(Fwd) (Fwd) Re: [Samba] second samba problem

[Christoph Galuschka]

Hello,

well the problem at least partly solved - only the test page can
not be printed, all other documents work.

regards
Christoph
--- Forwarded message follows ---
From:   "Christoph Galuschka" <[EMAIL PROTECTED]>
Organization:   Ti.KOM Tirol Kommunikation GmbH
To: samba@lists.samba.org
Date sent:  Wed, 05 Jan 2005 16:50:54 +0100
Subject:(Fwd) Re: [Samba] second samba problem
Priority:   normal
Send reply to:  [EMAIL PROTECTED]



[ Double-click this line for list subscription options ]

Hello,

the problem with this error is, allthough I tried both settings, I
upgraded from 2.2.3a to 2.2.12 because of a bug in rpcclient -
> adddriver.
The configuration is still untouched. Even when I switch back
to 2.2.3a it doesn't work.
And now the funny thing, I have a second box which is
configured/compiled exactly the same way as the first one, and
on this box it works

regards
Christoph
--- Forwarded message follows ---
Date sent:  Wed, 05 Jan 2005 09:32:18 -0600
From:   "Gerald (Jerry) Carter" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Copies to:  samba@lists.samba.org
Subject:Re: [Samba] second samba problem

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Christoph Galuschka wrote:
| Hello,
|
| second problem just arrised:
| The same user from the same host can print via samba/lprng
| using windows 98. If windows xp is booted on the same
| host/ip, samba returns:
| [2005/01/05 16:21:59, 3]
| rpc_server/srv_spoolss_nt.c:_spoolss_open_printer_ex(1181)
|   access DENIED for printer open

crystal ball says "Either install the drivers on the
Samba servers and use the point-n-print support, or read
the description of the 'user client driver' option in
the smb.conf(5) man page."









cheers, jerry
- -
Alleviating the pain of Windows(tm)  ---
http://www.samba.org
GnuPG Key-
http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot
(2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://enigmail.mozdev.org

iD8DBQFB3AiCIR7qMdg1EfYRAi8qAKCuPT6dO9Zkb6RHkd
GSLK1TwPVhGACfeacw
zNNHWhRcoNGjirCQ04e7r4I=
=fLrs
-END PGP SIGNATURE-
--- End of forwarded message ---


TI.KOM Tirol Kommunikation GmbH
Eduard-Wallnöfer-Platz 2
A-6010 Innsbruck

Neuer Markt 1/2
A-1010 Wien

Ing. Christoph Galuschka
Lead Consultant

Tel.:  +43 512 902 2832
Fax:   +43 512 902 2850
Mobil: +43 676 666 2832
eMail: [EMAIL PROTECTED]
http://www.tikom.at
---
This email is confidential and may also be legally privileged.
If you have received this email in error, you are in notice of
its status. Please notify the sender immediately by reply
e-mail and then delete this message from your system. Please
do not copy or use it for any purposes, or disclose its contents
to any other person: to do so could be a breach of confidence.
Thank you for your co-operation.

Any views expressed in this message are those of the
individual
sender and may not necessarily reflect the views of
TI.KOM Tirol Kommunikation GmbH.

Please contact our Office on +43 512 902 2801 or
+43 1 902 2841 or e-mail [EMAIL PROTECTED] if you require further
assistance.

--
To unsubscribe from this list go to the following URL and read
the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--- End of forwarded message ---


TI.KOM Tirol Kommunikation GmbH
Eduard-Wallnöfer-Platz 2
A-6010 Innsbruck

Neuer Markt 1/2
A-1010 Wien

Ing. Christoph Galuschka
Lead Consultant

Tel.:  +43 512 902 2832
Fax:   +43 512 902 2850
Mobil: +43 676 666 2832
eMail: [EMAIL PROTECTED]
http://www.tikom.at
---
This email is confidential and may also be legally privileged.
If you have received this email in error, you are in notice of
its status. Please notify the sender immediately by reply
e-mail and then delete this message from your system. Please
do not copy or use it for any purposes, or disclose its contents
to any other person: to do so could be a breach of confidence.
Thank you for your co-operation.

Any views expressed in this message are those of the individual
sender and may not necessarily reflect the views of
TI.KOM Tirol Kommunikation GmbH.

Please contact our Office on +43 512 902 2801 or
+43 1 902 2841 or e-mail [EMAIL PROTECTED] if you require further
assistance.

--
To unsubscribe from

Re: [Samba] Samba 3.0 + eCS (os/2)

[Andrew Bartlett]

On Thu, 2005-01-06 at 17:56 -0800, Jeremy Allison wrote:
> On Fri, Jan 07, 2005 at 02:50:40AM +0100, Guenter Kukkukk wrote:

> > a lot of work has been done by the samba team during the last weeks, to
> > get eCS / OS/2 working right with _samba 4.0_.
> > Samba 4.0 is the upcoming new version - a more or less complete re-write
> > of samba with many, many  new features
> > The 4.0 release date is unknown at the moment.
> > A. Tridgell: "... it will be released, when it is ready for release..."
> > If you need further information, you can also contact me directly at
> > [EMAIL PROTECTED]
> > 
> > Cheers, Guenter
> > 
> > btw - two samba - os/2 related IRC channels have been setup on 
> > irc.freenode.net
> > #samba-os2
> > #samba-os2-technical
> > Everyone should feel free to join those channels - it's not too crowded 
> > there at the moment. :-)

I'm not a fan of splitting things up too much - while I can't speak for
#samba, I know we have payed plenty of attention to OS/2 on #samba-
technical :-)

> It would be helpful to point out the problems with OS/2 and Samba3 also,
> as I'd like to get these fixed whilst Samba3 is still being developed and
> maintained.

There are a number of torture tests in Samba4 that now emulate this
behaviour.  I'm sure you will soon be onto tridge for what these are...

> Email works much better for reporting these things than IRC btw :-).

It got tridge's attention quite nicely.  But for the rest of the list -
Jeremy doesn't use IRC, so it's worthwhile posting things to the lists
occasionally :-)

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Authentication Developer, Samba Teamhttp://samba.org
Student Network Administrator, Hawker College   [EMAIL PROTECTED]



signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] determining a shares physical location

[Sam Mingolelli]

I have the following problem,
I don't have physical access to a samba server at our company and am trying to determine what a 
shares physical location is on the unix side. Is there anyway to accomplish this using smbclient or 
some other tool?

The share is called ///packages/dms and I want to know where its pointing to on the 
unix side, i.e. /export/raid1//packages/dms or whatever.

Any ideas?
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] mount.cifs returns Input/output error fedora core 3 to window server 2003

[Warren Roberts]

I am trying to get a cifs mount from fedora core 3 to my new Windows 2003
Server.  I've tried to mount it from both fedora core 3 and fedora core 2
but they both give the same error.

mount -t cifs -o user=foo //wcam/wTerra2 /mnt/wTerra2
Password:
mount error 5 = Input/output error
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

If I try
mount -t smbfs -o user=foo //wcam/wTerra2 /mnt/wTerra2

it works fine so I know the mount point permissions are ok on the windows
box.

>From the linux systems I can mount share points using "-t cifs" on my
windows xp laptop just fine as well.

Does anyone have an idea what is wrong.  I've googled around for several
hours but found no answers.

Thanx
Warren Roberts
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: [OT] SUSE 9.2 support

[David Phillips]

On the other hand, I just dumped using suse 9.2 on my desktop and laptop
because they have yet to fix the i/o error trying to browse mounted cifs
shares via konqueror.  Fedora 3 works with them like a charm.  I guess
they each have their pluses and minuses

Dave P

On Fri, 2005-01-07 at 01:43 +0100, Rolf A. Vaglid wrote:
> John Schmerold skrev:
> > I'm really sick of trying to get Fedora working with Samba & LDAP, I've 
> > read all the books, technotes etc etc
> > 
> > Still no glory after several months of fighting with it.
> > 
> > So: I'm going to give SUSE 9.2 a shot, after 6 years of Red Hat, however 
> > I'll certainly need some support & don't know which list &/or news 
> > groups are "best"
> > 
> > Anyone care to make a recommendation or two?
> 
> Hi John, I have the exact opinion. I have tried several times setting up 
>Samba/LDAP on Redhat and Fedora, only to come to the same conclution 
> as you. I ended up buying SuSE 9.2, and now it seems to work as a charm.
> 
> I just spent a couple of hours setting up a Postfix/Dovecot/Horde -> pam 
> -> OpenLDAP solution with no problems at all. I'll hook up 
> authentication from a Samba server to this server tomorrow.
> 
> My point is that it seems almost like SuSE had this scenario in mind in 
> 9.2, as opposed to Fedora et al. The reaseon I decided trying suse when 
> giving up on Fedora was just the fact that John H. T. used Suse in his 
> book "Samba 3 by Example". ( By the way; thanks John H. T. )
> 
> I'll still go for Fedora on my desktops and laptop tho, mainly due to 
> apt-get and the fact that most software packages are availible as Fedora 
>rpms.
> 
> Do drop me a mail if you get into trouble on Samba/LDAP on SuSE.
> 
> Cheers
> Rolf
> 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0 + eCS (os/2)

[Jeremy Allison]

On Fri, Jan 07, 2005 at 02:50:40AM +0100, Guenter Kukkukk wrote:
> Hello Dietrich,
> 
> > Hi,
> >
> > I use eCS as client for samba. with samba 2.2.x I have never problems
> > after configuration. With update my server from  suse 8.1 to 9.1 was
> > also samba changed from 2.2.x to 3.0.x. Since this I have only truble.
> > max protocol lanman1 works without problems, only .. I have no longnames.
> > The docs says, lanman1 is the first with long names support, also not
> > about the pm (desktop from os2). With lanman2 (or higher) I see
> > longnames in the commandline. I can save/create files, I can not copy
> > this this commanline tools, only read and save as. no access about the pm,
> >
> > No Ideas, only dowgrade to Samba 2.2.x, this maks other truble with my wine.
> >
> > Dietrich
> >
> a lot of work has been done by the samba team during the last weeks, to
> get eCS / OS/2 working right with _samba 4.0_.
> Samba 4.0 is the upcoming new version - a more or less complete re-write
> of samba with many, many  new features
> The 4.0 release date is unknown at the moment.
> A. Tridgell: "... it will be released, when it is ready for release..."
> If you need further information, you can also contact me directly at
> [EMAIL PROTECTED]
> 
> Cheers, Guenter
> 
> btw - two samba - os/2 related IRC channels have been setup on 
> irc.freenode.net
> #samba-os2
> #samba-os2-technical
> Everyone should feel free to join those channels - it's not too crowded there 
> at the moment. :-)

It would be helpful to point out the problems with OS/2 and Samba3 also,
as I'd like to get these fixed whilst Samba3 is still being developed and
maintained.

Email works much better for reporting these things than IRC btw :-).

Thanks,

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0 + eCS (os/2)

[Guenter Kukkukk]

Hello Dietrich,

> Hi,
>
> I use eCS as client for samba. with samba 2.2.x I have never problems
> after configuration. With update my server from  suse 8.1 to 9.1 was
> also samba changed from 2.2.x to 3.0.x. Since this I have only truble.
> max protocol lanman1 works without problems, only .. I have no longnames.
> The docs says, lanman1 is the first with long names support, also not
> about the pm (desktop from os2). With lanman2 (or higher) I see
> longnames in the commandline. I can save/create files, I can not copy
> this this commanline tools, only read and save as. no access about the pm,
>
> No Ideas, only dowgrade to Samba 2.2.x, this maks other truble with my wine.
>
> Dietrich
>
a lot of work has been done by the samba team during the last weeks, to
get eCS / OS/2 working right with _samba 4.0_.
Samba 4.0 is the upcoming new version - a more or less complete re-write
of samba with many, many  new features
The 4.0 release date is unknown at the moment.
A. Tridgell: "... it will be released, when it is ready for release..."
If you need further information, you can also contact me directly at
[EMAIL PROTECTED]

Cheers, Guenter

btw - two samba - os/2 related IRC channels have been setup on irc.freenode.net
#samba-os2
#samba-os2-technical
Everyone should feel free to join those channels - it's not too crowded there 
at the moment. :-)


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] [OT] SUSE 9.2 support

[Thomas M. Skeren III]

Greg Folkert wrote:
On Thu, 2005-01-06 at 16:43 -0600, John Schmerold wrote:
 

I'm really sick of trying to get Fedora working with Samba & LDAP, I've 
read all the books, technotes etc etc

Still no glory after several months of fighting with it.
So: I'm going to give SUSE 9.2 a shot, after 6 years of Red Hat, however 
I'll certainly need some support & don't know which list &/or news 
groups are "best"

Anyone care to make a recommendation or two?
   

FreeBSD 5.3 is quite tight.  No smb file transfers slow.  Ports are 
fairly up to date.  NO GUI.  Makes a nice light (hardware wise) server. 

Give the new Debian Installer a shot and install Debian's Sarge (testing
as it is called right now)
The packages are working very well for me, just by editing things.
Generating the certs and imports the schema, etc... etc...
Feels much more a breeze than anything SuSE or Fedora (or RedHat for
that matter, my last was RH9, I got off the whirly-gig then)
 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: [OT] SUSE 9.2 support

[Rolf A. Vaglid]

John Schmerold skrev:
I'm really sick of trying to get Fedora working with Samba & LDAP, I've 
read all the books, technotes etc etc

Still no glory after several months of fighting with it.
So: I'm going to give SUSE 9.2 a shot, after 6 years of Red Hat, however 
I'll certainly need some support & don't know which list &/or news 
groups are "best"

Anyone care to make a recommendation or two?
Hi John, I have the exact opinion. I have tried several times setting up 
  Samba/LDAP on Redhat and Fedora, only to come to the same conclution 
as you. I ended up buying SuSE 9.2, and now it seems to work as a charm.

I just spent a couple of hours setting up a Postfix/Dovecot/Horde -> pam 
-> OpenLDAP solution with no problems at all. I'll hook up 
authentication from a Samba server to this server tomorrow.

My point is that it seems almost like SuSE had this scenario in mind in 
9.2, as opposed to Fedora et al. The reaseon I decided trying suse when 
giving up on Fedora was just the fact that John H. T. used Suse in his 
book "Samba 3 by Example". ( By the way; thanks John H. T. )

I'll still go for Fedora on my desktops and laptop tho, mainly due to 
apt-get and the fact that most software packages are availible as Fedora 
  rpms.

Do drop me a mail if you get into trouble on Samba/LDAP on SuSE.
Cheers
Rolf
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] [OT] SUSE 9.2 support

[Greg Folkert]

On Thu, 2005-01-06 at 16:43 -0600, John Schmerold wrote:
> I'm really sick of trying to get Fedora working with Samba & LDAP, I've 
> read all the books, technotes etc etc
> 
> Still no glory after several months of fighting with it.
> 
> So: I'm going to give SUSE 9.2 a shot, after 6 years of Red Hat, however 
> I'll certainly need some support & don't know which list &/or news 
> groups are "best"
> 
> Anyone care to make a recommendation or two?

Give the new Debian Installer a shot and install Debian's Sarge (testing
as it is called right now)

The packages are working very well for me, just by editing things.
Generating the certs and imports the schema, etc... etc...

Feels much more a breeze than anything SuSE or Fedora (or RedHat for
that matter, my last was RH9, I got off the whirly-gig then)
-- 
greg, [EMAIL PROTECTED]

The technology that is
Stronger, better, faster: Linux


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] %$(envvar) gets evaluated when?

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Richard Duran wrote:
| Hello,
|
| When does %$(envvar) get evaluated? When the Samba
| service is started? Can it be used in the "template
| homedir" spec?
Probably not like you expect since this is the environment
of smbd when it started (not the user's environment).
And the only variables expanded in template homedir are
%D and %U.

cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3c0qIR7qMdg1EfYRApNoAKCO7ylPNpVZ86U8OuhihhkbylhkzwCg7Mvu
n1urcjVdQBLYOgXIAlPcCYI=
=omnZ
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problems when using cupsaddsmb

[Fabian Steiner]

Hi!
First of all, I have to admit that it is my first post on this list, so 
please be lenied toward me, if I don't obey some of the rules ;-) I'll 
try my best :-)

I am just trying to get my samba-server work as a print server by using 
CUPS. The OS of the server is Gentoo Linux and I'm using samba-3.0.9-r1. 
The clients are win 2k/xp home. I can already see my shares (files and 
drivers) in the windows networking neighbourhood, but unfortunately the 
configuration of the printer (Lexmark 3200) fails, since windows is 
looking for some *.inf files which cannot be found. Printing on the 
server is possible, though (using the lpr -plexmark test.text command).
When looking for some tutorials about this, I found this one: 
http://forums.gentoo.org/viewtopic.php?t=110931 , which said that 
cups-samba-5.0rc3.tar.gz  would have to be installed and that** 
cupsaddsmb -a -v -U root  would be the command I am looking for. So I 
installed it and three files were copied to the /usr/share/cups/drivers 
directory. The next thing to be done was to run the command above, but 
the output isn't as expected:
--
Password for root required to access localhost via SAMBA:
Running command: rpcclient localhost -N -U'root%pw' -c 'setdriver 
lexmark lexmark'
Succesfully set lexmark to driver lexmark.
--

So no directories like W32X86 were created in /var/lib/samba/printers 
and my clients still can't find the files which would be needed to get 
the printer work.
Here is my /etc/samba/smb.conf:

#=== Global Settings 
=
[global]

workgroup = milchstrasse
server string = Samba-Server %v
printcap name = cups
load printers = yes
printing = cups
printer admin = root
log file = /var/log/samba3/log.%m
max log size = 100
hosts allow = 192.168.0. 192.168.1. 127.
security = user
encrypt passwords = yes
smb passwd file = /var/lib/samba/private/smbpasswd
passdb backend = tdbsam

# Share Definitions 
==
[homes]
comment = Home Directories
browseable = no
writable = yes
public = no

[printers]
comment = All Printers
path = /var/spool/samba # rwx-rwx-rwx
browseable = no
public = yes
guest ok = yes
writable = no
printable = yes
printer admin = root,user
[print$]
path = /var/lib/samba/printers
browseable = yes
read only = yes
write list = @adm root
guest ok = no
[lexmark]
comment = MeinLexmark3200Drucker
printable = yes
path = /var/spool/samba # rwx-rwx-rwx
public = yes
guest ok = yes
printer admin = root,user
[public]
comment = oeffentliches zeug
path = /home/samba/public
public = yes
writable = yes
; write list = @staff
Does anybody of you know the reason for this problem with cupsaddsmb and 
the fact that directories like W32X86 are not ceated? I am really 
looking forward to your answers!

Regards,
Fabian
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] %$(envvar) gets evaluated when?

[Richard Duran]

Hello,

When does %$(envvar) get evaluated? When the Samba service is started?
Can it be used in the "template homedir" spec?

-richard

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Patch available to address the 'joining clients using root account' limitation

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've just checked in a change that will be in 3.0.11pre2
(when it is released) that allows members of the Domain Admins
group (defined by the Samba DC's group mapping table) to
join clients to the domain.  You can get the port for 4.0.10
from
http://www.samba.org/~jerry/patches/post-3.0.10/domain_admin-join.patch
Please test and send me any feedback (good idea, bad idea,
does work for you, etc)
Hopefully this will help clear up the confusion caused by people
using the 'admin users' to enable non-root accounts to be used
when joining a Windows client to the domain.

cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3coiIR7qMdg1EfYRAmT8AJ9Swhu35YjaiDqIVpTIwO4ri/NTBQCfT4A+
B6n0caal1b/ZRczMyoGgRnw=
=28e2
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] [OT] SUSE 9.2 support

[Brian Kesting]

Funny, I had the exact opposite problem of you.I couldn't get Samba 3 to
run worth darn on Suse 9.2, put it on Fedora Core 3 and is working
wonderfully.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
John Schmerold
Sent: Thursday, January 06, 2005 4:43 PM
To: [EMAIL PROTECTED]
Subject: [Samba] [OT] SUSE 9.2 support

I'm really sick of trying to get Fedora working with Samba & LDAP, I've 
read all the books, technotes etc etc

Still no glory after several months of fighting with it.

So: I'm going to give SUSE 9.2 a shot, after 6 years of Red Hat, however 
I'll certainly need some support & don't know which list &/or news 
groups are "best"

Anyone care to make a recommendation or two?

TIA

John

-- 
John Schmerold
Katy Computer & Wireless
20 Meramec Station Rd
Valley Park MO 63088
636-861-6900 v
775-227-6947 f

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[SAMBA] Only primary group being used for AD user?

[Wayne Rasmussen]

In my test AD adtest.com we have a user wjr who is a member of two groups:
Domain Users, xyzusers

We have two shares defined in the smb.conf file as follows:
[global]
workgroup = adtestnetbios
realm = adtest.com
security = ADS
encrypt passwords = yes
log level = 10
idmap uid = 1-35000
idmap gid = 1-35000
winbind enum users = yes
winbind enum groups = yes
template homedir = /u/%U
template shell = /bin/csh
winbind use default domain = yes
[public]
  comment = User's sharing documents here.
  public = no
  path = /u/public
  read only = No
  create mask = 0660
  directory mask = 0770
  browseable = Yes
[u]
  comment =  main work area
  path = /u
  public = no
  create mask = 0660
  read only = No
  directory mask = 0770
  browseable = Yes

The permissions on the two directories in the path are as follows:
drwxr-xr-x  14 root root 512 Dec 12 15:17 u/
drwxrws---   2 stockxyzusers 512 Dec  6 14:48 public/

A getent passwd for the user results in the following:
getent passwd |grep wjr
wjr:x:10023:1:wayne j rasmussen:/u/wjr:/bin/csh

A getent group for the appropriate groups results in the following:
Domain Users:x:1:
xyzusers:x:10021:wjr
log.smbd shows that the xyzusers is not being seen/used by samba.
[2005/01/06 14:01:22, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 10023
  Primary group is 1 and contains 1 supplementary groups
  Group[  0]: 1

The user wjr on a Window XP Pro box can browse to the server, access the /u
share, but gets  \\servername\public not accessible message.  Is this a bug?
It seems that samba can only use a single group for a given userid...

BTW.We are running Samba 3.0.9 on Solaris 9.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] [OT] SUSE 9.2 support

[John Schmerold]

I'm really sick of trying to get Fedora working with Samba & LDAP, I've 
read all the books, technotes etc etc

Still no glory after several months of fighting with it.
So: I'm going to give SUSE 9.2 a shot, after 6 years of Red Hat, however 
I'll certainly need some support & don't know which list &/or news 
groups are "best"

Anyone care to make a recommendation or two?
TIA
John
--
John Schmerold
Katy Computer & Wireless
20 Meramec Station Rd
Valley Park MO 63088
636-861-6900 v
775-227-6947 f
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] new printing patch for 3.0.10

[David Schlenk]

I have tested the new printing patch for 3.0.10 found at 
http://www.samba.org/~jerry/patches/post-3.0.10/ in my test environment 
(i386 arch running redhat 9 with cups 1.1.20) and have found that it 
fixes the queue not clearing bug. Clients I tested with include 
Win98SE, Win2k SP4, WinXP SP1 and WinXP SP2.

For anyone who uses rh9 and cups 1.1.20, and wants to use my rpms, you 
can get them here:
http://www.mathcs.bethel.edu/~schdav/
--
David Schlenk
Operating Systems Analyst
Bethel University
Saint Paul, Minnesota
[EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Use "wbinfo" to create local user/group, but where is the account ?

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John H Terpstra wrote:
| On Thursday 06 January 2005 09:44, Gerald (Jerry) Carter wrote:
|
|>Iap, Singuan wrote:
|>| wbinfo has several options on managing the local user/group accounts.
|>| But these accounts seem
|>|not system account (/etc/passwd),
|>|not smbpasswd managed accounts ,
|>|not remote ADS accounts. (via winbindd)
|>| What are those acccounts for?
|>
|>The winbind local groups were intended as portabler replacements
|>for the 'add user script', et. al. params.  But the concept
|>never really caught on.  The UNIX user and group information
|>is stored in the winbindd_idmap.tdb on local disk.
|>
|>Unless people voice a strong objection, this will probably
|>be filed in the 'good idea that never made it mainstream'
|>pile of code.
|
|
| Jerry,
|
| I know of only three small sites that use the wbinfo
| generated accounts  feature. I wonder how many others
| are using this feature? If the usage is low
| maybe we should simply zap that functionality from
| the code.
It's already disabled by default now (as of 3.0.8)
or something.  It will probably just fade away.
Not really important to pull it in a patch release.


cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3bXuIR7qMdg1EfYRAs8jAJ9FjepMnF0E/Lzv3hSgvOIj6zGLNACgrb+U
1ceToRi0Q39biQn04VxyK2I=
=S2pX
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Symlinks not behaving as expected?

[ted_mcmanus]

My server is an AIX box running samba 3.0.4.

I have published a share of symlinked logfiles, because I want to publish
the logs but not the full directories in which the logs live.  Here are
some examples:

lrwxrwxrwx   1 hmrbot   mis  16 Sep 08 11:43 boxaudit-exempt ->
../../ant/exempt
lrwxrwxrwx   1 hmrbot   mis  14 Sep 08 11:41 done.txn ->
../../txn/done
lrwxrwxrwx   1 hmrbot   mis  18 Sep 08 11:44 messages.tx2 ->
../../tx2/messages
lrwxrwxrwx   1 hmrbot   mis  18 Sep 08 11:44 messages.txn ->
../../txn/messages
lrwxrwxrwx   1 hmrbot   mis  17 Sep 08 11:45 spec.qa ->
../../qa/spec.log

These happen to be relative symlinks (../../foo), but absolute symlinks
(/tmp/foo) produce the same behavior I will describe.

I have two linux clients.

- Client A runs samba 2.2.7a and follows the symlinks on the server to see
the files there.  All is well.

- Client B runs samba 3.0.7 and tries to follow the symlinks on the
_client_ machine's own filesystem!  Needless to say, they don't exist on
the client machine; they're on the server.

Questions:

1) Is this a bug?  (Is this bug 2008?
https://bugzilla.samba.org/show_bug.cgi?id=2008  )  Or an intentional
behavior change?
2) Short of downgrading my version of smbclient, can I make Client B behave
like Client A?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Use "wbinfo" to create local user/group, but where is the account ?

[John H Terpstra]

On Thursday 06 January 2005 09:44, Gerald (Jerry) Carter wrote:
> Iap, Singuan wrote:
> | wbinfo has several options on managing the local user/group accounts.
> | But these accounts seem
> |not system account (/etc/passwd),
> |not smbpasswd managed accounts ,
> |not remote ADS accounts. (via winbindd)
> | What are those acccounts for?
>
> The winbind local groups were intended as portabler replacements
> for the 'add user script', et. al. params.  But the concept
> never really caught on.  The UNIX user and group information
> is stored in the winbindd_idmap.tdb on local disk.
>
> Unless people voice a strong objection, this will probably
> be filed in the 'good idea that never made it mainstream'
> pile of code.

Jerry,

I know of only three small sites that use the wbinfo generated accounts 
feature. I wonder how many others are using this feature? If the usage is low 
maybe we should simply zap that functionality from the code.

- John T.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] libiconv.so.2 is not found

[Tim Nguyen]

libiconv 1.9.1 "make install" populates the lib in
/usr/local/lib by default.
Copying the lib to /usr/lib got around the problem for me.
I installed samba 3.0.10.

Hope that helps.

Tim



> I am running AIX 5.2 ML02  on p615
> trying to run Samba 3.0.1 but it fails to start with following message.

> exec(): 0509-036 Cannot load program testparm because of the following
> errors:
>0509-150   Dependent module /usr/lib/libiconv.a(libiconv.so.2)
could
> not be loaded.
>0509-152   Member libiconv.so.2 is not found in archive

> As part of 5.2 it has following

>  bos.iconv.com 5.2.0.14  COMMITTED  Common Language to
Language
>  bos.iconv.ucs.com 5.2.0.11  COMMITTED  Unicode Base Converters
for
>  bos.rte.iconv 5.2.0.10  COMMITTED  Language Converters

> Any help is appreciated.

> Yousuf Mehboob
> Aix Administrator Smorgon Steel Limited
> Work Phone: +613-8325 7244
> Fax: +613-9325 1671
> Cell Phone: +61-0408523974
> myousuf at smorgonsteel.com.au
>
 <>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] "Called name not present" - using smbclient from linux to access win98

[Xingjun Chu]

Hi,

I am quite confused by the following observation.

I tried to use smbclient on a linux to access a Windows 98 se.
---  Smbclient  //IP address/sharefolder -U username%passwd. 

I got some errors like

Session request to [Ip address] failed (called name not present).

But I can use  the same command from the same Linux to access a Window 2000
machine.


I also noticed that If I use the the following command to access the win98
from the linux box,

--- smbclient //win98 machine name/sharefolder -I IP address -U
username%passwd. 

It works fine.

So I began to think probably something going on with win98 smb server and I
have to use the name instead of using something like //IP
address/sharefolder to refer to that resoure.

But the following fact confused me, I can access win98 use "//IP
address/sharefolder" from my win2k machine, for example, enter "//win98 ip
address/sharefoler" in the "run", I can get in. 

I'll really appreciate it if anyone can clarify this confusion above

Thanks!

Jason







-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] shifting samba machine

[Abe Shelton]

I tried this a week ago and afterward, none of the windows clients on 
our network would recognize "admin users" (Domain admins) as actual 
Administrators. It could have been because of differences in user and 
machine accounts (/etc/passwd, /etc/group and /etc/shadow* are probably 
really important in this regard), but even after quite a few hours of 
debugging, I still couldn't get the windows clients to "trust" the PDC's 
admin users.

A better way to migrate/shift the PDC machine may be to transition to an 
LDAP backend rather than smbpasswd, and then setup the machine to be 
shifted to as a BDC. Then, after all is working with the LDAP-based 
PDC/BDC setup, decommission the PDC and shift the BDC into place.

Abe
anu bhaskar wrote:
hi,
i have a smba server working as pdc. users are managed using smbpasswd.
i want to shift the server to a new machine (without changing any
configuration). which all configuration files i have to copy to the new
machine.
greetings,
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] 3.0.x and AIX 5.3

[Jeremy Allison]

On Wed, Jan 05, 2005 at 05:14:09PM -0500, William Jojo wrote:
> 
> 
> As of AIX 5.3 sys/var.h is loaded in sys/proc.h & sys/space.h which are
> loaded through a rather lengthy debacle of nested includes. AIX 5.2 does
> not have this problem.
> 
> 
> At any rate the result when using gcc 3.3 and vac 6.x:
> 
> Compiling web/cgi.c
> web/cgi.c:33: error: redefinition of `struct var'
> web/cgi.c: In function `cgi_load_variables':
> web/cgi.c:138: error: structure has no member named `name'
> web/cgi.c:139: error: structure has no member named `value'
> ...
> 
> 
> Attached is a simple fix that just renames the "struct var" to "struct
> cgi_var". 3.0.10 and 3.0.11pre1 compile successfully on 5.3 after this
> change.

Applied, thanks !

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Mini Samba-SuSE Firewall2 HOWTO

[L. Mark Stone]

(Please forgive the cross posting; I know many SuSE users subscribe to 
both the Samba and SuSE-e discussion groups and will get this message 
twice.)

I had always been frustrated trying to get SuSE's Firewall2 to play 
nicely with Samba and support seamless network browsing.  After much 
experimentation and a lot of Googling, I was finally able to get this 
working.  By "working", I mean that the Network Browsing desktop icon 
in SuSE 9.2 functions perfectly.

I am documenting it here hoping it will save others some time and the 
temptation to just turn off the SuSE firewall.

This setup is on a SuSE 9.2 Pro system with all SuSE patches as of the 
date of this writing (including the sometimes problematic -10 kernel) 
and SuSE-supplied Samba 3.0.9 from the install DVD and as updated by 
YaST.

After Samba is installed and configured, run YaST > Security and Users > 
Firewall and on the Configuration:Services screen, put a check mark in 
the tick box next to "Samba Server" under the "File Services" heading. 
This will be the second or third screen you see, depending upon whether 
your firewall is not running or is already running, respectively.  

Upon finishing the firewall wizard, go to the System panel in YaST and 
choose the /etc/sysconfig Editor module. In the Network > Firewall > 
SuSEfirewall2 section, make sure the following items have the values 
set below (likely there will be additional entries for some items, but 
I am showing only the Samba-specific values here).

The settings below are for a workstation with one NIC that is used to 
share files and a printer with other boxes on the LAN.  If you have a 
server with multiple NICS, choose the interfaces (INT, EXT, DMZ) as 
appropriate for your situation.

Here are the /etc/sysconfig settings from YaST:

FW_SERVICES_EXT_TCP = microsoft-ds netbios-dgm netbios-ns netbios-ssn
FW_SERVICES_EXT_UDP = netbios-dgm netbios-ns
FW_ALLOW_INCOMING_HIGHPORTS_TCP = netbios-ns microsoft-ds
FW_ALLOW_INCOMING_HIGHPORTS_UDP = netbios-ns microsoft-ds
FW_ALLOW_FW_BROADCAST = yes

Note that the FW_ALLOW_FW_BROADCAST setting can take an interface as a 
value, so instead of setting it to "yes" as I did, you can set it to 
"int",  "ext",  etc. to limit the effect to specific NICs.

You can also use port numbers instead of the service names 
from /etc/services; the table below will give you the conversions:

Service NamePort Number
microsoft-ds445
netbios-dgm 138
netbios-ns  137
netbios-ssn 139


I hope this is helpful... Perhaps the Samba team would consider 
including this info in the S3BE documentation?

With best regards to all,
Mark

-- 
___
A Message From...  L. Mark Stone

Reliable Networks of Maine LLC

"We manage your network so you can manage your business."

477 Congress Street
Portland, ME 04101
Tel: (207) 772-5678
Web: http://www.rnome.com



pgpAWSRkoWlhE.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

FOLLOWUP Re: [Samba] Isolated printer problem

[Misty Stanley-Jones]

I want to post a followup for this.  I solved it and it was not a Samba issue.  
It was to do with the printer in question (the instance installed on the 
user's computer) was using a "local port" called \\myserver\printername, 
rather than the "no visible port" setting that Windows 2000 usually has for 
printers accessed via Samba (on NT the printer will be using a "SAMBA port".  
It was using this "local port" because of some software that has really bad 
network printer support and needs it.  My solution will be to make a copy of 
the printer in question, in CUPS, and allow THAT copy to use the "local port" 
while the normal instance is configured in the standard way for Samba.

As for the other print jobs disappearing so fast, it is ismply because CUPS is 
esnding the job to the printer much quickly than my users are used to.  It 
also looks like CUPS is using the printer's  onboard memory where Novell was 
not, so between the two things the job disappears really fast.  For printers 
that rae used for manually feed operations a lot, I may need to disable the 
printer's cache so that the job needing attention will still be visible in 
the queue.

Thanks for your patience,
Misty

On Tuesday 04 January 2005 17:41, Misty Stanley-Jones wrote:
> On Tuesday 04 January 2005 16:54, John H Terpstra wrote:
> > Is the 10th user a manager of the "printer operators" group?
>
> No.  Nobody is.
>
> > At "log level = 5" what do the logs for that 10th machine show has
> > happened. I suspect you will find your answer there.
> >
> > log level = 5
> > max log size = 0
> > log file = /var/log/samba/%m
> >
> > Note: %m gets expanded to the name of the workstation.
>
> Of note -- It turns out through testing (rather than taking the user's word
> for it) that he is not able to see any spooled jobs on any network printer
> of his.
>
> Nothing odd that I can see here except that the message gets sent to the
> plotter 8 times ... maybe that is normal... Spewed here:
>
> [2005/01/04 17:21:11, 5]
> printing/notify.c:print_notify_send_messages_to_printer(169)
>   print_notify_send_messages_to_printer: sending 8 print notify messages to
> printer plotter
> [2005/01/04 17:21:46, 3] smbd/process.c:process_smb(1092)
>   Transaction 71331 of length 39
> [2005/01/04 17:21:46, 5] lib/util.c:show_msg(461)
> [2005/01/04 17:21:46, 5] lib/util.c:show_msg(471)
>   size=35
>   smb_com=0x71
>   smb_rcls=0
>   smb_reh=0
>   smb_err=0
>   smb_flg=24
>   smb_flg2=51207
>   smb_tid=2
>   smb_pid=65279
>   smb_uid=129
>   smb_mid=14665
>   smt_wct=0
>   smb_bcc=0
> [2005/01/04 17:21:46, 3] smbd/process.c:switch_message(887)
>   switch message SMBtdis (pid 25406) conn 0x83dc9c8
> [2005/01/04 17:21:46, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/04 17:21:46, 5] auth/auth_util.c:debug_nt_user_token(486)
>   NT user token: (NULL)
> [2005/01/04 17:21:46, 5] auth/auth_util.c:debug_unix_user_token(505)
>   UNIX token of user 0
>   Primary group is 0 and contains 0 supplementary groups
> [2005/01/04 17:21:46, 5] smbd/uid.c:change_to_root_user(296)
>   change_to_root_user: now uid=(0,0) gid=(0,0)
> [2005/01/04 17:21:46, 4] smbd/vfs.c:vfs_ChDir(654)
>   vfs_ChDir to /data/samba/netlogon
> [2005/01/04 17:21:46, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/04 17:21:46, 5] auth/auth_util.c:debug_nt_user_token(486)
>   NT user token: (NULL)
> [2005/01/04 17:21:46, 5] auth/auth_util.c:debug_unix_user_token(505)
>   UNIX token of user 0
>   Primary group is 0 and contains 0 supplementary groups
> [2005/01/04 17:21:46, 5] smbd/uid.c:change_to_root_user(296)
>   change_to_root_user: now uid=(0,0) gid=(0,0)
> [2005/01/04 17:21:46, 1] smbd/service.c:close_cnum(836)
>   w2kgreg (192.168.1.57) closed connection to service netlogon
> [2005/01/04 17:21:46, 3] smbd/connection.c:yield_connection(69)
>   Yielding connection to netlogon
> [2005/01/04 17:21:46, 4] smbd/vfs.c:vfs_ChDir(654)
>   vfs_ChDir to /
> [2005/01/04 17:21:46, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2005/01/04 17:21:46, 5] auth/auth_util.c:debug_nt_user_token(486)
>   NT user token: (NULL)
> [2005/01/04 17:21:46, 5] auth/auth_util.c:debug_unix_user_token(505)
>   UNIX token of user 0
>   Primary group is 0 and contains 0 supplementary groups
> [2005/01/04 17:21:46, 5] smbd/uid.c:change_to_root_user(296)
>   change_to_root_user: now uid=(0,0) gid=(0,0)
> [2005/01/04 17:21:46, 5] lib/util.c:show_msg(461)
> [2005/01/04 17:21:46, 5] lib/util.c:show_msg(471)
>   size=35
>   smb_com=0x71
>   smb_rcls=0
>   smb_reh=0
>   smb_err=0
>   smb_flg=136
>   smb_flg2=51201
>   smb_tid=2
>   smb_pid=65279
>   smb_uid=129
>   smb_mid=14665
>   smt_wct=0
>   smb_bcc=0
> [2005/01/04 17:22:20, 3] smbd/process.c:process_smb(1092)
>   Transaction 71332 of length 39
> [2005/01/04 17:22:20, 5] lib/util.c:show_msg(461)
> [2005/01/04 17:22:20, 5] lib/util.c:show_msg(471

Re: [Samba] General Samba Questions

[Spike Burkhardt]

John,

  Just last month we setup a AD network with Samba 3.0.10 on Solaris 8 & 9 and
it worked the first time!  I didn't have anything to do with setting up AD but
I was responsible for samba.  I installed the MIT Kerberos 1.3.5 libraries,
built Samba 3.0.10 with --with-ads.  Worked excellantly :-))

spike

[EMAIL PROTECTED] wrote:

> Hi,
>
> We've been having lots of issues with our Linux based Samba servers since
> the Windows domains have migrated to AD. We were hoping and expecting
> that, at least in the short term, we could run in "mixed" mode and not
> have to make any changes to our Samba servers. However, things just aren't
> working well. Also, I've posted several issues to this list over the last
> several weeks and many of the issues I've encountered have gone
> unresolved.
>
> So, the question(s) I have is what is the recommended/suggested Samba
> version and configuration we should consider deploying in an
> infrastructure running with Windows 2003 servers and AD? We are running
> primarily RedHat 9 and RedHat ES 30 and a majority of our Samba servers
> are currently running 3.0.7 with some running 2.2.7a, (both of which are
> RedHat's distributions). We've had all kinds of problems varying from
> intermittent "password server not available" issues, to smbd locking up
> and most recently having problems changing a server from server to domain
> security style. Interestingly, (or maybe not), none of these problems
> existed prior to the AD upgrades
>
> I'm considering making an effort to go full ads mode on the samba servers,
> however, I've also seen that others have had issues doing this.
>
> I'm open to suggestions.
>
> Thanks,
> -John
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] General Samba Questions

[Greg Folkert]

On Wed, 2005-01-05 at 23:21 -0500, [EMAIL PROTECTED] wrote:
> Hi,
> 
> We've been having lots of issues with our Linux based Samba servers since 
> the Windows domains have migrated to AD. We were hoping and expecting 
> that, at least in the short term, we could run in "mixed" mode and not 
> have to make any changes to our Samba servers. However, things just aren't 
> working well. Also, I've posted several issues to this list over the last 
> several weeks and many of the issues I've encountered have gone 
> unresolved.
> 
> So, the question(s) I have is what is the recommended/suggested Samba 
> version and configuration we should consider deploying in an 
> infrastructure running with Windows 2003 servers and AD? We are running 
> primarily RedHat 9 and RedHat ES 30 and a majority of our Samba servers 
> are currently running 3.0.7 with some running 2.2.7a, (both of which are 
> RedHat's distributions). We've had all kinds of problems varying from 
> intermittent "password server not available" issues, to smbd locking up 
> and most recently having problems changing a server from server to domain 
> security style. Interestingly, (or maybe not), none of these problems 
> existed prior to the AD upgrades
> 
> I'm considering making an effort to go full ads mode on the samba servers, 
> however, I've also seen that others have had issues doing this. 
> 
> I'm open to suggestions.

You must make sure you use MIT Kerberos v1.3.4+ (1.3.[0|1|2|3] seemed
intermittent to me). Winbind... this is the pivotal piece that needs to
work properly.

If everything else fails except winbind, thats a wonderful start.
If everything works except for winbind, that will be an uphill battle,
at least it has been for me doing remote samba installs where I have to
rely on others to "fix" W2K3 domains and perms and such. Most of the
time they fudge it up... or don't really trust Samba due to it being
"Shareware" (yes I know it isn't)

Work on getting a simple test environ (if possible) and try Samba in
full ADS mode. (no mixed mode) Hammer it and make it work. Then apply
your knowledge to a limited production server. The deploy once all the
"issues" are resolved. 

I also want to heavily suggest samba 3.0.8 or after... really 3.0.10 as
of now. 
-- 
greg, [EMAIL PROTECTED]

The technology that is
Stronger, better, faster: Linux


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Use "wbinfo" to create local user/group, but where is the account ?

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Iap, Singuan wrote:
|
| wbinfo has several options on managing the local user/group accounts.
| But these accounts seem
|not system account (/etc/passwd),
|not smbpasswd managed accounts ,
|not remote ADS accounts. (via winbindd)
| What are those acccounts for?
The winbind local groups were intended as portabler replacements
for the 'add user script', et. al. params.  But the concept
never really caught on.  The UNIX user and group information
is stored in the winbindd_idmap.tdb on local disk.
Unless people voice a strong objection, this will probably
be filed in the 'good idea that never made it mainstream'
pile of code.



cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3WrWIR7qMdg1EfYRAmIFAJ9YiMQ9qNo24EMe+pfhtQGbqghfuwCgve76
+EUydpanEUD0c5FAn/YxAwQ=
=xo/a
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Administrator->root mapping not working on 3.0.10 (3.0.7 fine)

[Stephen Borrill]

On Thu, 6 Jan 2005, Gerald (Jerry) Carter wrote:
> Stephen Borrill wrote:
> | We are using samba 3 on NetBSD with security=domain
> | authenticating against Windows 2003. We have a username map
> | of "root = administrator". In all previous versions of
> | samba tested (2.2.x and 3.0.x), this means when we log on
> | as administrator, we have root access and see the root
> | share. With 3.0.10, we are continually prompted for a
> | password.
> 
> ~From the 3.0.8 release notes (WHATSNEW.txt):
[snip]
> Change in Username Map
> - --
> 
> Previous Samba releases would only support reading the fully qualified
> username (e.g. DOMAIN\user) from the username map when performing a
> kerberos login from a client.  However, when looking up a map
> entry for a user authenticated by NTLM[SSP], only the login name would be
> used for matches.  This resulted in inconsistent behavior sometimes
> even on the same server.
> 
> Samba 3.0.8 obeys the following rules when applying the username
> map functionality:
> 
> ~  * When performing local authentication, the username map is
> ~applied to the login name before attempting to authenticate
> ~the connection.
> ~  * When relying upon a external domain controller for validating
> ~authentication requests, smbd will apply the username map
> ~to the fully qualified username (i.e. DOMAIN\user) only
> ~after the user has been successfully authenticated.

I'd followed that discussion, but I guess I hadn't quite followed the
ramifcations! A username map of "root=DOMAIN\Administrator" works fine.

Thanks a lot,

-- 
Stephen

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] msdfs: links to shares not visible/accessible in dfs root

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ntaflos wrote:
| Hello list,
|
| I am trying to get a DFS share to work here, linking to
| a few Windows 2000, XP and NT machines. Using Samba
| 3.0.6 on Debian. I followed the instructions in
| chapter 17 of the official HOWTO collections and set it
| up like this:
Make sure you reboot the clients after enabling dfs
support on the Samba server since the client will
cache information about dfs referrals.  There is a
win32 tool for clearing the cache as well buit I
don't remember what it is right now.
I would also test 3.0.10 since there were some
dfs bugs in the past.  Check the release notes
for details.
And finally I have one report of Windows XP sp2
breaking Samba's dfs support but I have not
confirmed that yet.

cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3VVGIR7qMdg1EfYRAtD9AKDrnf5cJddrMq80wEPT7lUPQBCqqwCeKPZd
anILpi3uZohi7+eUfTJTdCg=
=CKcW
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Administrator->root mapping not working on 3.0.10 (3.0.7 fine)

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen Borrill wrote:
| We are using samba 3 on NetBSD with security=domain
| authenticating against Windows 2003. We have a username map
| of "root = administrator". In all previous versions of
| samba tested (2.2.x and 3.0.x), this means when we log on
| as administrator, we have root access and see the root
| share. With 3.0.10, we are continually prompted for a
| password.
~From the 3.0.8 release notes (WHATSNEW.txt):
Change in Winbindd Behavior
- ---
All usernames returned by winbindd are now converted to lower
case for better consistency.  This means any winbind installation
relying on the winbind username will need to rename existing
directories and/or files based on the username (%u and %U) to lower
case (e.g. mv $name `echo $name | tr '[A-Z]' '[a-z]'`).  This may
include mail spool files, home directories, valid user lines in
smb.conf, etc
Change in Username Map
- --
Previous Samba releases would only support reading the fully qualified
username (e.g. DOMAIN\user) from the username map when performing a
kerberos login from a client.  However, when looking up a map
entry for a user authenticated by NTLM[SSP], only the login name would be
used for matches.  This resulted in inconsistent behavior sometimes
even on the same server.
Samba 3.0.8 obeys the following rules when applying the username
map functionality:
~  * When performing local authentication, the username map is
~applied to the login name before attempting to authenticate
~the connection.
~  * When relying upon a external domain controller for validating
~authentication requests, smbd will apply the username map
~to the fully qualified username (i.e. DOMAIN\user) only
~after the user has been successfully authenticated.




cheer,s jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3VRqIR7qMdg1EfYRAhzrAJ0WQHjXyclQ+4pHzCiw0ciEINXj0wCffEfL
uhkQZxAG2eV9iI7530+YM1g=
=/46x
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smb vfs modules queries

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
caas it wrote:
| I am using samba-3.0.7 on kernel version 2.6.5-3
| (client as well as server).
| I traced the exact function calling sequence when a
| "mkdir" command is given at the client side.
| I got stuck at the server side,
|
|   source/smbd/vfs.c - vfs_MkDir() -
| SMB_VFS_MKDIR(conn,name,mode)  (line no 357)
|
| Could anyone please tell me exactly where is the
| vfs_ops struct initialised, and which function will
| actually get called in the above call, for the
| described case?
Look in source/smbd/vfs.c.  You get the default vfs_ops
struct unless overridden in the service definition (i.e.
vfs_init_custom() ).
|
| Also, I set up the log level as 100 in the smb.conf
| file, but the DEBUG statements in the code executed at
| the client side are not seen in the log files at the
| client, as they can be seen at the server side. What
| needs to be done so that all these DEBUG statements
| are seen in the client log files?
?  The client log and server logs are isolated by the
different ends on the conversation.  You can't consolidate
the server log files into the client log.  Not sure exactly
what you are asking here.




cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3VQLIR7qMdg1EfYRAuHCAKCo5Q2S12H5NuGwed0fUDLnrKhxDwCfV1xL
C9D9uHGPtAXunzpoI7Cpd24=
=VkSH
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] WIndows Error messages each write access

[support]

Hello, 

just a quick message via my Webmailer, a more detailed explaination will 
follow when I am at home. I was fighting two days with a brand new Samba 
3.0.10 Installation on a SuSE 9.2 Box. At the end I had to give up to catch 
my flight home: 

The problem is, that each write access (like creating, deleting, changing 
file) a Windows popup comes up informing me, that the network name is not 
valid anymore, and that the file is not found. After confirming the message, 
the file action is done anyway (e.g. its deleted or created). 

I tried the same in a MS DOS Command line window and there I can do the same 
actions (like "edit test" to create a file and "del test" to delete it) 
without any questions or problems. 

The client is getting the IP via DHCP with a Dyn DNS Entry. The resolving of 
IP and/or Name is working on both sites (I trible checked that). 

Any idea so far ? 

I will post detailed config files later when I am home. I am so fed up... 

cu
stonki 

--
www.stonki.de
www.kbarcode.net
www.krename.net
www.proftpd.de 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Administrator->root mapping not working on 3.0.10 (3.0.7 fine)

[Stephen Borrill]

We are using samba 3 on NetBSD with security=domain authenticating against
Windows 2003. We have a username map of "root = administrator". In all
previous versions of samba tested (2.2.x and 3.0.x), this means when we
log on as administrator, we have root access and see the root share. With
3.0.10, we are continually prompted for a password.

Log from 3.0.7 below:

[2005/01/06 14:25:58, 4] 
/usr/pkgsrc/net/samba/work/samba-3.0.7/source/lib/username.c:map_username(132)
  Scanning username map /usr/pkg/etc/samba/smbusers
[2005/01/06 14:25:58, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.7/source/lib/username.c:map_username(173)
  Mapped user Administrator to root
[2005/01/06 14:25:58, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.7/source/auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  Checking password for unmapped user [EMAIL PROTECTED] 
with the new password interface
[2005/01/06 14:25:58, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.7/source/auth/auth.c:check_ntlm_password(222)
  check_ntlm_password:  mapped user is: [EMAIL PROTECTED]
[2005/01/06 14:25:58, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.7/source/auth/auth.c:check_ntlm_password(268)
  check_ntlm_password: winbind authentication for user [Administrator] succeeded
[2005/01/06 14:25:58, 2] 
/usr/pkgsrc/net/samba/work/samba-3.0.7/source/auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [Administrator] -> [root] -> 
[root] succeeded

Log from 3.0.10 below:

[2005/01/06 14:30:27, 4] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/lib/username.c:map_username(132)
  Scanning username map /usr/pkg/etc/samba/smbusers
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/lib/username.c:map_username(173)
  Mapped user Administrator to root
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  Checking password for unmapped user [EMAIL PROTECTED] 
with the new password interface
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/auth/auth.c:check_ntlm_password(222)
  check_ntlm_password:  mapped user is: [EMAIL PROTECTED]
[2005/01/06 14:30:27, 4] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/lib/username.c:map_username(132)
  Scanning username map /usr/pkg/etc/samba/smbusers
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/auth/auth_util.c:make_server_info_info3(1127)
  User root does not exist, trying to add it
[2005/01/06 14:30:27, 0] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/auth/auth_util.c:make_server_info_info3(1134)
  make_server_info_info3: pdb_init_sam failed!
[2005/01/06 14:30:27, 2] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [Administrator] -> [root] 
FAILED with error NT_STATUS_NO_SUCH_USER
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/smbd/process.c:timeout_processing(1336)
  timeout_processing: End of file from client (client has disconnected).
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/smbd/connection.c:yield_connection(69)
  Yielding connection to 
[2005/01/06 14:30:27, 3] 
/usr/pkgsrc/net/samba/work/samba-3.0.10/source/smbd/connection.c:yield_connection(76)
  yield_connection: tdb_delete for name  failed with error Record does not 
exist.

Any help appreciated.

-- 
Stephen


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Samba 3.0.11pre1 Available for Download

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Schlenk wrote:
|
| On Jan 5, 2005, at 1:19 PM, Gerald Carter wrote:
|
|> Common bugs fixed in 3.0.11pre1 include:
|>
|> ~  o Numerous printing bugs bugs including memory
|> ~bloating on large/busy print servers.
|
|
| I can confirm that the job clearing bug present
| in unpatched  3.0.9/3.0.10 is gone from 3.0.11pre1
| tested with 98, 2k and XP clients.
w00t!  Thanks for the feedback.
| I've got a new 3.0.10 package compiled with the new
| printing patch, results of tests tomorrow.


cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB3UlbIR7qMdg1EfYRAoVVAKCBBjgmwHKCMfQhEz7toLfv6q3WgACfWE87
JuEmKDtwNA0bPNWp35vbS2g=
=NO6Z
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Master domain browser after IP change?

[Marc Sherman]

Marc Sherman wrote:
Marc Sherman wrote:
I just renumbered my local network, from 192.168.1/24 to 
192.168.23/24.  My samba 3.0.10 server, which is configured to be the 
local and master domain browser, seems to be a bit confused:

Jan  4 22:03:34 pyloric nmbd[2308]: [2005/01/04 22:03:34, 0] 
nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(327)
Jan  4 22:03:34 pyloric nmbd[2308]:   become_domain_master_browser_wins:
Jan  4 22:03:34 pyloric nmbd[2308]:   Attempting to become domain 
master browser on workgroup PROJECTILE_WRK, subnet UNICAST_SUBNET.
Jan  4 22:03:34 pyloric nmbd[2308]: [2005/01/04 22:03:34, 0] 
nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(341)
Jan  4 22:03:34 pyloric nmbd[2308]:   
become_domain_master_browser_wins: querying WINS server from IP 
192.168.23.5 for domain master browser name PROJECTILE_WRK<1b> on 
workgroup PROJECTILE_WRK
Jan  4 22:03:34 pyloric nmbd[2308]: [2005/01/04 22:03:34, 0] 
nmbd/nmbd_become_dmb.c:become_domain_master_query_success(225)
Jan  4 22:03:34 pyloric nmbd[2308]:   become_domain_master_query_success:
Jan  4 22:03:34 pyloric nmbd[2308]:   There is already a domain master 
browser at IP 192.168.1.5 for workgroup PROJECTILE_WRK registered on 
subnet UNICAST_SUBNET.

It is successfully becomming the local master browser, but it's 
failing to become the domain master browser.  Is there any way to get 
samba to forget about its own old IP address?
Renaming the domain didn't work entirely; some of the messages went 
away, but samba still kept trying to contact itself on the old IP 
address every 20 minutes.  I ended up having to purge and re-install 
samba to get these errors to go away.

Should I be filing a bug about this somewhere?
- Marc
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Mysql Password Backend

[Paul Gienger]

The Error:
No builtin nor plugin backend for mysql found
Loading mysql:mysql failed!
Sounds like it's not compiled in.  Did you compile from source or using 
a distro package?

--
--
Paul GiengerOffice: 701-281-1884
Applied Engineering Inc.
Systems Architect   Fax:701-281-1322
URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Using winbindd against Samba PDC doesn't work

[Robert Schetterer]

Hi, if understand the problem in the right way
you want to join a smb domain on the smb pdc itself, or from another smb 
member machine.
So you could use ntlm via winbind to auth the pdc itself to the smb 
domain on the same machine.
In my case i had to create a machine account first for the pdc, after 
this done i could
join the local smb domain.
Its seems to me logical , that  you  have  to create first a machine 
accout  for the  want to join machine whatever it is nt
or smb.
Perhaps this solves your Problem.
There may other problems with this stuff too, i agree with jerry that 
you should find the
problem in the winbind.log and in the parameters of smb.conf.
I pulled up to debug level 5 to see the problems
Best Regards

Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 22 Dec 2004, Gerry Valle wrote:
 

Why would winbindd work correctly for the NT server but not for the FBSD
Samba server?  Does it request something specifically tailored only for
NT machines?  Does winbindd only work when used against NT servers?  
Any suggestions about which parameters I can adjust or check in the
smb.conf?  (I didn't change any parameters in the Linux member server's
conf, except to put the new domain name).
   

You'll need to check the winbindd log files.  All my tests work out ok.
There's nothing special about a Samba member server in a Samba domain.

cheers, jerry
- -
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc 
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQFB3HlaIR7qMdg1EfYRAjtcAJwPjrFNtbPsiSXPinmemcAKKmQMbwCguuAe
uoHfuFuSbFrok+V3by9ONOo=
=zNrt
-END PGP SIGNATURE-
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] smb vfs modules queries

[caas it]

I am using samba-3.0.7 on kernel version 2.6.5-3
(client as well as server).
I traced the exact function calling sequence when a
"mkdir" command is given at the client side.
I got stuck at the server side, 

source/smbd/vfs.c - vfs_MkDir() -
SMB_VFS_MKDIR(conn,name,mode)  (line no 357)

Could anyone please tell me exactly where is the
vfs_ops struct initialised, and which function will
actually get called in the above call, for the
described case?

Also, I set up the log level as 100 in the smb.conf
file, but the DEBUG statements in the code executed at
the client side are not seen in the log files at the
client, as they can be seen at the server side. What
needs to be done so that all these DEBUG statements
are seen in the client log files?



Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: samba Digest, Vol 25, Issue 7

[Ben Stewart]

I will be away  to the CES show in Los-Vegas Navada. 
(From Jan./5/05 returning the morning of Jan./11/05 )
If this a Repair Item or request please summit a ticket at the following
web address.
http://ts.sd57.bc.ca

Thanks
Benny.nerd

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] pdbedit syntax for forcing user to change password

[Paul Coray]

Hi all
Maybe a stupid question, but I'm not able to figure this out from the 
manpage nor from the HOWTOs...

How can I force a user to change his password at next logon?
I tried:
# pdbedit -P "user must logon to change password" -C 0 -u username
# pdbedit -u username -P "user must logon to change password" -C 0
# pdbedit -P "user must logon to change password" -C 0 username
+ these without -C 0
-> Incompatible or insufficient options on command line! Usage: [...]
When I use the command without the username argument (# pdbedit -P "user 
must logon to change password" -C 0), I get:

Account policy value for user must logon to change password was 0
Account policy value for user must logon to change password is now 0
Makes no sense to me: Which user's account policy?? Is this a bug?
I use Samba 3.0.9 with ldapsam backend.
TIA for clarifying!
Paul
--
Paul Coray
Administrator Server und Netzwerk
Oeffentliche Bibliothek der Universitaet Basel
EDV-Abteilung
Schoenbeinstrasse 18-20
CH-4056 Basel
Tel: +41 61 267 05 13
Fax: +41 61 267 31 03
mailto:[EMAIL PROTECTED]
http://www.ub.unibas.ch
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] LDAP+samba dc docs

[Koenraad Lelong]

Arno Seidel wrote:
Koenraad Lelong wrote:
Hi Koenraad,
what Distribution of SuSe do you use??
in the Enterprise server of suse you can setup a ldap-server as 
"authentification source" with yast.
p.s. the latest Enterprise Server (SuSE) is available for free download 
on novell.com/linux ...

regards

This is becoming OT, but the last I used was 9.1Pro. And I think that 
the "authentification source" means what server to use. I didn't fully 
explore this option, but as far as I remember, this didn't lead to 
setting up a server, to use as a source for authentification. Maybe SLES 
is different.
--
Met vriendelijke groeten,
Koenraad Lelong
R&D Manager
ACE electronics n.v.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] LDAP+samba dc docs

[Arno Seidel]

Koenraad Lelong wrote:
Hans du Plooy wrote:
On Thursday 06 January 2005 09:22, Koenraad Lelong wrote:
I think there was a recent post of you, which says all authentication,
including Linux, should go through LDAP. If this is correct, I think
this should be stressed in all documents concerning Samba/LDAP.

Hi ,
I did post the LDAP athentication issue, but that was to a different 
list - post content was slightly different.  SUSE offers LDAP 
authentication but I had trouble getting it setup.  Apart from samba 
I need to have other things work with LDAP too.

Thanks for your reply and to John H Terpstra
Dankie
I didn't mean you, Hans. I was referring to a post of John (Re: 
[Samba] PDC + LDAP group mappings, of 30 dec) :
>...

For the record:
=
If you use LDAP with Samba it is essential that ALL your UNIX (POSIX) 
accounts (both for users and for groups) are in the LDAP backend. 
Samba requires the SambaSAM account data also in LDAP. It is NOT 
possible with Samba to have only the SambaSAM account information in 
LDAP and not the UNIX accounts in LDAP.
...
P.S. If you succeeded in setting up an LDAP-server, did you use a 
how-to ? I'm trying to do the same, but I need to study a bit/lot 
more. I find it a shame that SuSE's Yast does not have an option (I 
know of) to setup an LDAP-server to authenticate. AFAIK you can only 
set it up to autenticate against one (i.e. a client), at installation 
time. But then, it would be too easy ;-), and maybe some finer points 
would be lost.
Hi Koenraad,
what Distribution of SuSe do you use??
in the Enterprise server of suse you can setup a ldap-server as 
"authentification source" with yast.
p.s. the latest Enterprise Server (SuSE) is available for free download 
on novell.com/linux ...

regards
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] LDAP+samba dc docs

[Koenraad Lelong]

Hans du Plooy wrote:
On Thursday 06 January 2005 09:22, Koenraad Lelong wrote:
I think there was a recent post of you, which says all authentication,
including Linux, should go through LDAP. If this is correct, I think
this should be stressed in all documents concerning Samba/LDAP.

Hi Koenraad,
I did post the LDAP athentication issue, but that was to a different list - 
post content was slightly different.  SUSE offers LDAP authentication but I 
had trouble getting it setup.  Apart from samba I need to have other things 
work with LDAP too.

Thanks for your reply and to John H Terpstra
Dankie
I didn't mean you, Hans. I was referring to a post of John (Re: [Samba] 
PDC + LDAP group mappings, of 30 dec) :
>...
For the record:
=
If you use LDAP with Samba it is essential that ALL your UNIX (POSIX) accounts 
(both for users and for groups) are in the LDAP backend. Samba requires the 
SambaSAM account data also in LDAP. It is NOT possible with Samba to have 
only the SambaSAM account information in LDAP and not the UNIX accounts in 
LDAP.
...
P.S. If you succeeded in setting up an LDAP-server, did you use a how-to 
? I'm trying to do the same, but I need to study a bit/lot more. I find 
it a shame that SuSE's Yast does not have an option (I know of) to setup 
an LDAP-server to authenticate. AFAIK you can only set it up to 
autenticate against one (i.e. a client), at installation time. But then, 
it would be too easy ;-), and maybe some finer points would be lost.
--
Met vriendelijke groeten,
Koenraad Lelong
R&D Manager
ACE electronics n.v.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba