Re: [Samba] Samba 3.0.0 RC1: Unable to find a suitable server
> Pls send more details about connecting FC3 machine to ADS. Please visit http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.0 RC1: Unable to find a suitable server
Pls send more details about connecting FC3 machine to ADS. thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba & ADS & NT4 trusted domains not working .
RH 3.0 ES
krb5 1.2.7
Samba 3.0.9
I am trying to use Samba, Winbind and Kerberos to configure single sign
in and allow users from both Windows and Linux (RH 3.0 ES) platforms to
use shares from either platform. I can not see users from my primary
domain but can see the trusted NT4 groups and users. I have been trying
to get this right for the last week and keep thinking I am missing
something easy. I followed the following doc for setup procedures. Any
help would be appreciated.
http://www.wlug.org.nz/ActiveDirectorySamba
Primary QG.COM
AD = W2K3 running in W2K native mode. With two way trusts with the
following.
3 - W2K3 AD in W2K3 native
5 - NT4 trusted domains
[EMAIL PROTECTED] rhn-packages]# wbinfo -t
checking the trust secret via RPC calls succeeded
[EMAIL PROTECTED] rhn-packages]# wbinfo -m
SXEC2
BUILTIN
QMED
CORPORATE
QG_INKJET
QUADTECH
HIGHTECH
IMAGING
QUADMED
CUSTOMERS
[EMAIL PROTECTED] rhn-packages]# wbinfo --sequence
SXEC2 : 1
BUILTIN : 1
QMED : DISCONNECTEDW2K3 Native
CORPORATE : 1031564NT
QG_INKJET : 95442 NT
QUADTECH : 9281NT
HIGHTECH : 164705 NT
IMAGING : 60026NT
QUADMED : DISCONNECTEDW2K3
CUSTOMERS : DISCONNECTEDW2K3
QG : DISCONNECTEDW2K3 in W2K native
wbinfo -g
BUILTIN\System Operators
BUILTIN\Replicators
BUILTIN\Guests
BUILTIN\Power Users
BUILTIN\Print Operators
BUILTIN\Administrators
BUILTIN\Account Operators
BUILTIN\Backup Operators
BUILTIN\Users
QMED\Domain Admins
QMED\Domain Users
QMED\Domain Guests
QMED\Domain Computers
QMED\Domain Controllers
QMED\Schema Admins
QMED\Enterprise Admins
QMED\Group Policy Creator Owners
QMED\DnsUpdateProxy
QUADTECH\AbnAmro
QUADTECH\Domain Admins
QUADTECH\Domain Guests
QUADTECH\Domain Users
QUADTECH\Organisatie
HIGHTECH\Domain Admins
HIGHTECH\Domain Guests
HIGHTECH\Domain Users
IMAGING\Domain Admins
IMAGING\Domain Guests
IMAGING\DOMAIN POLICY
IMAGING\DOMAIN PROD
IMAGING\Domain Users
CUSTOMERS\Domain Admins
CUSTOMERS\Domain Users
CUSTOMERS\Domain Guests
CUSTOMERS\Domain Computers
CUSTOMERS\Domain Controllers
CUSTOMERS\Schema Admins
CUSTOMERS\Enterprise Admins
CUSTOMERS\Group Policy Creator Owners
CUSTOMERS\DnsUpdateProxy
SMB.conf
[global]
netbios name = SXEC2
workgroup = QG
encrypt passwords = yes
realm = QG.COM
server string = "Enterprise Computing Linux Server"
security = ADS
password server = "IP of my AD server"
log level = 3
os level = 0
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
krb5.conf
[logging]
default = FILE:/var/log/krb5/krb5libs.log
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = QG.COM
default_tgs_enctypes = RC4-HMAC des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = RC4-HMAC des3-hmac-sha1 des-cbc-crc des-cbc-md5
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
QG.COM = {
kdc = "IP of my AD server"
default_domain = qg.com
}
[domain_realm]
.qg.com = QG.COM
qg.com = QG.COM
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
Duane Ochs
Enterprise Computing
Quad/Graphics Inc.
Sussex, Wisconsin
414-566-2375 phone
414-566-4010 pin# 2375 beeper
[EMAIL PROTECTED]
www.QG.com
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Changing IP brings wins error message
Hi all, I have found and error on my log.nmbd shown below that I do not know how to get rid off. I have been using the server with IP 192.168.13.1 and I have changed to 192.168.1.1. Now although it works, it brings that error message. It seems that it stores somewhere that it have been using such ip address. I have checked the smb.conf , and it is no longer enabled there, now it is 192.168.1.1 instead. Any ideas are welcome. Thank you in advance. [2004/12/17 23:43:44, 0] nmbd/nmbd.c:main(664) Netbios nameserver version 3.0.7 started. Copyright Andrew Tridgell and the Samba Team 1994-2004 [2004/12/17 23:43:44, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(327) become_domain_master_browser_wins: Attempting to become domain master browser on workgroup GRUPO_TRABAJO, subnet UNICAST_SUBNET. [2004/12/17 23:43:44, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(341) become_domain_master_browser_wins: querying WINS server from IP 192.168.1.1 for domain master browser name GRUPO_TRABAJO<1b> on workgroup GRUPO_TRABAJO [2004/12/17 23:43:44, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113) * Samba server MAIN is now a domain master browser for workgroup GRUPO_TRABAJO on subnet UNICAST_SUBNET * [2004/12/17 23:43:44, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(282) become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup GRUPO_TRABAJO on subnet 192.168.1.1 [2004/12/17 23:43:44, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(295) become_domain_master_browser_bcast: querying subnet 192.168.1.1 for domain master browser on workgroup GRUPO_TRABAJO [2004/12/17 23:43:52, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113) * Samba server MAIN is now a domain master browser for workgroup GRUPO_TRABAJO on subnet 192.168.1.1 * [2004/12/17 23:44:05, 0] nmbd/nmbd_browsesync.c:get_domain_master_name_node_status_fail(488) get_domain_master_name_node_status_fail: Doing a node status request to the domain master browser at IP 192.168.13.1 failed. Cannot get workgroup name. [2004/12/17 23:44:07, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396) * Samba name server MAIN is now a local master browser for workgroup GRUPO_TRABAJO on subnet 192.168.1.1 * [2004/12/17 23:59:24, 0] nmbd/nmbd_browsesync.c:get_domain_master_name_node_status_fail(488) get_domain_master_name_node_status_fail: Doing a node status request to the domain master browser at IP 192.168.13.1 failed. Cannot get workgroup name. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] losing NT4 WAN trust domains with samba-3.0.8+ - more info..
The missing domains do show up in "net rpc trustdom list -U Administrator" linuxeast:/etc/pam.d # net rpc trustdom list -U administrator Password: Trusted domains list: W2K1 S-1-5-21-(X)15 W2K2 S-1-5-21-(X)30 NT4_missing_1 S-1-5-21-(X)88 NT4_missing_2S-1-5-21-(X)46 NT_local S-1-5-21-(X)31 W2K3S-1-5-21-(X)62 Trusting domains list: W2K2 S-1-5-21-(X)30 NT4_local S-1-5-21-(X)31 W2K3S-1-5-21-(X)62 NT4_missing_1S-1-5-21-(X)46 W2K1 S-1-5-21-(X)15 NT4_missing_2S-1-5-21-(X)88 No clue to why winbind is ignoring them with the samba releases over 3.0.7 Adam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RHEL3 3.0.9 Release & Active Directory Membership
Ben Vaughan wrote: Hello Christian, Here at Iowa State, we have experienced exactly this behavior, although we haven't noticed any of my samba servers loosing their domain membership. It appears that samba is still functioning via the rpc methods. We compiled samba.org's srpms and haven't had any problems. I can't verify this right now, but I recall having this same problem with RH's 3.0.7 package. I'm still digging to see if that was indeed the case. We are running Samba with an AD in native 2000 mode. We are beginning the transition to AD 2003. We have about 3 dozen or so samba servers in our domain. Let me know if you need any more help or testing or whatever. Thanks, Ben Vaughan Ben Vaughan Engineering Computing Support Services CLUE Network SysAdmin Iowa State University -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christian Merrill Sent: Friday, December 17, 2004 11:05 AM To: [EMAIL PROTECTED] Subject: [Samba] RHEL3 3.0.9 Release & Active Directory Membership Some preliminary testing indicates that there may be problems in the newly released Red Hat 3.0.9 packages (not samba.org's) in regard to joining an AD as a full member (w/kerberos). This may also affect maintaining current membership in such an environment. If anyone has already upgraded and is experiencing the same or different behavior please let me know. Specifically we are seeing "no support for encryption type" messages when using a "net ads join" and a return code of -1. Christian Actually we've figured this out. Our rpm was built against U4's libkrb5. You should be able to compile RH's source package and see this problem disappear. I believe we should have a binary fix out shortly. Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] losing NT4 WAN trust domains with samba-3.0.8+
If I use any of the binary packages for SuSE SLES9 greater than 3.0.7 I can not see some of my NT4 trust domain via winbind. We have 5 regular NT 4 domains that trust each other. Two of them our within our LAN (local subnet), one of these domains the samba machine is within ... security = domain. There's another 5 domains that are setup for our AD enviroment for exchange, mixed mode. Using 3.0.7 and below, if I do a getent passwd I can see accounts from all 10 domains. If I upgrade to 3.08-3.0.10 I lose the 3 of the 5 regular NT 4 domains. These domains are not within my lan, local subnet. Some possible items from the 3.0.8 release notes that might explain this: o New experimental idmap backend for assigning uids/gids directly based on the user/group RID when acting as a member of single domain without any trusts. o New experimental idmap backend for assigning uids/gids directly based on the user/group RID when acting as a member of single domain without any trusts. * Fix deadlock loop in winbind's required_membership_sid verification. * Bring the same level of "required_membership"-functionality that ntlm_auth uses, to pam_winbindd as well. * Add the idmap_rid module (written in conjunction with Sumit Bose ). * Prevent idmap_rid from making unnecessary calls to domain controllers for trusted domains. Any help would be much appreciated, as it's stopping our windows fileserver replacement we were going to do during the holiday break. Adam _ **Works with samba 3.0.7 and below, fails with 3.0.8 and above [global] workgroup = RICK interfaces = 127.0.0.1 eth0 bind interfaces only = true passdb backend = ldapsam:ldap://linuxwest.XX.com map to guest = guest security = domain encrypt passwords = yes server string = Samba Server netbios name = linuxwest domain master = false domain logons = no local master = no obey pam restrictions = yes wins server = 172.XX.XXX.1 name resolve order = wins lmhosts hosts username map = /etc/samba/smbusers winbind use default domain = yes idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes template homedir = /home/%U template shell = /bin/bash ldap suffix = dc=XX,dc=com ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=ricardo-us,dc=com idmap backend = ldap:ldap://linuxwest.XX.com allow trusted domains = yes map acl inherit = yes add user script = /usr/sbin/smbldap-useradd.pl -a -m '%u' delete user script = /usr/sbin/smbldap-userdel.pl '%u' add group script = /usr/sbin/smbldap-groupadd.pl -p '%g' delete group script = /usr/sbin/smbldap-groupdel.pl '%g' add user to group script = /usr/sbin/smbldap-groupmod.pl -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod.pl -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod.pl -g -%g' '%u' add machine script = /usr/sbin/smbldap-useradd.pl -w '%u' host msdfs = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 IPTOS_LOWDELAY deadtime = 3 wins support = no _ **Works with samba 3.0.7 and below, fails with 3.0.8 and above [global] workgroup = RICARDO interfaces = 127.0.0.1 eth0 bind interfaces only = true map to guest = guest security = domain encrypt passwords = yes server string = Samba Server netbios name = linuxeast domain master = false domain logons = no local master = no obey pam restrictions = yes wins server = 172.20.161.1 name resolve order = lmhosts hosts wins bcast username map = /etc/samba/smbusers winbind use default domain = yes idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes template homedir = /home/%U template shell = /bin/bash allow trusted domains = yes map acl inherit = yes host msdfs = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 IPTOS_LOWDELAY deadtime = 3 wins support = no passdb backend = tdbsam:/etc/samba/passdb.tdb smbpasswd:/etc/samba/smbpasswd preferred master = auto _ /etc/nsswitch.conf passwd: compat winbind group: compat winbind hosts: files dns wins networks: files dns services: files protocols: files rpc:files ethers: files netmasks: files netgroup: files publickey: files bootparams: files automount: files nis aliases:files passwd_compat: ldap group_compat: ldap __ example pam.d file - login #%PAM-1.0 authsufficient pam_winbind.so authrequisite pam_unix2.sonullok #set_secrpc authrequiredpam_securetty.so authrequiredpam_nolo
RE: [Samba] RHEL3 3.0.9 Release & Active Directory Membership
Hello Christian, Here at Iowa State, we have experienced exactly this behavior, although we haven't noticed any of my samba servers loosing their domain membership. It appears that samba is still functioning via the rpc methods. We compiled samba.org's srpms and haven't had any problems. I can't verify this right now, but I recall having this same problem with RH's 3.0.7 package. I'm still digging to see if that was indeed the case. We are running Samba with an AD in native 2000 mode. We are beginning the transition to AD 2003. We have about 3 dozen or so samba servers in our domain. Let me know if you need any more help or testing or whatever. Thanks, Ben Vaughan Ben Vaughan Engineering Computing Support Services CLUE Network SysAdmin Iowa State University -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christian Merrill Sent: Friday, December 17, 2004 11:05 AM To: [EMAIL PROTECTED] Subject: [Samba] RHEL3 3.0.9 Release & Active Directory Membership Some preliminary testing indicates that there may be problems in the newly released Red Hat 3.0.9 packages (not samba.org's) in regard to joining an AD as a full member (w/kerberos). This may also affect maintaining current membership in such an environment. If anyone has already upgraded and is experiencing the same or different behavior please let me know. Specifically we are seeing "no support for encryption type" messages when using a "net ads join" and a return code of -1. Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba as pdc in NT domain
i've configure my samba server as pdc but when i try to connect win client using win XP, it said that no network path found. i've double check and recheck the permission of the configuration file and the file used by the smb.conf..but the result is still the same. please help me..what should i do?? note: i'm using redhat 9.0 with client NT and XP. thanks before guys!!! __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Issues with trustdom on 3.0.9
Anyone that can offer some insight? This now happens to me on two sites, both HP-UX PA-Risc-2.0. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$&| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Tue, 14 Dec 2004, Ryan Novosielski wrote: I upgraded from 2.2.12 (and kept my tdb files -- it is a possibility that this is a part of my problem, but let me run it by you anyway). I'm attempting to do a domain trust between my production domain and a test domain. However, on my production domain, I have the following problem: # /products/samba/bin/net rpc trustdom list -U novosirj Password: Trusted domains list: NWK-DEV S-1-5-21-3621456476-1818373083-1045877787 Trusting domains list: [2004/12/14 12:02:21, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435) cli_pipe: return critical error. Error was Call timed out: server did not respond after 1 milliseconds [2004/12/14 12:02:21, 0] utils/net_rpc.c:rpc_trustdom_list(4692) Couldn't enumerate accounts. Error was: NT_STATUS_UNSUCCESSFUL ...I don't even know where to begin to check this out more thorougly. It works fine on the test system, where everything is fresh, but there are also a lot fewer restrictions/other activities on that box. A point in the right direction would be much appreciated. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$&| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] adding and updating DNS entries on a Win2003 AD server
I'm trying to create/update DNS records on a Windows 2003 server from a Linux (Debian) client. The situation is this: - a Linux workstation, that gets its IP from a DHCP server - a completely separate Windows 2003 AD server, that handles DNS for workstations (mainly laptops) in our domain The DHCP server is owned by IT and is totally outside our control, so no possibility of doing it through the DHCP negotiation. I found the following in the archives: = Lucas Machado wrote: | I looked through the net man page and googled with no | luck...I was wondering if it is possible to have a DNS entry | created for the machine I add using "net ads join" without | me having to manually add it to the DNS. We don't currently do this but you could wrap 'net ads join' with a script that did the update for you. No examples on hand. Sorry. cheers, jerry = I get the idea from this that it's possible, but... how? Does anyone know of a tool that can create/update the DNS record on the Windows server? Thanks in advance... James ^^ James Bradley Eagan, McAllister & Associates [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: [proposal] Samba Software Foundation
On Wed, 15 Dec 2004, [ISO-8859-1] Gémes Géza wrote: > Charles N Wyble írta: > > > i like it. i like it a lot. sounds wonderful. lets get this going. the > > time is NOW to kill exchange. > > > > -charles > > http://www.thewybles.com/~charles > > www.oserproject.org > > > > Yes it realy sounds wonderful, and the basic idea probably is, but I > dislike the reiteration of personal tastes, and dislikes. > Imposing "if xy would say something negative about me I'll take my ball > with me and won't play again with you until you would force him to > leave" IMHO sounds too childish in an OSS software organizations ruleset :-( Not only that, it is not clear that we need a change in structure given that: 1. Things seem to be working pretty well the current way, in any case, and 2. We have technical agreement among the people who are actually working on the code. The direction that samba4 has taken promises to bring us a big improvement in the correctness and flexibility of the code. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba PDC Server Local SID, Domain SID, and GROUP RID Question
On Mon, Dec 13, 2004 at 09:32:27AM -0600, bryanw wrote: > My samba PDC is using the tdbsam backend and, for the most part > is working flawlessly. However, when using smbpasswd to add samba accounts, > I always get the following error: > > tdb_update_sam: Failing to store a SAM_ACCOUNT for [userid] without a primary > group RID > > Now, I've googled a lot on this and have read through the mailing list > archives and know that this often has to do with people not having > group mapping setup. But I do: > > jerry:~# net groupmap list | grep users > Users (S-1-5-32-545) -> users > Domain Users (S-1-5-21-1590455367-7305976-751859383-513) -> users > As it turns out, I had group mapping set up, but "too" thoroughly. Found this in the archives: -- snip -- The problem can be also caused if you already have 'Domain Users -> users' and add 'Users -> users' since Samba mapps gid -> SID by finding the first SID -> gid mapping with the right gid and will fail if 'Users -> users' is the first map it encounters. -- end snip -- Thanks, Bryan Walton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RHEL3 3.0.9 Release & Active Directory Membership
Some preliminary testing indicates that there may be problems in the newly released Red Hat 3.0.9 packages (not samba.org's) in regard to joining an AD as a full member (w/kerberos). This may also affect maintaining current membership in such an environment. If anyone has already upgraded and is experiencing the same or different behavior please let me know. Specifically we are seeing "no support for encryption type" messages when using a "net ads join" and a return code of -1. Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [samba] Adding Domain Groups to local Groups Crashed XP
Its just "frezzing", you cant do anything so a manual reboot is needed! Christian Merrill wrote: Daniel Wilson wrote: Hi, Im using samba 3.0.9 with LDAP (Sun Iplanet 5.2 directory Server). On an XP client, im trying to add "Domain Users" group to the Local "Power Users" group (For windows updates etc...) However when i try to add the group it just crashed the windows. Also if i use the usrmgr.exe to edit groups, the usermgr also crashes, nothing in logs to show any errors. If i use windows 2000 pro to add "Domain Users" group to the Local "Power Users" group it works but takes about 2 mins? Any ideas anybody? my smb.conf file: [global] workgroup = UNI-STAFF passdb backend = ldapsam:ldap://yoda.sunderland.ac.uk username map = /usr/local/lib/usermap log level = 2 logon path = \\uos-stud\profiles\%U logon home = domain logons = Yes os level = 33 preferred master = Yes domain master = Yes ldap admin dn = "cn=Directory Manager" ldap group suffix = ou=domain-groups ldap idmap suffix = ou=domain-groups,dc=sunderland,dc=ac,dc=uk ldap machine suffix = ou=domain-computers ldap passwd sync = Yes ldap suffix = dc=sunderland,dc=ac,dc=uk idmap backend = ldap:ldap://yoda.sunderland.ac.uk [netlogon] comment = netlogon share path = /usr/local/lib/netlogon I was recently doing some experimenting with Directory Server 5.2 and Samba on Redhat AS 2.1 and RHEL3 and encountered a strange issue that sounds somewhat related. After everything was configured perfectly, win2k clients could join the domain, log on and everything was wonderful. However whenever I tried to logon to an XP client with a domain account, it would authenticate and then reboot the computer. It does not do this with OpenLDAP...I was never able to make any more progress on the issue and have since become sidetracked. Is your XP client actually crash (blue screen) or is it just rebooting? Christian -- Daniel Wilson Systems Administrator IT & Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Unable to save files to share
no, I used cifs instead of smbfs in fstab, see man mount.cifs. But I'd guess that there are others on this list that know more about this, or not??? Chris On Tuesday 14 December 2004 23:54, Des Dougan wrote: > On Tue, 2004-12-14 at 22:37 +0100, C. Hurschler wrote: > > I had the same errors with the 2.6.9 kermeà on a Debian Sarge system. I > > read somewhere that one should use cifs, which seems to work for me. I > > haven't had time to fully verify it though. > > Chris, > > Do you mean replace the samba client RPM(s) with a cifs RPM? Do you know > what the differences are? Is cifs a product of the Samba team? > > Des > -- > > > Des Dougan, Principal > Dougan Consulting Group > > Ph: 604-980-2848 Email: des at DouganConsulting dot com > > www.DouganConsulting.com > > Design - Implementation - Support -- C. Hurschler Bodenstedtstr. 13 30173 Hannover -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Cannot share MSAccess DB after upgrade 3.0.5 to 3.0.8
> -Original Message- > From: Beschorner Daniel [mailto:[EMAIL PROTECTED] > 3.0.8 has an evil file attribute bug if your samba server has > ACL support. > Try 3.0.10. What are the details on this? I thought I'd been carefully watching the release announcements for anything ACL-related, but I apparently missed this one. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] copy files to windows thru smbmount
first of all, thanks for the help! thats just how im mounting it right now. i've installed the whole stuff from debian packages, and i've installed smbfs everytime, so i thought that would be up to date too. but as i recall there is a kernel module named smbfs too, so there must be one named cifs right? anyone could send me some links where i could catch up on this, so i wouldnt bug the mailinglist with this? =P thanks wd -Eredeti Ãzenet- FeladÃ: Koenraad Lelong [mailto:[EMAIL PROTECTED] KÃldve: P 2004. 12. 17. 13:02 CÃmzett: MÃsolatot kap: [EMAIL PROTECTED] TÃrgy: Re: [Samba] copy files to windows thru smbmount Csere MÃtyÃs wrote: > hello > > i have this strange problem: > i've ounted up a windows share on my linux machine, and tryign to copy a file to it, which is bigger than 2gbs, and it fails with a "maximum file size exceeded" error. > the linux is running ext3, and windows is ntfs, so the size limit must be somewhere in samba. > > i've read on http://www.mail-archive.com/samba@lists.samba.org/msg10412.html about this. > ive tryed 2.2.9, 2.2.11, 2.2.12, even one from the 3 series, but im still getting this error. > > i've seen in the changelog that it was fixed, but i cant figure out what im doing wrong. > > can anyone help me with it? > > thanks in advance, > wd > > How to mount with cifs : http://www.uwplatt.edu/oit/howto/mountvolumecifs-lin.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: File locking issues with Peachtree
I took Peachtree's suggestions into account while developing our Samba 3 PDC standard some months ago. Thus far not a single locking issue with many applications including database systems. There are both some client and server side settings. Please see my presentation on our configuration for the details. ftp://ftp.lueckdatasystems.com/pub/presentations/klugsamba3pdc-bookreview.pdf By searching for the Windows registry key names you can find the KB articles for complete details of what the settings do. The Samba settings are well documented by the materials I reviewed at the end of the presentation. -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [samba] Adding Domain Groups to local Groups Crashed XP
Daniel Wilson wrote: Hi, Im using samba 3.0.9 with LDAP (Sun Iplanet 5.2 directory Server). On an XP client, im trying to add "Domain Users" group to the Local "Power Users" group (For windows updates etc...) However when i try to add the group it just crashed the windows. Also if i use the usrmgr.exe to edit groups, the usermgr also crashes, nothing in logs to show any errors. If i use windows 2000 pro to add "Domain Users" group to the Local "Power Users" group it works but takes about 2 mins? Any ideas anybody? my smb.conf file: [global] workgroup = UNI-STAFF passdb backend = ldapsam:ldap://yoda.sunderland.ac.uk username map = /usr/local/lib/usermap log level = 2 logon path = \\uos-stud\profiles\%U logon home = domain logons = Yes os level = 33 preferred master = Yes domain master = Yes ldap admin dn = "cn=Directory Manager" ldap group suffix = ou=domain-groups ldap idmap suffix = ou=domain-groups,dc=sunderland,dc=ac,dc=uk ldap machine suffix = ou=domain-computers ldap passwd sync = Yes ldap suffix = dc=sunderland,dc=ac,dc=uk idmap backend = ldap:ldap://yoda.sunderland.ac.uk [netlogon] comment = netlogon share path = /usr/local/lib/netlogon I was recently doing some experimenting with Directory Server 5.2 and Samba on Redhat AS 2.1 and RHEL3 and encountered a strange issue that sounds somewhat related. After everything was configured perfectly, win2k clients could join the domain, log on and everything was wonderful. However whenever I tried to logon to an XP client with a domain account, it would authenticate and then reboot the computer. It does not do this with OpenLDAP...I was never able to make any more progress on the issue and have since become sidetracked. Is your XP client actually crash (blue screen) or is it just rebooting? Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] File locking issues with Peachtree
I am having problems with storing Peachtree Complete Accounting on a Samba share. I know people have reported issues like this before but I have yet to see a solution. Is there anyone here who has successfully set this up (without getting the lock errors)? Any help would be greatly appreciated. -Donald -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 Available for Download
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Bork wrote: | Gerald Carter schrieb: | |> This is the latest stable release of Samba. This is the version |> that production Samba servers should be running for all current |> bug-fixes. This is primarily a security release to address |> CAN-2004-1154. | | | Compiles ok with changed configure and printing-3-0-10.patch :) | | | A question to the thread "3.0.9 and macro %f" | | http://marc.theaimsgroup.com/?l=samba&m=110260704009010&w=2 | | Do you have a patch for that? Not fixed yet. Is tehre a bugzilla number for it ? Just so I don't forget. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBwuuoIR7qMdg1EfYRAnueAJ97+DERqAC5Tkbw9bB63pS/OEtyjACffHgo h4xOxQJo/Ve/rRxFdJSSdkY= =i3P0 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[samba] Adding Domain Groups to local Groups Crashed XP
Hi, Im using samba 3.0.9 with LDAP (Sun Iplanet 5.2 directory Server). On an XP client, im trying to add "Domain Users" group to the Local "Power Users" group (For windows updates etc...) However when i try to add the group it just crashed the windows. Also if i use the usrmgr.exe to edit groups, the usermgr also crashes, nothing in logs to show any errors. If i use windows 2000 pro to add "Domain Users" group to the Local "Power Users" group it works but takes about 2 mins? Any ideas anybody? my smb.conf file: [global] workgroup = UNI-STAFF passdb backend = ldapsam:ldap://yoda.sunderland.ac.uk username map = /usr/local/lib/usermap log level = 2 logon path = \\uos-stud\profiles\%U logon home = domain logons = Yes os level = 33 preferred master = Yes domain master = Yes ldap admin dn = "cn=Directory Manager" ldap group suffix = ou=domain-groups ldap idmap suffix = ou=domain-groups,dc=sunderland,dc=ac,dc=uk ldap machine suffix = ou=domain-computers ldap passwd sync = Yes ldap suffix = dc=sunderland,dc=ac,dc=uk idmap backend = ldap:ldap://yoda.sunderland.ac.uk [netlogon] comment = netlogon share path = /usr/local/lib/netlogon -- Daniel Wilson Systems Administrator IT & Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot disable renaming/deleting of files?
Hi, I am having problem preventing renaming and deleting files owned by someone else. Idea is to have directory where some people can save files and only admins in that share can read files. Now the problems is that users must be able to write those files and directory permissions need to have write access and trying to restrict file access using "create mode = 700" works fine for protecting how files can be read. But users can still rename and remove files. Example file structure: \\server\sharename\ ->dir1 [users can write files here, but only read their own] ->dir2 --""-- ->dir2\subdir1 [users can also write files here, but only read their own] Here is share configuration: [sharename] comment = path = /path/to/share public = no writable = yes create mode = 700 directory mode = 777 write list = @Users admin users = @ShareAdmins valid users = @ShareAdmins @Users available = yes browseable = yes guest only = no only user = no Thanks, Vesa Jääskeläinen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: ldap machine suffix fixed?
> OK, so what I am hearing is that: > 1. It is still a problem. > 2. But it isn't a Samba problem, it is an nss_ldap problem. > 3. There might be some work arounds. > Possible workarounds: > A. Burry the Two OU's one deeper and do a subtree search on the parent > OU. Works but not scaleable. I disagree on the "not scaleable" claim. NSS *MUST* see all valid posix accounts, so you're going to perform one sub search or *TWO* one-level searches? I'll put my money on the former as a better (and faster) solution. If your nss search is slow - 1. Fix your indexes 2. Tune your DSA 3. Run nscd (you can also increase the nscd cache size if you have lots of active users, x > ~200) All three should be standard practice anyway. > B. Add "filter" keyword to uh... Is it /etc/ldap.conf or > nss_switch.conf? Syntax? nss performs all searches with an objectclass filter and searches for uid and uidNumber are equality searches; any properly configured DSA is going to be able to chunk through thousands of such searches per minute; and if your caching it won't even have to. And set your various bases in NSS - nss_base_passwdou=Entities,ou=SAM,dc=whitemice,dc=org nss_base_shadowou=Entities,ou=SAM,dc=whitemice,dc=org nss_base_group ou=Groups,ou=SAM,dc=whitemice,dc=org Still to slow? (You must have tens of thousands of users). You can either run a local replicant just for the local Samba & NSS that you can communicate with via the UNIX domain socket (way faster than TCP/IP) or run a local proxy cache backend (also using the UNIX domain socket). Most of our user apps like address books and what are aimed through a proxy, because those are the kind of searches that slow things down, and it performs wonderfully. > Am I in the right ballpark here? :-) There is no problem. The 'problem' results from a failure to properly conceptualize the situation. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] copy files to windows thru smbmount
Csere MÃtyÃs wrote: hello i have this strange problem: i've ounted up a windows share on my linux machine, and tryign to copy a file to it, which is bigger than 2gbs, and it fails with a "maximum file size exceeded" error. the linux is running ext3, and windows is ntfs, so the size limit must be somewhere in samba. i've read on http://www.mail-archive.com/samba@lists.samba.org/msg10412.html about this. ive tryed 2.2.9, 2.2.11, 2.2.12, even one from the 3 series, but im still getting this error. i've seen in the changelog that it was fixed, but i cant figure out what im doing wrong. can anyone help me with it? thanks in advance, wd How to mount with cifs : http://www.uwplatt.edu/oit/howto/mountvolumecifs-lin.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[samba] Adding Domain Groups to local Groups Crashed XP
Hi, Im using samba 3.0.9 with LDAP (Sun Iplanet 5.2 directory Server). On an XP client, im trying to add "Domain Users" group to the Local "Power Users" group (For windows updates etc...) However when i try to add the group it just crashed the windows. Also if i use the usrmgr.exe to edit groups, the usermgr also crashes, nothing in logs to show any errors. If i use windows 2000 pro to add "Domain Users" group to the Local "Power Users" group it works but takes about 2 mins? Any ideas anybody? my smb.conf file: [global] workgroup = UNI-STAFF passdb backend = ldapsam:ldap://yoda.sunderland.ac.uk username map = /usr/local/lib/usermap log level = 2 logon path = \\uos-stud\profiles\%U logon home = domain logons = Yes os level = 33 preferred master = Yes domain master = Yes ldap admin dn = "cn=Directory Manager" ldap group suffix = ou=domain-groups ldap idmap suffix = ou=domain-groups,dc=sunderland,dc=ac,dc=uk ldap machine suffix = ou=domain-computers ldap passwd sync = Yes ldap suffix = dc=sunderland,dc=ac,dc=uk idmap backend = ldap:ldap://yoda.sunderland.ac.uk [netlogon] comment = netlogon share path = /usr/local/lib/netlogon -- Daniel Wilson Systems Administrator IT & Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot share MSAccess DB after upgrade 3.0.5 to 3.0.8
3.0.8 has an evil file attribute bug if your samba server has ACL support. Try 3.0.10. Daniel. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: Using samba on two domains
Hello all, Thought I'd let you know what I've been trying in addition to the mail below to get this thing to work. This morning, I installed a second copy of the samba server, and got it to run simultaneously with the existing one. ss1 serves DOM1 and ss2 serves DOM2. ss2 has a copy of the smb.conf file for ss1, only with the workgroup changed to DOM2. Both servers use the same smbpasswd file. Using the same WIN98SE computer, when logged in on domain DOM1, I can access ss1, however, when on the same computer logged in on domain DOM2, I still get invalid password to ss2. A bit of information I forgot to mention in my mail. The webserver, which for now has a testpage on it, is accessible on DOM1 through http://ss1/ and it also works on DOM2 through http://ss2/ so the error is not network related. Greetings, Niki Van Strydonck From: Van Strydonck, Niki Sent: Thu 16-Dec-04 16:34 Subject: [Samba] Using samba on two domains Hello all, We've been using samba version 3.0.4 on RH9 with success for quite a while now for shares on our domain (DOM1). Since this machine will have to be available in the near future in another domain (DOM2) as a webserver, and limited fileserver, another network interface has been added for the NIC. When browsing the shares from a WIN98SE computer in DOM2, we are able to see the computer, but when wanting to list the shares, we're prompted for a password. When entering the correct password, we still get "Invalid password". When doing the same on the same WIN98SE computer in DOM1, it is successful. The computer has DSClient for windows 98 installed. The error logs for the connection from DOM2 gives the following: smbd/service.c: make_connection(706) make_connection: refusing to connect with no session setup We've tried the following to remedy the problem, without success: - in smb.conf, add the parameter interfaces, listing the two valid ip-ranges and subnetmasks. - set the windows registry key to send plain text passwords - set DOM2 as an accepted host - tried both encrypt password = yes and no - We even tried mapping bad password to log in as guest account Alas, none of these seem to work. Has anyone had issues with this before? I'd appreciate some pointers. Thanks in advance, Niki Van Strydonck Here's the smb.conf used [global] workgroup = DOM1 server string = server9 printcap name = /etc/printcap load printers = yes printing = cups log file = /var/log/samba/%m.log max log size = 0 pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 username map = /etc/samba/smbusers guest ok = yes encrypt passwords = yes dns proxy = no [homes] comment = Home Directories browseable = no writeable = yes valid users = %S create mode = 0664 directory mode = 0775 [printers] comment = All Printers path = /var/spool/samba browseable = no printable = yes [test] comment = test path = /winshare/test writeable = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] copy files to windows thru smbmount
Csere MÃtyÃs wrote: hello i have this strange problem: i've ounted up a windows share on my linux machine, and tryign to copy a file to it, which is bigger than 2gbs, and it fails with a "maximum file size exceeded" error. the linux is running ext3, and windows is ntfs, so the size limit must be somewhere in samba. i've read on http://www.mail-archive.com/samba@lists.samba.org/msg10412.html about this. ive tryed 2.2.9, 2.2.11, 2.2.12, even one from the 3 series, but im still getting this error. i've seen in the changelog that it was fixed, but i cant figure out what im doing wrong. can anyone help me with it? thanks in advance, wd What I understand from recent posts is that when you 'mount' a samba-share on your windows machine, there are 'no' limits to the file-size you transfer. Here you are using samba. If you mount a windows-share on your linux-machine, you're not using samba, but smbfs. smbfs has a limitation concerning file sizes. If you use cifs (a replacement for smbfs, I don't know how you can do this B.T.W., maybe load a module or so), then that problem is gone. Again, these are my interpretations of posts on this list. Someone correct me if I'm wrong. -- Met vriendelijke groeten, Koenraad Lelong R&D Manager ACE electronics n.v. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] copy files to windows thru smbmount
hello i have this strange problem: i've ounted up a windows share on my linux machine, and tryign to copy a file to it, which is bigger than 2gbs, and it fails with a "maximum file size exceeded" error. the linux is running ext3, and windows is ntfs, so the size limit must be somewhere in samba. i've read on http://www.mail-archive.com/samba@lists.samba.org/msg10412.html about this. ive tryed 2.2.9, 2.2.11, 2.2.12, even one from the 3 series, but im still getting this error. i've seen in the changelog that it was fixed, but i cant figure out what im doing wrong. can anyone help me with it? thanks in advance, wd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
