[Samba] SMBFS mounts slow across gigabit connection
I'm using Samba & smbfs to make directories on a Linux file server available across a switched Gigabit network. Unfortunately, when mounting the shares to another Linux system with smbfs, the performance is terrible. To test the setup, I created both a 100mb and 650mb file and transferred them with ftp, smbclient, and smbfs (mounted share). I also used iperf to send each file, just out of curiosity. Here's what I'm seeing: iperf: 100mb - 1.7 seconds (59 MB/s) 650mb - 10.8 seconds (60 MB/s) FTP: 100mb - 2.17 seconds (47 MB/s) 650mb - 34.9 seconds (19 MB/s) smbclient: 100mb - 5.2 seconds (19 MB/s) 650mb - 35.1 seconds (18.8 MB/s) smbfs: 100mb - 45.4 seconds (2.5 MB/s) 650mb - 282.6 seconds (2.4 MB/s) As you can see, using iperf (which has little or no overhead), the network is capable of about 60 MB/s. I wasn't expecting to get anything near that through a file transfer protocol (though I'm not entirely sure why FTP is so much faster with the 100mb file as opposed to the 650mb file), but smbfs is nearly 10 times slower than smbclient. Both the server and the host are Linux machines. The samba server is running Ubuntu (Debian) with the 2.6.8 kernel, while the host is a Gentoo box running the 2.6.10-rc3 (nitro2) kernel. I have made a few adjustments to the TCP settings on each system: echo 262144 > /proc/sys/net/core/rmem_max echo 262144 > /proc/sys/net/core/wmem_max echo 163840 > /proc/sys/net/core/rmem_default echo 163840 > /proc/sys/net/core/wmem_default echo "4096 163840 262144" > /proc/sys/net/ipv4/tcp_rmem echo "4096 163840 262144" > /proc/sys/net/ipv4/tcp_wmem echo "49152 163840 262144" > /proc/sys/net/ipv4/tcp_mem These, however, have only helped each of the transfer types performance-wise (FTP especially, smbfs wasn't really affected at all). Does anybody have any idea why I'm seeing such a huge difference between the smbfs and smbclient numbers? Am I missing something obvious? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Long waiting time connecting to Samba
I run Samba 3.0.10 on a RedHat 9.0 with the 2.4.20-8 kernel. Samba is the PDC and Wins server. When opening a share all users have to wait several seconds (15 to 20) until the share opens. Then it works fast for some time. The same wating time can appear when saving a file from Word or other programs to the share. It only works fast for some time. Can someone help me? Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP machine cannot be accessed
FYI John, If you wish to automount shares when you login, you can try pam_mount. It should be a package on the mdk 10.1 CDs. You can set it to mount windows cifs and smb shares to your mandrake box. It's possible because Linux supports pluggable auth modules(PAM) I used it along with winbind auth to mount all my windows shares from servers at work to my Linux mandrake workstation (laptop) When ever I ssh'd in, the shares mounted. It can be set to mount based on preferred authentication system (local password file, winbind, nis, etc) and protocol. ie. mount windows shares if you login via ssh, or even if you login through the kde desktop (warning: kde requires special files relocated when mounting home directories). Having said that and seeing as how you are new, I believe Geoff's solution is a much easier way to go. You may however wish to read up on pam_mount anyway. For more info do a google on pam_mount Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP machine cannot be accessed
> | these things are best done manually on the command line first to see if > all > | is working well, from memory: > | > | mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff > | > | If the above manual stuff works then it must be another problem. > | > | Tell us what you see. > | > | Regards Geoff > | > If I use mount at the console in the format you suggest I get asked for my > password and the XP share mounts and can be accessed (also through > Konqueror > etc.) When I attempt to write the equivalent into fstab, the folder > appears but > is empty. No messages. It has not auto generated a credentials file for > the XP > machine as it has for the other machines. Inserting user=john in fstab is > OK > for the WinME machine, but XP must want more. I guess if it cannot see the > machine then it will not auto generate the needed access files. > Regards > John. I manually created the credentials file. Create one yourself and point the fstab entry to that, as I mentioned before. (rejig it so it suits your needs of course) eg. username=john password=winXPlocalpassword workgroup=winxpWorkgroup once you have that plus an entry in fstab plus you have made a mount point do: mount /mnt/winXpmountpoint take a look at any errors that you get. Maybe smbmount needs to be Suid root for your mandrake user to mount it properly. Regards Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows Errors on Long, Large Writes...
Problem: Windows machines (some W2K-Pro, some XP-Pro) through a delayed write error when doing backup to Samba share. ~ Configuration: Fedora Core 3 on Dell PIII-450 with 320MB ram, 100T NIC. [EMAIL PROTECTED] ~]# df Filesystem 1K-blocks Used Available Use% Mounted on /dev/hda2 12729096 8247728 3834752 69% / /dev/hda1 101089 9400 86470 10% /boot none160572 0160572 0% /dev/shm /dev/hdb1240362656 150851676 77301180 67% /disk2 [EMAIL PROTECTED] ~]# ~ Logs: .log [2004/12/28 21:33:09, 0] smbd/nttrans.c:call_nt_transact_ioctl(2276) call_nt_transact_ioctl(0x9003c): Currently not implemented. [2004/12/28 22:40:34, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 17424. Error = Connection timed out Samba.log [2004/12/28 19:40:01, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/28 20:40:17, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/28 21:29:09, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 04:03:48, 1] smbd/server.c:open_sockets_smbd(348) Reloading services after SIGHUP [2004/12/29 07:10:19, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 16:32:54, 0] smbd/server.c:main(760) smbd version 3.0.10-1.fc3 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2004/12/29 18:15:13, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 18:43:38, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 20:49:51, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2004/12/29 23:55:49, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected ~~ Thoughts: It appears smbd services are being restarted from time to time while the large transfers are going on and Windows then gives up and throws an error. Conclusion: So, all this brings me to the question, why are samba services restarting? Any help would be appreciated. Thanks, Clay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [inbox] RE: [Samba] Windows XP machine cannot be accessed
- Original Message - From: "Geoff Scott" <[EMAIL PROTECTED]> To: "John" <[EMAIL PROTECTED]> Cc: Sent: Friday, December 31, 2004 1:02 PM Subject: [inbox] RE: [Samba] Windows XP machine cannot be accessed | | > All of the Windows machines have no problems accessing shares on each | > other and | > Mandrake. The Mandrake machine accesses the WinME an Win2K machines | > readily, | > but the WinXP machine is not visible on any utility I have tried. I can | > ping it | > OK. I have disabled firewalls etc in case this was the problem but no | > change. | | OK so Samba is working fine? yes? The windows machines can mount the samba | share off of the mandrake box? they get asked for a password and username | which you supply and then you can browse the shares from the windows | machines? I do not get asked for a password. I still have some work on permisisons, but I can copy files form Mandrake, but need to sort out write permissions before I can write back. I use the same user name and passwword throughout and have set it as the default user for LAN access. | | > I manually edited fstab and inserted what seemed an appropriate entry for | > a | > share on the XP machine. In Konqueror for instance an icon appeared for | > the | > share but when clicked up in was empty. | | I don't have a linux desktop machine any more but I used to do this in fstab | (note that if the above is correct and samba works then this is an smbfs | problem, and appropriate to that list, not this one) : | | #Samba filesystems, not auto mounted and any user. | | //ukldnfs05/shared_area /mnt/smb/ukldnfs05/shared_area smbfs | noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 | //ukldninstall03/allsoftware$ /mnt/smb/ukldninstall03/allsoftware smbfs | noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 | | then inside of /home/geoff/Crap/smbcred I had: | | username=geoff | password=doggyp00 | workgroup=dudenet | | | > I have almost convinced myself that it must be some kind of authentication | > problem, probably something basic I have overlooked and so simple I cannot | > see | > it. Can anybody give me some ideas please? | > John | | these things are best done manually on the command line first to see if all | is working well, from memory: | | mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff | | If the above manual stuff works then it must be another problem. | | Tell us what you see. | | Regards Geoff | If I use mount at the console in the format you suggest I get asked for my password and the XP share mounts and can be accessed (also through Konqueror etc.) When I attempt to write the equivalent into fstab, the folder appears but is empty. No messages. It has not auto generated a credentials file for the XP machine as it has for the other machines. Inserting user=john in fstab is OK for the WinME machine, but XP must want more. I guess if it cannot see the machine then it will not auto generate the needed access files. Regards John. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP machine cannot be accessed
Try going to the Authentication tab on the WinXP's Local Area Connection Properties dialog screen and disabling the IEEE 802.1x authentication - just for giggles. Clay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP machine cannot be accessed
> All of the Windows machines have no problems accessing shares on each > other and > Mandrake. The Mandrake machine accesses the WinME an Win2K machines > readily, > but the WinXP machine is not visible on any utility I have tried. I can > ping it > OK. I have disabled firewalls etc in case this was the problem but no > change. OK so Samba is working fine? yes? The windows machines can mount the samba share off of the mandrake box? they get asked for a password and username which you supply and then you can browse the shares from the windows machines? > I manually edited fstab and inserted what seemed an appropriate entry for > a > share on the XP machine. In Konqueror for instance an icon appeared for > the > share but when clicked up in was empty. I don't have a linux desktop machine any more but I used to do this in fstab (note that if the above is correct and samba works then this is an smbfs problem, and appropriate to that list, not this one) : #Samba filesystems, not auto mounted and any user. //ukldnfs05/shared_area /mnt/smb/ukldnfs05/shared_area smbfs noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 //ukldninstall03/allsoftware$ /mnt/smb/ukldninstall03/allsoftware smbfs noauto,users,credentials=/home/geoff/Crap/smbcred 0 0 then inside of /home/geoff/Crap/smbcred I had: username=geoff password=doggyp00 workgroup=dudenet > I have almost convinced myself that it must be some kind of authentication > problem, probably something basic I have overlooked and so simple I cannot > see > it. Can anybody give me some ideas please? > John these things are best done manually on the command line first to see if all is working well, from memory: mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff If the above manual stuff works then it must be another problem. Tell us what you see. Regards Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP machine cannot be accessed
I have a small peer to peer network of 4 machines, WinME, Win2K Pro SP4, Win XP Pro SP2 and Linux Mandrake 10.1 Samba 3.0.10.1. I am pretty new at Linux but have been around computers for a very long time. The Linux installation went smoothly, MDK and KDE3 utilities make it simple for newbies to get things running, so Samba went together quite easily but I now have a problem I have been struggling with for days. All of the Windows machines have no problems accessing shares on each other and Mandrake. The Mandrake machine accesses the WinME an Win2K machines readily, but the WinXP machine is not visible on any utility I have tried. I can ping it OK. I have disabled firewalls etc in case this was the problem but no change. I manually edited fstab and inserted what seemed an appropriate entry for a share on the XP machine. In Konqueror for instance an icon appeared for the share but when clicked up in was empty. I have almost convinced myself that it must be some kind of authentication problem, probably something basic I have overlooked and so simple I cannot see it. Can anybody give me some ideas please? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot delete files: "the mounted file system does not su pport extended attributes"
Hi, I have been running samba 2.0.7 on a K420 hpux server for many years and it 's been working great. However, it 's been the last couple of days, I cannot delete files in a samba share from the window 2000 clients. Every time I tried to delete a file, this error message popped up "Cannot delete files: The mounted file system does not support extended attributes". I am not sure how to fix this. Please help. Thank you very much. Tuan Nguyen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.10 on Red Hat AS 2.1
Does Samba 3.0.x can be compiled on RH AS 2.1 (using glibc 2.2.4)? I can't complete the compilation! Here are the configuration options: ./configure --prefix=/usr --sysconfdir=/etc/samba \ --localstatedir=/var/samba --with-ldap --with-ads \ --with-smbmount --with-pam --with-pam_smbpass \ --with-winbind --with-configdir=/etc/samba \ --with-logbasedir=/var/log/samba \ --with-shared-modules=idmap_rid I need LDAP, ADS, PAM, Winbind and idmap_rid to be able to login with Active Directory users on Linux servers. I want idmap_rid to have the same UID on each server (I will use NFS). I tried idmap backend with ldap instead of idmap_rid but I'm unable to make it work on RH 9.0! Here is what I got when compiling: --snip, seems ok until there-- Compiling dynconfig.c with -fPIC Linking shared library bin/pam_smbpass.so Linking nsswitch/libnss_wins.so lib/system.po: In function `sys_dlopen': lib/system.po(.text+0xcb9): undefined reference to `dlopen' lib/system.po: In function `sys_dlsym': lib/system.po(.text+0xce1): undefined reference to `dlsym' lib/system.po: In function `sys_dlclose': lib/system.po(.text+0xd06): undefined reference to `dlclose' lib/system.po: In function `sys_dlerror': lib/system.po(.text+0xd24): undefined reference to `dlerror' lib/username.po: In function `user_in_netgroup_list': lib/username.po(.text+0xb76): undefined reference to `yp_get_default_domain' lib/access.po: In function `string_match': lib/access.po(.text+0x1e1): undefined reference to `yp_get_default_domain' libads/kerberos.po: In function `kerberos_secrets_fetch_salting_principal': libads/kerberos.po(.text+0x5dc): undefined reference to `secrets_fetch' libads/kerberos.po: In function `kerberos_secrets_store_salting_principal': libads/kerberos.po(.text+0x806): undefined reference to `secrets_store' libads/kerberos.po(.text+0x813): undefined reference to `secrets_delete' libads/kerberos.po: In function `get_service_ticket': libads/kerberos.po(.text+0x926): undefined reference to `secrets_fetch_machine_password' libads/kerberos.po: In function `verify_service_password': libads/kerberos.po(.text+0xe23): undefined reference to `secrets_fetch_machine_password' Linking libsmbclient non-shared library bin/libsmbclient.a Linking libsmbclient shared library bin/libsmbclient.so Compiling sam/idmap_rid.c with -fPIC sam/idmap_rid.c: In function `rid_idmap_parse': sam/idmap_rid.c:55: parse error before `sid_str' sam/idmap_rid.c:58: parse error before `tok' sam/idmap_rid.c:65: `sid_str' undeclared (first use in this function) sam/idmap_rid.c:65: (Each undeclared identifier is reported only once sam/idmap_rid.c:65: for each function it appears in.) sam/idmap_rid.c:79: `tok' undeclared (first use in this function) sam/idmap_rid.c:103: `known_domain' undeclared (first use in this function) make: *** [sam/idmap_rid.po] Error 1 I searched on the web and red the samba guide, I can't find anything on that. Thanks, Jean-Philippe Houde -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] could not delete unix link from windows client
Hi All, I created a bunch of files in a samba share and also created few soft links which points to files in the same directory. The problem is, when i try to delete all the files at once from windows client, it fails at deleting soft links. When it comes to soft liks, it deletes only the original file but not the link itself. Can anyone please give information on how to delele the softlink itself from a windows client? I am using samba version '3.0.8pre1-0.pre1.3' under Redhat FC 3 Please CC me in your reply. Thanks, Srikumar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Network interference? Settings?
On Thursday December 30, 2004 01:26 pm, Joe Polk wrote: > Something > in our Cisco switches must be the inhibitor but I don't know what. Some of the Catalyst switches don't do autoneg well with some NICs. If you can force the NIC to 10FD or 100FD you may see improvements. YMMV. -- ___ A Message From... L. Mark Stone Reliable Networks of Maine, LLC "We manage your network so you can manage your business." 477 Congress Street Portland, ME 04101 Tel: (207) 772-5678 Web: http://www.RNoME.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC + LDAP group mappings
On Thursday 30 December 2004 10:34, David Sonenberg wrote:
> Alright now that samba can talk to LDAP I have a blank slate. I know I
> need to setup group mappings, but I'm a little confused about this.
> Since it's an ldap backend do the groups need to have unix counterparts?
> Should I use the net groupmap command to add the mappings or should I
> use an LDIF file?
David,
This subject comes up on this list ad nauseum! I am responding in full in the
hope that we can get this sorted out so that others who do their homework
before asking here will find the answers they need. I have tried to document
this in the Samba-HOWTO-Collection and in the Samba-Guide ("Samba-3 by
Example" books).
Suggest you check out chapter 6 of the book, "Samba-4 by Example". You can
download it from:
http://www.samba.org/samba/docs/Samba-Guide.pdf
If you get lost give me a shout. If the documentation is not clear enough and
has too much fog-factor, please promise us all that when this becomes clear
to you you will help to improve the documentation. Feedback, improvement in
clarifty and corrections are always welcome.
For the record:
=
If you use LDAP with Samba it is essential that ALL your UNIX (POSIX) accounts
(both for users and for groups) are in the LDAP backend. Samba requires the
SambaSAM account data also in LDAP. It is NOT possible with Samba to have
only the SambaSAM account information in LDAP and not the UNIX accounts in
LDAP.
Additionally, it is essential that all accounts will translate unambiguously
between Windows credentials and UNIX credentials. This means that any UID
must translate to exactly one (and one only) MS Windows SID. Every SID must
translate (map) to precisely one UID or GID. Every GID must map to precisely
one SID and vica versa.
The "net groupmap" utility provides the connection between a Windows NT Group
and the UNIX (POSIX) group. What this does is it tells Samba that when a
Windows user accesses the Samba server that user will be treated by the UNIX
operating system as if he is accessing UNIX directly as the mapped account.
For Example:
A Windows user is called 'billyboy' and is a member of Windows groups "Domain
Users", "Engineers", and "Goodguys", and his primary group is "Goodguys".
In your LDAP based POSIX backend the UNIX account is called 'billyboy' with
UID = 1106. Group mappings are set so that:
Windows NT Group== UNIX group
-
"Domain Users" -> users (group id = 500)
"Domain Guests" -> nobody (group id = 65534)
"Domain Admins" -> root (group id = 0)
"Engineers" -> engineers (group id = 1211)
"Goodguys" -> goodguys (group id = 1235)
Then for all UNIX file system access the user 'billyboy' will have the
following UNIX credentials:
UID: 1106
Primary group ID: 1235
Additional group memberships IDs: 500, 1211
That is the information that should be returned if you execute in a UNIX
shell:
id billyboy
You can manually populate your LDAP database using an LDIF file to set all
this up, but if you use the Idealx scripts this is all neatly done for you.
I hope that helps to explain the connections.
Cheers,
John T.
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] PDC + LDAP group mappings
So I gave it try but it didn't work. Here's the output. net groupmap add ntgroup="Domain Admin" unixgroup=ntadmin -d 4 [2004/12/30 13:12:06, 3] param/loadparm.c:lp_load(3902) lp_load: refreshing parameters [2004/12/30 13:12:06, 3] param/loadparm.c:init_globals(1312) Initialising global parameters [2004/12/30 13:12:06, 3] param/params.c:pm_process(566) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2004/12/30 13:12:06, 3] param/loadparm.c:do_section(3395) Processing section "[global]" doing parameter interfaces = eth0 10.1.0.143/24 doing parameter workgroup = STROZTEST doing parameter netbios name = AUTH [2004/12/30 13:12:06, 4] param/loadparm.c:handle_netbios_name(2740) handle_netbios_name: set global_myname to: AUTH doing parameter passdb backend = ldapsam:ldaps://10.1.0.143:636 doing parameter username map = /etc/samba/smbusers doing parameter printcap name = cups doing parameter add user script = /usr/local/samba/sbin/smbldap-useradd.pl -m '%u' doing parameter delete user script = /usr/local/samba/sbin/smbldap-userdel.pl %u doing parameter add group script = /usr/local/samba/sbin/smbldap-groupadd.pl -p '%g' doing parameter delete group script = /usr/local/samba/sbin/smbldap-groupdel.pl '%g' doing parameter add user to group script = /usr/local/samba/sbin/ smbldap-groupmod.pl -m '%g' '%u' doing parameter delete user from group script = /usr/local/samba/sbin/ smbldap-groupmod.pl -x '%g' '%u' doing parameter set primary group script = /usr/local/samba/sbin/ smbldap-usermod.pl -g '%g' '%u' doing parameter add machine script = /usr/local/samba/sbin/smbldap-useradd.pl -w '%u' doing parameter domain logons = Yes doing parameter os level = 35 doing parameter preferred master = Yes doing parameter domain master = Yes doing parameter local master = Yes doing parameter ldap suffix = dc=strozllc,dc=com doing parameter ldap machine suffix = ou=People doing parameter ldap user suffix = ou=People doing parameter ldap group suffix = ou=People doing parameter ldap idmap suffix = ou=People doing parameter ldap admin dn = cn=Manager,dc=strozllc,dc=com doing parameter ldap ssl = yes doing parameter ldap passwd sync = Yes doing parameter idmap uid = 15000-2 doing parameter idmap gid = 15000-2 doing parameter winbind separator = + [2004/12/30 13:12:06, 4] param/loadparm.c:lp_load(3933) pm_process() returned Yes [2004/12/30 13:12:06, 3] lib/util.c:interpret_addr(1135) sys_gethostbyname: Unknown host. eth0 [2004/12/30 13:12:06, 2] lib/interface.c:interpret_interface(128) can't determine netmask for eth0 [2004/12/30 13:12:06, 2] lib/interface.c:add_interface(79) added interface ip=10.1.0.143 bcast=10.1.0.255 nmask=255.255.255.0 [2004/12/30 13:12:06, 2] lib/smbldap.c:smbldap_search_domain_info(1373) Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=STROZTEST))] [2004/12/30 13:12:06, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2004/12/30 13:12:06, 3] lib/smbldap.c:smbldap_connect_system(858) ldap_connect_system: succesful connection to the LDAP server [2004/12/30 13:12:06, 4] lib/smbldap.c:smbldap_open(909) The LDAP server is succesfully connected [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2117) ldapsam_getgroup: Did not find group [2004/12/30 13:12:06, 2] utils/net.c:main(859) return code = -1 David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: Adam Tauno Williams [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 12:42 PM To: David Sonenberg Cc: sa
[Samba] Network interference? Settings?
I have a problem. I've purchased 2 different brand NAS devices that both use Samba in some form as their "sharing" mechanism. When I attach them to the LAN I get dreadful speed. To the tune of under 3.5GB per hour transfers. I've even done tests on the same subnet. Two Windows servers on that vlan can move files at great speeds. Map one of them to the NAS and it crawls. I recall last year setting up a Linux server and seeing a huge slow down then too. That pretty much forced me to move to a Windows server. I know it's LAN related. Something in our Cisco switches must be the inhibitor but I don't know what. I'm taking one of these NAS's home tonite to test there. I expect to see normal speeds. Does anyone know of anything that could cause this from a switch/router IOS perspective? We do have ICMP limited through our WAN, would this be an inhibitor? That wouldn't explain the performance within a VLAN, though, since ICMP works in that VLAN. I'm stumped. -- <> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba3.0.10 pkg error
Hi Jerry/Samba Team I tried compiling samba3.0.10 and followed the instruction(from $tmpdir/samba-3.0.10/packaging/Solaris/README) to create the package and got the following error: = * * * no object for found in root directory no object for found in root directory no object for found in root directory no object for found in root directory no object for found in root directory no object for found in root directory WARNING: parametric paths may ignore BASEDIR pkgmk: ERROR: unable to build pkgmap from prototype file ## Packaging was not successful. The samba package is in /tmp == I ran following commands in source directory - ($tmpdir/samba-3.0.10/source) A ./configure --prefix=$installdir B make C-and I edited the INSTALL_BASE=$installdir variable in makepkg.sh ($tmpdir/samba-3.0.10/packaging/Solaris/makepkg.sh) file and run this to create the package ANYONE HAS ANY ODEA WHAT IS WRONG AND WHAT IS THIS ERROR MESSAGE IS ABOUT. Thank you Fatima [EMAIL PROTECTED] - This E-mail is confidential. It may also be legally privileged. If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return E-mail. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP and Samba -- a basic question
On Thu, 2004-12-30 at 12:57 -0500, Paul W. Abrahams wrote: > I've gathered that there's a close connection between Samba and LDAP, but the > Samba documentation I've looked at, mainly in the SWAT help and man page, > doesn't discuss LDAP. Just what is the nature of the connection? Your question is kind of vague. You can use LDAP as your security backend (SAM) via ldapsam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP and Samba -- a basic question
On Thursday 30 December 2004 10:57, Paul W. Abrahams wrote: > I've gathered that there's a close connection between Samba and LDAP, but > the Samba documentation I've looked at, mainly in the SWAT help and man > page, doesn't discuss LDAP. Just what is the nature of the connection? Paul, I wrote the "Samba-3 by Example" book using SuSE Linux 9.x and Red Hat 9 and Fedora Core 1. You can purchase this book from Amazon.Com or download the PDF from: http://www.samba.org/samba/docs/Samba-Guide.pdf Suggest you work through chapter 6 to see the connections. If you get lost get me a shout. Cheers, John T. > > If it's relevant, I'm running SuSE 9.1 Linux. > > Paul Abrahams -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP and Samba -- a basic question
I've gathered that there's a close connection between Samba and LDAP, but the Samba documentation I've looked at, mainly in the SWAT help and man page, doesn't discuss LDAP. Just what is the nature of the connection? If it's relevant, I'm running SuSE 9.1 Linux. Paul Abrahams -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC + LDAP group mappings
> Alright now that samba can talk to LDAP I have a blank slate. I know I > need to setup group mappings, but I'm a little confused about this. > Since it's an ldap backend do the groups need to have unix counterparts? Yes, it is group mapping; you must have group to map to. > Should I use the net groupmap command to add the mappings or should I > use an LDIF file? You must use net groupmap unless you want to calculate the SIDs/RIDs yourself. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC + LDAP group mappings
Alright now that samba can talk to LDAP I have a blank slate. I know I need to setup group mappings, but I'm a little confused about this. Since it's an ldap backend do the groups need to have unix counterparts? Should I use the net groupmap command to add the mappings or should I use an LDIF file? David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Guest Login Pop UP in XP
Has anyone run into the problem with connecting to a Unix samba server via Windows XP Professional? When we try to connect, it keeps popping up a "keys" windows box and forcing (by graying out) Guest. We did not have this trouble with Windows 2000. Any help would be greatly appreciated. Regards, Linda -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3.0.10 ads mode and winbind
i have successfully joined to an active dir server with 1000 users all is work fine but sometimes when i try to run wbinfo -u i have this message in the winbind log file: return critical error. Error was Call timed out: server did not respond after 1 milliseconds is there a way to increase this value ? thanks matteo italy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and Win2K File Srv
OrvUx wrote: Hi everybody... I have a Debian GNU/Linux Box running Samba as PDC on my network, but i have too a Win2K File Server... all the clients are Win98,2K,XP... OK, well, you should just join the W2K server to the samba domain, as a domain member server. Or you could create an AD W2K domain and make the samba PDC a domain member server. That would be the easiest solution to your problem. TMS III I have created users in both Linux/Samba and W2K with the same username and passwords, the W98 clients now can join the domain owned by Samba, but when this client try to access to the W2K Srv a popup window ask for a Password, it says: -- Enter the Network password: You must supply a password to make this connection: Resource: \\serverW2K\IPC$ Password: If i type the password and clic a new popup window appear with: - Microsoft Networking The password is incorrect. Try again. - Even if the username and password are the same than the Win2K Somebody can help me? How can access to this server shared folders with any client (98,2K,XP) Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help Me
Hi, I try to configure a PDC in FreeBSD with Samba using MySQL for database for users, groups, computers and other resources in domain like printers, sites...but without success. I installed * FreeBSD 5.3 with support for linux bin; * Samba-3.0.7,1 with CONFIGURE_ARGS --with-ldap --with-expsam=mysql --with-mysql-prefix=/usr/local --with-pam --with-pam_smbpass --with-ldapsam --with-syslog --with-quotas --with-manpages-lan=en --with-acl-support --with-winbind automaticaly was installed openldap-client-2.2.15; * pam_ldap-1.7.1_1 in default mode; * and MySQL 4.0.21 (server and client) in default mode. First, I just want register the Windows client in Domain and make logon in Windows using the username stored in MySQL database. When I change security=domain to security=share in smb.conf, then from Windows station I can access de Server PDC and open folders and automaticaly a user is stored in MySQL with the name nobody, but when I change to "domain" I can´t register Windows in domain and I can´t access the Server using the username and password. I have to create a username in FreeBSD using pw or adduser and then I can use smbpasswd -a username, this way I can write in MySQL, but still no working and I will have the 2 user, one in de FreeBSD and in MySQL. For my table I use the mysql.dump in Samba examples. After I will use Apache with PHP for MySQL databases and retire PDC Windows NT Server. Can you help me to configure this? Thanks. Alexandre Melo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Administering Samba Shares
Hey all, Do any of you have an example configureation file for setting up ADS users for administering samba shares? I have a samber server and its part of my ADS and everything works. However i would like for some of my AD users to be administers on the samba share and have yet to figure out how to do that. IF you have an example of how i can go about doing this I would greatly appreciate it. Thanks, R. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC [SOLVED]
I figured it out. I had to change ldap admin dn = cn=Manager To ldap admin dn = cn=Manager,dc=strozllc,dc=com David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: Adam Tauno Williams [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 11:17 AM To: David Sonenberg Cc: samba@lists.samba.org Subject: RE: [Samba] Openldap + Samba 3 PDC > I tried changing the DN to cn=admin but that didn't work either. > Could it have anything to do with the fact that I used md5 for the > password hash? No, the application doesn't know or care what password hash you used. Authenticating against the password is processed internally by the DSA (OpenLDAP). If your OpenLDAP build supports MD5, and it should, using that crypt method is fine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error Messages
Hi, 1. Are you able to login to the domain successfully? 2. Can you show some more of the log information from log.smbd or %m logs (%m is the name of the machine connecting). Do you see any error message similar to "User Administrator in passdb, but getpwnam() fails!" or "check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'" Prakash On Thursday 30 December 2004 09:56, Arno Seidel wrote: > Hi, > > thanks for that quick response, > > for the 1. > what causes this message to appear??? > 2. this comes up every time a user logs in to the domain / server > > i played arround with the log levels but i don´t found any information > which group / object is missing > net groupmap list returns following: > > Domain Guests (S-1-5-21-4226538298-1610114045-865933353-514) -> > domain_guests domain computers > (S-1-5-21-4226538298-1610114045-865933353-515) -> computers Enterprise > Admins (S-1-5-21-4226538298-1610114045-865933353-519) -> root > Administrators (S-1-5-21-4226538298-1610114045-865933353-544) -> root > Guests (S-1-5-21-4226538298-1610114045-865933353-546) -> domain_guests > Account Operators (S-1-5-21-4226538298-1610114045-865933353-548) -> > account_operators Server Operators > (S-1-5-21-4226538298-1610114045-865933353-549) -> server_operators Print > Operators (S-1-5-21-4226538298-1610114045-865933353-550) -> print_operators > Backup Operators (S-1-5-21-4226538298-1610114045-865933353-551) -> > backup_operators Replicator (S-1-5-21-4226538298-1610114045-865933353-552) > -> replicator Domain Admins (S-1-5-21-4226538298-1610114045-865933353-512) > -> root Users (S-1-5-21-4226538298-1610114045-865933353-1201) -> users > Domain Users (S-1-5-21-4226538298-1610114045-865933353-513) -> users > > which looks to me ok > > regards > > arno > > Prakash Velayutham wrote: > > Hi, > > > > On Dec 30, 2004, at 9:28 AM, Arno Seidel wrote: > >> Hi list, > >> > >> after searching google and getting lost in to much results, maybe > >> someone > >> can explain me the meaning of some error-messages: > >> 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) > >> setup_new_vc_session: New VC == 0, if NT4.x compatible we would > >> close all old resources. > > > > According to what I know, this is not an error. It is just information. > > > >> 2. [2004/12/30 14:10:08, 0] > >> passdb/pdb_ldap.c:ldapsam_search_one_group(2023) > >> ldapsam_search_one_group: Problem during the LDAP search: LDAP > >> error: (No such object) > > > > This means that the group you are intending to login as does not exist > > in your LDAP tree. When does this happen. Can you give some background? > > > >> regards > >> > >> Arno > > > > Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as PDC and Win2K File Srv
Hi everybody... I have a Debian GNU/Linux Box running Samba as PDC on my network, but i have too a Win2K File Server... all the clients are Win98,2K,XP... I have created users in both Linux/Samba and W2K with the same username and passwords, the W98 clients now can join the domain owned by Samba, but when this client try to access to the W2K Srv a popup window ask for a Password, it says: -- Enter the Network password: You must supply a password to make this connection: Resource: \\serverW2K\IPC$ Password: If i type the password and clic a new popup window appear with: - Microsoft Networking The password is incorrect. Try again. - Even if the username and password are the same than the Win2K Somebody can help me? How can access to this server shared folders with any client (98,2K,XP) Thanks. -- OrvUx Making the Hard...Soft with GNU/Linux ;) Usuario Linux #16088 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
> I'm new to ldap. What should I set my DC's DN to, admin? There is no answer to this question. You create an object in the Dit for the DC to bind to, and make sure it has sufficient privilages. You shouldn't use the OpenLDAP manager dn; that DN has the access to trash the entire Dit. We for example have a - dn: uid=CIFSDC,ou=System Accounts,o=Morrison Industries,c=US objectClass: top objectClass: account objectClass: simpleSecurityObject uid: CIFSDC l: Grand Rapids o: Morrison Industries ou: Grand Rapids - object[1] [1] userPassword attribute is hidden by ACL > dn: cn=admin,ou=People,dc=strozllc,dc=com > cn: admin > objectClass: top > objectClass: organizationalRole > objectClass: simpleSecurityObject > userPassword:: Don't ever expose userPassword. No application ever needs read access to this attribute; the value is used internally by the DSA for authentication purposes, this value egressing the DSA is a security problem. The CIFDC needs write access, everyone else needs auth access; you may have to grant "self" write access as well depending on your password change routines/policies. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
> I tried changing the DN to cn=admin but that didn't work either. Could > it have anything to do with the fact that I used md5 for the password > hash? No, the application doesn't know or care what password hash you used. Authenticating against the password is processed internally by the DSA (OpenLDAP). If your OpenLDAP build supports MD5, and it should, using that crypt method is fine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
I tried changing the DN to cn=admin but that didn't work either. Could it have anything to do with the fact that I used md5 for the password hash? David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Sonenberg Sent: Thursday, December 30, 2004 9:59 AM To: [EMAIL PROTECTED] Cc: samba@lists.samba.org; [EMAIL PROTECTED] Subject: RE: [Samba] Openldap + Samba 3 PDC I'm new to ldap. What should I set my DC's DN to, admin? Anyway here's the results of a ldapsearch. ldapsearch -D "cn=Manager,dc=strozllc,dc=com" -W # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (objectclass=*) # requesting: ALL # # strozllc.com dn: dc=strozllc,dc=com objectClass: dcObject objectClass: organization dc: strozllc o: Strozllc Com Network description: Stroz Friedberg LLC # Manager, strozllc.com dn: cn=Manager,dc=strozllc,dc=com objectClass: organizationalRole cn: Manager description: Directory Manager # People, strozllc.com dn: ou=People,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: People # admin, People, strozllc.com dn: cn=admin,ou=People,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Groups, strozllc.com dn: ou=Groups,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Groups # admin, Groups, strozllc.com dn: cn=admin,ou=Groups,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Computers, strozllc.com dn: ou=Computers,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Computers # admin, Computers, strozllc.com dn: cn=admin,ou=Computers,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # search result search: 2 result: 0 Success # numResponses: 9 # numEntries: 8 David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 9:47 AM To: David Sonenberg Cc: [EMAIL PROTECTED]; samba@lists.samba.org Subject: Re: [Samba] Openldap + Samba 3 PDC > I'm trying to get Samba up but I can't seem to get the LDAP connection > working correctly. I can run a search from ldapsearch, but samba is > complaining that it can't connect. Can you actually do an ldapsearch? NOT ANONYMOUSLY but binding as the DN the DC will use? > Here's the error from log.smbd > [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) > failed to bind to server with dn= cn=Manager Error: Invalid > credentials Your DCs bind DN is "cn=Manager"? It think you forgot to setup this part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Annoying Samba 2.2.4 Errors in Solaris 8 Logs
Hi all, I have an error message that pops up every time someone connects to my Samba server. All day long I get these messages from smbd: Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] [2004/12/28 07:27:24, 0] smbd/service.c:(252) Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] rhunt1-pc (162.18.178.237) couldn't find service o The last part, "couldn't find service o" is when the user is accessing a share name "OESDL" but the name is truncated. I know this because the other errors have more letters that correspond to the shared directory, not the name. I also know this because the directory name "oesdl" is in lower case. The next example shows a successful connection to the share name "JWST". Note the truncated "jws" in reference to the "jwst" directory. Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] [2004/12/28 07:27:24, 0] smbd/service.c:(252) Dec 28 07:27:24 srv-pvcs smbd[638]: [ID 702911 daemon.error] rhunt1-pc (162.18.178.237) couldn't find service jws This is not a fatal error but an extremely irritating numerous repeating log message to us anal sys admins that we must cut out of the logs to find the needle in the haystack when we scan the server logs. Other than that the samba service runs perfectly. This server provides a flat file database for a product called PVCS VM. A version managing software for maintaining versions of software code. I thought maybe it could be an issue with oplocks but I have not been able to confirm that. Any idea what causes this? Thanks, Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Regarding testsuites for protocol conformance
We have made some changes in samba-3.0.7, as part of our graduation project. Are there any test suites which we could use to check the conformance of the changes, with the original samba specifications? Also, with reference to your statement in document tridge_cifs04_tutorial.pdf , saying that inputs about test documents would be welcome, if the above mentioned suites are not available,then we would like to contribute in this regard. Please inform such the exact domains in which such contribution can be made. Thanking You, Sujay Lele. (VIT, Pune-37, India) [EMAIL PROTECTED] Yahoo! India Matrimony: Find your life partner online Go to: http://yahoo.shaadi.com/india-matrimony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
I'm new to ldap. What should I set my DC's DN to, admin? Anyway here's the results of a ldapsearch. ldapsearch -D "cn=Manager,dc=strozllc,dc=com" -W # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (objectclass=*) # requesting: ALL # # strozllc.com dn: dc=strozllc,dc=com objectClass: dcObject objectClass: organization dc: strozllc o: Strozllc Com Network description: Stroz Friedberg LLC # Manager, strozllc.com dn: cn=Manager,dc=strozllc,dc=com objectClass: organizationalRole cn: Manager description: Directory Manager # People, strozllc.com dn: ou=People,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: People # admin, People, strozllc.com dn: cn=admin,ou=People,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Groups, strozllc.com dn: ou=Groups,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Groups # admin, Groups, strozllc.com dn: cn=admin,ou=Groups,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # Computers, strozllc.com dn: ou=Computers,dc=strozllc,dc=com objectClass: top objectClass: organizationalUnit ou: Computers # admin, Computers, strozllc.com dn: cn=admin,ou=Computers,dc=strozllc,dc=com cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: # search result search: 2 result: 0 Success # numResponses: 9 # numEntries: 8 David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 9:47 AM To: David Sonenberg Cc: [EMAIL PROTECTED]; samba@lists.samba.org Subject: Re: [Samba] Openldap + Samba 3 PDC > I'm trying to get Samba up but I can't seem to get the LDAP connection > working correctly. I can run a search from ldapsearch, but samba is > complaining that it can't connect. Can you actually do an ldapsearch? NOT ANONYMOUSLY but binding as the DN the DC will use? > Here's the error from log.smbd > [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) > failed to bind to server with dn= cn=Manager Error: Invalid > credentials Your DCs bind DN is "cn=Manager"? It think you forgot to setup this part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error Messages
Hi, thanks for that quick response, for the 1. what causes this message to appear??? 2. this comes up every time a user logs in to the domain / server i played arround with the log levels but i don´t found any information which group / object is missing net groupmap list returns following: Domain Guests (S-1-5-21-4226538298-1610114045-865933353-514) -> domain_guests domain computers (S-1-5-21-4226538298-1610114045-865933353-515) -> computers Enterprise Admins (S-1-5-21-4226538298-1610114045-865933353-519) -> root Administrators (S-1-5-21-4226538298-1610114045-865933353-544) -> root Guests (S-1-5-21-4226538298-1610114045-865933353-546) -> domain_guests Account Operators (S-1-5-21-4226538298-1610114045-865933353-548) -> account_operators Server Operators (S-1-5-21-4226538298-1610114045-865933353-549) -> server_operators Print Operators (S-1-5-21-4226538298-1610114045-865933353-550) -> print_operators Backup Operators (S-1-5-21-4226538298-1610114045-865933353-551) -> backup_operators Replicator (S-1-5-21-4226538298-1610114045-865933353-552) -> replicator Domain Admins (S-1-5-21-4226538298-1610114045-865933353-512) -> root Users (S-1-5-21-4226538298-1610114045-865933353-1201) -> users Domain Users (S-1-5-21-4226538298-1610114045-865933353-513) -> users which looks to me ok regards arno Prakash Velayutham wrote: Hi, On Dec 30, 2004, at 9:28 AM, Arno Seidel wrote: Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. According to what I know, this is not an error. It is just information. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) This means that the group you are intending to login as does not exist in your LDAP tree. When does this happen. Can you give some background? regards Arno Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Openldap + Samba 3 PDC
> I'm trying to get Samba up but I can't seem to get the LDAP connection > working correctly. I can run a search from ldapsearch, but samba is > complaining that it can't connect. Can you actually do an ldapsearch? NOT ANONYMOUSLY but binding as the DN the DC will use? > Here's the error from log.smbd > [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) > failed to bind to server with dn= cn=Manager Error: Invalid > credentials Your DCs bind DN is "cn=Manager"? It think you forgot to setup this part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Openldap + Samba 3 PDC
Don't apologize, the obvious is the best place to start. Yes I did set the password by typing smbpasswd -w. David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 30, 2004 9:44 AM To: David Sonenberg Cc: [EMAIL PROTECTED]; samba@lists.samba.org Subject: Re: [Samba] Openldap + Samba 3 PDC Sorry if I'm stating the obvious, but you did run smbpasswd -w to set the password properly? (Going by memory so double check the flag ) Duncan Quoting David Sonenberg <[EMAIL PROTECTED]>: > I'm trying to get Samba up but I can't seem to get the LDAP connection > working correctly. I can run a search from ldapsearch, but samba is > complaining that it can't connect. > > Here's the error from log.smbd > [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) > failed to bind to server with dn= cn=Manager Error: Invalid > credentials > > [2004/12/29 16:04:04, 1] lib/smbldap.c:another_ldap_try(990) > Connection to LDAP server failed for the 1 try! > - University of St Andrews Webmail: http://webmail.st-andrews.ac.uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Openldap + Samba 3 PDC
Sorry if I'm stating the obvious, but you did run smbpasswd -w to set the password properly? (Going by memory so double check the flag ) Duncan Quoting David Sonenberg <[EMAIL PROTECTED]>: > I'm trying to get Samba up but I can't seem to get the LDAP connection > working correctly. I can run a search from ldapsearch, but samba is > complaining that it can't connect. > > Here's the error from log.smbd > [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) > failed to bind to server with dn= cn=Manager Error: Invalid > credentials > > [2004/12/29 16:04:04, 1] lib/smbldap.c:another_ldap_try(990) > Connection to LDAP server failed for the 1 try! > - University of St Andrews Webmail: http://webmail.st-andrews.ac.uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Openldap + Samba 3 PDC
I'm trying to get Samba up but I can't seem to get the LDAP connection
working correctly. I can run a search from ldapsearch, but samba is
complaining that it can't connect.
Here's the error from log.smbd
[2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850)
failed to bind to server with dn= cn=Manager Error: Invalid
credentials
[2004/12/29 16:04:04, 1] lib/smbldap.c:another_ldap_try(990)
Connection to LDAP server failed for the 1 try!
my smb.conf file:
[global]
interfaces = eth0 10.1.0.143/24
workgroup = STROZTEST
netbios name = AUTH
passdb backend = ldapsam:ldaps://10.1.0.143:636
username map = /etc/samba/smbusers
printcap name = cups
add user script = /usr/local/samba/sbin/smbldap-useradd.pl -m '%u'
delete user script = /usr/local/samba/sbin/smbldap-userdel.pl %u
add group script = /usr/local/samba/sbin/smbldap-groupadd.pl -p '%g'
delete group script = /usr/local/samba/sbin/smbldap-groupdel.pl '%g'
add user to group script = /usr/local/samba/sbin/ \
smbldap-groupmod.pl -m '%g' '%u'
delete user from group script = /usr/local/samba/sbin/ \
smbldap-groupmod.pl -x '%g' '%u'
set primary group script = /usr/local/samba/sbin/ \
smbldap-usermod.pl -g '%g' '%u'
add machine script = /usr/local/samba/sbin/smbldap-useradd.pl -w '%u'
logon script = scripts\logon.bat
logon path = \\%L\Profiles\%U
#logon drive = H:
#logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
ldap suffix = dc=strozllc,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=People
ldap idmap suffix = ou=People
ldap admin dn = cn=Manager
ldap ssl = yes
ldap passwd sync = Yes
idmap uid = 15000-2
idmap gid = 15000-2
winbind separator = +
#printing = cups
and my slapd.conf file:
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/openldap/run/slapd.pid
argsfile /var/openldap/run/slapd.args
# Load dynamic backend modules:
# modulepath /usr/sbin/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
# allow the "ldap admin dn" access, but deny everyone else
#access to attrs=lmPassword, ntPassword
# by dn="cn=Samba Admin,ou=People,dc=strozllc,dc=com" write
# by * none
###
# BDB database definitions
###
database bdb
suffix "dc=strozllc,dc=com"
rootdn "cn=Manager,dc=strozllc,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# Change password with 'slappasswd -h {Md5}'
rootpw {MD5}
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/openldap/openldap-data
# Use crypt to has the passwords
#password-hash {crypt}
# Define SSL and TLS properties
TLSCertificateFile/etc/ssl/ldap.pem
TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem
TLSCACertificateFile /etc/ssl/ldap.pem
# Indices to maintain
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index
Re: [Samba] Error Messages
Hi, On Dec 30, 2004, at 9:28 AM, Arno Seidel wrote: Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. According to what I know, this is not an error. It is just information. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) This means that the group you are intending to login as does not exist in your LDAP tree. When does this happen. Can you give some background? regards Arno Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
Pau Capdevila wrote: Authentication does work but it does not permission resolution Huh? Do you mean that there's file access permission issues? If so have you set up acl's? Remeber posix permissions are User, Group, Other. All clients authenticating via W2K3 are Other. (we use winbind). Neither smbclient -U domain user. I don't use smbclient. I don't know the solution yet. We also use Debian but I'm afraid it is not Debian related because I've tried to compile Samba and MIT kerberos from source and it keeps failing. What can we do?? Thanks On Tue, 28 Dec 2004 18:12:40 -0800, Thomas M. Skeren III <[EMAIL PROTECTED]> wrote: Andrew Zbikowski wrote: Commented out passdb backend abrams:/etc/samba# net ads testjoin Join is OK abrams:/etc/samba# net ads join [2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) ads_add_machine_acct: Host account for ttlnx01 already exists - modifying old account Using short domain name -- CORP [2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed Segmentation fault Yep I get the same damned thing. Check to see if user authentication to the share works. If so it will work. I'm not sure about that error during the re-join. I have 150 computers to manage by myself, so if it works I ain't worrying about it. As long as the testjoin works, then users should authenticate. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error Messages
Hi list, after searching google and getting lost in to much results, maybe someone can explain me the meaning of some error-messages: 1. [2004/12/30 14:10:03, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. 2. [2004/12/30 14:10:08, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2023) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No such object) regards Arno -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
On 30 Dec, Pau Capdevila wrote: > Authentication does work but it does not permission resolution (we use > winbind). Neither smbclient -U domain user. > > I don't know the solution yet. > > We also use Debian but I'm afraid it is not Debian related because > I've tried to compile Samba and MIT kerberos from source and it keeps > failing. > >> >abrams:/etc/samba# net ads join >> >[2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) >> > ads_add_machine_acct: Host account for ttlnx01 already exists - >> >modifying old account >> >Using short domain name -- CORP >> >[2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) >> > get_service_ticket: kerberos_kinit_password >> >[EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed >> >Segmentation fault I don't know if it might also work in your case. After defining an uppercased netbios name on smb.conf, the segfault warnings stopped. Javier Palacios This e-mail message and any attached files are intended SOLELY for the addressee/s identified herein. It may contain CONFIDENTIAL and/or LEGALLY PRIVILEGED information and may not necessarily represent the opinion of this company. If you receive this message in ERROR, please immediately notify the sender and DELETE it since you ARE NOT AUTHORIZED to use, disclose, distribute, print or copy all or part of the contained information. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
Authentication does work but it does not permission resolution (we use winbind). Neither smbclient -U domain user. I don't know the solution yet. We also use Debian but I'm afraid it is not Debian related because I've tried to compile Samba and MIT kerberos from source and it keeps failing. What can we do?? Thanks On Tue, 28 Dec 2004 18:12:40 -0800, Thomas M. Skeren III <[EMAIL PROTECTED]> wrote: > Andrew Zbikowski wrote: > > >Commented out passdb backend > > > >abrams:/etc/samba# net ads testjoin > >Join is OK > > > > > >abrams:/etc/samba# net ads join > >[2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) > > ads_add_machine_acct: Host account for ttlnx01 already exists - > >modifying old account > >Using short domain name -- CORP > >[2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) > > get_service_ticket: kerberos_kinit_password > >[EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed > >Segmentation fault > > > > > > > Yep I get the same damned thing. Check to see if user authentication to > the share works. If so it will work. I'm not sure about that error > during the re-join. I have 150 computers to manage by myself, so if > it works I ain't worrying about it. As long as the testjoin works, then > users should authenticate. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Want a cheap Watch? http://ghq.nepel.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA - Domain function levels (resent)
Hi, Re-sent this; sorry, it came from my other account and it was not subscribed to this list. I'm gonna have to be putting a good argument to my ICT team against going to 2003 in 2003 server mode ( I think thats what they call the highest mode for 2003 server) to keep samba at our school. I like what windows 2003 has to offer, but do not want to lock samba out forever. I know samba will work at lower mode. And that's what I'm pushing. Can people chip in with some arguments and advice. What is the highest 2003 mode (forest and domain) that we can go to and still have samba function as a member file server? What are the advantages for a school with only 2 domains and no geographical displacement in going to the highest 2003 server level (list of GPO advantages?, etc). We have the money to upgrade to 2003 on all our 22 servers. But could save money by mixing with samba and 2000. Is there really better security in that higher mode? What in particular? Will winbind (ADS and kerb mode) break? As we use it for squid auth, etc. How long before SAMBA can work at the highest level with 2003? I'm feeling that MS have provided some functional incentives to go with the highest mode. Can someone suggest some ways to take the hype out this higher level? I know from my reading, that once we make that jump, there is no turning back :-( Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA - Domain function levels
Hi, I'm gonna have to be putting a good argument to my ICT team against going to 2003 in 2003 server mode ( I think thats what they call the highest mode for 2003 server) to keep samba at our school. I like what windows 2003 has to offer, but do not want to lock samba out forever. I know samba will work at lower mode. And that's what I'm pushing. Can people chip in with some arguments and advice. What is the highest 2003 mode (forest and domain) that we can go to and still have samba function as a member file server? What are the advantages for a school with only 2 domains and no geographical displacement in going to the highest 2003 server level (list of GPO advantages?, etc). We have the money to upgrade to 2003 on all our 22 servers. But could save money by mixing with samba and 2000. Is there really better security in that higher mode? What in particular? Will winbind (ADS and kerb mode) break? As we use it for squid auth, etc. How long before SAMBA can work at the highest level with 2003? I'm feeling that MS have provided some functional incentives to go with the highest mode. Can someone suggest some ways to take the hype out this higher level? I know from my reading, that once we make that jump, there is no turning back :-( Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] TIP: Correct DHCP settings for joining XP to domains.
Hi, I've seen this one a few times and I thought I'd document it for other people. It should be on anybodys checklist when setting up a Samba domain controller. The problem is that newish XP clients use TCP/IP to find the sambaserver, but this will not happen you haven't set up the DNS server to get updated. To solve this problem you can either: a) Get a working DNS (which might be a hassle) or b) run a winssserver with the samba server (wins server = yes in smb.conf) and make sure that the dhcpserver points the XP-server to these entries. For reference I've included sample settings for dnsmasq and dhcpd. Change the ipadress to the adress of your samba-server. Dnsmasq entries: dhcp-option=44,192.168.1.1 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s) dhcp-option=45,192.168.1.1 # netbios datagram distribution server dhcp-option=46,8 # netbios node type dhcp-option=47 # empty netbios scope. Dhcpd: option ntp-servers 192.168.1.1; option netbios-name-servers 192.168.1.1; option netbios-node-type 8; I hope this helps someone. Tarjei -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Result of "net rpc user info" differents from "net ads user info"?
I have tried for several accounts (below is one of them), "net ads" always reports less 1 item than "net rpc"? (The result of "net rpc" is same with the AD's setting) Any hints? Thanks in advance. Iap - # net rpc user info rdadmin -Uusername%password -S2003ad Thecus-RD Domain Users Domain Admins # net ads user info rdadmin -Uusername%password -S2003ad Thecus-RD Domain Users # net -V Version 3.0.9 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Getting INTERNAL ERROR: Signal 10 in Solaris 9
Samba works at least... The problem was simple. The Solaris box has several compilations of samba and openldap (different versions, options,...) and the Patch Cluster of the Solaris was quite old too. This box is for testing purposes. With the gdb i saw extrange things (libraries loaded from the incorrect path, errors in the system libc,...) So i decided to install the software in a clean Solaris with the last cluster-patch and everything works fine... Sorry for bothering you and thanks. ciao --- Ricardo Martin <[EMAIL PROTECTED]> escribió: > Sorry, but the attachments seems to be deleted in > the > list. So i put the files directly in the mail: > > --- smb.conf --- > > # Samba config file created using SWAT > # from 1.1.15.2 (1.1.15.2) > # Date: 2004/12/29 16:13:43 > > # Global parameters > [global] > workgroup = ARATEST > server string = Pruebas SAMBA > passdb backend = ldapsam:ldap://andorra > log level = 5 > log file = /opt/samba3/var/log.%m > logon script = startup.bat > logon path = \\TAUSTE\netlogon > domain logons = Yes > os level = 33 > preferred master = Yes > domain master = Yes > wins support = Yes > ldap server = andorra > ldap admin dn = cn=Directory Manager > ldap group suffix = ou=Group,ou=posix > ldap machine suffix = ou=computers,ou=posix > ldap suffix = o=aragon.es,o=root > ldap ssl = no > ldap user suffix = ou=people > > [test] > comment = For testing only, please > path = /export/home1/samba3/test > read only = No > > [netlogon] > comment = Net Logon Service > path = /opt/samba3/var/netlogon > write list = ntadmin > guest ok = Yes > browseable = No > csc policy = disable > locking = No > share modes = No > > [profiles] > path = /opt/samba3/var/profiles > read only = No > create mask = 0600 > directory mask = 0700 > > [homes] > read only = No > browseable = No > > [printers] > path = /tmp > printable = Yes > browseable = No > > [corporat] > comment = /home1/corporat mount point > path = /home1/corporat > create mask = 0777 > > [vertical] > comment = /home1/vertical mount point > path = /home1/vertical > > [user] > comment = /home1/user mount point > path = /home1/user > read only = No > create mask = 0777 > > [datablq] > comment = /home1/datablq mount point > path = /home1/datablq > read only = No > create mask = 0777 > > [winaply] > comment = /home1/winaply mount point > path = /home1/winaply > create mask = 0777 > > [temporal] > comment = /export/temporal mount point > path = /export/temporal > read only = No > create mask = 0755 > > [volcados] > comment = /volcados mount point > path = /volcados > read only = No > create mask = 0700 > > > --- log.smbd --- > > [2004/12/29 16:12:53, 3] > smbd/process.c:process_smb(1091) > Transaction 7 of length 244 > [2004/12/29 16:12:53, 5] lib/util.c:show_msg(464) > [2004/12/29 16:12:53, 5] lib/util.c:show_msg(474) > size=240 > smb_com=0x73 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=0 > smb_pid=65279 > smb_uid=0 > smb_mid=9536 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 240 (0xF0) > smb_vwv[ 2]=16644 (0x4104) > smb_vwv[ 3]= 50 (0x32) > smb_vwv[ 4]=0 (0x0) > smb_vwv[ 5]=0 (0x0) > smb_vwv[ 6]=0 (0x0) > smb_vwv[ 7]= 79 (0x4F) > smb_vwv[ 8]=0 (0x0) > smb_vwv[ 9]=0 (0x0) > smb_vwv[10]= 212 (0xD4) > smb_vwv[11]=40960 (0xA000) > smb_bcc=181 > [2004/12/29 16:12:53, 3] > smbd/process.c:switch_message(886) > switch message SMBsesssetupX (pid 9210) conn 0x0 > [2004/12/29 16:12:53, 3] > smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2004/12/29 16:12:53, 5] > auth/auth_util.c:debug_nt_user_token(486) > NT user token: (NULL) > [2004/12/29 16:12:53, 5] > auth/auth_util.c:debug_unix_user_token(505) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary > groups > [2004/12/29 16:12:53, 5] > smbd/uid.c:change_to_root_user(296) > change_to_root_user: now uid=(0,0) gid=(0,0) > [2004/12/29 16:12:53, 3] > smbd/sesssetup.c:reply_sesssetup_and_X(655) > wct=12 flg2=0xc807 > [2004/12/29 16:12:53, 2] > smbd/sesssetup.c:setup_new_vc_session(608) > setup_new_vc_session: New VC == 0, if NT4.x > compatible we would close all old resources. > [2004/12/29 16:12:53, 3] > smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) > Doing spnego session setup > [2004/12/29 16:12:53, 3] > smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) > NativeOS=[Windows 2002 2600 Service P
[Samba] Cannoi delete files: "the mounted file system does not support extended attributes"
Hi all, I'm having what seems like a strange problem, I hope I'm not missing something obvious, any help will be appreciated. When trying to delete files on a Samba share, I get the message "Cannot delete : The mounted file system does not support extended attributes." What is strange is that it depends on weird conditions: in one directory, if I create a file (right click - New text document") with a name more than 16 characters, it can't be deleted, with that message. If it is less that 16 characters (renamed or created that way), it can be deleted. I tried created a serie of nested "test" directories, with a single "a" file in them. This one can be deleted: \\machine\STAT\test\test\a This one cannot: \\machine\STAT\test\test\test\a Even stranger: if I reight-click on those files, and go in the "Security tab", their permissions look identical (even the special ones). But if I click on Everyone/"Modify" for the file that I just couldn't delete, I now can delete it. If I immediately recreate the same file, it can be deleted. If I wait a few minutes, then it can't be deleted, unless I check the security permission again. Now, the catch: this is Samba 2.0.9, running on HP-UX 11i. The clients are Windows 2000 SP4 w/ patches. I know this is an old version of Samba, but it's been working, litterally, for years, and it's not easy to update it. The problem only appeared last week. If someone has a workaround for that version of Samba, it'll be welcome. If is a known bug or limitation of that version, it'll be welcome as well to have it pointed out. I had a look at the change log without success. Thanks in advance for any help, Laurent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Use "wbinfo" to create local user/group, but where is the account ?
wbinfo has several options on managing the local user/group accounts. But these accounts seem not system account (/etc/passwd), not smbpasswd managed accounts , not remote ADS accounts. (via winbindd) What are those acccounts for? Any hints are very appreciated. Iap -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login script Query
Hi, use a default login.bat script for all users and use ifmember.exe ( download it at MS ) to invoke subprocuredures by relating groupmembership Regards Anandh G schrieb: I have a login script to mount some folders to the clients PC. I use the login script as login script = logon.bat [netlogon] path = /home/%u Then i create .bat file for each group of users in the /home dir. Then create a symbolic link in each users home dir to their respective group batch file in /home. I thought of using login script = %g, which will do the same. I have one more requirement like if a user belongs to two group will this %g run both the groups batch file? How can I implement this? Plz help me = Regards, AnandhG __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Have anyone successful shrink smbd size
hello I want to deploy smbd into my smartphone. but flash size is limited. I cross compile samba-2.2.8 as arm xscale .the size of smbd is 1.6M, a little big. Have anyone cut it down before. I only need very basic question like file browsing, delete , add etc. Another question I assumed I don't need nmbd to share file in mobile to windows host, right? Thanks for your help _ 免费下载 MSN Explorer: http://explorer.msn.com/lccn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
