, Dirk Laurenz Systems Engineer Fujitsu Siemens Computers Sales Central Europe Deutschland Professional Service Organisation Nord / Ost Hildesheimer Strasse 25 30880 Laatzen Germany Telephone: +49 (511) 84 89 - 18 08 Telefax:+49 (511) 84 89 - 25 18 08 Mobile: +49 (170) 22 10 781 Email: mailto:[EMAIL PROTECTED] Internet: http://www.fujitsu-siemens.com http://www.fujitsu-siemens.de/rl/servicesupport/itdienstleistungen/competencecenter.html *** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Fw: [Samba] failed tcon_X with NT_STATUS_ACCESS_DENIED
I don't know if this got posted. Sorry for the double. Basically I have 4 Win AD servers I'm trying to use for password servers. I can net join others but not this one. All AD servers are identical and I have a computer account on all 4. What does this error mean? Thank u ! I'm also getting intermittent password server not available and users can't connect at random. I've tried samba 302-307 on solaris8 -- Sent from my BlackBerry Wireless Handheld - Original Message - From: samba-bounces+egold=fsa.com Sent: 09/20/2004 06:01 PM To: [EMAIL PROTECTED] Subject: [Samba] failed tcon_X with NT_STATUS_ACCESS_DENIED can someone please tell me why im getting this error, i can join my other AD servers just this one fails. [EMAIL PROTECTED]:/usr/local/samba/var# net join -d 3 -w fsa.com -S WIN2KSERVER -U Administrator [2004/09/20 17:58:31, 3] param/loadparm.c:lp_load(3897) lp_load: refreshing parameters [2004/09/20 17:58:31, 3] param/loadparm.c:init_globals(1307) Initialising global parameters [2004/09/20 17:58:31, 3] param/params.c:pm_process(566) params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf" [2004/09/20 17:58:31, 3] param/loadparm.c:do_section(3390) Processing section "[Global]" [2004/09/20 17:58:31, 2] lib/interface.c:add_interface(79) added interface ip=192.168.0.5 bcast=192.168.0.255 nmask=255.255.255.0 [2004/09/20 17:58:31, 3] libsmb/cliconnect.c:cli_start_connection(1376) Connecting to host=WIN2KSERVER [2004/09/20 17:58:31, 3] lib/util_sock.c:open_socket_out(752) Connecting to 192.168.0.10 at port 445 [2004/09/20 17:58:31, 1] libsmb/cliconnect.c:cli_full_connection(1476) failed tcon_X with NT_STATUS_ACCESS_DENIED [2004/09/20 17:58:31, 1] utils/net.c:connect_to_ipc_anonymous(191) Cannot connect to server (anonymously). Error was NT_STATUS_ACCESS_DENIED Password: This e-mail message is for the sole use of the intended recipient(s) and may contain proprietary, confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient (or an employee or agent responsible to deliver it to the intended recipient), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply e-mail. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Corrupted userid in mail folders
I have a Mandrake 10.0 Official server running Samba3, Shorewall, Squid 2.5, Postfix and Courier-IMAP. Samba uses winbind to authenticate mail and proxy users against a windows 2000 ADS server. I get corruption happening in the user's home directories and elsewhere. The directory ownership changes all the time. One moment a dir belongs to roland:Domain Users and the next moment it's marjou:elahyl. The group and userid change, causing absolute havoc with mail delivery as wrong mail lands in people's mailboxes and users cannot be authenticated. My senior support technician is on honeymoon so I'm stuck. Restarting services makes no difference. If I run "getent passwd username" the results are 100% correct. Also for "getend group groupname". Has anynone expereinced this or know of a fix. I'm somewhat clueless on some aspects, like I cannot check the version of Samba, since the doesn't appear to be a command switch for this. thanks Roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Slow Printing from XP clients with SP2?
> Hi everyone, > > I had this problem, too. I solved it by creating a "local port" in the > printers folder on xp sp2 client (don't browse thru Network!), > attaching this port to the UNC-Path on my Samba 3.07 Server, e.g. > \\linuxsrv\hp_laserjet1150. Then install your printer , put it on > file: or > lpt1: during installation. Now point this printer to the local port. From > this moment, it worked flawless. > > Please let me know if this works for you (and excuse my grammar...). > > greetz, > Oliver > > "Harald Lux" <[EMAIL PROTECTED]> schrieb im Newsbeitrag > news:[EMAIL PROTECTED] > > > > Any news on this problem? We experienced the same problem. But only > > from a user who is connected via VPN > > > > BTW not only with printing to samba. Also the client/server > > communication to a hylafax server is lagging extremely. > > > > Rohan Gilchrist wrote: > > > > > It's very similar to this bug, however, I don't get a core dump > > > when I > try to print. > > > > > The print job works, it just takes much, much longer from SP 2 > > > boxes > than SP 1 boxes. > > > > > I'll look at moving to 3.0.6 though :) > > > > Did this solve the problem? > > > > > > TIA > > Harald Lux > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem with Excel on a share with ACLs
> -Original Message- > From: Martin Konold [mailto:[EMAIL PROTECTED] > > Also, do you have a default ACL set > > on the directory? > > No. All files in the directory have very different ACLs. What > would the default ACL be good for? It wouldn't do any good, in that case. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Thank you for contacting NorthStar Solutions. Please see the following web page for details about how you may place your purchase: http://www.nstarsolutions.com/purchase.htm __ NOTE: To stay ahead of spam, this e-mail account is not read. However, you may forward your message to the following e-mail account where a real person interested in your message will read it. Please note that the following e-mail account may only be active for a few more days (spammers, don't waste your time collecting it). [EMAIL PROTECTED] __ In the future, just click on any of the "Send us E-mail" links at any page on our web site. That way you need not memorize our e-mail address -- you just need to have our web site bookmarked or memorized to easily contact us. We look forward to hearing from you soon. - NorthStar Solutions http://www.nstarsolutions.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems compiling samba-3.0.7 on Redhat-7.2
When compiling samba-3.0.7 on Redhat-7.2, stock kernel 2.4.26, I get undefined references: --- Compiling libads/ads_status.c with -fPIC Linking nsswitch/libnss_wins.so lib/system.po: In function `sys_dlopen': lib/system.po(.text+0xc17): undefined reference to `dlopen' lib/system.po: In function `sys_dlsym': lib/system.po(.text+0xc3b): undefined reference to `dlsym' lib/system.po: In function `sys_dlclose': lib/system.po(.text+0xc5c): undefined reference to `dlclose' lib/system.po: In function `sys_dlerror': lib/system.po(.text+0xc7a): undefined reference to `dlerror' lib/username.po: In function `user_in_netgroup_list': lib/username.po(.text+0xa47): undefined reference to `yp_get_default_domain' lib/access.po: In function `string_match': lib/access.po(.text+0x1d1): undefined reference to `yp_get_default_domain' lib/util.po: In function `automount_lookup': lib/util.po(.text+0x1eb9): undefined reference to `yp_get_default_domain' lib/util.po(.text+0x1f01): undefined reference to `yperr_string' lib/util.po(.text+0x1fb6): undefined reference to `yp_match' lib/util.po(.text+0x20e7): undefined reference to `yperr_string' Compiling nsswitch/pam_winbind.c with -fPIC Linking nsswitch/pam_winbind.so -- and later: -- Linking libsmbclient non-shared library bin/libsmbclient.a Linking libsmbclient shared library bin/libsmbclient.so Compiling modules/vfs_recycle.c with -fPIC Building plugin bin/recycle.so modules/vfs_recycle.po: In function `recycle_connect': modules/vfs_recycle.po(.text+0x17): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x31): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x56): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x6c): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_disconnect': modules/vfs_recycle.po(.text+0xa7): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0xc1): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0xe6): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x102): undefined reference to `lp_servicename' modules/vfs_recycle.po(.text+0x111): undefined reference to `dbgtext' -- and a lot more of these. My configure options: ./configure --prefix=/opt/samba --sysconfdir=/etc/samba --with-configdir=/etc/samba \ --with-privatedir=/etc/samba --with-lockdir=/var/cache/samba --with-piddir=/var/run/samba \ --with-automount --with-pam --with-msdfs --with-libsmbclient --with-smbmount --with-vfs \ --with-logfilebase=/var/log/samba --with-ldap --with-ads The general build environment should be ok on that box (compiled the kernel and other stuff). Any ideas and pointers are highly welcome. Thanks, Uli -- +--+ | Dr. Johannes-Ulrich Menzebach [EMAIL PROTECTED] | | Vitesse Semiconductor GmbH & Co KG | | D-47057 Duisburg Pappenstr. 36 Tel. +49/203/306-1765 | | D-44149 Dortmund Borussiastr. 112 Tel. +49/231/6560-186 | | Key fingerprint = A36C 9660 6A1C 91E6 051E DF1A 573A 770B DD66 9D9F | +--+ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot join SAMBA domain from XP/2K
On Tuesday 21 September 2004 12:05, Nathan Howard wrote: > deff wrote: > > On Saturday 18 September 2004 21:31, Alexei Monastyrnyi wrote: > >>And what was the result of that struggle? > >>Didi you make it work? > > > > Yes, I did. In some other thread someone mentioned that it is mandatory > > to put all users and machines accounts to ou=People due to some weird > > samba design decision. However, it isn't mentioned in any howto, neither > > official nor idealx's, and samba doesn't complain about it in any way > > either. Too bad...for me. > > Actually it is mentioned in the samba guide: > Chapter 6: > http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html > > 1/2 way down the page just before table 6.2 there is a "Note" Ok my bad, i guess i'll have to learn to read better, or just buy a new pair of glasses. I went by idealx howto and while i read note regarding "the bug", i didn't pay enough attention to it, as their formulation was vague, i considered samba 3.0.2 outdated, and DIT schema was outlined as dc=IDEALX,dc=ORG | `--- ou=Users : to store user accounts for Unix and Windows systems | `--- ou=Computers : to store computer accounts for Windows systems which i was familiar with from windows pdcs. I'd better not presume anything in the future. > > ==quote== > In the following examples, as the LDAP database is initialized, we do > create a container for Computer (machine) accounts. In the Samba-3 > smb.conf files, specific use is made of the People container, not the > Computers container, for domain member accounts. This is not a mistake; > it is a deliberate action that is necessitated by the fact that there is > a bug in Samba-3 that prevents it from being able to search the LDAP > database for computer accounts if they are placed in the Computers > container. By placing all machine accounts in the People container, we > are able to side-step this bug. It is expected that at some time in the > future this problem will be resolved. At that time, it will be possible > to use the Computers container in order to keep machine accounts > separate from user accounts. > ==endquote== > > > However the samba Howto is very vaugue > http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#id25 >33197 > > Under "Accounts and Group Management" > > ==quote== > Machine accounts are managed with the sambaSamAccount objectclass, > just like users accounts. However, it is up to you to store those > accounts in a different tree of your LDAP namespace. You should use > “ou=Groups,dc=quenya,dc=org” to store groups and > “ou=People,dc=quenya,dc=org” to store users. Just configure your NSS and > PAM accordingly (usually, in the /etc/openldap/sldap.conf configuration > file). > ==endquote== > > I am having similar symptoms as well although I am using the same > container for both Users and Computers. > > The symptoms being "User not found" when trying to join domain from 2k > box. I'm still investigating at the moment although this worked fine > with samba 3.0.4 with exactly same config. > > Samba is now 3.0.7 > Not sure about the IDELX scripts as they came with the samba gentoo > package so i'm about to look to see what version they really are. > > Nathan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba