[Samba] logon scripts with kixtart
Any body using kixtart with your samba server..? or anyone have any great scripting tools for logon scripts... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Getting INTERNAL ERROR: Signal 10 in Solaris 9
So i decided to install the software in a clean Solaris with the last cluster-patch and everything works fine... You may want to go get patch 112960, latest rev, 20 I believe. This is newer than the last patch cluster IIRC. Reportedly this fixes some problems with looking up secondary groups when using ldap for your system level stuff. I haven't had a chance to test it myself, but that was what was reported here. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [inbox] [Samba] Windows XP machine cannot be accessed
Thanks for the input, folks. The clues you have given have let me fix the basic problem. Previously when I tried manual editing of conf files etc. I was not doing enough. I manually edited fstab and created an auth. file and checked carefully against your model, Geoff. With a mild tweak with webmin, I can now see the XP machine and it autoloads without any intervention from me. As I suspected, it was so basic I was not seeing and doing everything necessary. Mandrake will need to work on their Samba config in teh control panel to make it proof to both newbies and idiots. Now when I get the permisions fully sorted I should be on my way. I must keep a note in case. I think PAM needs a Windows server? I only have a peer to peer network, but again thanks for the ideas. Regards John. | > | these things are best done manually on the command line first to see if | > all | > | is working well, from memory: | > | | > | mount -t smbfs //server/windowsshare /path/to/mntdir -o username=geoff | > | | > | If the above manual stuff works then it must be another problem. | > | | > | Tell us what you see. | > | | > | Regards Geoff | > | | > If I use mount at the console in the format you suggest I get asked for my | > password and the XP share mounts and can be accessed (also through | > Konqueror | > etc.) When I attempt to write the equivalent into fstab, the folder | > appears but | > is empty. No messages. It has not auto generated a credentials file for | > the XP | > machine as it has for the other machines. Inserting user=john in fstab is | > OK | > for the WinME machine, but XP must want more. I guess if it cannot see the | > machine then it will not auto generate the needed access files. | > Regards | > John. | | I manually created the credentials file. Create one yourself and point the | fstab entry to that, as I mentioned before. (rejig it so it suits your | needs of course) | | eg. | username=john | password=winXPlocalpassword | workgroup=winxpWorkgroup | | once you have that plus an entry in fstab plus you have made a mount point | do: mount /mnt/winXpmountpoint | take a look at any errors that you get. | | Maybe smbmount needs to be Suid root for your mandrake user to mount it | properly. | | Regards Geoff | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
The netbios name is defined as: l%h so I don't think it is a problem, but I'll try. thx On Thu, 30 Dec 2004 14:28:18 +0100 (CET), [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On 30 Dec, Pau Capdevila wrote: > > > Authentication does work but it does not permission resolution (we use > > winbind). Neither smbclient -U domain user. > > > > I don't know the solution yet. > > > > We also use Debian but I'm afraid it is not Debian related because > > I've tried to compile Samba and MIT kerberos from source and it keeps > > failing. > > > >> >abrams:/etc/samba# net ads join > >> >[2004/12/28 20:00:31, 0] libads/ldap.c:ads_add_machine_acct(1368) > >> > ads_add_machine_acct: Host account for ttlnx01 already exists - > >> >modifying old account > >> >Using short domain name -- CORP > >> >[2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) > >> > get_service_ticket: kerberos_kinit_password > >> >[EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed > >> >Segmentation fault > > I don't know if it might also work in your case. After defining an > uppercased netbios name on smb.conf, the segfault warnings stopped. > > Javier Palacios > > > This e-mail message and any attached files are intended SOLELY for the > addressee/s identified herein. It may contain CONFIDENTIAL and/or LEGALLY > PRIVILEGED information and may not necessarily represent the opinion of this > company. If you receive this message in ERROR, please immediately notify the > sender and DELETE it since you ARE NOT AUTHORIZED to use, disclose, > distribute, print or copy all or part of the contained information. Thank you. > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.10 joining Windows 20003 ADS
I'm afraid it is no the issue (that about ACLs). Winbind resolves local permission with Windows IDs. That not works in local files with a winbind user. The smbclient thing is a proof that something goes wrong. Thank you anyway. On Thu, 30 Dec 2004 05:40:22 -0800, Thomas M. Skeren III <[EMAIL PROTECTED]> wrote: > Pau Capdevila wrote: > > Authentication does work but it does not permission resolution Huh? Do you > mean that there's file access permission issues? If so have you set up > acl's? Remeber posix permissions are User, Group, Other. All clients > authenticating via W2K3 are Other. > > (we use winbind). Neither smbclient -U domain user. I don't use smbclient. > > > I don't know the solution yet. We also use Debian but I'm afraid it is not > Debian related because I've tried to compile Samba and MIT kerberos from > source and it keeps failing. What can we do?? Thanks On Tue, 28 Dec 2004 > 18:12:40 -0800, Thomas M. Skeren III <[EMAIL PROTECTED]> wrote: > Andrew Zbikowski wrote: > Commented out passdb backend abrams:/etc/samba# net ads testjoin Join is OK > abrams:/etc/samba# net ads join [2004/12/28 20:00:31, 0] > libads/ldap.c:ads_add_machine_acct(1368) ads_add_machine_acct: Host account > for ttlnx01 already exists - modifying old account Using short domain name > -- CORP [2004/12/28 20:00:34, 0] libads/kerberos.c:get_service_ticket(335) > get_service_ticket: kerberos_kinit_password > [EMAIL PROTECTED]@CORP.TCC.INET failed: Preauthentication failed > Segmentation fault Yep I get the same damned thing. Check to see if user > authentication to the share works. If so it will work. I'm not sure about > that error during the re-join. I have 150 computers to manage by myself, so > if it works I ain't worrying about it. As long as the testjoin works, then > users should authenticate. -- To unsubscribe from this list go to the > following URL and read the instructions: > https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Authenticating PPTP users against Samba/LDAP - Patch doesn't seem to be working
Andrew Bartlett wrote: On Wed, 2004-10-20 at 00:44, Mike Brodbelt wrote: Hi, I have a few remote user who use a PPTP based VPN. The server is running PoPToP (http://www.poptop.org/), and a pppd patched to support MPPE/MPPC for (some) added security. Currently, users authentication information is stored in plaintext in /etc/ppp/chap-secrets. I'd like to be able to put users into LDAP, and have ppp authenticate either directly against LDAP, or against Samba (with an LDAP backend). Any ideas on how I might go about this? Most of the docs I've seen suggest that you can't use PAM for authentication with CHAP, so it seems not to be as simple as I might have hoped. Disclaimer - I haven't actually tried any of this yet, I'm just trying to get it clear in my head before I start... The pppd patch (one for 2.4.2, one for current CVS) is here: http://download.samba.org/ftp/unpacked/lorikeet/trunk/pppd The documentation is: http://hawkerc.net/staff/abartlet/comp3700/final-report.pdf Note that the patch changed a little since the report was written, use the instructions in the README for configuration. Andrew Bartlett Hi Andrew, Thanks for creating the "final-report" document. It is very informative. I'm trying to set up a PoPToP server that authenticates to our Windows NT Domain (with a Windows NT 4.0 PDC) via Samba/Winbind. When I follow the instructions in your document, after changing to the ppp directory to apply the ntlm_auth patch, I get the following output. itsge2000-28:/tmp/TestVPN-Project/ppp# patch -p0 < ../ppp-ntlm_auth.patch patching file linux/Makefile.top Hunk #1 FAILED at 3. 1 out of 1 hunk FAILED -- saving rejects to file linux/Makefile.top.rej patching file pppd/chap_ms.c Hunk #1 FAILED at 97. Hunk #2 FAILED at 468. Hunk #3 FAILED at 582. Hunk #4 FAILED at 605. Hunk #5 succeeded at 657 (offset 29 lines). Hunk #6 FAILED at 698. Hunk #7 FAILED at 722. Hunk #8 FAILED at 775. Hunk #9 FAILED at 812. Hunk #10 FAILED at 857. Hunk #11 FAILED at 895. 10 out of 11 hunks FAILED -- saving rejects to file pppd/chap_ms.c.rej patching file pppd/chap_ms.h Hunk #1 FAILED at 94. 1 out of 1 hunk FAILED -- saving rejects to file pppd/chap_ms.h.rej patching file pppd/plugins/Makefile.linux Hunk #1 FAILED at 1. 1 out of 1 hunk FAILED -- saving rejects to file pppd/plugins/Makefile.linux.rej The next patch would create the file pppd/plugins/winbind.c, which already exists! Assume -R? [n] Apply anyway? [n] Skipping patch. 1 out of 1 hunk ignored -- saving rejects to file pppd/plugins/winbind.c.rej itsge2000-28:/tmp/TestVPN-Project/ppp# Should I be getting this? Even if I do you "y" to create the winbind.c file I get the same output. When I try to make the file (if this is indeed the output I should be getting, I receive the following output: itsge2000-28:/tmp/TestVPN-Project/ppp# make cd chat; make all make[1]: Entering directory `/tmp/TestVPN-Project/ppp/chat' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/tmp/TestVPN-Project/ppp/chat' cd pppd/plugins; make all make[1]: Entering directory `/tmp/TestVPN-Project/ppp/pppd/plugins' for d in rp-pppoe pppoatm radius; do make -w -C $d all; done make[2]: Entering directory `/tmp/TestVPN-Project/ppp/pppd/plugins/rp-pppoe' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/tmp/TestVPN-Project/ppp/pppd/plugins/rp-pppoe' make[2]: Entering directory `/tmp/TestVPN-Project/ppp/pppd/plugins/pppoatm' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/tmp/TestVPN-Project/ppp/pppd/plugins/pppoatm' make[2]: Entering directory `/tmp/TestVPN-Project/ppp/pppd/plugins/radius' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/tmp/TestVPN-Project/ppp/pppd/plugins/radius' make[1]: Leaving directory `/tmp/TestVPN-Project/ppp/pppd/plugins' cd pppd; make all make[1]: Entering directory `/tmp/TestVPN-Project/ppp/pppd' cc -O2 -pipe -Wall -g -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -I../include -DCHAPMS=1 -DMPPE=1 -DHAS_SHADOW -DHAVE_CRYPT_H=1 -DUSE_CRYPT=1 -DHAVE_MULTILINK -DUSE_TDB=1 -DPLUGIN -DMAXOCTETS -c -o chap_ms.o chap_ms.c chap_ms.c:654: error: redefinition of `GenerateAuthenticatorResponsePlain' chap_ms.c:633: error: `GenerateAuthenticatorResponsePlain' previously defined here chap_ms.c:675: error: redefinition of `GenerateAuthenticatorResponsePlain' chap_ms.c:654: error: `GenerateAuthenticatorResponsePlain' previously defined here chap_ms.c:633: warning: `GenerateAuthenticatorResponsePlain' defined but not used chap_ms.c:654: warning: `GenerateAuthenticatorResponsePlain' defined but not used make[1]: *** [chap_ms.o] Error 1 make[1]: Leaving directory `/tmp/TestVPN-Project/ppp/pppd' make: *** [all] Error 2 itsge2000-28:/tmp/TestVPN-Project/ppp# Please help me. I really want to get this working. You've done a great thing. Thanks for any help you can give, Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd
Hi All my winbindd.log file is full of messages like those below. What does it mean ?? dave [2004/12/31 06:54:12, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1032) user 'postfix' does not exist [2004/12/31 06:54:17, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282) No rid for Guests !? [2004/12/31 06:54:17, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282) No rid for Print Operators !? [2004/12/31 06:54:17, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282) No rid for Administrators !? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba