[Samba] VFS Extended Auditing Module Debug Information
Folks, Given recent discussion on this list I have just updated the master Samba-Docs information regarding the Debug Class (Log Level) settings and the audit information each causes to be logged. This will appear in on-line versions of the Samba-HOWTO-Collection within 24 hours. To obtain an updated version point your browser at: http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf The purpose of the extd_audit (Extended Audit) module is to permit logging of critical file and directory access to BOTH syslog as well as to individual log files. To create individual log file you can use: log file = /var/log/samba/%U.%m.log log level = 0 vfs:[012] syslog = 0 ie: log level = 0 vfs:0 or log level = 0 vfs:1 or log level = 0 vfs:2 In this example, syslog information will be only critical general samba information, plus full detail for all VFS modules up to the log level specified. Please refer to the documentation in the VFS Modules chapter - the information logged has changed from what was previously documented. This will create an individual per-user-per-client log of all level 0, 1, or 2 action. See also the updated chapter on Debugging Samba (Chapter 34.3.1). Despite recent criticism regarding the difficulty of establishing acceptable auditing logs, this module is in use in a number of sites that require strict auditability of file and directory operations. Enjoy. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba public directory on FreeBSD
What is recommended for a public, 'free-for-all', anyone can read or write directory on FreeBSD? What are the reasons for preferring one place over another? Would these work? /usr/local/share/sambapublic/ /usr/share/sambapublic/ /home/sambapublic/ Start Here to Find It Fast! - http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names - http://domains.us-webmasters.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login scripts do not run
Hi, all you can use cpau ( run as replacement ) to make any script ( bat etc ) running with admin rights, theres also a little prog called hidecmd which makes the run of the netlogon invisible. After alle the script must be readable under native linux and in the samba share and build with a dos compatible editor like notepad. Regards John H Terpstra schrieb: Folks, If you want to execute a batch or command file that will update the windows client clock you need to note that only Administrator has the right (privilege) to update the system clock. This means that you need to update user rights and privileges so that Everyone or Domain Users can update the clock. This is NOT a samba problem - it is a Windows security settings issue. Log onto your Windows XP Pro system. Open up: Start-Control Panel-Administrative Tools-Local Security Settings In the left panel: Local Policies-User Rights Assignment In the right panel: Change the system time Give the appropriate users or groups the right to change the system time. Reboot the Windows XP Pro machine. Now when you log on the time will update as the logon script executes. This stuff is so simple! :) - John T. On Wednesday 22 September 2004 20:59, Raymond Lillard wrote: [EMAIL PROTECTED] wrote: I have a simple script that sets the time on a Windows client at startup. The one-line script: net time \\myhost /set /yes Works perfectly well when I double-click it from Windows Explorer, so I don't think the problem lies there. The relevant lines in my smb.conf file: [global] time server = yes logon script = smbtimeset.BAT [netlogon] comment = shared scripts path = /usr/share/samba/scripts public = no writable = no browseable = no I've set the log level to '3' and there aren't any messages at all relating to running a startup script. Any ideas? Well, yes I do. I was looking into this earlier today. You don't say enough about your workgroup/domain, but I have this problem too. In my case, I am running v3.0.6 as a PDC. All of my MS clients are NT4-SP6 or better (well newer anyway). Most are WinXP. What I find in the event log of WinXP clients is a message to the effect that the client has joined a NT4 domain (in this case, my Samba PDC) and the MS NT4 generation domain server does not support NTP. A bit of searching has found this: http://groups.google.com/groups?q=ntpclient+nt4-domainhl=enlr=ie=UTF-8c 2coff=1selm=%23Oa8EadWCHA.3360%40tkmsftngp11rnum=1 This article contains two links at the bottom which look promising too. I'm about to start playing with it, but I would be good to hear a Samba solution. I don't like hacking the registry. Ray -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] iptables protection and broadcasts
Hi, Michal Kurowski schrieb: Hi, It's a basic firewall question I guess. Perhaps someone of you has seen it. I've got I firewall setup meant for my samba server protection. The problem is it seems to block all broadcasts. The error message: [2004/09/22 17:43:47.572148, 0, pid=1505, effective(0, 0), real(0, 0)] libsmb/nmblib.c:send_udp(756) Packet send failed to 192.168.2.25(138) ERRNO=Operation not permitted This tells you the sending of your packet failed, but bellow you show only the part of your firewall for receiving packets. (chain INPUT) What is in the OUTPUT chain of your firewall? Christoph -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] openldap PDC : can't add machine account ; too many domain info entries
I've ereditated this quite messy openldap server from the previous administrator, samba (3) relies on it for acting as a PDC. The main problem (while I build a new directory from scratch) is you can't add a machine account to the domain : On the client it says the credentials are invalid, anyway the real problem (from samba logs) seems to be : Got too many (2) domain info entries for domain DOMAIN (I've replaced my domain name to 'DOMAIN' and sambahost name to 'host' for no particular reason ...) host:/etc/samba # strings secrets.tdb | grep SID SECRETS/SID/HOST SECRETS/SID/DOMAIN -- I think this is the problem, since a clean installation on a test machine gives only the first line from the same command, but I can't figure how to remove the entry. other useful infos can be : 1) host:/ # smbclient -L localhost -U% Domain=[DOMAIN] OS=[Unix] Server=[Samba 3.0.4-SUSE] ServerComment - --- HOSTSamba Server Version 3.0.4-SUSE Workgroup Master - --- DOMAIN HOST 2) host:/ # net getlocalsid [2004/09/22 11:39:38, 0] lib/smbldap.c:smbldap_search_domain_info(1368) Got too many (2) domain info entries for domain DOMAIN SID for domain HOST is: S-1-5-21-3942806058-2931819711-1847247862 3) host:/ # pdbedit -Lv user Got too many (2) domain info entries for domain DOMAIN Got too many (2) domain info entries for domain DOMAIN Unix username:user NT username: user Account Flags:[U ] User SID: S-1-5-21-3942806058-2931819711-1847247862-2010 Primary Group SID:S-1-5-21-3942806058-2931819711-1847247862-513 Full Name:Some User Home Directory: \\host\user HomeDir Drive:H: Logon Script: logon.bat Profile Path: \\host\profiles\user Domain: DOMAIN [etc...] 4) host:/ # net groupmap list [2004/09/22 11:50:47, 0] lib/smbldap.c:smbldap_search_domain_info(1368) Got too many (2) domain info entries for domain DOMAIN Domain (S-1-5-21-3942806058-2931819711-1847247862-1203) - domain Domain Guests (S-1-5-21-3942806058-2931819711-1847247862-514) - nobody Domain Users (S-1-5-21-3942806058-2931819711-1847247862-513) - users Domain Admins (S-1-5-21-3942806058-2931819711-1847247862-512) - Domain Admins Guests (S-1-5-21-3942806058-2931819711-1847247862-546) - Guests Power Users (S-1-5-21-3942806058-2931819711-1847247862-547) - Power Users Account Operators (S-1-5-21-3942806058-2931819711-1847247862-548) - Account Operators Server Operators (S-1-5-21-3942806058-2931819711-1847247862-549) - Server Operators Print Operators (S-1-5-21-3942806058-2931819711-1847247862-550) - Print Operators Backup Operators (S-1-5-21-3942806058-2931819711-1847247862-551) - Backup Operators Replicator (S-1-5-21-3942806058-2931819711-1847247862-552) - Replicator Domain Computers (S-1-5-21-3942806058-2931819711-1847247862-553) - Domain Computers 5) [the exported LDIF of ldap domain entry] dn: sambaDomainName=DOMAIN, dc=domain, dc=com sambaNextUserRid: 4000 sambaSID: S-1-5-21-3942806058-2931819711-1847247862 sambaNextGroupRid: 4001 objectClass: sambaDomain sambaAlgorithmicRidBase: 1000 sambaDomainName: DOMAIN 6 ) [relevant lines from smb.conf] netbios name = HOST workgroup = DOMAIN passdb backend = ldapsam:ldap://localhost/ ldap suffix = dc=domain,dc=com ldap admin dn = cn=Manager,dc=domain,dc=com ldap ssl = on ldap user suffix = ou=people ldap group suffix = ou=Group ldap machine suffix = ou=people #ldap filter = ($(uid=%u)(objectclass=sambaSAMAccount)) ldap idmap suffix = ou=Idmap idmap backend = ldap:ldaps://host.domain.com add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u' thanks -- Simone Cittadini == COMVERT S.R.L. via F.lli Bressan, 21 20126 Milano - ITALY Tel +39.02.27006796(aspetta un beep)103 [EMAIL PROTECTED] http://www.comvert.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba public directory on FreeBSD
On Thu, 23 Sep 2004, W. D. wrote: What is recommended for a public, 'free-for-all', anyone can read or write directory on FreeBSD? What are the reasons for preferring one place over another? Would these work? /usr/local/share/sambapublic/ /usr/share/sambapublic/ /home/sambapublic/ All these would work, but follow similar rules as for the /tmp directory. If its publicy writable, have it on a partition that wont impact your system if it gets filled. (ie idealy its own partition but anything but / if you dont have a spare partition) Vince Start Here to Find It Fast! - http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names - http://domains.us-webmasters.com/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind users get lost sometimes (repost)
Hi! I am sorry I have not seen an answer to this. I was having the same problem after upgarding beyong 3.0.4 On my Fedora Box with samba-3.0.2 it works fine. I was told in an earlier mail, that it should be fixed in 3.0.7, however it was not. I had the same thing happening again, just as you described. Does anyone out there know whats going on? Thanks in advance, .peter On Wed, 22 Sep 2004, Nicola Mersi wrote: Sorry I'm re-posting this topic because I'm becoming crazy about it In addiction to what follows (that is the old post) I can add that in some hours everything return ok. I use samba and winbind under linux in a NT4 domain. I've set pam to use winbind for authentication. Every NT domain user has his home (/home/winnt/j.smith) and can login the machine. It is going all ok but sometimes, I can't understand why, some users are not recognized. If I try getent passwd I see them but if I try to login (or su) the user I receive the message that the user does not exist. The problem appears randomly for 1 or 2 users of 100. Is there a way to force a sync of the users, and why I see the user with getent but I can't login that user? Here is the global section of my smb.conf [global] workgroup = DOMINIO_NT netbios name = GOLIA server string = Samba Server %v printcap name = cups load printers = yes printing = cups printer admin = @assistenza log file = /var/log/samba/log.%m max log size = 50 hosts allow = 10.0.0. 127. map to guest = bad user security = domain password server = server_nt roma encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd username map = /etc/samba/smbusers winbind uid = 1-2 winbind gid = 1-2 winbind separator = + winbind use default domain = yes winbind cache time = 15 winbind enum users = yes winbind enum groups = yes template homedir = /home/winnt/%U obey pam restrictions = yes template shell = /bin/bash socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins server = 10.0.0.11 dns proxy = no -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems writing to a mounted CIFS share
I'm currently struggeling with a cifs mount from a windows 2003 server. The share can be mounted with mount.cifs, but despite using the rw mount option, the mountpoint can only be accessed read-only. Trying to write on the share results in a permission denied error. This happens on a 2.4.21 kernel with the shipped CIFS kernel module. The mount command used is: mount.cifs //w2k3server/share$ /mnt \ -o username=user,workgroup=workgroup,password=pwd,file_mode=0664,dir_mode=0775,uid=localuid,gid=localgid,rw The kernel output after enabling extended debugging: dir.c: CIFS VFS: in cifs_lookup as Xid: 108299 with uid: 0 dir.c: parent inode = 0xe754c200 name is: bla and dentry = 0xef5317a0 dir.c: len 4 dir.c: NULL inode in lookup dir.c: Full path: \bla inode = 0x inode.c: CIFS VFS: in cifs_get_inode_info as Xid: 108300 with uid: 0 inode.c: Getting info on \bla cifssmb.c: In QPathInfo path \bla transport.c: For smb_command 50 transport.c: Sending smb of length 82 connect.c: Peek length rcvd: 36 with smb length: 39 connect.c: Mid 0xc7a8 matched - waking up transport.c: Unexpected signature received from server Status code returned 0xc034 NT_STATUS_OBJECT_NAME_NOT_FOUND netmisc.c: !!Mapping smb error code 2 to POSIX err -2 !! cifssmb.c: Send error in QPathInfo = -2 inode.c: CIFS VFS: leaving cifs_get_inode_info (xid = 108300) rc = -2 dir.c: CIFS VFS: leaving cifs_lookup (xid = 108299) rc = 0 dir.c: CIFS VFS: in cifs_create as Xid: 108301 with uid: 0 dir.c: len 4 transport.c: For smb_command 162 transport.c: Sending smb of length 94 connect.c: Peek length rcvd: 36 with smb length: 39 connect.c: Mid 0xc7a9 matched - waking up transport.c: Unexpected signature received from server Status code returned 0xc022 NT_STATUS_ACCESS_DENIED netmisc.c: !!Mapping smb error code 5 to POSIX err -13 !! cifssmb.c: Error in Open = -13 dir.c: cifs_create returned 0xfff3 dir.c: CIFS VFS: leaving cifs_create (xid = 108301) rc = -13 dir.c: CIFS VFS: in cifs_lookup as Xid: 108302 with uid: 0 dir.c: parent inode = 0xe754c200 name is: bla and dentry = 0xef5317a0 dir.c: len 4 dir.c: NULL inode in lookup dir.c: Full path: \bla inode = 0x inode.c: CIFS VFS: in cifs_get_inode_info as Xid: 108303 with uid: 0 inode.c: Getting info on \bla cifssmb.c: In QPathInfo path \bla transport.c: For smb_command 50 transport.c: Sending smb of length 82 connect.c: Peek length rcvd: 36 with smb length: 39 connect.c: Mid 0xc7aa matched - waking up transport.c: Unexpected signature received from server Status code returned 0xc034 NT_STATUS_OBJECT_NAME_NOT_FOUND netmisc.c: !!Mapping smb error code 2 to POSIX err -2 !! cifssmb.c: Send error in QPathInfo = -2 inode.c: CIFS VFS: leaving cifs_get_inode_info (xid = 108303) rc = -2 dir.c: CIFS VFS: leaving cifs_lookup (xid = 108302) rc = 0 Any help is appreciated. Regards, Sven Riedel Freudenberg Hosting KG - Operating Systems and Hosting Infrastructure - Höhnerweg 2 - 4 69469 Weinheim, Germany Fon +49 (0) 62 01 80-8284 mailto:[EMAIL PROTECTED] http://www.freudenberg-it.de -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: iptables protection and broadcasts
Christoph Scheeder [EMAIL PROTECTED] wrote: This tells you the sending of your packet failed, but bellow you show only the part of your firewall for receiving packets. (chain INPUT) What is in the OUTPUT chain of your firewall? Well, this is it (iptables -L output): Chain OUTPUT (policy ACCEPT) target prot opt source destination -- Michal Kurowski perl -e '$_=q#: 13_2: 12/o{: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#; y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print' -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with Windows 9x
Hi, I have installed samba 3.0.7 in my debian machine and kept the file configuracion from my old version (2.2.6 if I remember well). With my old samba all worked well but now I have a only prolem: Only a number of windows 9x can validate (about 15 or 20) but the rest of windows can not. In another part, windows XP and 2K work fine. I have set the max smdb processes to 1000 and I have the same result. When I execute the command ps -ef | grep smb | wc -l it shows about 20-30 processes runing. Can anybody help me? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.7, WinXP Pro SP2 printing issues with netbiosnames.
We're currently experiencing some problems that wasn't a problem in 3.0.4. Since SP2 was installed printers get connected \\ipaddress\printer-name instead of \\netbios-name\printer-name. It's more common on SP2 machines but it happens on non-SP2 machines. Although these issues are not consistent. Which some windows applications seems to have a problem with. (Citrix-stuff etc.) With 3.0.4 printers get connected as \\netbios-name\printer-name regardless of SP2 or not. As a result were having problems pinpointing the problem wheter it's SP2 or Samba 3.0.7. So is there anyone else experiencing this and/or know of a workaround ? Hello Erik, I'm experiencing the same problem as you have with 3.0.7 on XP SP1 clients, downgrading to 3.0.4 solves this problem. Look at the mail I posted here about this: http://lists.samba.org/archive/samba/2004-September/092848.html I don't dare to use 3.0.7 on my production sites at this time, because my clients get their printers installed via the ADS logon script. Because of this behavior in 3.0.7 the clients get the printers double installed; the \\netbios-name\printer-name printer (which is already in the profile of the user) and the \\ipaddress\printer-name printer (which is actually the same printer). New profiles at the clients get only the \\ipaddress\printer-name printer installed. A lot of scripts on our ADS servers use the \\netbios-name\printer-name naming convention and I don't want to change the scripts at this time, because the problem seems to be fixed in 3.0.8; look at this mail: http://lists.samba.org/archive/samba/2004-September/091804.html -- Regards, Alex de Vaal. Visit our Web site: http://www.nh-hotels.com This message is from NH HOTELES and it is private and confidential. Its content may be legally protected.Reception by a non-intended person does not waive legal protection rights. If you receive this message by mistake, please delete it from your system and report the sender. Although this message has been cleared for viruses using currently available virus definitions before sending, it is the responsibility of the receiver to ensure it is virus-free.Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba as DC, winbind, squid...
Hi list, I am trying to make a Samba DC, with Windows XP clients. The clients will access to Internet trough Squid proxy server. I join XP client to Samba domain, but I have problem how to check user/passwd to squid proxy with samba domain. winbindd seems to working but wbinfo -t return this: checking the trust secret via RPC calls failed error code was NT_STATUS_PIPE_NOT_AVAILABLE (0xc0ac) Could not check secret wbinfo -u return this: Error looking up domain users wbinfo -g return this: BUILTIN+System Operators BUILTIN+Replicators BUILTIN+Guests BUILTIN+Power Users BUILTIN+Print Operators BUILTIN+Administrators BUILTIN+Account Operators BUILTIN+Backup Operators BUILTIN+Users I use FC 2 with Samba 3.0.3-5 Does anyone have idea how to make it work? Any good tutorial? Example? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] openldap PDC : can't add machine account ; too many domain info entries
On Thu, 2004-09-23 at 19:01, Simone Cittadini wrote: I've ereditated this quite messy openldap server from the previous administrator, samba (3) relies on it for acting as a PDC. The main problem (while I build a new directory from scratch) is you can't add a machine account to the domain : On the client it says the credentials are invalid, anyway the real problem (from samba logs) seems to be : Got too many (2) domain info entries for domain DOMAIN (I've replaced my domain name to 'DOMAIN' and sambahost name to 'host' for no particular reason ...) host:/etc/samba # strings secrets.tdb | grep SID SECRETS/SID/HOST SECRETS/SID/DOMAIN -- I think this is the problem, since a clean installation on a test machine gives only the first line from the same command, but I can't figure how to remove the entry. Open up your ldap server in a tool like 'gq', and remove the incorrect (or both) 'sambaDomain=DOMAIN' entry in your ldap database. Somehow, you got two of them, and Samba doesn't like that. Samba uses this to store the domain SID, and other information, in the LDAP directory. Andrew Bartlett signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winbindd on FreeBSD 4.10 Help
Thank you for the info, I know of someone running the 5.2.1 and is having the same issues I am, so looks like if I truly want this to work I must use Linux. Thank you -Original Message- From: Jerry Murdock [mailto:[EMAIL PROTECTED] Sent: Thursday, September 23, 2004 7:39 AM To: Elijah Savage; [EMAIL PROTECTED] Subject: Re: [Samba] Winbindd on FreeBSD 4.10 Help Winbindd itself runs fine on FreeBSD 4.x, and is a great auth source for things like Squid, or PAM, but full auto-magic NSS user/group auth isn't going to happen. NSS support doesn't really exist in FreeBSD 4.x. There was an implementation floating around, but you would know if you had installed it - it would have required some googling, etc to find.. Last I checked it would not support dynamic modules like Winbind. Later 5.x versions have NSS and should work in theory, but I haven't done much in 5.x, so can't say. Jerry - Original Message - From: Elijah Savage [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 22, 2004 3:16 PM Subject: [Samba] Winbindd on FreeBSD 4.10 Help All, First off I would like to say the book The Official Samba-3 HowTO and Reference Guide is awesome I purchased it off Amazon a couple of weeks ago. Ok now on to my problem. I have samba installed and configured and joined the domain no problem. When I run wbinfo -u I can see my domain users, when I run wbinfo -g I can see all my domain groups, BUT if I run /usr/compat/linux/usr/bin/getent passwd I only see a mirror of my /etc/passwd and do no see the domain users. Winbind Setup in smb.conf idmap uid = 1-2 idmap gid = 1-2 winbind separator = + winbind use default domain = Yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winbindd on FreeBSD 4.10 Help
Even with linux compatibilty installed it has no nsswitch support? I thought if you installed linux compatibilty then nsswitch support works. -Original Message- From: Luke Mewburn [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 22, 2004 9:55 PM To: Elijah Savage Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Winbindd on FreeBSD 4.10 Help On Wed, Sep 22, 2004 at 03:30:35PM -0400, Elijah Savage wrote: | Yes I did edit the nsswitch.conf just as you have it which looks just | like the way it does in the book. FreeBSD 4.10 doesn't appear to have nsswitch support, at least on the version I have installed under VMware. FreeBSD 5.x should have nsswitch support. The original import of nsswitch into FreeBSD 5.x (from NetBSD) didn't have support for dynamic nsswitch modules, so you couldn't use winbind. I understand that FreeBSD 5.3 has dynamic nsswitch support, but as I've been unable to install 5.3 under VMware I cannot confirm this. Cheers, Luke. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Group Policy on Samba - is it possible?
Hello, Is it possible to use Group Policies in Samba (or Samba + OpenLDAP etc.)? I want to replace Active Directory with Samba (and possibly some other tools like OpenLDAP), and Group Policy is a feature I need to have. Tomek -- Bar w Internecie wciaz bez cenzury! http://link.interia.pl/f1835 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba + Share Quota's
Bart Hendrix wrote: Hi Samba users. I have the following problem and I hope somebody can help me: I installed Samba on a White Box linux machine and used LDAP for authentication. I created a directory /work/shares. In /work/shares are all share directories created. The problem I'm having now is that the total capacity of each share is the same because they are on the same partition. (So /work/shares/test and /work/shares/software both used 80 GB from a total of 120 GB free space, but /test used 20 GB and /software 60 GB) Is it possible to configure the free space size with smbcquota's? I tried this but I couldn't configure it because I dont know the values of soft/hard limit. (smbcquotas //fileserver/test -S FSQLIM:softlimit/hardlimit) Is smbcquota's the right program or is there a different solution? smbcquota is to manage quotas setup on NT shares if they enabled. As far as I understood you want to have quotas on Linux shares and by the look of it not a user quotas. This can be achieved by spliting your one big partition into two. I don't see any other way. But I'm just another user. Igor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbindd on FreeBSD 4.10 Help
On Thu, Sep 23, 2004 at 07:45:57AM -0400, Elijah Savage wrote: | Even with linux compatibilty installed it has no nsswitch support? I | thought if you installed linux compatibilty then nsswitch support works. Oh, right; binaries within the Linux compat heirarchy should probably work if the appropriate Linux libraries are install there too. At least, that's the theory in NetBSD (and the Linux emulation code in FreeBSD has a common heritage). pgpmhQhlMsk5p.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot get HP1055CM Color Plotter to work with Point and Click
Hi Marcus, Is Your printqueue raw? You have to create one for Yoour Printer. I choosed swat to do that. Than You have to edit two files to allow unknown type of data to be printed via cups. I found this in the mailing list archive 1. Edit /etc/cups/mime.types to uncomment the line near the end of the file that has: #application/octet-stream 2. Do the same for the file /etc/cups/mime.convs. 3. Add a raw printer using the Web interface. Point your browser at http://localhost:631. Enter Administration, add the printer following the prompts. Do not install any drivers for it. Choose Raw. Choose queue name Raw It worked perfect for our HP 450C HPGL plotter. Olaf -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] upcoming releases (3.0.8pre1 and 3.1.0)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Folks, We are working on getting 3.0.8pre1 out this week. There's been a fair amount of changes that were held back from 3.0.7 so its time to get another preview release out. Also, I'm working on the first 3.1.0. The is essentially a copy of trunk. As a reminder, the purpose of the 3.1.x releases is similar to what we've used the 'alpha' tag for in the past. These will be unstable, development releases that may beat you up and take your lunch money. We make no guarantees. But the 3.1 tree will also have some new experimental features that may entice you tto take a look (we hope). Samba 3.1.0 will include changes to winbindd (for scalability), code for implementing NT privileges, some proposed fixes to the printing code's background queue update daemon, and others. So invariably, the question will arise what is the relationship between Samba 3.1 and Samba 4? The answer is that Samba 3.1 is continuation of the Samba 3.x series in an effort to foster further development. Team members are still working on Samba 4 and we will ship that once it is ready. Samba 3.1.x is just a platform for implementing newer features that could potentially destabilize the 3.0.x tree (and delay the necessary bug fix releases). Once features stabilize in Samba 3.1, they will be considered for back porting to the Samba 3.0 tree. If 3.1.x gets a large number of new features that are not suitable for back porting to 3.0, then we will create a stable 3.2 series of releases and start the process over again. cheers, jerry - - Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc If we're adding to the noise, turn off this song--Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBUsL/IR7qMdg1EfYRAvrLAJoDi6INi7QNO5p8+933fcaCnV/FYwCg7A3J SAEMBQwJ1WIFUholbxG1as0= =TVkC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] VFS Extended Auditing Module Debug Information
Hi John , i just tried your examples with suse 9.0 samba 3.07 in globals log file = /var/log/samba/%m.log log level = vfs:2 syslog = 0 works but i have only create and rename messages in the log a deletion is named unlinked ( sound miracle to me ) log file = /var/log/samba/%U.%m.log creates test.testmachine.log but only extd_audit is written to .testmachine.log (%U.%m.log this doesnt work ) i have it like this in the share [files3] comment = public files path = /files3 read only = No guest ok = Yes browseable = Yes csc policy = disable vfs objects = vscan-clamav, netatalk, extd_audit, recycle recycle:keeptree = yes recycle:versions = yes recycle:touch = yes recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP recycle:exclude_dir= /tmp,/temp,/cache recycle:repository = .recycle/.recycle.%u recycle:noversions = *.doc,*.xls,*.ppt wheres my mistake? and do you no what this full_audit module is? --- [2004/09/23 14:37:14, 1] modules/vfs_extd_audit.c:audit_fchmod_acl(322) vfs_extd_audit: fchmod_acl Neu Textdokument.txt mode 0x1e4 failed: Keine Daten verfügbarvfs_extd_audit: opendir ./ [2004/09/23 14:37:14, 1] modules/vfs_extd_audit.c:audit_opendir(141) [2004/09/23 14:37:40, 1] modules/vfs_extd_audit.c:audit_rename(232) vfs_extd_audit: rename old: ./Neu Textdokument.txt new: ./testfile.txt [2004/09/23 14:37:40, 1] modules/vfs_extd_audit.c:audit_opendir(141) [2004/09/23 14:37:45, 0] modules/vfs_extd_audit.c:audit_unlink(250) vfs_extd_audit: unlink testfile.txt [2004/09/23 14:37:45, 1] modules/vfs_extd_audit.c:audit_opendir(141) - log level = 0 vfs:2 produces nothing in the logs Regards John H Terpstra schrieb: Folks, Given recent discussion on this list I have just updated the master Samba-Docs information regarding the Debug Class (Log Level) settings and the audit information each causes to be logged. This will appear in on-line versions of the Samba-HOWTO-Collection within 24 hours. To obtain an updated version point your browser at: http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf The purpose of the extd_audit (Extended Audit) module is to permit logging of critical file and directory access to BOTH syslog as well as to individual log files. To create individual log file you can use: log file = /var/log/samba/%U.%m.log log level = 0 vfs:[012] syslog = 0 ie: log level = 0 vfs:0 or log level = 0 vfs:1 or log level = 0 vfs:2 In this example, syslog information will be only critical general samba information, plus full detail for all VFS modules up to the log level specified. Please refer to the documentation in the VFS Modules chapter - the information logged has changed from what was previously documented. This will create an individual per-user-per-client log of all level 0, 1, or 2 action. See also the updated chapter on Debugging Samba (Chapter 34.3.1). Despite recent criticism regarding the difficulty of establishing acceptable auditing logs, this module is in use in a number of sites that require strict auditability of file and directory operations. Enjoy. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winbindd on FreeBSD 4.10 Help
On Thu, Sep 23, 2004 at 07:45:57AM -0400, Elijah Savage wrote: | Even with linux compatibilty installed it has no nsswitch support? I | thought if you installed linux compatibilty then nsswitch support works. Oh, right; binaries within the Linux compat heirarchy should probably work if the appropriate Linux libraries are install there too. At least, that's the theory in NetBSD (and the Linux emulation code in FreeBSD has a common heritage). When I installed this box I specifically installed it for this task and installed linux compatibilty during intstall, the /etc/nsswitch.conf was created and everything. I can join my AD domain as NT4 style but not with ADS which is strange and it works with NT4 style as long as the usernames are local to the samba machine. It was recommended that I run the latest heimdal 0.6.1 so I mad world last night everything went great and I am running the latest 4.10 stable with heimdal 0.6.1 and I get these errors when I try to join the AD domain as ADS. But if I use the rpc join for nt4 style it joins right up I can see all my shares on the samba box and get to them. One good thing out of all this it is on a lab LAN so I am glad I got a chance to test it before trying to implement it. ns1# kinit [EMAIL PROTECTED] FreeBSD Inc. (luke.digitalrage.org) Kerberos Initialization for [EMAIL PROTECTED] Password: kinit: Can't send request (send_to_kdc) ns1# net ads join -U Administrator%XX [2004/09/23 07:15:57, 0] libads/kerberos.c:ads_kinit_password(136) kerberos_kinit_password [EMAIL PROTECTED] failed: Unknown error -1765328228 [2004/09/23 07:15:57, 0] utils/net_ads.c:ads_startup(183) ads_connect: Unknown error -1765328228 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Per-alias shares?
I'm trying to figure out if there's any way to have multiple virtual servers on the same machine, each server having different shares. Barring running multiple smbd processes, I don't see a way. Is there one? Thanks! -Ken -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba acting as ADS Server
Hello, i'm new in the list so hi everybody! I think that this question could be asked many times, is possible make Samba act as ADS server? Maybe with the Samba-TNG fork or with some CVS version? Thanks. -- Samuel Partida Área de Informática Fundación Radio ECCA Delegación Andalucía [EMAIL PROTECTED] www.eccandalucia.org Tel.: 954 54 62 60 Fax.: 954 53 45 32 Av Luis de Morales, 32 Edf. Forum Modulos 228-230 41018 Sevilla -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SWAT weirdness
Hiya Just noticed a weird thing in swat I called upt he [netlogon] share and set a username in the 'write list' field. committed that, restarted smbd. tried to write to the share, no dice, go back to swat and the 'write list' is GONE no entry, nothing now I click 'advanced' and there it is is this a big or a feature? -- DA Fo rsythNetwork Supervisor Principal Technical Officer -- Institute for Water Research http://www.ru.ac.za/institutes/iwr/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Script to clean the recycles...
Hi! I implemented the vfs reclycle and it´s really good! Now, I wanna to put on my monthly cron a script to clean old recycles... Someone have examples to send me ? Tips? Thanks ! Cheers Rodrigo Miranda Carvalhaes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE:Re: [Samba] How can I give write permission to only one machine ?
Good day every one. Thank you Karthik for your reply. Sorry to disturb you again. Actually it didnot solved my problem. Eventhough the machine with IP address XXX.XXX.XXX.XXX can read write but other machines are fired for password authent --- [EMAIL PROTECTED] wrote: Try with these settings in conf file... [abcd] available = yes comment = Home path = /home/abcd browseable = yes writable = yes public = yes hosts allow = xxx.xxx.xxx.xxx Regards, Karthik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of prakash k Sent: Wednesday, September 22, 2004 5:21 PM To: [EMAIL PROTECTED] Subject: [Samba] How can I give write permission to only one machine ? Good day every one I have samba server 3.0.7-2.FC1 installed in a machine with IP address x.y.z.w ( let me call this machine as _A_), and configured smb.conf as follows [global] workgroup = pranan netbios name = SANTOSH security = SHARE [test] path = /test guest ok = yes browseable = yes hosts allow = x.y.z. write list = x.y.z.w My requirement is only machine _A_ should have write permission to the folder test and every other machines should have only read permission. This configuration is not working as intended and every machine with IP address x.y.z. has write permission. Is there any missing or fault in configuration ? and I dont want to maintain password and login id for every machine. It should be in share mode. Please help me. Thanks in advance. Regards Prakash __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. __ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE:Re: [Samba] How can I give write permission to only one machine ?
Good day every one. Thank you Karthik for your reply. Sorry to disturb you again. Actually it didnot solved my problem. Eventhough the machine with IP address XXX.XXX.XXX.XXX can read write but other machines are fired for password authentication which is I really donot want. Please tell me how to overcome this problem. I really donot want to maintain password and login id for each and every machine. I am waiting for your reply. Thank you very much. Reagards Prakash --- [EMAIL PROTECTED] wrote: Try with these settings in conf file... [abcd] available = yes comment = Home path = /home/abcd browseable = yes writable = yes public = yes hosts allow = xxx.xxx.xxx.xxx Regards, Karthik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of prakash k Sent: Wednesday, September 22, 2004 5:21 PM To: [EMAIL PROTECTED] Subject: [Samba] How can I give write permission to only one machine ? Good day every one I have samba server 3.0.7-2.FC1 installed in a machine with IP address x.y.z.w ( let me call this machine as _A_), and configured smb.conf as follows [global] workgroup = pranan netbios name = SANTOSH security = SHARE [test] path = /test guest ok = yes browseable = yes hosts allow = x.y.z. write list = x.y.z.w My requirement is only machine _A_ should have write permission to the folder test and every other machines should have only read permission. This configuration is not working as intended and every machine with IP address x.y.z. has write permission. Is there any missing or fault in configuration ? and I dont want to maintain password and login id for every machine. It should be in share mode. Please help me. Thanks in advance. Regards Prakash __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba acting as ADS Server
On Thursday 23 September 2004 07:14, Samuel Partida wrote: Hello, i'm new in the list so hi everybody! I think that this question could be asked many times, is possible make Samba act as ADS server? Maybe with the Samba-TNG fork or with some CVS version? No. Not possible at this time. - John T. Thanks. -- Samuel Partida Área de Informática Fundación Radio ECCA Delegación Andalucía [EMAIL PROTECTED] www.eccandalucia.org Tel.: 954 54 62 60 Fax.: 954 53 45 32 Av Luis de Morales, 32 Edf. Forum Modulos 228-230 41018 Sevilla -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Development branch status [Was Re: [Samba] Samba acting as ADS Server]
John == John H Terpstra John writes: Hi John, John No. Not possible at this time. Is there any weekly or monthly status bulletin regarding 4.0 branch progress (added features and so on) ? I haven't found anything like that on the primary website. Regards Eric Masson -- C'est vrai peut t'on renconter quelqu'un sur internet? Car moi je cherche l'ame soeur -+- SR in: http://www.le-gnu.net - Neuneu a-t-il une âme ? -+- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Per-alias shares?
On Thursday 23 September 2004 07:00, Ken D'Ambrosio wrote: I'm trying to figure out if there's any way to have multiple virtual servers on the same machine, each server having different shares. Barring running multiple smbd processes, I don't see a way. Is there one? Yes! It can be done. You must create one master server configuration. It will create the master server as seen in the Windows networking browser. In its smb.conf file you will have something like: [global] ... workgroup = BIGBIRDS netbios name = ALBATROS netbios aliases = CRANE MUGABIRD ... include = /etc/samba/smb.%L.conf Then for each alias (CRANE and MUGABIRD) you would create an /etc/samba/smb.'name'.conf file like: /etc/samba/smb.crane.conf: - [global] netbios name = CRANE [share1] ... /etc/samba.smb.mugabird.conf: - [global] ... netbios name = MUGABIRD ... [share2] ... I hope that is clear enough. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Script to clean the recycles...
Hi, This is what I use: /usr/bin/find /home/samba/Prgs/.recycle -type f -mtime +5 -exec /bin/rm {} \; I suppose you know you will need one for each share. It would be nice if there was a variable one could set so recycle.so would limit how old the files get. This could be either per share or globally. I hope this helps. Rodrigo Carvalhaes ([EMAIL PROTECTED]) wrote: Hi! I implemented the vfs reclycle and it´s really good! Now, I wanna to put on my monthly cron a script to clean old recycles... Someone have examples to send me ? Tips? Thanks ! Cheers Rodrigo Miranda Carvalhaes -- Bob Crandell, CNS Assured Computing, Inc. When you need to be sure. http://www.assuredcomp.com/ P.O. Box 40814 Eugene, OR 97404 Voice - 541-868-0331 FAX - 541-463-1627 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] MSDOS Client very slow with writing
I am having this same issue... Has anyone resolved this? Thanks... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printer connection query - (Samba/Unix/Citrix)
Hi All Do you know if it is possible to address a printer connected to a PC from a UNIX server which is at another site? If it is possible how do you do it? 1. There are high speed line printers which are connected to UNIX servers in the regions. 2. HQ site is running a Citrix farm of 3 on Windows 2003 boxes 3. The users from the regions login to a terminal session to connect to HQ We want to send reports from HQ to either a PC printer or the Old UNIX server's printer at any given regional site. Hope this makes some sense and someone can help. I'm asking on behalf of someone else without knowing the sites myself or much about Samba and Citrix Regards Terri -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Deleting Old Printer Drivers
Hi all, I am running samba 3.0.6 on Linux and am wondering if anyone knows if it is possible to delete a print driver from the driver database? I have around 20 printers running off of this print server and occasionally we remove all of a certain type of printer. Also, for some reason, the drivers sometimes seem to become corrupt and it would be nice to be able to entirely remove a driver and then reinstall it from scratch. Is this a possible thing to do? Thanks, Chris Chris Slack IT Manager M/V Anastasis - Currently docked in Bremerhaven, DL Mercy Ships mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] http://www.mercyships.org/ www.mercyships.org http://www.chrisslack.org/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Script to clean the recycles...
Hi Joe! Thanks for your promptly answer. What I wanna to do is put one script on cron.daily to : 1. Clean all the files on the directories .recyycle(see below) that are older than 15 days. \files\production\.recycle \files\directory\.recycle \files\it_teste\.recycle \files\adm\sandra\.recycle \files\testing\piedro\.recycle \files\system\sources\.recycle \files\system\testing\.recycle \files\system\cvs\.recycle 2. Clean all the files on all the user homes that are older than 7 days. I have +/- 50 users and I wanna to make something automatic, that I don´t need to give maintaince on the script after creating a new user... Ideas? Cheers, Rodrigo Miranda Carvalhaes DBA PostgreSQL [EMAIL PROTECTED] wrote: Rodrigo, Setting up a cron is easy. Do you have any scripting skills? If not, then give me the deatils (time stamps, directories, etc), and I can put something toegether for you in tcsh/bash or whatever. Joe Rodrigo Carvalhaes [EMAIL PROTECTED] wrote : Hi! I implemented the vfs reclycle and it´s really good! Now, I wanna to put on my monthly cron a script to clean old recycles... Someone have examples to send me ? Tips? Thanks ! Cheers Rodrigo Miranda Carvalhaes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Which distribution to rollout
we are running an older version of RH (7.3) - and I am getting concerned that I may need to migrate off of it - but I dont know what I should move to. Trying to formulate ideas before it becomes a 'got to do it now' scenario. I have some reservations about fedora - I just dont know how stable it is for a production server (our services are mainly samba/ldap/ntp/ssh/rsync/clamav) - we have about 15 samba servers in production currently. RHEL - well - the cost is a factor gentoo - takes to long to deploy Mandrake 10? What are some of the samba users recommendations? thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printers Showing up on Alternate Server Names
Hi all, I am running samba 3.0.6. I am having an issue on my print server regarding how the printer ends up registering itself on the Windows clients. We have a machine named bob, bob has an alias both in DNS and in the netbios name in Samba of printserver, bob has an IP address of 192.168.1.1. In a seemingly random fashion sometimes when I add a printer on a new client machine by specifying the printer with \\printserver\Reception to specify the Reception printer, it shows up as Reception on herm or Reception on 192.168.1.1 or Reception on printserver (this would be the desired result, which does sometimes occur). Does anyone have an idea why this might be occurring? Is it a common problem with Samba or do we have something setup wrong somewhere? Thanks, Chris Chris Slack IT Manager M/V Anastasis - Currently docked in Bremerhaven, DL Mercy Ships mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] http://www.mercyships.org/ www.mercyships.org http://www.chrisslack.org/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Script to clean the recycles...
What I wanna to do is put one script on cron.daily to : 1. Clean all the files on the directories .recyycle(see below) that are older than 15 days. \files\production\.recycle \files\directory\.recycle \files\it_teste\.recycle \files\adm\sandra\.recycle \files\testing\piedro\.recycle \files\system\sources\.recycle \files\system\testing\.recycle \files\system\cvs\.recycle 2. Clean all the files on all the user homes that are older than 7 days. I have +/- 50 users and I wanna to make something automatic, that I don´t need to give maintaince on the script after creating a new user... Ideas? man find -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] [FIXED] Protocol negotation failed
I fixed this error. I had not realized that I needed to specify --with-ldap at compile-time. configure --help had led me to believe that that was the default value, but I guess it was not. Misty On Wednesday 22 September 2004 17:12, Misty Stanley-Jones wrote: Hi all, I've compiled 3.0.7 on a test box which also has an LDAP server running on it. This is the first time for me trying to use Samba with LDAP. I copied the IdealX scripts into /usr/local/sbin and edited the _config.pm file. It is attached at the bottom, stripped of comments. I then edited my smb.conf to the effect of the following: passdb backend = ldapsam:ldap://localhost ldap suffix = dc=mydomain,dc=com ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=People ldap admin dn = cn=Manager ldap ssl = no ldap passwd sync = Yes idmap uid = 15000-2 idmap gid = 15000-2 winbind separator = + I then did smbpasswd -w (insert cn=Manager password for LDAP) smbd and nmbd started up just fine. Here is when I run into problems: oink:/usr/local/samba/lib # smbclient -L oink protocol negotiation failed Same result if I use 'localhost' or reference it by IP. If you can tell me what I have missed it would be greatly appreciated. I have been following the HOWTO step-by-step and I'm not sure what I missed. Thanks, Misty smbldap_conf.pm: use strict; package smbldap_conf; use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP $slavePort $masterPort $ldapSSL $slaveURI $masterURI $with_smbpasswd $mk_ntpasswd $ldap_path $ldap_opts $ldapmodify $suffix $usersdn $computersdn $groupsdn $scope $binddn $bindpasswd $slaveDN $slavePw $masterDN $masterPw $_userLoginShell $_userHomePrefix $_userGecos $_defaultUserGid $_defaultComputerGid $_skeletonDir $_userSmbHome $_userProfile $_userHomeDrive $_userScript $usersou $computersou $groupsou $SID $hash_encrypt $_defaultMaxPasswordAge ); use Exporter; $VERSION = 1.00; @ISA = qw(Exporter); @EXPORT = qw( $UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP $slavePort $masterPort $ldapSSL $slaveURI $masterURI $with_smbpasswd $mk_ntpasswd $ldap_path $ldap_opts $ldapmodify $suffix $usersdn $computersdn $groupsdn $scope $binddn $bindpasswd $slaveDN $slavePw $masterDN $masterPw $_userLoginShell $_userHomePrefix $_userGecos $_defaultUserGid $_defaultComputerGid $_skeletonDir $_userSmbHome $_userProfile $_userHomeDrive $_userScript $usersou $computersou $groupsou $SID $hash_encrypt $_defaultMaxPasswordAge ); $UID_START = 1000; $GID_START = 1000; $SID='S-1-5-21-725326080-1709766072-2910717368'; $slaveLDAP = 127.0.0.1; $slavePort = 389; $masterLDAP = 127.0.0.1; $masterPort = 389; $ldapSSL = 0; $suffix = dc=mydomain,dc=com; $usersou = q(_USERS_); $usersdn = ou=People,$suffix; $computersou = q(_COMPUTERS_); $computersdn = ou=$computersou,$suffix; $groupsou = q(_GROUPS_); $groupsdn = ou=$groupsou,$suffix; $scope = sub; $hash_encrypt=SSHA; $binddn = cn=Manager,$suffix; $bindpasswd = 'some_unencrypted_password'; $slaveDN = $binddn; $slavePw = $bindpasswd; $masterDN = $binddn; $masterPw = $bindpasswd; $_userLoginShell = q(/bin/false); $_userHomePrefix = q(/data/samba/home/); $_userGecos = q(System User); $_defaultUserGid = 513; $_defaultComputerGid = 553; $_skeletonDir = q(/etc/skel); $_defaultMaxPasswordAge = 90; $_userSmbHome = q(_PDCNAME_\\homes); $_userProfile = q(_PDCNAME_\\profiles\\); $_userHomeDrive = q(H:); $with_smbpasswd = 0; $smbpasswd = /usr/local/samba/bin/smbpasswd; $mk_ntpasswd = /usr/local/sbin/mkntpwd; $slaveURI = ldap://$slaveLDAP:$slavePort;; $masterURI = ldap://$masterLDAP:$masterPort;; $ldap_path = /usr/bin; if ( $ldapSSL eq 0 ) { $ldap_opts = -x; } elsif ( $ldapSSL eq 1 ) { $ldap_opts = -x -Z; } else { die ldapSSL option must be either 0 or 1.\n; } $ldapmodify = $ldap_path/ldapmodify $ldap_opts -H $masterURI -D '$masterDN' -w '$masterPw'; 1; -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Script to clean the recycles...
Have you considered using tmpwatch? http://linux.about.com/library/cmd/blcmdl8_tmpwatch.htm I use it to delete the files on my TEMP share that are more than 5 days old. It works quite well. -- Chuck Chauvin -- Original Message --- From: Rodrigo Carvalhaes [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thu, 23 Sep 2004 11:43:34 -0300 Subject: Re: [Samba] Script to clean the recycles... Hi Joe! Thanks for your promptly answer. What I wanna to do is put one script on cron.daily to : 1. Clean all the files on the directories .recyycle(see below) that are older than 15 days. \files\production\.recycle \files\directory\.recycle \files\it_teste\.recycle \files\adm\sandra\.recycle \files\testing\piedro\.recycle \files\system\sources\.recycle \files\system\testing\.recycle \files\system\cvs\.recycle 2. Clean all the files on all the user homes that are older than 7 days. I have +/- 50 users and I wanna to make something automatic, that I don´t need to give maintaince on the script after creating a new user... Ideas? Cheers, Rodrigo Miranda Carvalhaes DBA PostgreSQL -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
I have some reservations about fedora - I just dont know how stable it is for a production server (our services are mainly samba/ldap/ntp/ssh/rsync/clamav) - we have about 15 samba servers in production currently. RHEL - well - the cost is a factor gentoo - takes to long to deploy Mandrake 10? What are some of the samba users recommendations? SuSe. Inexpensive and pretty much gauranteed not to be dropped. We are just using the ordinary Pro version, it works very will. Still does all the normal RPM based management, and Red Carpet supports it. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Printers Showing up on Alternate Server Names
I am having the same problem using Samba 3.0.7 w/ FC2. This only started happening recently, and is happening on 3 servers. I hadn't seen it happen on 3.0.4. Nothing else has changed. Thanks, Chris Smith Systems Administrator API Group Information Systems Dept. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of M/V Anastasis - IT Manager Sent: Thursday, September 23, 2004 11:49 AM To: [EMAIL PROTECTED] Subject: [Samba] Printers Showing up on Alternate Server Names Hi all, I am running samba 3.0.6. I am having an issue on my print server regarding how the printer ends up registering itself on the Windows clients. We have a machine named bob, bob has an alias both in DNS and in the netbios name in Samba of printserver, bob has an IP address of 192.168.1.1. In a seemingly random fashion sometimes when I add a printer on a new client machine by specifying the printer with \\printserver\Reception to specify the Reception printer, it shows up as Reception on herm or Reception on 192.168.1.1 or Reception on printserver (this would be the desired result, which does sometimes occur). Does anyone have an idea why this might be occurring? Is it a common problem with Samba or do we have something setup wrong somewhere? Thanks, Chris Chris Slack IT Manager M/V Anastasis - Currently docked in Bremerhaven, DL Mercy Ships mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] http://www.mercyships.org/ www.mercyships.org http://www.chrisslack.org/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] IdealX Webmin
Not sure if this is the right place for this, but thought it would be a place to start. I'm using Samba 3.0.7 on Suse 9.1 with iPlanet Directory Server 5.2 for a backend. I've had to do some major modifications to get the WebMin interface for the Idealx scripts working (not to mention the modifications to the Idealx scripts), but it is now complete except in how it updates the sambaLMPassword and sambaNTPassword. What's strange was it called mkntpwd. So I modified it to use the ntlmgen calls, but for some reason it still acts the same way. What happens is after getting the userPassword, it sets the sambaLMPassword correctly, but the sambaNTPassword is incorrect!? Anyone ever had to deal with this or fixed it or have suggestions on someone else to ask? TIA, Jarrod Johnston IT - Network Administrator PDX, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
i had the same situation here. i happened to be running RH (7.2) servers and addressing vulnerabilities started to become an issue. i went the fedora route with few problems, most of my own making. the upgrades went relatively smoothly. initial issues dealt with the upgrade picking up an old config file for a nic on one server and causing my wins server to not be able to find the server, causing domain login problems, and minor differences between older versions of samba and samba 3.0. fedora stability has not been an issue here. all they do is run, and run, and run . stuart - Original Message - From: Chris McKeever [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 23, 2004 9:44 AM Subject: [Samba] Which distribution to rollout we are running an older version of RH (7.3) - and I am getting concerned that I may need to migrate off of it - but I dont know what I should move to. Trying to formulate ideas before it becomes a 'got to do it now' scenario. I have some reservations about fedora - I just dont know how stable it is for a production server (our services are mainly samba/ldap/ntp/ssh/rsync/clamav) - we have about 15 samba servers in production currently. RHEL - well - the cost is a factor gentoo - takes to long to deploy Mandrake 10? What are some of the samba users recommendations? thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to map or view resources by name
FYI, I have upgraded to Samba 3.0.7-1.3E and the problem persists. Jon Etkins IT Administration Support Austin Logistics, Inc [EMAIL PROTECTED] wrote on 09/22/2004 01:33:55 PM: Hi, folks. I'm in the process of setting up a RH ES3 box as a samba server in our Active Directory environment. I have kerberos working for user authentication, and can both log into the RH machine and map drives from windows clients using domain passwords, but the drive mapping only works if I specify the share name with the server's IP address: \\10.1.200.114\share1. If I try using the server's name - \\sambasvr\share1 - the authentication fails and I see the following in the corresponding client's log file on the server: [2004/09/22 13:23:15, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! and the following in the Security log on the AD server: Event Type: Failure Audit Event Source: Security Event Category: Account Logon Event ID: 676 Date: 9/22/2004 Time: 1:23:14 PM User: NT AUTHORITY\SYSTEM Computer: TORO Description: Authentication Ticket Request Failed: User Name: jetkins$ Supplied Realm Name:AUSTINLOGISTICS.COM Service Name: krbtgt/AUSTINLOGISTICS.COM Ticket Options: 0x40810010 Failure Code: 0x6 Client Address: 10.1.200.26 The system is running kerberos 1.2.7-28 and samba 3.0.6-2.3E. Any and all suggestions gratefully accepted - while it's working as is, I'd prefer to get this last wrinkle ironed out before I release it to my users for testing. Thanks, Jon Etkins IT Administration Support Austin Logistics, Inc -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to map or view resources by name
[EMAIL PROTECTED] wrote: FYI, I have upgraded to Samba 3.0.7-1.3E and the problem persists. Jon Etkins IT Administration Support Austin Logistics, Inc [EMAIL PROTECTED] wrote on 09/22/2004 01:33:55 PM: Hi, folks. I'm in the process of setting up a RH ES3 box as a samba server in our Active Directory environment. I have kerberos working for user authentication, and can both log into the RH machine and map drives from windows clients using domain passwords, but the drive mapping only works if I specify the share name with the server's IP address: \\10.1.200.114\share1. If I try using the server's name - \\sambasvr\share1 - the authentication fails and I see the following in the corresponding client's log file on the server: [2004/09/22 13:23:15, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! and the following in the Security log on the AD server: Event Type: Failure Audit Event Source: Security Event Category: Account Logon Event ID: 676 Date: 9/22/2004 Time: 1:23:14 PM User: NT AUTHORITY\SYSTEM Computer: TORO Description: Authentication Ticket Request Failed: User Name: jetkins$ Supplied Realm Name:AUSTINLOGISTICS.COM Service Name: krbtgt/AUSTINLOGISTICS.COM Ticket Options: 0x40810010 Failure Code: 0x6 Client Address: 10.1.200.26 The system is running kerberos 1.2.7-28 and samba 3.0.6-2.3E. Any and all suggestions gratefully accepted - while it's working as is, I'd prefer to get this last wrinkle ironed out before I release it to my users for testing. Thanks, Jon Etkins IT Administration Support Austin Logistics, Inc -- Sounds like you're running into either the kerberos compatibility errors we see with win2k3 or the newest problem where people upgrade from 3.0.6+ and then start encountering apparent kerberos failures in win2k environments. Do you see any Failed to verify incoming ticket! errors in /var/log/samba files? Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
Hi, i myself have running large setups with suse 9, but debian ( the new comes now up ) is always a good choice Regards Chris McKeever schrieb: we are running an older version of RH (7.3) - and I am getting concerned that I may need to migrate off of it - but I dont know what I should move to. Trying to formulate ideas before it becomes a 'got to do it now' scenario. I have some reservations about fedora - I just dont know how stable it is for a production server (our services are mainly samba/ldap/ntp/ssh/rsync/clamav) - we have about 15 samba servers in production currently. RHEL - well - the cost is a factor gentoo - takes to long to deploy Mandrake 10? What are some of the samba users recommendations? thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printers Showing up on Alternate Server Names
It's a known issue of Samba 3.0.6/7 Look at this link for more info concerning this: http://lists.samba.org/archive/samba/2004-September/093045.html -- Regards, Alex. Visit our Web site: http://www.nh-hotels.com This message is from NH HOTELES and it is private and confidential. Its content may be legally protected.Reception by a non-intended person does not waive legal protection rights. If you receive this message by mistake, please delete it from your system and report the sender. Although this message has been cleared for viruses using currently available virus definitions before sending, it is the responsibility of the receiver to ensure it is virus-free.Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] solaris 8 and ls -l problems
Hey All, We recently upgraded to samba 3.0.7 running on solaris 8. We have the box joined to as a member server in a Windows 2000 AD and we have pam authentication working to log in to the box with, The idmap backend is set to a ldap server that is also joined the the AD. The UIDS between the boxes are fine as you can do a getent passwd domain\\username (we have the default \ for the winbind separator) and it will return the same uid on the solaris and linux box so that is working, The problem is when doing the command ls -l on a file owned by domain\username you get no response (just sits for hours and hours never returning the listing), if you do the ls command without the -l it works fine. When you do truss ls -l on the same file it returns a few lines that show its looking like its reading the usernames like the following (please note I cut out the usernames) read(3, L K O S K I N E , F A U.., 10484)= 10484 alarm(0)= 0 sigaction(SIGALRM, 0xFFBEC898, 0xFFBEC948) = 0 sigfillset(0xFF3428C8) = 0 sigprocmask(SIG_BLOCK, 0xFFBEC938, 0xFFBEC928) = 0 alarm(1)= 0 Received signal #14, SIGALRM, in sigsuspend() [caught] sigsuspend(0xFFBEC918) Err#4 EINTR setcontext(0xFFBEC600) alarm(0)= 0 sigprocmask(SIG_UNBLOCK, 0xFFBEC938, 0x) = 0 sigaction(SIGALRM, 0xFFBEC898, 0x) = 0 Then it keeps repeating the following: alarm(2)= 0 sigsuspend(0xFFBEC918) (sleeping...) Received signal #14, SIGALRM, in sigsuspend() [caught] sigsuspend(0xFFBEC918) Err#4 EINTR setcontext(0xFFBEC600) All information I can find is there is something wrong with the libnss_winbind.so However, I am totally stuck as to what's happening.. any help or advice would surely be appreciated anymore logs or trace information that is needed please ask. Thanks James Mauser College of Engineering Florida Atlantic University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] invisible server
Hi, I've got a few samba server in my network, but one of them is invisible. I cannot do a nmblookup on it (even from the server itself), but I cannot telnet the port 137, thus it should not be a problem of firewall. From windows xp machines, I can connect specifying the IP address, while from win98 machines I cannot (I got an error like network name does not exist). The following is the smb.conf file, I'm running samba 2.2.7: global] os level = 33 time server = Yes unix extensions = Yes encrypt passwords = Yes log level = 5 syslog = 5 printing = CUPS printcap name = CUPS socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY wins support = No veto files = /*.eml/*.nws/riched20.dll/*.{*}/ security = user workgroup = G2OR server string = Mammuth netbios name = mammuth [project] comment = Cartella PROJECT/ufficio MK via SMB - Mammuth path = /mnt/data/uff_mk/PROJECT browsable = yes writable = yes printable = no valid users = +ufficioMK +cam I've tried with the remote announce and master browser options, but it still not works. Any idea? Luca -- Luca Ferrari, [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printers Showing up on Alternate Server Names
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alex de Vaal wrote: | | It's a known issue of Samba 3.0.6/7 | | Look at this link for more info concerning this: | http://lists.samba.org/archive/samba/2004-September/093045.html | BUG #id 1519 https://bugzilla.samba.org/show_bug.cgi?id=1519 I hope to get to it soon. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBUvHmIR7qMdg1EfYRAif6AJ4hKiFBmIbF3gNEIQufLISmKWlolwCgqhQn TVu+4ToY2bObX1W+pI00HpE= =o3SG -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't delete smbpasswd user if not in /etc/passwd
On Thursday 23 September 2004 03:25, Alex Forrow wrote: Seems shody but cant you just add the user again to /etc/passwd. Then delete both. Or manually remove a line from smbpasswd file... -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login scripts do not run
On Thursday 23 September 2004 10:15, rruegner wrote: Hi, all you can use cpau ( run as replacement ) to make any script ( bat etc ) running with admin rights, theres also a little prog called hidecmd which makes the run of the netlogon invisible. And thus make admin password visible to user??! No thank you. After alle the script must be readable under native linux and in the samba share and build with a dos compatible editor like notepad. -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trouble connecting to Samba shares from other Linux boxes
Hey list, I'm having some problems with a few of my Fedora Core 2 boxes. 1 of the systems is set up as a Samba Server as the main fileserver. I have some Windows XP machines connecting to it just fine, nice and fast. However, I also have some FC2 systems that connect to it using the smbfs filesystem, and while they work initially after booting up, any amount of browsing through Nautilus or trying to run some programs off of the network will cause the system to hang. Not lock up, as I can force close windows, but the system will not respond to anything else. It definitely appears to be an issue with Samba however, and only when connecting from another FC2 system. Also, if the client system does hang while browsing the share, if I open a terminal window and try to do anything, I will sometimes get an error like this: error: failed to stat: /mnt: Input/output error Now, I'm thinking that this is only happening on the new version of Samba, 3.0.7-2.FC2 or 3.0.7-2.FC1. I noticed this started to happen last week on the 15th, after a system auto-updated to the newest version. Shortly after, other FC and FC2 boxes started having connection troubles. So, to test this, I set up a new system and didn't update samba on it. Sure enough, works perfectly, no hang ups. Ok, so I'll try the newest version directly from samba.org, 3.0.7-1 on the server. Hangs up within a minute of browsing on that one, same as the 3.0.7-2.FC2 release. So, this really seems to be a bug in the most recent release of Samba. I've tried multiple, freshly installed servers and clients now, and can always reproduce this error. It's making things very difficult for us as well, as we have multiple servers that communicate via Samba that suddenly aren't working after they update. Luckily, Windows boxes are not effected by this and are connecting to Samba machines just fine. So, has anyone else experienced this, or know of any potential workarounds? I can post smb.conf files if need be, although I'm using pretty much all defaults and am just setting up simple shares. This setup has been working now for over a year without a hitch. Any ideas? Thanks, Brandon -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to map or view resources by name
Christian Merrill [EMAIL PROTECTED] wrote on 09/23/2004 10:29:33 AM: Sounds like you're running into either the kerberos compatibility errors we see with win2k3 or the newest problem where people upgrade from 3.0.6+ and then start encountering apparent kerberos failures in win2k environments. Do you see any Failed to verify incoming ticket! errors in /var/log/samba files? Yes. Per my original note: the drive mapping only works if I specify the share name with the server's IP address: \\10.1.200.114\share1. If I try using the server's name - \\sambasvr\share1 - the authentication fails and I see the following in the corresponding client's log file on the server: [2004/09/22 13:23:15, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! The AD server is Win2k, not 2k3. I have not tried this with a Samba version before3.0.6, as that is the version that came bundled. Odd that it works fine if I specify the server address, but not the name - hopefully that will prove useful in identifying the problem. Cheers, Jon Etkins IT Administration Support Austin Logistics, Inc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] invisible server
May be due to no guest account. From Samba 3 by Example: Network browsing involves SMB broadcast announcements, SMB enumeration requests, connections to the IPC$ share, share enumerations, and SMB connection setup processes. The use of anonymous connections to a Samba server involve the use of the /guest account/ that must map to a valid UNIX UID. Luca Ferrari wrote: Hi, I've got a few samba server in my network, but one of them is invisible. I cannot do a nmblookup on it (even from the server itself), but I cannot telnet the port 137, thus it should not be a problem of firewall. From windows xp machines, I can connect specifying the IP address, while from win98 machines I cannot (I got an error like network name does not exist). The following is the smb.conf file, I'm running samba 2.2.7: global] os level = 33 time server = Yes unix extensions = Yes encrypt passwords = Yes log level = 5 syslog = 5 printing = CUPS printcap name = CUPS socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY wins support = No veto files = /*.eml/*.nws/riched20.dll/*.{*}/ security = user workgroup = G2OR server string = Mammuth netbios name = mammuth [project] comment = Cartella PROJECT/ufficio MK via SMB - Mammuth path = /mnt/data/uff_mk/PROJECT browsable = yes writable = yes printable = no valid users = +ufficioMK +cam I've tried with the remote announce and master browser options, but it still not works. Any idea? Luca -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] limits on quota sizes
Can anyone confirm the maximum quota that is allowed? The individual quota files record the current usage in bytes and the quota in kilobytes. I am hoping that quota and usage calculations use 64 bit integers so that there is no practical limit. However, if 32 bit integers are used then I guess there would be a limit of 2 or 4 gigabytes. Phil. --- Phil Chambers ([EMAIL PROTECTED]) University of Exeter -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to map or view resources by name
[EMAIL PROTECTED] wrote: Christian Merrill [EMAIL PROTECTED] wrote on 09/23/2004 10:29:33 AM: Sounds like you're running into either the kerberos compatibility errors we see with win2k3 or the newest problem where people upgrade from 3.0.6+ and then start encountering apparent kerberos failures in win2k environments. Do you see any Failed to verify incoming ticket! errors in /var/log/samba files? Yes. Per my original note: the drive mapping only works if I specify the share name with the server's IP address: \\10.1.200.114\share1. If I try using the server's name - \\sambasvr\share1 - the authentication fails and I see the following in the corresponding client's log file on the server: [2004/09/22 13:23:15, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! The AD server is Win2k, not 2k3. I have not tried this with a Samba version before3.0.6, as that is the version that came bundled. Odd that it works fine if I specify the server address, but not the name - hopefully that will prove useful in identifying the problem. Cheers, Jon Etkins IT Administration Support Austin Logistics, Inc By using the ip address you are bypassing kerberos and authenticating as an older style NT machine which is why it works. If you're running in Mixed Mode a potential workaround would be to remove the realm parameter and change security back to domain in smb.conf. If you're not running in Mixed Mode then I don't really have anything good to tell you :(. Some RHEL3 customers running similar environments have reported that they re-obtained functionality by downgrading to our 3.0.4 release -- of course this release presents its own problems. Other customers have stated that downgrading did not solve anything for them. Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Per-alias shares?
Maybe you know yet another trick - is in possible to arrange so that when someone connects to \\box\share, samba ignores login username and validates user with: login=share password=user-supplied password ? This will allow poor souls from Win9x boxes (which as you know are unable to supply usernames, only passwords) to supply username as a share name. Whatever I try with [default] and/or [homes] section, I can't achieve this... No so! Install the appropriate Windows Network driver on Win9X, and get it to log onto the domain. Then set the registry setting using the policy editor so that no user can log on without prior validation. This definitively solves your problem. A samba hack is entirely the wrong approach. Yes, win9x uses local user name of the logged-in user for all subsequent network logins, AFAIK. This will work if all other machines on the network are domain members. However, if that user subsequently wants to log in to another samba box which is _not_ a member of the domain and does not allow this user to log in with that username, [s]he will see a password prompt *only*, whereas user sitting on NT box will see a prompt with both username *and* password. Or am I missing another way to log into such samba box? -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
I run Samba on OpenBSD. It isn't Linux, but it is free and works very well. It also isn't likely to go away or move to a less stable development any time soon. On Thursday 23 September 2004 09:44 am, Chris McKeever wrote: we are running an older version of RH (7.3) - and I am getting concerned that I may need to migrate off of it - but I dont know what I should move to. Trying to formulate ideas before it becomes a 'got to do it now' scenario. I have some reservations about fedora - I just dont know how stable it is for a production server (our services are mainly samba/ldap/ntp/ssh/rsync/clamav) - we have about 15 samba servers in production currently. RHEL - well - the cost is a factor gentoo - takes to long to deploy Mandrake 10? What are some of the samba users recommendations? thanks -- Dan Ramaley Digital Media Library Specialist (515) 271-1934 Cowles Library 140, Drake University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login scripts do not run
Hi, no the admin account and pass can be crypted so its usefull stuff reading related progs osr stuff before posting may help you out next time Regards Denis Vlasenko schrieb: On Thursday 23 September 2004 10:15, rruegner wrote: Hi, all you can use cpau ( run as replacement ) to make any script ( bat etc ) running with admin rights, theres also a little prog called hidecmd which makes the run of the netlogon invisible. And thus make admin password visible to user??! No thank you. After alle the script must be readable under native linux and in the samba share and build with a dos compatible editor like notepad. -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login scripts do not run
Yes, I had done this but forgot to mention it. FYI, it's the same for W2K as for XP. On my W2K client, I have given 'Everyone' persmission to change the time setting. Quoting John H Terpstra [EMAIL PROTECTED]: Folks, If you want to execute a batch or command file that will update the windows client clock you need to note that only Administrator has the right (privilege) to update the system clock. This means that you need to update user rights and privileges so that Everyone or Domain Users can update the clock. This is NOT a samba problem - it is a Windows security settings issue. Log onto your Windows XP Pro system. Open up: Start-Control Panel-Administrative Tools-Local Security Settings In the left panel: Local Policies-User Rights Assignment In the right panel: Change the system time Give the appropriate users or groups the right to change the system time. Reboot the Windows XP Pro machine. Now when you log on the time will update as the logon script executes. This stuff is so simple! :) - John T. On Wednesday 22 September 2004 20:59, Raymond Lillard wrote: [EMAIL PROTECTED] wrote: I have a simple script that sets the time on a Windows client at startup. The one-line script: net time \\myhost /set /yes Works perfectly well when I double-click it from Windows Explorer, so I don't think the problem lies there. The relevant lines in my smb.conf file: [global] time server = yes logon script = smbtimeset.BAT [netlogon] comment = shared scripts path = /usr/share/samba/scripts public = no writable = no browseable = no I've set the log level to '3' and there aren't any messages at all relating to running a startup script. Any ideas? Well, yes I do. I was looking into this earlier today. You don't say enough about your workgroup/domain, but I have this problem too. In my case, I am running v3.0.6 as a PDC. All of my MS clients are NT4-SP6 or better (well newer anyway). Most are WinXP. What I find in the event log of WinXP clients is a message to the effect that the client has joined a NT4 domain (in this case, my Samba PDC) and the MS NT4 generation domain server does not support NTP. A bit of searching has found this: http://groups.google.com/groups?q=ntpclient+nt4-domainhl=enlr=ie=UTF-8c 2coff=1selm=%23Oa8EadWCHA.3360%40tkmsftngp11rnum=1 This article contains two links at the bottom which look promising too. I'm about to start playing with it, but I would be good to hear a Samba solution. I don't like hacking the registry. Ray -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
Daniel Ramaley wrote: I run Samba on OpenBSD. It isn't Linux, but it is free and works very well. It also isn't likely to go away or move to a less stable development any time soon. On Thursday 23 September 2004 09:44 am, Chris McKeever wrote: we are running an older version of RH (7.3) - and I am getting concerned that I may need to migrate off of it - but I dont know what I should move to. Trying to formulate ideas before it becomes a 'got to do it now' scenario. I have some reservations about fedora - I just dont know how stable it is for a production server (our services are mainly samba/ldap/ntp/ssh/rsync/clamav) - we have about 15 samba servers in production currently. RHEL - well - the cost is a factor gentoo - takes to long to deploy Mandrake 10? What are some of the samba users recommendations? thanks I think to some degree it depends on what your implimentation of samba is like...As in are you doing relatively simple file sharing or are you making use of all the bells and whistles available (winbind, kerberos integration, etc.). If you have a relatively simple configuration and this is in a production environment then shell out the money for RHEL or Suse (trying not to be too biased) and enjoy being on a relatively stable unchanging and *supported* OS. If your configuration is more complex then you probably want to avoid those platforms as they try to update very infrequently. Samba tends to be in a constant state of change and of course it has to deal with reacting to whatever Microsoft decides to do...for simple configurations this doesn't tend to matter, but if you're using some of the more powerful features of Samba then you probably have to look forward to having to upgrade on a regular basis. In that case you should probably go with whatever is free and comfortable for you to use. Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
On Thursday 23 September 2004 10:44 am, Chris McKeever wrote: gentoo - takes to long to deploy I had been using SuSE for servers, still have 3 running version 7.3 but my 6 most recent server installs have been Gentoo. I actually find them (the Gentoo servers) much easier to maintain and keep up-to-date. Deployment on server grade hardware with no X is really pretty quick. Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which distribution to rollout
A good point. I currently have three OpenBSD Samba servers that i administer. Two are fairly simple, just doing file and printer sharing to a workgroup. The other is a member of an Active Directory domain. Right now it is just doing file sharing, but it had to be tied in with Kerberos and everything else necessary to make Active Directory happy. I think to some degree it depends on what your implimentation of samba is like...As in are you doing relatively simple file sharing or are you making use of all the bells and whistles available (winbind, kerberos integration, etc.). If you have a relatively simple configuration and this is in a production environment then shell out the money for RHEL or Suse (trying not to be too biased) and enjoy being on a relatively stable unchanging and *supported* OS. If your configuration is more complex then you probably want to avoid those platforms as they try to update very infrequently. Samba tends to be in a constant state of change and of course it has to deal with reacting to whatever Microsoft decides to do...for simple configurations this doesn't tend to matter, but if you're using some of the more powerful features of Samba then you probably have to look forward to having to upgrade on a regular basis. In that case you should probably go with whatever is free and comfortable for you to use. Christian -- Dan Ramaley Digital Media Library Specialist (515) 271-1934 Cowles Library 140, Drake University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with Samba 3.0.5 only seeing 1360 files on a share to a Windows 2000
Hi, I have a share: [share] path = /appl/md/data valid users = +asd write list = +asd read only = No create mask = 0664 directory mask = 0775 And it has directories that have 3000 files in them, but when I look at the same directory thru a Windows 2000, I only see 1360 files, no more. If I type the path a file that isn't shown in the directory listing, I can get to it. Also if I create a new file in the directory, it gets created, but doesn't show in the directory list. Any ideas? Looks like a Windows thing, but... Thanks Cyril Jaouich (Consultant Unix) -- Support technique des infrastructures Unix -- Tél: 514-840-3000x5527 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Directory Date
Dear Sirs, I am running a Mandrake Linux V.10 with Samba 3.0.2a ,I noticed that when accessing any directory from any Windows XP clients, the directory date stamp changes to the current date (Directory date / not the files !!!). Please advice. Best regards, Mahmoud Hamdy IT Manager Fayek Furniture Alexandria Egypt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help, Phantom directories-missing data
I have documented this problems 3 times now am am currently experiencing the worst one yet. I have samba shares that come up missing after a machine reboot while clients are connected to some shares. It seems to only be those directories that are mapped to samba, the share's still show up via a windows client but no data. (like missing 20 gigs) Even from teh Linux machine, I cant see the data. The last time this happened a couple reboots and my data reappeared. Is this filesystem related? Anyone ever heard of this? This time after 3 reboots some of teh dir structure has returned, but no data yet... Fedora core 1/ Samba 3/ ext3 thanks --gt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to forbid directory creation
On Thursday 23 September 2004 11:44, [EMAIL PROTECTED] wrote: Bonjour , We have installed linux suse professional and we would like to share an linux files tree like root Idir1 Idir2 I__dir3 With a population of PC Microsolt WINDOW XP .We though to use samba for this purpose but we would like to keep this files organization and to forbid directory creation . Population of PC Microsolt WINDOW XP could create files under dir1 dir2 dir3 but could not create directories . Do you think SAMBA can do it ? Sure. No problem. Just write your own VFS module to control this. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help, Phantom directories-missing data
Greg, Please document how to reproduce this problem. We need specific step-by-step instructions to permit this to be investigated. - John T. On Thursday 23 September 2004 12:23, Greg Talbot wrote: I have documented this problems 3 times now am am currently experiencing the worst one yet. I have samba shares that come up missing after a machine reboot while clients are connected to some shares. It seems to only be those directories that are mapped to samba, the share's still show up via a windows client but no data. (like missing 20 gigs) Even from teh Linux machine, I cant see the data. The last time this happened a couple reboots and my data reappeared. Is this filesystem related? Anyone ever heard of this? This time after 3 reboots some of teh dir structure has returned, but no data yet... Fedora core 1/ Samba 3/ ext3 thanks --gt -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0.3 on FC2: windows machine cannot join domain
After, oh, six months of attempts here and there to read everyone's experiences with Samba/LDAP and inability for a windows 2000/XP machine to join the domain, I finally discovered what was not working properly. In my smb.conf I put: add machine script = /usr/local/sbin/smbldap-useradd -w %u As instructed by many How-to's and Idealx. However, I thought to myself, %m means machine name right? So, I change the .conf to: add machine script = /usr/local/sbin/smbldap-useradd -w %m Restarted Samba and tried to join the domain and VOILA! Just thought I'd let the community know so that when people in my previous position search Google for this subject they'll find this answer. As of this e-mail, I'm using Samba 3.0.7, OpenLDAP 2.1.29, and Smbldap-tools 0.8.5. -- Tony Fugere [EMAIL PROTECTED] I wrote: I'm using Samba 3.0.3 on Fedora Core 2 with OpenLDAP 2.1.29 for a backend. I'm getting to typical The user name could not be found. error upon trying to join a Windows box. I've gone through every digest on lists.samba.org and other sites and nothing has worked yet. Any suggestions: Here's what I've done so far: 1. Installed everything via RPMS: [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# rpm -qa | grep openldap openldap-2.1.29-1 openldap-clients-2.1.29-1 openldap-servers-2.1.29-1 openldap-devel-2.1.29-1 [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# rpm -qa | grep samba samba-3.0.3-5 samba-client-3.0.3-5 samba-common-3.0.3-5 samba-swat-3.0.3-5 [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# rpm -qa | grep smbldap smbldap-tools-0.8.4-1.1.fc2.dag [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# 2. Made my SSL certificates and put them in /var/ssl. 3. Made my slapd.conf: --- Start slapd.conf --- include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema allow bind_v2 passwd-hash {SSHA] pidfile /var/run/slapd.pid TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /var/ssl/cacert.pem TLSCertificateFile /var/ssl/ldapcrt.pem TLSCertificateKeyFile /var/ssl/ldapkey.pem TLSVerifyClient 0 security ssf=1 update_ssf=112 simple_bind=64 access to dn=.*,dc=soil,dc=ncsu,dc=edu attr=userPassword by dn=cn=Manager,dc=soil,dc=ncsu,dc=edu write by self write by * auth access to dn=.*,dc=soil,dc=ncsu,dc=edu attr=mail by dn=cn=Manager,dc=soil,dc=ncsu,dc=edu write by self write by * auth access to dn=.*,ou=People,dc=soil,dc=ncsu,dc=edu by * read access to dn=.*,dc=soil,dc=ncsu,dc=edu by self write by * read databaseldbm suffix dc=soil,dc=ncsu,dc=edu rootdn cn=Manager,dc=soil,dc=ncsu,dc=edu rootpw _thepassword_ directory /var/lib/ldap index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial --- End slapd.conf --- 4. Made the smb.conf: --- Start smb.conf --- [global] ; Basic server settings workgroup = testdomain netbios name = smbtest server string = Samba Server %v security = user allow trusted domains = yes log level = 0 log file = /var/log/samba/log.%m max log size = 50 domain logons = Yes os level = 65 local master = yes domain master = yes preferred master = yes encrypt passwords = yes passwd program = /usr/local/sbin/smbldap-passwd %u passwd chat = *new*password* %n\n *new*password* %n\n *successfully* unix password sync = yes ; User and Machine Account Backends ldap ssl = start_tls passdb backend = ldapsam:ldap://smbtest.soil.ncsu.edu:389 ldap suffix = dc=soil,dc=ncsu,dc=edu ldap admin dn = cn=Manager,dc=soil,dc=ncsu,dc=edu ldap delete dn = no ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Computers admin users = administrator socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ; where to store user profiles logon home = logon path = ldap delete dn = Yes add user script = /usr/local/sbin/smbldap-useradd -m %u add machine script = /usr/local/sbin/smbldap-useradd -w %u add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u delete user script = /usr/local/sbin/smbldap-userdel %u delete group script = /usr/local/sbin/smbldap-groupdel %g [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon read only = yes write list = dom_admins [Homes] username = tfugere writeable = Yes force create mode = 0770 force directory mode = 02770 browseable = No --- End smb.conf --- 5. Made my
[Samba] Standalone file server - messages
- samba Begin **Unmatched Entries** lib/util_sock.c:get_socket_addr(919) getpeername failed. Error was Transport endpoint is not connected : 20 Time(s) smbd/service.c:make_connection_snum(698) 315-01 (10.2.2.33) connect to service ahendren initially as user ahendren (uid=531, gid=506) (pid 3316) : 1 Time(s) smbd/service.c:set_current_service(56) chdir (/home/tjgaboury) failed : 16 Time(s) -- samba End - OS: Fedora 2 Samba: samba-common-3.0.0-15 redhat-config-samba-1.1.4-1 samba-3.0.0-15 samba-swat-3.0.0-15 samba-client-3.0.0-15 Any idea what the above messages mean? Thanks Ralf Wiegand -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble connecting to Samba shares from other Linux boxes
ahoy, i have been having the same problem after the auto update of samba to 3.0.7-2.FC2. same problem with linux fc2 samba server and fc2 clients. winxp clients no problems. i can add the following info to the problem: 1. when samba server starts, there are 2 smbd -D processes and one nmbd -D process. even when restart samba server service, same thing. 2. when freeze occurs, following 2 processes show up: root 3103 0.0 0.0 00 ?SW 13:35 0:00 [smbiod] mrgrimm 3137 0.0 0.0 00 ?Z13:38 0:00 [netstat] defunct unfortunately i havent found a workaround yet. thanks, wayne Brandon Laing wrote: Hey list, I'm having some problems with a few of my Fedora Core 2 boxes. 1 of the systems is set up as a Samba Server as the main fileserver. I have some Windows XP machines connecting to it just fine, nice and fast. However, I also have some FC2 systems that connect to it using the smbfs filesystem, and while they work initially after booting up, any amount of browsing through Nautilus or trying to run some programs off of the network will cause the system to hang. Not lock up, as I can force close windows, but the system will not respond to anything else. It definitely appears to be an issue with Samba however, and only when connecting from another FC2 system. Also, if the client system does hang while browsing the share, if I open a terminal window and try to do anything, I will sometimes get an error like this: error: failed to stat: /mnt: Input/output error Now, I'm thinking that this is only happening on the new version of Samba, 3.0.7-2.FC2 or 3.0.7-2.FC1. I noticed this started to happen last week on the 15th, after a system auto-updated to the newest version. Shortly after, other FC and FC2 boxes started having connection troubles. So, to test this, I set up a new system and didn't update samba on it. Sure enough, works perfectly, no hang ups. Ok, so I'll try the newest version directly from samba.org, 3.0.7-1 on the server. Hangs up within a minute of browsing on that one, same as the 3.0.7-2.FC2 release. So, this really seems to be a bug in the most recent release of Samba. I've tried multiple, freshly installed servers and clients now, and can always reproduce this error. It's making things very difficult for us as well, as we have multiple servers that communicate via Samba that suddenly aren't working after they update. Luckily, Windows boxes are not effected by this and are connecting to Samba machines just fine. So, has anyone else experienced this, or know of any potential workarounds? I can post smb.conf files if need be, although I'm using pretty much all defaults and am just setting up simple shares. This setup has been working now for over a year without a hitch. Any ideas? Thanks, Brandon -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba public directory on FreeBSD
What is recommended for a public, 'free-for-all', anyone can read or write directory on FreeBSD? What are the reasons for preferring one place over another? Would these work? /usr/local/share/sambapublic/ /usr/share/sambapublic/ /home/sambapublic/ I recommend a separate partition, so that when it eventually gets filled up -- and these things always do -- your system will not be adversly affected. You can mount the partition wherever you want. In your three examples, sambapublic could be a file system mounted on /usr/local/share, /usr/share, or /home. What we are talking about here is the OS view. To the Windows user what counts is the share name. On server fattoad, any one of these directories could be shared out as pub (or whatever name you like). The windows users will not see the OS pathname. Gary Dunn Honolulu -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba 3.0.3 on FC2: windows machine cannot join domain
Tony, I do not have any proof to contradict your information, however, the source code suggests that this advice is perhaps suspect. The particular module that handles automatic account creation is in ~samba/source/rpc_server/srv_samr_nt.c and specifically at line 2253. Here is the very line that does the parameter substitution: all_string_sub(add_script, %u, account, sizeof(add_script)); As you can see, it is the %u parameter that is being substituted. Maybe I am reading this incorrectly? However, I have performed many hundreds of installations and have always used the %u parameter - and it has worked. Given this background I respectfully suggest that we should understand precisely what is happening in your situation by examining the samba logs for the use of this function give both the %u and again with the %m parameters. You can turn up the debug level on just this module by setting in smb.conf [globals]: log level = 0 rpc_srv:5 sam:5 log file = /var/log/samba/%m.log max log size = 0 Please would test this and report the findings. If our documentation is in error I want to fix it immediately. Thanks so much for your input. Cheers, John T. On Thursday 23 September 2004 12:11, Tony Fugere wrote: After, oh, six months of attempts here and there to read everyone's experiences with Samba/LDAP and inability for a windows 2000/XP machine to join the domain, I finally discovered what was not working properly. In my smb.conf I put: add machine script = /usr/local/sbin/smbldap-useradd -w %u As instructed by many How-to's and Idealx. However, I thought to myself, %m means machine name right? So, I change the .conf to: add machine script = /usr/local/sbin/smbldap-useradd -w %m Restarted Samba and tried to join the domain and VOILA! Just thought I'd let the community know so that when people in my previous position search Google for this subject they'll find this answer. As of this e-mail, I'm using Samba 3.0.7, OpenLDAP 2.1.29, and Smbldap-tools 0.8.5. -- Tony Fugere [EMAIL PROTECTED] I wrote: I'm using Samba 3.0.3 on Fedora Core 2 with OpenLDAP 2.1.29 for a backend. I'm getting to typical The user name could not be found. error upon trying to join a Windows box. I've gone through every digest on lists.samba.org and other sites and nothing has worked yet. Any suggestions: Here's what I've done so far: 1. Installed everything via RPMS: [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# rpm -qa | grep openldap openldap-2.1.29-1 openldap-clients-2.1.29-1 openldap-servers-2.1.29-1 openldap-devel-2.1.29-1 [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# rpm -qa | grep samba samba-3.0.3-5 samba-client-3.0.3-5 samba-common-3.0.3-5 samba-swat-3.0.3-5 [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# rpm -qa | grep smbldap smbldap-tools-0.8.4-1.1.fc2.dag [root at smbtest http://lists.samba.org/mailman/listinfo/samba root]# 2. Made my SSL certificates and put them in /var/ssl. 3. Made my slapd.conf: --- Start slapd.conf --- include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema allow bind_v2 passwd-hash {SSHA] pidfile /var/run/slapd.pid TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /var/ssl/cacert.pem TLSCertificateFile /var/ssl/ldapcrt.pem TLSCertificateKeyFile /var/ssl/ldapkey.pem TLSVerifyClient 0 security ssf=1 update_ssf=112 simple_bind=64 access to dn=.*,dc=soil,dc=ncsu,dc=edu attr=userPassword by dn=cn=Manager,dc=soil,dc=ncsu,dc=edu write by self write by * auth access to dn=.*,dc=soil,dc=ncsu,dc=edu attr=mail by dn=cn=Manager,dc=soil,dc=ncsu,dc=edu write by self write by * auth access to dn=.*,ou=People,dc=soil,dc=ncsu,dc=edu by * read access to dn=.*,dc=soil,dc=ncsu,dc=edu by self write by * read databaseldbm suffix dc=soil,dc=ncsu,dc=edu rootdn cn=Manager,dc=soil,dc=ncsu,dc=edu rootpw _thepassword_ directory /var/lib/ldap index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial --- End slapd.conf --- 4. Made the smb.conf: --- Start smb.conf --- [global] ; Basic server settings workgroup = testdomain netbios name = smbtest server string = Samba Server %v security = user allow trusted domains = yes log level = 0 log file = /var/log/samba/log.%m max log size = 50 domain logons = Yes os level = 65 local master = yes domain master = yes preferred master = yes encrypt passwords = yes passwd program = /usr/local/sbin/smbldap-passwd %u passwd chat =
[Samba] Re: Missing data
On Thursday 23 September 2004 13:04, you wrote: John, I have it. I unmounted the partition /dev/hda2 and boom the dir. structure and data is back, samba sees all of it now. Looks to be more of a Linux/FS problem than Samba. I suspected you might have a hardware level or OS level problem. Thanks for clarifying. - John T. Thanks -gt On Thu, 23 Sep 2004, John H Terpstra wrote: Greg, What has Samba recorded in the log files? How have you configured logging in your smb.conf file? - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbfs mounts cause hangs in kde/gnome
I'm using debian Sarge, Samba 3.0.6-3, Kernel 2.6.8 I use smbmount //server/share mymountpt -oguest which connects fine, but it all dies (hangs) if I try to look in that mounted directory with konqueror in kde OR nautillus in gnome. In dmesg of the server computer I get: smb_proc_readdir_long: error=-512, breaking and the same but with error -13 smb_add_request ... Timed Out! this last one repeats infinitely. and often some other stuff too. I've googled till I'm goggled and all I've found is similar postings but without answers. thanks rich -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] checking a users last login
Where and what should I look for to determine users last login? Thanks. /R -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbfs mounts cause hangs in kde/gnome
Rich, You are using smbfs or cifsfs. This is the Samba mailing list - not the smbfs or cifsfs list. - John T. On Thursday 23 September 2004 13:10, rich lott wrote: I'm using debian Sarge, Samba 3.0.6-3, Kernel 2.6.8 I use smbmount //server/share mymountpt -oguest which connects fine, but it all dies (hangs) if I try to look in that mounted directory with konqueror in kde OR nautillus in gnome. In dmesg of the server computer I get: smb_proc_readdir_long: error=-512, breaking and the same but with error -13 smb_add_request ... Timed Out! this last one repeats infinitely. and often some other stuff too. I've googled till I'm goggled and all I've found is similar postings but without answers. thanks rich -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] mdk 7.2, Upgrade 2.0.9 to 3.0.7, Help with ./configure
Well, I'm responding to myself hoping to get a little more guidance: I have compiled 3.0.7-1 for Mandrake 7.2 (gcc 2.95.3) from source using: # ./configure --prefix=/usr --with-smbmount the only meaningful warning was the Unicode character translation message # make looks like it worked and it produced the following binaries were created in (source)/bin. My question is: Does it look like all the binaries that were supposed to be built are there?? Do they look to be about the right size?? I'm just seeking a little reassurance before doing # 'make install'. Also, does anyone have experience with 'make revert' Does it really work?? [EMAIL PROTECTED] source]# ls -al bin/ total 23012 drwxrwxr-x2 783 783 4096 Sep 22 16:33 ./ drwxrwxr-x 42 783 783 4096 Sep 22 16:28 ../ -rw-r--r--1 root root0 Sep 22 16:25 .dummy -rwxr-xr-x1 root root 7397 Sep 22 16:33 CP437.so* -rwxr-xr-x1 root root 7273 Sep 22 16:33 CP850.so* -rwxr-xr-x1 root root 9065 Sep 22 16:33 audit.so* -rwxr-xr-x1 root root12627 Sep 22 16:33 cap.so* -rwxr-xr-x1 root root 6799 Sep 22 16:33 default_quota.so* -rwxr-xr-x1 root root 9532 Sep 22 16:33 expand_msdfs.so* -rwxr-xr-x1 root root12676 Sep 22 16:33 extd_audit.so* -rwxr-xr-x1 root root 6038 Sep 22 16:33 fake_perms.so* -rwxr-xr-x1 root root24971 Sep 22 16:33 full_audit.so* -rw-r--r--1 root root 1709266 Sep 22 16:33 libsmbclient.a -rwxr-xr-x1 root root 1308121 Sep 22 16:33 libsmbclient.so* -rwxr-xr-x1 root root 1444954 Sep 22 16:27 net* -rwxr-xr-x1 root root11640 Sep 22 16:33 netatalk.so* -rwxr-xr-x1 root root 915802 Sep 22 16:26 nmbd* -rwxr-xr-x1 root root 562580 Sep 22 16:28 nmblookup* -rwxr-xr-x1 root root 536202 Sep 22 16:28 ntlm_auth* -rwxr-xr-x1 root root 680531 Sep 22 16:28 pdbedit* -rwxr-xr-x1 root root17821 Sep 22 16:28 profiles* -rwxr-xr-x1 root root18176 Sep 22 16:33 readonly.so* -rwxr-xr-x1 root root17523 Sep 22 16:33 recycle.so* -rwxr-xr-x1 root root 1393303 Sep 22 16:28 rpcclient* -rwxr-xr-x1 root root 9810 Sep 22 16:33 shadow_copy.so* -rwxr-xr-x1 root root 1195899 Sep 22 16:28 smbcacls* -rwxr-xr-x1 root root 815459 Sep 22 16:27 smbclient* -rwxr-xr-x1 root root 592811 Sep 22 16:28 smbcontrol* -rwxr-xr-x1 root root 1178954 Sep 22 16:28 smbcquotas* -rwxr-xr-x1 root root 2466684 Sep 22 16:25 smbd* -rwxr-xr-x1 root root17667 Sep 22 16:28 smbmnt* -rwxr-xr-x1 root root 668740 Sep 22 16:28 smbmount* -rwxr-xr-x1 root root 1303781 Sep 22 16:28 smbpasswd* -rwxr-xr-x1 root root 668683 Sep 22 16:27 smbspool* -rwxr-xr-x1 root root 579702 Sep 22 16:27 smbstatus* -rwxr-xr-x1 root root 744879 Sep 22 16:28 smbtree* -rwxr-xr-x1 root root15334 Sep 22 16:28 smbumount* -rwxr-xr-x1 root root 1396021 Sep 22 16:26 swat* -rwxr-xr-x1 root root37388 Sep 22 16:28 tdbbackup* -rwxr-xr-x1 root root34906 Sep 22 16:28 tdbdump* -rwxr-xr-x1 root root 527933 Sep 22 16:27 testparm* -rwxr-xr-x1 root root 451630 Sep 22 16:27 testprns* -rwxr-xr-x1 root root 481431 Sep 22 16:28 wbinfo* -rwxr-xr-x1 root root 1470818 Sep 22 16:27 winbindd* -- David C. Rankin, J.D., P.E. RANKIN * BERTIN, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com -- - Original Message - From: David Rankin [EMAIL PROTECTED] To: samba [EMAIL PROTECTED] Sent: Wednesday, September 22, 2004 10:56 AM Subject: [Samba] mdk 7.2, Upgrade 2.0.9 to 3.0.7, Help with ./configure Mates, In following chapter 35 How to Compile Samba I have looked at ./configure --help and I have a few questions. Originally I installed 2.0.9 via RPM, and of course there are no longer RPMs for mdk 7.2. On 7.2, smbd and nmbd are installed in /usr/sbin. The docs are in /usr/share/doc/samba-2.0.9. I don't know where the rest of the pieces of the puzzle were scattered by mdk by default. mdk 7.2 doesn't put anything in /usr/local by default. Will simply doing a ./configure get things in the right places? Or, do I need to hunt and find all the pieces and explicitly specify each configuration option?? If so, What do I do with: --prefix=PREFIX --exec-prefix=EPREFIX It looks like --exec-prefix=/usr/sbin is what I need, but what about --prefix=? Does it get set to --prefix=/usr The confusion comes in looking at Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR
Re: [Samba] checking a users last login
Where and what should I look for to determine users last login? /var/log/samba/log.(username) -- David C. Rankin, J.D., P.E. RANKIN * BERTIN, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com -- - Original Message - From: Randy S [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 23, 2004 2:12 PM Subject: [Samba] checking a users last login Where and what should I look for to determine users last login? Thanks. /R -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba public directory on FreeBSD
At 13:20 9/23/2004, [EMAIL PROTECTED] wrote: What is recommended for a public, 'free-for-all', anyone can read or write directory on FreeBSD? What are the reasons for preferring one place over another? Would these work? /usr/local/share/sambapublic/ /usr/share/sambapublic/ /home/sambapublic/ I recommend a separate partition, so that when it eventually gets filled up -- and these things always do -- your system will not be adversly affected. You can mount the partition wherever you want. In your three examples, sambapublic could be a file system mounted on /usr/local/share, /usr/share, or /home. Thanks for the info. I just wanted to stick with the FreeBSD standard if there was one. How can I add a new partition? Can that be done after the OS and data are on the drive? What program? What would it be called? What we are talking about here is the OS view. To the Windows user what counts is the share name. On server fattoad, any one of these directories could be shared out as pub (or whatever name you like). The windows users will not see the OS pathname. Understood. That's a neato feature of Samba. Gary Dunn Honolulu -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba Start Here to Find It Fast! - http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names - http://domains.us-webmasters.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] and XP home
Hi, I need advice. I have a bunch of XP PC's, as well as Win98 on a network with a samba share. The 98 machines, and some of the XP's can see the share(Suse8.2), but not other XP's ?. Any pointers would be gratefully received. No smb passwords used. samba share is completely open...using map to guest on bad password TIA Shane -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] checking a users last login
David Rankin wrote: Where and what should I look for to determine users last login? /var/log/samba/log.(username) A better way would be to add utmp = yes to your smb.conf, then you can just use the last command to find out the last time a user connected. HTH, --J(K) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba public directory on FreeBSD
At 13:20 9/23/2004, [EMAIL PROTECTED] wrote: What is recommended for a public, 'free-for-all', anyone can read or write directory on FreeBSD? What are the reasons for preferring one place over another? Would these work? /usr/local/share/sambapublic/ /usr/share/sambapublic/ /home/sambapublic/ I recommend a separate partition, so that when it eventually gets filled up -- and these things always do -- your system will not be adversly affected. You can mount the partition wherever you want. In your three examples, sambapublic could be a file system mounted on /usr/local/share, /usr/share, or /home. Thanks for the info. I just wanted to stick with the FreeBSD standard if there was one. How can I add a new partition? Can that be done after the OS and data are on the drive? What program? What would it be called? Not practical unless you install an additional hard drive. Sticking with the drive you have, you would need to backup your data and reinstall FreeBSD from scratch. The extra partition would be created using the Disklable Editor, a sibling to / and /usr and /var and /home. That may be more work than you want to do right now. In that cae, if you want to try it out, use either the home partician or the var partician. We could probably spark a lively debate here as to which is better :-) Bottom line: go ahead and set up samba, to learn how it works. If you want to use it in production (serious, bullit-proof) create that special partition. Gary Dunn Honolulu -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind issue
I am having a strange problem when I connect from a XP box to my Linux box via samba using winbind. I have setup winbind to create my home folder when I log into the Linux box, but the problem I am having is that when connect to the Linux box I see my username folder appear on the screen and when I click on it, it is asking me for my username and password. I am not sure why is that happening? If anybody has encountered a similar problem please let me know. Thanks, ___ Puneet Talwar -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help, Phantom directories-missing data
On Thursday 23 September 2004 21:23, Greg Talbot wrote: I have documented this problems 3 times now am am currently experiencing the worst one yet. I have samba shares that come up missing after a machine reboot while clients are connected to some shares. It seems to only be those directories that are mapped to samba, the share's still show up via a windows client but no data. (like missing 20 gigs) Even from teh Linux machine, I cant see the data. The last time this happened a couple reboots and my data reappeared. Is this filesystem related? Anyone ever heard of this? This time after 3 reboots some of teh dir structure has returned, but no data yet... Define disappear. You dont see some files? Or directories too? Which names (provide dir or ls output of 'good' and 'bad' situation)? smb.conf? -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems with Samba 3.0.5 only seeing 1360 files on a share to a Windows 2000
[share] path = /appl/md/data valid users = +asd write list = +asd read only = No create mask = 0664 directory mask = 0775 And it has directories that have 3000 files in them, but when I look at the same directory thru a Windows 2000, I only see 1360 files, no more. If I type the path a file that isn't shown in the directory listing, I can get to it. Also if I create a new file in the directory, it gets created, but doesn't show in the directory list. Does dir show this the same? Can you try to smbmount your share back to your machile and see what Linus will show? -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Need some help with ldapauth so I can fix Samba dn
Mdk 10 Official Samba w/ LDAP backend. Problem: I have to find a way to stop useing the root dn for Samba access as it is not a scalable solution. Problem is that I am haveing some trouble getting host based LDAP auth working. Every time I enable hosts in nsswitch.conf devfs fails on restart. What is REALLY wierd though is that I can use getent to retrieve info from LDAP with no trouble just prior to restarting. This is kind of off topic, I know, but this *is* one of the places where I might find an answer. Perfectly happy to get off-list responses. jcllings(at)javahop.com Jim C. -- - | I can be reached on the following Instant Messenger services: | |---| | MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llings Jabber: [EMAIL PROTECTED]| - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] checking a users last login
David Rankin wrote: Where and what should I look for to determine users last login? /var/log/samba/log.(username) It should have been added that in order to use this method, you'll have to make your log file directive look something like log file = /var/log/samba/log.%u -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] - The information contained in this message is privileged and intended only for the recipient names. If the reader is not a representative of the intended recipient, any review, dissemination or copying of this message or the information it contains is prohibited. If you have received this message in error, please immediately notify the sender, and delete the original message and attachments. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login scripts do not run
On Thursday 23 September 2004 19:50, rruegner wrote: Hi, no the admin account and pass can be crypted so its usefull stuff How will you prevent user from running this under debugger and sniffing password from the program data segment? -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printer name includes IP address instead of server name
We made some changes to one of our Samba servers that until recently has been primarily a print server. We added PDC with LDAP authentication to it. Somewhere along the way, a different kind of behavior appeared. When users add a printer to their windows machines it now appears as PrinterName on xxx.xxx.xxx.xxx instead of PrinterName on ServerName. Has anyone seen this behavior before? Any ideas on how I might fix it? Samba version 3.0.7 running on Fedora Core 1 Config info follows: [global] netbios name = TITAN dos charset = 850 unix charset = ISO8859-1 workgroup = AGNET server string = ASGC Domain Controller/Print Server map to guest = Bad User obey pam restrictions = Yes passdb backend = ldapsam:ldap://LDAP Server Name username map = /etc/samba/smbusers syslog = 0 log file = /var/log/samba/%m.log max log size = 10 name resolve order = wins lmhosts bcast time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/local/sbin/smbldap-useradd -m %u add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u add machine script = /usr/local/sbin/smbldap-useradd -w %u logon script = startup.bat logon path = logon drive = c: logon home = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = LDAP DN Value ldap delete dn = Yes ldap filter = ((uid=%u)(objectclass=posixAccount)) ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = o=AlphaGraphics ldap ssl = start tls ldap user suffix = ou=agcorp cups options = raw [printers] comment = All Printers path = /var/spool/samba printer admin = @admins, root guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Driver Download Area path = /var/samba/drivers write list = @admins force group = admins force create mode = 0664 force directory mode = 0775 guest ok = Yes browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] checking a users last login
David Rankin wrote: Where and what should I look for to determine users last login? /var/log/samba/log.(username) I only have logs that correspond to machine names, not user names. I assume these will work. Is there a certain call or something to grep for? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] and XP home
hi this is a network browsing problem, setup either samba as wins server , or a win nt server acting as wins server, configure all your clients to use the wins servers ip, having a dns server may help the browsing, you can use a dhcp server or static entries or host files as well, study browsing from the samba how to or ms technet dont use any firewall on the clients first until you tested it Regards Shane schrieb: Hi, I need advice. I have a bunch of XP PC's, as well as Win98 on a network with a samba share. The 98 machines, and some of the XP's can see the share(Suse8.2), but not other XP's ?. Any pointers would be gratefully received. No smb passwords used. samba share is completely open...using map to guest on bad password TIA Shane -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: print command=... not longer working after update
Argghh, found the solution: printing = bsd has to be specified _before_ print command, otherwise the print command is resetted to the default value! _This_ should be documented! -- Georg -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login scripts do not run
Hi Denis, this is nonsens , if a user wants to break your security he will do it anyway, win auth is easy enough to be breaked by any user also in native win setups. If you want be secure use no windows, i gave advice for the netlogon problem and wanted help out with the prog cpau which is very usefull as it can crypt admin account and pass, i dont want to be struggeled in security. Cpau is enough crypto to ban a normal user for seeing admin users and his pass ( which must be cool enough ), but after all having enough time you will brake any security. Security is a concept not relate to just one thing, i.e. if the user can boot the computer from a floopy or a cd he will find out the local admin account in seconds having the right tools, so dont feed me with your paranoia stuff Also any network sniffer and varias other tools may brake in security anyway i.e man in the middle etc), but this is another discussion. If you dont like this nice little tool , just let it go and wait for wonder until windows get secure in the matter nix systems are Regards Denis Vlasenko schrieb: On Thursday 23 September 2004 19:50, rruegner wrote: Hi, no the admin account and pass can be crypted so its usefull stuff How will you prevent user from running this under debugger and sniffing password from the program data segment? -- vda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] checking a users last login
Hmmm Why not just: # tail -n50 /var/log/samba/log.(machine) -- David C. Rankin, J.D., P.E. RANKIN * BERTIN, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com -- - Original Message - From: Randy S [EMAIL PROTECTED] To: samba [EMAIL PROTECTED] Sent: Thursday, September 23, 2004 3:53 PM Subject: Re: [Samba] checking a users last login David Rankin wrote: Where and what should I look for to determine users last login? /var/log/samba/log.(username) I only have logs that correspond to machine names, not user names. I assume these will work. Is there a certain call or something to grep for? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba acting as ADS Server
On Thu, 2004-09-23 at 23:14, Samuel Partida wrote: Hello, i'm new in the list so hi everybody! I think that this question could be asked many times, is possible make Samba act as ADS server? Maybe with the Samba-TNG fork or with some CVS version? Samba4 is the development version that we are attempting this in. It is far from complete, but even so we have manged to get a WinXP client to join and login to the Samba4 domain, thinking it is Active Directory. Currently, I'm awaiting the development of our own LDAP server (which does not appear far off) to progress this further. We already have a custom branch of Heimdal kerberos for those parts of the problem. Andrew Bartlett signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Development branch status [Was Re: [Samba] Samba acting as ADS Server]
On Fri, 2004-09-24 at 00:15, Eric Masson wrote: John == John H Terpstra John writes: Hi John, John No. Not possible at this time. Is there any weekly or monthly status bulletin regarding 4.0 branch progress (added features and so on) ? I haven't found anything like that on the primary website. Volker's paper, presented at a recent conference and linked from news.samba.org is one of the best resources at the moment. Andrew Bartlett signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba