Re: Antwort: Re: [Samba] sambaPwdMustChange
Just thanks for all for your answers. Things are now clear for me. [EMAIL PROTECTED] a écrit : with acctflags set to UX our users are not forced to changed the password, but the dialog to change the password comes up, when the password is expired. The User can cancel the dialog. So we set sambaPwdMustChange to 99 and have peace. regards MW Mathias Wohlfarth EDV-Beratung Thomas-Mann-Str.1 53111 Bonn Tel.0172 / 53 45 591 01801 / 777 555 33 01 Fax0228 / 9469181 Email[EMAIL PROTECTED] *Gustavo Lima [EMAIL PROTECTED]* Gesendet von: [EMAIL PROTECTED] 17.01.2005 16:32 An:Patrick DUBAU [EMAIL PROTECTED], samba@lists.samba.org Kopie: Thema:Re: [Samba] sambaPwdMustChange Patrick, This number is a timestamp. To figure out what day it means paste it in this url http://www.4webhelp.net/us/timestamp.php?action=stampstamp=timezone=0 To set an account to never expire it´s password you have to set sambaacctflags to [UX] Regards, Gustavo - Original Message - From: Patrick DUBAU [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Monday, January 17, 2005 1:14 PM Subject: [Samba] sambaPwdMustChange Hi, i have samba 3.0.10 installed with LDAP. I noticed few days ago that my adminsitrator account has expired. I think it's because of the sambaPwdMustChange field of LDAP. I changed the passwd now i have the value 1108741705 in it. What does it mean (when will i be prompted again to change my passwd) and do i have to put in this field so that the password will never expire ? Thanks for any help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: samba periodically access the disk even when idle ?
Wil Cooley wrote: On 2005-01-18, gary ng [EMAIL PROTECTED] wrote: does samba server access the disk periodically even it is not serving any client ? I am trying to setup a home server which is not frequently used and set the HD to spin down after 60s inactivity. But it get kicks up again apparently by samba(stoping samba and the disk won't spin up anymore). I think it is a 3 minute or so interval. Is there a way to tell it not to as I can sacrifice some performance in exchange for much less noise and some power savings. Short of a good answer, here's a guess: Logging with disk buffering. Set your loglevel to 0 and see if it stops. doesn't it also look into smb.conf periodically for changes? I'm not sure if it can be disabled, though (putting this file in ramdisk would be a solution if there is no other way to stop Samba from looking into that file). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Slow write access with Samba 3.0.10-Debian
By the way, the wait-period before the write access is committed or whatever is always precisely 30 seconds, so I believe, that there may be some timeout issue before samba is actually doing what it's supposed to do. Has anybody got an idea? -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] g] Im Auftrag von Markus Wollny Gesendet: Montag, 17. Januar 2005 18:19 An: samba@lists.samba.org Betreff: [Samba] Slow write access with Samba 3.0.10-Debian Hi! I've got a problem with write access on samba fileshares mounted via fstab on two Debian Sarge servers. These servers are behind firewalls and can only access each other, so security is not an issue. They are configured as follows: I'll use placeholders for IP-adresses, usernames, passwords etc. just out of paranoia, I do know, that these IPs do not make sense ;) the servers are server1 with the ip 123.123.123.101 and server2 with the ip 213.123.123.102 fstab-entry of server1: //123.123.123.101/service /path/to/mountpoint smbfs password=mypass,uid=myuser,gid=mygroup,fmask=666,dmask=777,rw 0 0 fstab-entry of server2: //123.123.123.102/service /path/to/mountpoint smbfs password=mypass,uid=myuser,gid=mygroup,fmask=666,dmask=777,rw 0 0 smb.conf for server1 is --- # Global parameters [global] workgroup = MYWORKGROUP netbios name = SERVER1 security = SHARE time server = Yes map to guest = Bad User guest account = myuser log level = 1 syslog = 0 socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY printcap name = cups os level = 2 default service = service printing = cups print command = lpq command = lprm command = veto files = /*.eml/*.nws/riched20.dll/*.{*}/ [service] path = /path/to/folder read only = No guest ok = Yes guest only = Yes hosts allow = All nt acl support = No hide dot files = No --- smb.conf for server2 is identical, except for netbios name = SERVER2. When I connect to Server1, cd to /path/to/mountpoint and issue echo 1234 test.txt, it takes 30 seconds before the command prompt returns. The file is written okay. An rm test.txt is executed instantaneously, as is an ls or any read-operation on a file on the mounted fileshare. It's just write-access which is always delayed by half a minute. The curious thing is, that I can connect from a windows box and just write to the fileshare like to a local drive with no noticeable delay whatsoever. The same applies to an older SuSE Linux 8.2 box with Samba version 2.2.7a-SuSE - I can write to the shares on server1 and server2 without any such delay. This leads me to the conclusion, that there must be some problem in the way, the two boxes are accessing each others' shares. Unfortunately I haven't got a clue how I could further diagnose the problem. I'd be very happy if someone could give me a hint in the right direction. Thank you very much! Kind regards Markus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] IdealX
Have IdealX.org lost their domain? it seems to have been pinched by some company selling domains. Site is partially mirrored at Idealx.com but stil links to idealx.org. Replace idealx.org urls with idealx.com but the samba downloadable stuff isn't there at the moment. Duncan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] IdealX
thats because you need to use http://www.idealx.org Duncan Brannen wrote: Have IdealX.org lost their domain? it seems to have been pinched by some company selling domains. Site is partially mirrored at Idealx.com but stil links to idealx.org. Replace idealx.org urls with idealx.com but the samba downloadable stuff isn't there at the moment. Duncan -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] IdealX
Duncan Brannen wrote: Have IdealX.org lost their domain? it seems to have been pinched by some company selling domains. Site is partially mirrored at Idealx.com but stil links to idealx.org. Replace idealx.org urls with idealx.com but the samba downloadable stuff isn't there at the moment. IdealX.org works for me from several IPs (in different locations). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] how to check IP addresses of machines in the network?
Hello, This post is similar to what I posted yesterday 'smbclient -L host to list IP addresses - possible?'. I have a PDC in one place and many workstations in different other places connected using WAN/VPN. These workstations have rather changing IPs assigned by DHCP. Sometimes I need to connect to these machines using VNC, for example, connect to machine AC-PC001 to show something to the user or fix something when a user is not there. However, smbclient -L pdc gives me only netbios names, and not IP addresses: $ smbclient -L pdc (...) Server Comment ---- AC-PC001 AC-PC002 How can I list workstations with their netbios names and corresponding IP addresses? Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] User in passdb, but getpwnam() fails!
Hi my problem is just like the subject, I could browse the shares with the same username password but I can't login to the domain, I'm using samba 3.0.2.a with ldap backend, can anyone help me with this, I know it's been posted before but I can't find a solution. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
try the tool that comes with samba (findsmb)?! Tomasz Chmielewski wrote: Hello, This post is similar to what I posted yesterday 'smbclient -L host to list IP addresses - possible?'. I have a PDC in one place and many workstations in different other places connected using WAN/VPN. These workstations have rather changing IPs assigned by DHCP. Sometimes I need to connect to these machines using VNC, for example, connect to machine AC-PC001 to show something to the user or fix something when a user is not there. However, smbclient -L pdc gives me only netbios names, and not IP addresses: $ smbclient -L pdc (...) Server Comment ---- AC-PC001 AC-PC002 How can I list workstations with their netbios names and corresponding IP addresses? Tomek -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User in passdb, but getpwnam() fails!
Adi Nugraha wrote: Hi my problem is just like the subject, I could browse the shares with the same username password but I can't login to the domain, I'm using samba 3.0.2.a with ldap backend, can anyone help me with this, I know it's been posted before but I can't find a solution. thanks -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User in passdb, but getpwnam() fails!
what is the Operating System on the samba server? Also you need to edit your nsswitch conf file, usually /etc/nsswitch.conf to have: passwd: files ldap group: files ldap Your problem is that your OS isnt looking at ldap for its user accounts, its also looking at your passwd file (/etc/passwd) Adi Nugraha wrote: Hi my problem is just like the subject, I could browse the shares with the same username password but I can't login to the domain, I'm using samba 3.0.2.a with ldap backend, can anyone help me with this, I know it's been posted before but I can't find a solution. thanks -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sync password (with MIT-kerberos server) and migration
FM == FM [EMAIL PROTECTED] writes: FM Hello turbo, It's funny that you help me in all mailing List FM connected to ldap as a backend ;-) Well, LDAP is my main/only interest now :) Use userPassword: [EMAIL PROTECTED] then ldap will 'ask' the KDC, and samba don't have to care... FM Correct me if I am wrong but : UserPassword is for unix FM password right ? Can samba use UserPassword (so in my case, FM sasl, so kerberos password) to authenticate the user ? Oh, right... Sorry, don't know (yet) how samba authenticates users... -- Waco, Texas president Khaddafi security Treasury 747 Serbian CIA nuclear Uzi explosion colonel Nazi spy Mossad [See http://www.aclu.org/echelonwatch/index.html for more about this] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Using ssh for samba authentication?
I use ssh port forwarding to connect to a samba server from Windows 2000/ XP clients. But there is an annoying part that I have to enter my password for samba shares after I already authenticated with the server using ssh. Is there any way to setup samba so in the case of ssh connections it would use already authenticated user name and would not ask for any password for shares? Regards, Igor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can't add new domain members to Samba PDC
Dear Samba List, I have been running a Samba PDC (Win 2000 XP Clients) for about 1 year without problems. Now I find I cannot add new PCs to the domain, existing accounts are working fine. It seems to be a rights issue, but I am not sure quite how to analyse it. All attempts to add a computer account result in unknown user or wrong password (translated from German, may not be quite exact in English), although this user can and does login and use shares OK including those that have only ntadmins access rights. I have, always used this user account for this purpose and it worked in the past. I am running Samba 3.0.10-1.fc2 on Fedora Core 2. Your help would be appreciated. Robert von Knobloch Sample log (loglevel=10) from a single attempt to bring a new pc into the domain (NetBIOS Names: Domain = KNOBLOCH, Computer = SCHLEPPTOP) User = bob, member of group ntadmins: Start schlepptop.log: [2005/01/18 11:20:44, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/01/18 11:20:44, 5] auth/auth_util.c:free_server_info(1344) attempting to free (and zero) a server_info structure [2005/01/18 11:20:44, 3] smbd/reply.c:reply_ulogoffX(1249) ulogoffX vuid=100 [2005/01/18 11:20:44, 5] lib/util.c:show_msg(486) [2005/01/18 11:20:44, 5] lib/util.c:show_msg(496) size=39 smb_com=0x74 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=65279 smb_uid=100 smb_mid=1728 smt_wct=2 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=0 (0x0) smb_bcc=0 [2005/01/18 11:20:44, 6] lib/util_sock.c:write_socket(449) write_socket(5,43) [2005/01/18 11:20:44, 6] lib/util_sock.c:write_socket(452) write_socket(5,43) wrote 43 [2005/01/18 11:20:44, 10] lib/util_sock.c:read_smb_length_return_keepalive(505) got smb length of 35 [2005/01/18 11:20:44, 6] smbd/process.c:process_smb(1090) got message type 0x0 of len 0x23 [2005/01/18 11:20:44, 3] smbd/process.c:process_smb(1091) Transaction 29 of length 39 [2005/01/18 11:20:44, 5] lib/util.c:show_msg(486) [2005/01/18 11:20:44, 5] lib/util.c:show_msg(496) size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=1792 smt_wct=0 smb_bcc=0 [2005/01/18 11:20:44, 3] smbd/process.c:switch_message(886) switch message SMBtdis (pid 12191) conn 0x8919948 [2005/01/18 11:20:44, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/01/18 11:20:44, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2005/01/18 11:20:44, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/01/18 11:20:44, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/01/18 11:20:44, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/01/18 11:20:44, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2005/01/18 11:20:44, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/01/18 11:20:44, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/01/18 11:20:44, 3] smbd/service.c:close_cnum(836) schlepptop (192.168.1.177) closed connection to service IPC$ [2005/01/18 11:20:44, 3] smbd/connection.c:yield_connection(69) Yielding connection to IPC$ [2005/01/18 11:20:44, 4] smbd/vfs.c:vfs_ChDir(654) vfs_ChDir to / [2005/01/18 11:20:44, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/01/18 11:20:44, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2005/01/18 11:20:44, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/01/18 11:20:44, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/01/18 11:20:44, 5] lib/util.c:show_msg(486) [2005/01/18 11:20:44, 5] lib/util.c:show_msg(496) size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=1792 smt_wct=0 smb_bcc=0 [2005/01/18 11:20:44, 6] lib/util_sock.c:write_socket(449) write_socket(5,39) [2005/01/18 11:20:44, 6] lib/util_sock.c:write_socket(452) write_socket(5,39) wrote 39 [2005/01/18 11:20:44, 10] lib/util_sock.c:read_socket_data(378) read_socket_data: recv of 4 returned 0. Error = Success [2005/01/18 11:20:44, 10] lib/util_sock.c:receive_smb_raw(556) receive_smb_raw: length 0! [2005/01/18 11:20:44, 3] smbd/process.c:timeout_processing(1336) timeout_processing: End of file from client (client has disconnected). [2005/01/18 11:20:44, 5] lib/gencache.c:gencache_shutdown(88) Closing cache file [2005/01/18 11:20:44, 5] libsmb/namecache.c:namecache_shutdown(79) namecache_shutdown: netbios namecache closed
Re: [Samba] Multiple winbindd processes
Hi, I finally made the patch and uploaded it. You can access it at the following URL: http://www.sridharv.net/samba/patch-multwinbinddpr-vs-3.0.11pre1.diff The patch is against the samba 3.0.11pre1 release. It should work against 3.0.9 and 3.0.10 as well but I haven't tried it. cd-ing into the source directory and using patch -p1 should do the trick. Please read the REAME.winbind-patch file in the nsswitch directory before you start using this patch. If you find any bugs or you think of any improvements then please let me know :) Thanks Sridhar [EMAIL PROTECTED] wrote: On Tuesday 11 January 2005 06:16, [EMAIL PROTECTED] wrote: Hi, I had posted in the technical list about this sometime back. However, I don't think anything was available at that time, so I went ahead and wrote a small patch that allows multiple winbindd process to run at the same time :) . What it does is to create a seperate pipe for each winbindd process. However, this would need a patch for the nss library as well and I've only worked out a patch for the linux nss library. I'd also added a couple of extra parameters to the smb.conf file that allowed for specification of a list of domains that could be veto-ed or allowed. I could send you the patch if you're interested. I'm really interested. Thank you :-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
Daniel Wilson wrote: try the tool that comes with samba (findsmb)?! Tomasz Chmielewski wrote: Hello, This post is similar to what I posted yesterday 'smbclient -L host to list IP addresses - possible?'. I have a PDC in one place and many workstations in different other places connected using WAN/VPN. These workstations have rather changing IPs assigned by DHCP. Sometimes I need to connect to these machines using VNC, for example, connect to machine AC-PC001 to show something to the user or fix something when a user is not there. However, smbclient -L pdc gives me only netbios names, and not IP addresses: use smbstatus: PRiSM# smbstatus Samba version 3.0.7 PID Username Group Machine --- 16082 xxx sm (192.168.65.1) 14557 x thejudge (192.168.64.190) $ smbclient -L pdc (...) Server Comment ---- AC-PC001 AC-PC002 How can I list workstations with their netbios names and corresponding IP addresses? Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
Daniel Wilson wrote: try the tool that comes with samba (findsmb)?! well, it doesn't work for me or I use it in a wrong way: # smbclient -L serwer (...) Server Comment ---- PIOTRO SERWER So 2 machines. Now I run findsmb: # findsmb IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION - 192.168.1.1SERWER *[FRYSZTACKA] [Unix] [Samba 2.2.8a] So one name and IP only. Now I add broadcast, and still one host only. # findsmb 192.168.1.255 IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION -B 192.168.1.255 - 192.168.1.1SERWER *[FRYSZTACKA] [Unix] [Samba 2.2.8a] The second host is reachable, I can ping it and do smbclient -L PIOTRO. Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
Thomas M. Skeren III wrote: Daniel Wilson wrote: try the tool that comes with samba (findsmb)?! Tomasz Chmielewski wrote: Hello, This post is similar to what I posted yesterday 'smbclient -L host to list IP addresses - possible?'. I have a PDC in one place and many workstations in different other places connected using WAN/VPN. These workstations have rather changing IPs assigned by DHCP. Sometimes I need to connect to these machines using VNC, for example, connect to machine AC-PC001 to show something to the user or fix something when a user is not there. However, smbclient -L pdc gives me only netbios names, and not IP addresses: use smbstatus: PRiSM# smbstatus This will list workstations that are currently connected to Samba server; if the workstation is not connected to Samba, it won't be shown with smbstatus. So this method is not good for me. # smbclient -L serwer (...) Server Comment ---- PIOTRO SERWER # smbstatus Samba version 2.2.8a Service uid gid pid machine -- No locked files Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple winbindd processes
I forgot to add the Makefile.in changes to the patch. I've uploaded the fixed version at the same URL. Thanks Sridhar Sridhar Venkatakrishnan wrote: Hi, I finally made the patch and uploaded it. You can access it at the following URL: http://www.sridharv.net/samba/patch-multwinbinddpr-vs-3.0.11pre1.diff The patch is against the samba 3.0.11pre1 release. It should work against 3.0.9 and 3.0.10 as well but I haven't tried it. cd-ing into the source directory and using patch -p1 should do the trick. Please read the REAME.winbind-patch file in the nsswitch directory before you start using this patch. If you find any bugs or you think of any improvements then please let me know :) Thanks Sridhar [EMAIL PROTECTED] wrote: On Tuesday 11 January 2005 06:16, [EMAIL PROTECTED] wrote: Hi, I had posted in the technical list about this sometime back. However, I don't think anything was available at that time, so I went ahead and wrote a small patch that allows multiple winbindd process to run at the same time :) . What it does is to create a seperate pipe for each winbindd process. However, this would need a patch for the nss library as well and I've only worked out a patch for the linux nss library. I'd also added a couple of extra parameters to the smb.conf file that allowed for specification of a list of domains that could be veto-ed or allowed. I could send you the patch if you're interested. I'm really interested. Thank you :-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] browse list problem
Hi! I use samba 3.0.10 in FreeBSD 4.10 and I've some problem with browse list. The network were I'm supervisor contains about 50 XP box, 1 FreeBSD (DHCP+WINS server) and 1 Debian box (samba 3.0.10 ) which is a large file server. I've tryed many version of samba (3.X) but the problem is still here. Log files says nothing (loglevel MAX). Browse list die very often and I must restart samba in freeBSD box. -All clients use hibryd nodes and dhcp allocate this + the wins server address. -There is a simple workgroup , clients not enter any DOMAIN. -FreeBSD Samba box is preferred master, there are some lines from the config global section: security = share wins support = yes name resolve order = wins lmhosts hosts bcast wins proxy = no os level = 999 domain master = yes local master = yes preferred master = yes domain logons = no Anyone have a good idea what cause crash of the browse list? Thanks : XelNega -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] IdealX
Cheers, Looks like our dns servers picked up an extra Authorative source for idealx.org ; DiG 9.2.1 www.idealx.org ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 55053 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.idealx.org.IN A ;; ANSWER SECTION: www.idealx.org. 74634 IN A 12.47.46.198 ;; AUTHORITY SECTION: idealx.org. 74630 IN NS launtra.fumble.org. idealx.org. 74630 IN NS sarajevo.idealx.com. ;; ADDITIONAL SECTION: launtra.fumble.org. 74631 IN A 12.47.46.198 sarajevo.idealx.com.161032 IN A 213.41.87.90 ;; Query time: 18 msec ;; SERVER: 138.251.66.46#53(138.251.66.46) ;; WHEN: Tue Jan 18 12:26:12 2005 ;; MSG SIZE rcvd: 142 Using nslookup against sarajevo.idealx.org gives me the correct address. Noone else affected by this then? Duncan At 09:56 18/01/2005, Tomasz Chmielewski wrote: Duncan Brannen wrote: Have IdealX.org lost their domain? it seems to have been pinched by some company selling domains. Site is partially mirrored at Idealx.com but stil links to idealx.org. Replace idealx.org urls with idealx.com but the samba downloadable stuff isn't there at the moment. IdealX.org works for me from several IPs (in different locations). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] sambaPwdMustChange
Another time converter is a perl script amtime.pl that can be used in shell scripts to convert back and forth between seconds and human readable time. http://www.unixreview.com/documents/s=1344/ur0307g/ur0307g_script.htm Kent N Patrick, This number is a timestamp. To figure out what day it means paste it in this url http://www.4webhelp.net/us/timestamp.php?action=stampstamp=timezone=0 To set an account to never expire it´s password you have to set sambaacctflags to [UX] Regards, Gustavo - Original Message - From: Patrick DUBAU [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Monday, January 17, 2005 1:14 PM Subject: [Samba] sambaPwdMustChange Hi, i have samba 3.0.10 installed with LDAP. I noticed few days ago that my adminsitrator account has expired. I think it's because of the sambaPwdMustChange field of LDAP. I changed the passwd now i have the value 1108741705 in it. What does it mean (when will i be prompted again to change my passwd) and do i have to put in this field so that the password will never expire ? Thanks for any help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
Thomas M. Skeren III wrote: use smbstatus: PRiSM# smbstatus This will list workstations that are currently connected to Samba server; if the workstation is not connected to Samba, it won't be shown with smbstatus. So this method is not good for me. I thought you had a PDC. If so then when users log on, they will create an smb connection to the PDC. Yes, I have a PDC, but also BDCs. PDC is somewhere else behind WAN/VPN. So if users connect, they connect to the BDC in their respective office. But even then I think smbstatus will show nothing some time after they are logged in, and certainly won't show anything if they are logged out. smbclient -L PDC, however, will show all the machines in all offices (but without IP addresses). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] migration from 2.2.4 to 3.0.10
hi all, I want to migrate my samba 2.2.4 pdc with roaming profiles and shares to a new installed samba 3.0.10 pdc. How must I go on to migrate my users and their profiles from the old server (with smbpasswd) to the new pdc running with ldap-passbackend with out loosing the profiles and passwords? For the share´s and profile´s data I´m using rsync but what about the NTUSER.dat? Does the net vampire work with 2.2.4? Are there any howtos for this special case? Thanks in advance, -Peter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba-3.0.10 in solaris10
Hi, I am buying a server SUN with 4 processor and work with solaris 10, and I am going to install samba-3.0.10-sol10-sparc-local.gz. Please: I would like to know if this version of samba is multi task (work with more one processor) or if all sons trials work in only one processor) Thank you for answer Alexandre Salomé -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] IdealX
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Duncan Brannen wrote: | Using nslookup against sarajevo.idealx.org gives me | the correct address. | | Noone else affected by this then? I see it as well. I'll contact the developers. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7Q9SIR7qMdg1EfYRAqsJAKDpy2TNRHgb9DfKBTsxZREs9YQ/WwCg6O2K L1mGAeg1HAtPjcUnof1UQoc= =O09I -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
Thomas M. Skeren III wrote: Tomasz Chmielewski wrote: Well, I run ISC-DHCP so when all else fails I check /var/db/dhcpd.leases. All dhcp servers that I know of, have a way to check leases. The problem is, DHCP server is in my case a small Linksys router box. It's rather problematic to check leases there. Second problem, I have several of these devices, so checking would be even more troublesome. So, if there is no better way, I think I would have to check wins.dat file on a PDC machine (it's also w WINS server), it seems to have a copy of all netbios names with corresponding IPs. It's not very readable, but with some parsing I think I will have what I want (as a html page even to make things easier). But what if someone like me doesn't use WINS? smbclient -L would be great if it could show IP addresses, too. Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] can't access directory although group is listen in ACL
Hi, we are running Samba 3.0.10 on Solaris 8. I compiled Samba with ACL support. Our Samba server is connected to our Windows 2000 AD-Domain as a member server. wbinfo -u and wbinfo -g are working fine, so that I can see all our Windows user and groups. Using getent group lists only my Unix groups and just one Windows group. And now I have the following problem when accessing a directory in our main-share data. One of my colleagues created the directory staff-dir within the share. He added the Windows-group DOMAIN+staff to the ACL, using the Windows ACL-dialog, to gain full access. We are both members of the group DOMAIN+staff, but I'm not allowed to access. I get the error message access denied. TIA Sven -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Curious timestamp bug in samba???
Testing indicates that when a file located on a linux samba share is modified from a windows client, the creation date is modified along with the modification date. It appears that samba doesn't differentiate between the two? I know it's relatively minor in the great scheme of things, but we have seen a few complaints regarding this behavior. Any feedback would be welcome. Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Unable to connect to smb shares from second machine in workgroup
So you are connecting, but it seems to be rejecting just the password. That is odd. Are you sure the username is valid? What if you use Explorer and input \\earth\web? It should prompt you for a user and password? What if you create a new user on earth and dry to connect as the new user? -Ed :: Ed Holden :: Administrator, Research Information Systems :: McLean Hospital :: Tel: (617) 855-2822 :: Web: http://research.mclean.harvard.edu/ris Andrew DeFaria wrote: I upped the log level to 5 and restarted Samba. From Starbase I did a simple: C:\ net use w: \\earth\web Enter the user name for 'earth': System error 1223 has occurred. The operation was canceled by the user. The password is invalid for \\earth\web. The logfile follows. It seems clear that it's confused as to which user is requesting access and I get mapped to nobody (but I'm not nobody! I'm not, I'm not, I'm not!). [2005/01/17 20:23:31, 5] smbd/connection.c:claim_connection(156) claiming 0 [2005/01/17 20:23:31, 5] smbd/reply.c:reply_special(152) init msg_type=0x81 msg_flags=0x0 [2005/01/17 20:23:31, 3] smbd/process.c:process_smb(878) Transaction 1 of length 137 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(275) size=133 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51283 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(281) smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=0 smt_wct=0 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(291) smb_bcc=98 [2005/01/17 20:23:31, 3] smbd/process.c:switch_message(685) switch message SMBnegprot (pid 15356) [2005/01/17 20:23:31, 3] smbd/sec_ctx.c:set_sec_ctx(329) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/01/17 20:23:31, 5] smbd/uid.c:change_to_root_user(217) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(342) Requested protocol [PC NETWORK PROGRAM 1.0] [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(342) Requested protocol [LANMAN1.0] [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(342) Requested protocol [Windows for Workgroups 3.1a] [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(342) Requested protocol [LM1.2X002] [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(342) Requested protocol [LANMAN2.1] [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(342) Requested protocol [NT LM 0.12] [2005/01/17 20:23:31, 3] smbd/negprot.c:reply_negprot(426) Selected protocol NT LM 0.12 [2005/01/17 20:23:31, 5] smbd/negprot.c:reply_negprot(433) negprot index=5 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(275) size=86 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(281) smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=0 smt_wct=17 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[0]=5 (0x5) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[1]=12803 (0x3203) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[2]=256 (0x100) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[3]=1024 (0x400) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[4]=65 (0x41) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[5]=0 (0x0) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[6]=256 (0x100) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[7]=64512 (0xFC00) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[8]=59 (0x3B) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[9]=63744 (0xF900) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[10]=227 (0xE3) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[11]=32768 (0x8000) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[12]=16227 (0x3F63) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[13]=5495 (0x1577) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[14]=50429 (0xC4FD) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[15]=57345 (0xE001) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[16]=2049 (0x801) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(291) smb_bcc=17 [2005/01/17 20:23:31, 3] smbd/process.c:process_smb(878) Transaction 2 of length 150 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(275) size=146 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=18439 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(281) smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=64 smt_wct=13 [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[0]=117 (0x75) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[1]=115 (0x73) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[2]=16644 (0x4104) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[3]=50 (0x32) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[4]=0 (0x0) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[5]=15356 (0x3BFC) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286) smb_vwv[6]=0 (0x0) [2005/01/17 20:23:31, 5] lib/util.c:show_msg(286)
Re: [Samba] Using ssh for samba authentication?
On Tuesday 18 January 2005 12:20, Igor Bukanov wrote: I use ssh port forwarding to connect to a samba server from Windows 2000/ XP clients. But there is an annoying part that I have to enter my password for samba shares after I already authenticated with the server using ssh. Is there any way to setup samba so in the case of ssh connections it would use already authenticated user name and would not ask for any password for shares? How do you do the port forwarding? I have a few ideas, but need too see how you start/initiate the tunnel(s). -- Truls Løkholm Bergli Student og Undervisnings Tjenester IT-avdelinga Uitø -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] [Fwd: password quality compliance]
I would also like to see a force strong password feature added. Thanks, Chris -Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Gerald (Jerry) Carter Sent: Monday, January 17, 2005 9:01 AM To: [EMAIL PROTECTED] Cc: samba@lists.samba.org Subject: Re: [Samba] [Fwd: password quality compliance] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 fandino wrote: | | ok, I will do a more direct question. | | How is supposed Samba will prevent users from selecting | weak passwords? There have been several variants opf patches that would allow smbd to use the libcrack library to enforce string passwords. The final agreed upon design was never implemented to my knowlege (at least I don't remember seeing a patch). What we need is just a hook that allows you to call an external script to check the password strength. Would be very easy to do. The main issue would be good error returns from the script to smbd (such as dictionary word, password to short, etc...) and then translating these to an NTSTATUS error code for the client. If you are interested in implementing this, I'd take it up on the samba-technical mailing list. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Users with changed passwords can't log on remotely (but can locally)
(I submitted this last week, but hopefully someone who knows the intricacies of secrets.tdb and machine migrations will read this ...) I migrated a complete Samba configuration from an old server to a new one, including the entire /etc/samba directory and all user accounts. At first, no clients were aware that anything had changed. But when I changed the passwords of two users they suddenly couldn't connect. Doesn't matter whether it's the old or new password - Samba rejects it as invalid. I even tried to change the passwords back to what they were, with no success. Oddly, they can both connect fine from the server itself when I do this: smbclient -L 127.0.0.1 -U username Password: ... But when I issue the same command from a remote machine, it fails: smbclient -L servername.domain.com -U username Password: session setup failed: NT_STATUS_LOGON_FAILURE Local OK, remote bad. It boggles the mind. Here are some things I've tried: - I made sure that the UIDs all match. - I made sure that the new server has the old server's local SID, and that the users' SIDs matched the machine SID. - I disabled the firewall. - I made sure the old server is off. So this really is a case of Samba rejecting a login for a remote machine but allowing the same login locally - but only for users with changed passwords. It's version 3.0.2a, which came with Yellow Dog Linux. I'm guessing it's something in the secrets.tdb database, though when I delete the database and Samba recreates it, the problems are not solved. Anyone ever seen anything like this? Thanks in advance, Ed -- :: Ed Holden :: Administrator, Research Information Systems :: McLean Hospital :: Tel: (617) 855-2822 :: Web: http://research.mclean.harvard.edu/ris Any information, including protected health information (PHI), transmitted in this email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential and or exempt from disclosure under applicable Federal or State law. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon, protected health information (PHI) by persons or entities other than the intended recipient is prohibited. If you received this email in error, please contact the sender and delete the material from any computer. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Ed Holden wrote: I migrated a complete Samba configuration from an old server to a new one, including the entire /etc/samba directory and all user accounts. At first, no clients were aware that anything had changed. But when I changed the passwords of two users they suddenly couldn't connect. Anyone ever seen anything like this? Could you try joining to domain (I assume you have some PDC?) from the workstation the user can't log in once again? Maybe there are troubles with machine passwords, joining domain once again should solve it, or there are two or more machines in LAN with the same netbios name etc. Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using ssh for samba authentication?
Truls Løkholm Bergli wrote: On Tuesday 18 January 2005 12:20, Igor Bukanov wrote: I use ssh port forwarding to connect to a samba server from Windows 2000/ XP clients. But there is an annoying part that I have to enter my password for samba shares after I already authenticated with the server using ssh. Is there any way to setup samba so in the case of ssh connections it would use already authenticated user name and would not ask for any password for shares? How do you do the port forwarding? Using either cygwin ssh port and running from command prompt on windows box: ssh -L 139:127.0.0.1:139 [EMAIL PROTECTED] or via similar configuration using PuTTY Regards, Igor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using ssh for samba authentication?
On Tue, 18 Jan 2005 15:29:59 +0100, Truls L#248;kholm Bergli [EMAIL PROTECTED] said: On Tuesday 18 January 2005 12:20, Igor Bukanov wrote: I use ssh port forwarding to connect to a samba server from Windows 2000/ XP clients. But there is an annoying part that I have to enter my password for samba shares after I already authenticated with the server using ssh. Is there any way to setup samba so in the case of ssh connections it would use already authenticated user name and would not ask for any password for shares? How do you do the port forwarding? Using either cygwin ssh port and running from command prompt on windows box: ssh -L 139:127.0.0.1:139 [EMAIL PROTECTED] or via similar configuration using PuTTY Regards, Igor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Actually it's not a PDC. Most of the clients are Mac OS X, with a few Windows machines here and there, so no client machines are actually joined to the domain. The issue is purely with connecting. -Ed :: Ed Holden :: Administrator, Research Information Systems :: McLean Hospital :: Tel: (617) 855-2822 :: Web: http://research.mclean.harvard.edu/ris Tomasz Chmielewski wrote: Ed Holden wrote: I migrated a complete Samba configuration from an old server to a new one, including the entire /etc/samba directory and all user accounts. At first, no clients were aware that anything had changed. But when I changed the passwords of two users they suddenly couldn't connect. Anyone ever seen anything like this? Could you try joining to domain (I assume you have some PDC?) from the workstation the user can't log in once again? Maybe there are troubles with machine passwords, joining domain once again should solve it, or there are two or more machines in LAN with the same netbios name etc. Tomek Any information, including protected health information (PHI), transmitted in this email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential and or exempt from disclosure under applicable Federal or State law. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon, protected health information (PHI) by persons or entities other than the intended recipient is prohibited. If you received this email in error, please contact the sender and delete the material from any computer. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Curious timestamp bug in samba???
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Christian Merrill wrote: | Testing indicates that when a file located on a linux | samba share is modified from a windows client, the creation | date is modified along with the modification date. It | appears that samba doesn't differentiate between the two? | I know it's relatively minor in the great scheme of | things, but we have seen a few complaints regarding | this behavior. Any feedback would be welcome. See 'man 2 stat'. This is one of the semantic differences between UNIX file systems and Win32 ones. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7STwIR7qMdg1EfYRAgvUAJwI213RzNe856f4HztjSGmT4963bgCguMaD DucKexq8MiYrQyChmPrJQLw= =6qEi -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem adding user to Administrator list
Hi, all, We are using Samba 3.0.10 with an LDAP backend. It's been working fine for a long time. One strange thing that has come up today : I cannot add 1 specific domain user to the local Administrator group of Windows servers that are also in the domain. Adding the user to the admin group on a workstation works just fine. Adding other users to the admin group on the Windows servers works fine as well. It is just this one user that is being refused. This is the logging from Samba : (for the failing user edockx) [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx This is the logging for another user : [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez Any thoughts ? (Sorry about the lengthy message) Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem adding user to Administrator list - part 2
It gets even weirder than that : it seems that this particular user has not been authentication against the PDC for some time now; (so, using cached data from his pc) If he tries to log on to another machine in the domain, the machine complaints that the domain is not available. (The system cannot log you on now because the domain PEOPLEWARE is not available) NO entries are being made in the samba logs. Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 18/01/2005 16:09 To samba@lists.samba.org cc Subject [Samba] Problem adding user to Administrator list Hi, all, We are using Samba 3.0.10 with an LDAP backend. It's been working fine for a long time. One strange thing that has come up today : I cannot add 1 specific domain user to the local Administrator group of Windows servers that are also in the domain. Adding the user to the admin group on a workstation works just fine. Adding other users to the admin group on the Windows servers works fine as well. It is just this one user that is being refused. This is the logging from Samba : (for the failing user edockx) [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx This is the logging for another user : [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez Any thoughts ? (Sorry about the lengthy message) Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14
Re: [Samba] Curious timestamp bug in samba???
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Christian Merrill wrote: | Testing indicates that when a file located on a linux | samba share is modified from a windows client, the creation | date is modified along with the modification date. It | appears that samba doesn't differentiate between the two? | I know it's relatively minor in the great scheme of | things, but we have seen a few complaints regarding | this behavior. Any feedback would be welcome. See 'man 2 stat'. This is one of the semantic differences between UNIX file systems and Win32 ones. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7STwIR7qMdg1EfYRAgvUAJwI213RzNe856f4HztjSGmT4963bgCguMaD DucKexq8MiYrQyChmPrJQLw= =6qEi -END PGP SIGNATURE- I'm an idiot, thanks for the quick feedback. Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NetBIOS across subnets
Hi all, I would like two Samba servers to be able to talk to each other via NetBIOS. The problem is that they are on two different subnets. I have enabled broadcast ping on the routers, and the servers can each ping the other subnet with no trouble. The two relevant IPs are 192.168.1.101 and 192.168.2.3. There is a T1 between two Cisco routers, and IP routing is all set up. Currently 192.168.1.x is the CORP domain. Samba PDC is acting as the WINS server. 192.168.2.x is the FURN server, and its Samba PDC is acting as its WINS server. My Windows systems in CORP can browse to the FURN domain and see systems in it. My Windows systems in FURN can browse to the CORP domain but can't see any systems in it. Neither of my PDCs can see the other, so they cannot establish a trust. Relevant settings for CORP PDC are: wins support = yes os level = 100 preferred master = yes domain master = yes remote announce = 192.168.2.255/CORP remote browse sync = 192.168.2.255 name resolve order = bcast wins lmhosts host (there is no lmhosts or host) allow trusted domains = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Relevant settings for FURN PDC are: os level = 99 dns proxy = Yes wins support = Yes wins proxy = Yes os level = 100 preferred master = yes domain master = yes local master = yes remote announce = 192.168.1.255/FURN remote browse sync = 192.168.1.255 # I put this one in to try to get it to hear the other server's broadcasts -- did not work interfaces = 127.0.0.1 192.168.2.3/255.255.0.0 name resolve order = bcast wins lmhosts host allow trusted domains = yes Both servers are 3.0.11pre1. Both are DHCP servers as well. They are pushing out netbios server settings to the clients as follows: CORP: option netbios-name-servers 192.168.1.101, 192.168.2.3; option netbios-node-type 8; FURN: option netbios-name-servers 192.168.2.3; option netbios-node-type 8; The fact that FURN is not giving out CORP as a netbios server might be significant why the users can't see CORP's computers, but it doesn't explain why the domains can't see each other. If anybody has any information on how I can make this work I would love it. I did look in Samba 3 By Example but it doesn't really go into the networking side of it at all. Thanks, Misty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem adding user to Administrator list - part 2
[EMAIL PROTECTED] wrote: It gets even weirder than that : it seems that this particular user has not been authentication against the PDC for some time now; (so, using cached data from his pc) If he tries to log on to another machine in the domain, the machine complaints that the domain is not available. (The system cannot log you on now because the domain PEOPLEWARE is not available) NO entries are being made in the samba logs. I had similar symptoms when there were problems with name resolution and too restrictive firewall (The system cannot log you on now because the domain PEOPLEWARE is not available, NO entries are being made in the samba logs). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] sambaPwdMustChange
Does this flag now do something? Last I checked, X was unused. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 17 Jan 2005, Gustavo Lima wrote: Patrick, This number is a timestamp. To figure out what day it means paste it in this url http://www.4webhelp.net/us/timestamp.php?action=stampstamp=timezone=0 To set an account to never expire it´s password you have to set sambaacctflags to [UX] Regards, Gustavo - Original Message - From: Patrick DUBAU [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Monday, January 17, 2005 1:14 PM Subject: [Samba] sambaPwdMustChange Hi, i have samba 3.0.10 installed with LDAP. I noticed few days ago that my adminsitrator account has expired. I think it's because of the sambaPwdMustChange field of LDAP. I changed the passwd now i have the value 1108741705 in it. What does it mean (when will i be prompted again to change my passwd) and do i have to put in this field so that the password will never expire ? Thanks for any help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] lpq: Unknown destination pdf!
What I do personally is use the print spooler software to create PDF's, not Samba, so my destination actually exists. You could create a print queue called PDF that does nothing... or probably changing your lpq command would work, but I believe that's still global. Just some ideas. check 'man smb.conf' to test them. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 17 Jan 2005, Gregor Guncar wrote: Hi! How can I get rid off lpq: Unknown destination pdf! warning message in my /var/log/samba/smbd file. I have a pdf maker defined in my smb.conf as follows and it works allright: ... [pdf] comment = PDF creator printing = bsd path = /var/tmp printable = yes print command = /usr/bin/smbprngenpdf -J '%J' -c %c -s %s -u '%u' -z %z create mask = 0600 browseable = no guest ok = no Thank you, Gregor -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NetBIOS across subnets
Misty Stanley-Jones wrote: Hi all, I would like two Samba servers to be able to talk to each other via NetBIOS. The problem is that they are on two different subnets. I have enabled broadcast ping on the routers, and the servers can each ping the other subnet with no trouble. The two relevant IPs are 192.168.1.101 and 192.168.2.3. There is a T1 between two Cisco routers, and IP routing is all set up. Currently 192.168.1.x is the CORP domain. Samba PDC is acting as the WINS server. 192.168.2.x is the FURN server, and its Samba PDC is acting as its WINS server. In my opinion, it is wrong. On one server, set: wins support = yes On the other: wins server = 192.168.5.2 # (IP of the first one) wins proxy = yes Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Smbmount and permission denied
Hello, Note that I found many place with similar problem, but I don't understand any solution. Can you help me ? I use Samba 3.0.10 on a Suse 8.2. My goal is to mount a shared directory from a XP machine to a directory on my linux. * I have created a directory in order to mount the XP directory * a ls -l show me this directory * I mount the XP directory with a valid command : smbmount //be2a03xc/pmlist /home/team/monsysrv -o username=NT_user,password=NT_password,workgroup=BE001 * This command gives no error message and mount command shows me that all seems to be correct. * When I do a ls -l, I see no more this directory, but I can enter in it with cd * a ls -l of this directory gives me permission denied. * strange ? No ? If you have any tips or additional question in order to solve this very strange problem, do not hesitate to respond to me. Kind regards, François -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NetBIOS across subnets
Tomasz Chmielewski wrote: Currently 192.168.1.x is the CORP domain. Samba PDC is acting as the WINS server. 192.168.2.x is the FURN server, and its Samba PDC is acting as its WINS server. In my opinion, it is wrong. On one server, set: wins support = yes On the other: wins server = 192.168.5.2 # (IP of the first one) wins proxy = yes you will also have to allow certain hosts/subnets on each server: hosts allow = 192.168.0. 192.168.5.2 127.0.0.1 Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem adding user to Administrator list - part 2
Ok, I disabled the win firewall on the machine,and indeed I got another :-( error message 'A device attached to this system is not functioning' Trying another user on the same machine without changing anything (on the same login window) : no problem Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be Tomasz Chmielewski [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 18/01/2005 16:35 To samba@lists.samba.org cc Subject Re: [Samba] Problem adding user to Administrator list - part 2 [EMAIL PROTECTED] wrote: It gets even weirder than that : it seems that this particular user has not been authentication against the PDC for some time now; (so, using cached data from his pc) If he tries to log on to another machine in the domain, the machine complaints that the domain is not available. (The system cannot log you on now because the domain PEOPLEWARE is not available) NO entries are being made in the samba logs. I had similar symptoms when there were problems with name resolution and too restrictive firewall (The system cannot log you on now because the domain PEOPLEWARE is not available, NO entries are being made in the samba logs). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Smbmount and permission denied
MATHIEU FRANCOIS-XAVIER wrote: Hello, Note that I found many place with similar problem, but I don't understand any solution. Can you help me ? I use Samba 3.0.10 on a Suse 8.2. On SuSE 9.2 I use mount -t smbfs -U=user //machine_name/share /local/directory. I think that's the right structure. Sorry don't use linux much. My goal is to mount a shared directory from a XP machine to a directory on my linux. * I have created a directory in order to mount the XP directory * a ls -l show me this directory * I mount the XP directory with a valid command : smbmount //be2a03xc/pmlist /home/team/monsysrv -o username=NT_user,password=NT_password,workgroup=BE001 * This command gives no error message and mount command shows me that all seems to be correct. * When I do a ls -l, I see no more this directory, but I can enter in it with cd * a ls -l of this directory gives me permission denied. * strange ? No ? If you have any tips or additional question in order to solve this very strange problem, do not hesitate to respond to me. Kind regards, François -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NetBIOS across subnets
Misty Stanley-Jones wrote: On Tuesday 18 January 2005 10:49, Tomasz Chmielewski wrote: In my opinion, it is wrong. On one server, set: wins support = yes On the other: wins server = 192.168.5.2 # (IP of the first one) wins proxy = yes I did this, and I think it MIGHT have worked. Not sure. I get this: oink:/usr/local/samba/var/locks # net rpc trustdom establish furn Password: Could not connect to server FURNSRV Trust to domain FURN established urnsrv:/usr/local/samba/var/locks # net rpc trustdom establish corp Password: Could not connect to server CORPSRV Trust to domain CORP established How in the world do I know if it worked or not. Going to check it now. Either way those errors certainly are sending mixed signals. It only will let me connect as a guest. I don't know if that's the expected behavior -- need to read more. The more important this is being able to join a domain on a different subnet, as that is what needs to happen when I combine the two domains into one. don't know about joining a domain from another network - never tried. I only tried joining the same domain (although in a different network). This is how it works for me: In the Network neighbourhood of your windows machine you should see hosts from both networks. smbclient -L server should list hosts from each network. Another problem you might have is too restrictive firewall between the two subnets - you will see the hosts, will be able to browse, but won't be able to join the domain. Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Trying to get my local profile to sync with my roaming profile
I am having a problem getting my original local profile to sync with my new roaming profile on a FC2 samba 3.0.9 server. I have a user called John Doe who logs into a machine as a local user. In samba his name is jdoe and I use the smbusers file to map him to John Doe. When I decided to move from a workgroup set up to a domain setup my problem is now the roaming profile domain/jdoe does not sync with the localmahine/John Doe account. Does anyone have an answer to this issue? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Tutorial: Samba as NT4 Primary Domain Controller
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I'm writing a tutorial with which people can easily setup a Samba machine as a NT4 Primary Domain Controller (using CentOS 3). I'm handling just about everything that's related: - - NTP - - DHCP - - Samba - - SNMP and more... Note that this is only a preliminary version, it may contain errors. But I'd really appriciate any kind of feedback! http://members.home.nl/keizerflipje/sambapdc/samba.pdf Regards, Pascal de Bruijn -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7TweOauq/dYfFnQRAkOrAJ4hw02FRd0ejYXuq6KurKMvDJ8qogCdGZwL +ojQNeI6ERjtQzBEgHPnCAg= =joRI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: samba periodically access the disk even when idle ?
I have already tried to put smb.conf to /tmp which is mounted to tmpfs but the disk access continues. I have no idea why. --- Tomasz Chmielewski [EMAIL PROTECTED] wrote: Wil Cooley wrote: On 2005-01-18, gary ng [EMAIL PROTECTED] wrote: does samba server access the disk periodically even it is not serving any client ? I am trying to setup a home server which is not frequently used and set the HD to spin down after 60s inactivity. But it get kicks up again apparently by samba(stoping samba and the disk won't spin up anymore). I think it is a 3 minute or so interval. Is there a way to tell it not to as I can sacrifice some performance in exchange for much less noise and some power savings. Short of a good answer, here's a guess: Logging with disk buffering. Set your loglevel to 0 and see if it stops. doesn't it also look into smb.conf periodically for changes? I'm not sure if it can be disabled, though (putting this file in ramdisk would be a solution if there is no other way to stop Samba from looking into that file). Tomek __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: samba periodically access the disk even when idle ?
gary ng wrote: I have already tried to put smb.conf to /tmp which is mounted to tmpfs but the disk access continues. I have no idea why. you might also try: lsof -n|grep smbd lsof -n|grep nmbd This will list any files opened by Samba. Maybe you will find anything that could be read/written by Samba. Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 2k / NT4 trust and local/global groups
Hi, Got a 2k ADS server with a trust to NT4 PDC... what I'm trying to achieve is to have users on the NT4 PDC assigned to security groups in Win2k AD, with Samba joined to the AD and authenticating users in AD. I have the NT4 - 2k trust working fine both directions. Samba has been joined to the 2k AD realm. Running wbinfo -g I can see 2k global groups and NT4 groups however I cannot see 2k local domain groups. The problem with this arrangement is that NT4 users can only be members of a 2k local domain group, and not a global group. so, 2k local groups contain the users I want to authenticate, but I can only see 2k global groups (which can't contain NT users). catch-22 any ideas? I've tried creating global groups containing local domain groups - no joy. I'm running in mixed mode for the trust to work. any help / suggestions appreciated. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[samba] trustdoms
hello i have setup two domains UNI-STAFF and UNI-STUD, both point at same ldap for auth and have different domainSID's What i would like but dont know how to do is *Both domains to appear in the Windows Domain logon Box *Accounts (in LDAP) which have the UNI-STAFF sambaSID to be able to logon to the UNI-STAFF domain (or UNI-STUD as i think this is how trusts work) *Accounts (in LDAP) which have the UNI-STUD sambaSID to be only able to logon to the UNI-STUD domain The important thing is students cant login to the staff domain. i know i need to use the net rpc trustdom establish domain and smbpasswd -a -i domain commands but i am not sure which command on which domain, i have tried and anyone can logon to any domain? also which domain does the machines need to be added to? also which SID should my groups use ? Any help? -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Finished print jobs, Samba 3.0.9
Has there been any further progress on the finished print jobs piling up issue? In the last few emails there was mention of a fix by Monday. Any updates would be greatly appreciated. If this is the wrong forum to ask about this please let me know and I will post to the correct forum. Marc Taylor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Finished print jobs, Samba 3.0.9
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Taylor, Marc wrote: | Has there been any further progress on the finished | print jobs piling up issue? In the last few emails | there was mention of a fix by Monday. | | Any updates would be greatly appreciated. I've got an increasing number of reports that this is fixed in the latest SAMBA 3.0 svn code. See https://bugzilla.samba.org/show_bug.cgi?id=2170 for detauls. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7UpnIR7qMdg1EfYRAjq8AKCltrVA7cnDhgTV1l4V6/GIzAtTwACfajBk xzVPtwPFs7jewboo5tv7ZGw= =leJR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind PDC error
Hola. Hi. I have an error when I try to run: wbinfo -u from the PDC itself (samba 3, FC3), I have runing winbind, smb, nmb on the PDC, this is the error: [EMAIL PROTECTED] media]# wbinfo -u Error looking up domain users This is my smb.conf: - [global] workgroup = DOMAIN netbios name = brain server string = Controlador de dominio os level = 30 debug level = 10 max log size = 50 log file = /var/log/samba/%m.log # PDC domain logons = yes preferred master = yes domain master = Yes logon drive = H: logon home = logon path = # \\%L\%u\.w9xprfl time server = yes # Usuarios y passwords smb passwd file = /etc/samba/smbpasswd encrypt passwords = yes username map = /etc/samba/smbusers unix password sync = Yes # Programas auxiliares y scripts passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u add user script = /usr/sbin/adduser -g users -s /bin/false -d /sbin/nologin -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u # Note: The following specifies the default logon script. logon script = %G.bat # This sets the default profile path. Set per user paths with pdbedit # logon path = \\%L\profiles\mswprfl # Impresi'on printcap name = cups cups options = raw printing = cups load printers = no printer admin = xavier,@root, root, @ntadmin, administrator # Winbind idmap uid = 15000-2 idmap gid = 15000-2 winbind separator = + # winbind enable local accounts = yes # winbind trusted domains only = yes #template primary group = Domain Users # winbind use default domain = yes # Misc. wins support = yes getwd cache = yes admin users = xavier , root, @root #security = user socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 nt status support = yes template shell = /bin/bash -- But when I run in the same server this command, there is no err: [EMAIL PROTECTED] squid]# net rpc testjoin Join to 'IBCINC' is OK and: [EMAIL PROTECTED] squid]# wbinfo -t checking the trust secret via RPC calls succeeded Why I can not list the usrs with wbinfo -u in the PDC server??? but if I do wbinfo -u from a smb client with a machine trust account in the domain, there is no problem linting the users. -- Xavier Callejas El Salvador E-Mail + MSN: xcallejas at ibcinc.com.sv ICQ: 6224 -- Open your Mind, use Open Source. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Ed Holden wrote: Actually it's not a PDC. Most of the clients are Mac OS X, with a few Windows machines here and there, so no client machines are actually joined to the domain. The issue is purely with connecting. so what do you mean by logging in? browsing a share protected with username/password, or what? Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Unable to connect to smb shares from second machine in workgroup
Ed Holden wrote: So you are connecting, but it seems to be rejecting just the password. That is odd. As I said, it also appears that the SMB server is unaware of the machine named Starbase. Remember nmblookup is unable to locate the machine named Starbase. Are you sure the username is valid? Yes. Only one username is in play here, albeit mapped on the Linux machine, and that's Andrew DeFaria. It's the same username on Voyager and the same username on Starbase. Remember Starbase used to occupy Voyager's place. And smbusers maps Andrew DeFaria - andrew, which is my username on the Linux box Earth. And remember, this mapping is currently working from Voyager\Andrew DeFaria - [EMAIL PROTECTED] Also, Starbase\Andrew DeFaria can map shares from Voyager and Voyager\Andrew DeFaria can map shares from Starbase. Voyager\Andrew DeFaria can map shares from Earth. It's only Starbase\Andrew DeFaria that cannot map shares nor browse shares on Earth. Note that Starbase can browse into the workgroup Universe and it sees some share names there (It sees Web for example, and a couple others, but not all of the ones that Voyager sees). If, however, I attempt to browse into Web, for instance, the username/password dialog box pops up and as I said, no username password combination works! :-( . What if you use Explorer and input \\earth\web? It should prompt you for a user and password? Yes I do this all the time, usually as the test case. Yes it does prompt for a username/password. I have tried all of [Earth|Voyager|Starbase]\Andrew DeFaria. I've also tried [Earth|Voyager|Starbase]\andrew. Nothing works, with the one and only password for Starbase\Andrew DeFaria and [EMAIL PROTECTED] The password is the same for all user IDs being used here. If I browse from Voyager to \\earth\web I get in no dialogs or prompts or problems. What if you create a new user on earth and dry to connect as the new user? Interesting and I will try that. However how exactly do I state that new user? Do you mean in the username/password dialog box presented on Starbase when I browse to \\earth\web I specify a username of say earth\root and then root's password. I believe I tried that. Didn't work, but I could try it again (actually I see that smbusers has a mapping for root - administrator and admin. Perhaps I should try earth\administrator? -- I have six locks on my door all in a row. When I go out, I lock every other one. I figure no matter how long somebody stands there picking the locks, they are always locking three. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smb_add_request times out
have you sucsess about that ? i'm having the same problem, could you help me? -- Andrea Viana da Silva [EMAIL PROTECTED] CSP Controle e Automaao Ltda BRAZIL -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] request [*] timed out!
Diogo, verifiquei que vc estava nas listas devido ao samba. Voc consegui resolver, pode me ajudar? -- Andrea Viana da Silva [EMAIL PROTECTED] CSP Controle e Automaao Ltda -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] auth samba+squid+ntlm
Hi. I need to use the ntlm_auth module to auth. users so a group can use Internet and other not, using squid. The users that belong to Internet group may use Internet. I've being looking for info. about this but there is no much info. in google. Until now this is the only info. that I had found: for squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=dominio+Internet the dominio+internet: I made proof of dominio\internet , dominio\\internet and always there is an error like this: [2005/01/18 11:58:23, 0] utils/ntlm_auth.c:get_require_membership_sid(237) Winbindd lookupname failed to resolve dominio+Internet into a SID! so I tried the SID: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=S-1-5-21-2357639956-1676252757-504000632-2005 and: [2005/01/18 11:59:20, 10] utils/ntlm_auth.c:manage_squid_request(1610) Got 'ibcinc+xavier acacadac' from squid (length: 22). [2005/01/18 11:59:21, 3] utils/ntlm_auth.c:check_plaintext_auth(292) NT_STATUS_OK: Success (0x0) OK But, even doing this (putting the SID) the users can't be authenticated by the server. Squid and the smb PDC are the same box, is this possible??? this the error from log when a user run its web browser and ask for a user/password: Jan 18 12:12:16 brain kernel: audit(1106071936.271:0): avc: denied { getattr } for pid=17126 exe=/usr/bin/ntlm_auth path=/var/run/winbindd/pipe dev=hda7 ino=108681 scontext=root:system_r:squid_t tcontext=root:object_r:var_run_t tclass=sock_file this are the permissions on the /var/cache/samba: -rw--- 1 root root 8192 ene 13 00:02 account_policy.tdb -rw-r--r-- 1 root root 8192 ene 17 08:52 brlock.tdb -rw-r--r-- 1 root root695 ene 18 12:13 browse.dat -rw-r--r-- 1 root root 16384 ene 14 08:00 connections.tdb -rw-r--r-- 1 root root 8192 ene 13 00:10 gencache.tdb -rw--- 1 root root 8192 ene 13 00:02 group_mapping.tdb -rw-r--r-- 1 root root 16384 ene 17 08:52 locking.tdb -rw--- 1 root root 16384 ene 14 08:56 messages.tdb -rw-r--r-- 1 root root 11438 ene 16 04:02 namelist.debug -rw--- 1 root root 8192 ene 13 03:50 netsamlogon_cache.tdb -rw--- 1 root root 8192 ene 13 00:02 ntdrivers.tdb -rw--- 1 root root696 ene 13 00:02 ntforms.tdb -rw--- 1 root root 8192 ene 13 00:02 ntprinters.tdb drwxr-xr-x 2 root root 4096 ene 13 00:02 printing -rw--- 1 root root 8192 ene 13 00:02 registry.tdb -rw-r--r-- 1 root root 24576 ene 14 08:00 sessionid.tdb -rw--- 1 root root 8192 ene 13 00:02 share_info.tdb -rw-r--r-- 1 root root 8192 ene 13 19:08 unexpected.tdb -rw--- 1 root root 20172 ene 14 14:15 winbindd_cache.tdb -rw-r--r-- 1 root root 8192 ene 13 00:21 winbindd_idmap.tdb drwxr-x--- 2 root squid 4096 ene 14 14:15 winbindd_privileged -rw-r--r-- 1 root root 1523 ene 18 12:12 wins.dat What can I do??? thanks! -- Xavier Callejas E-Mail + MSN: xcallejas at ibcinc.com.sv ICQ: 6224 -- Open your Mind, use Open Source. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Tutorial: Samba as NT4 Primary Domain Controller
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: | Pascal de Bruijn wrote: | | -BEGIN PGP SIGNED MESSAGE- | Hash: SHA1 | | Hello, | | I'm writing a tutorial with which people can easily setup a Samba | machine as a NT4 Primary Domain Controller (using CentOS 3). | | I'm handling just about everything that's related: | - - NTP | - - DHCP | - - Samba | - - SNMP | and more... | | Note that this is only a preliminary version, it may contain errors. | But I'd really appriciate any kind of feedback! | | http://members.home.nl/keizerflipje/sambapdc/samba.pdf | | | I just looked through that document very fast, (as I already have my PDC | running), but didn't see anything about keeping password in an LDAP | database. | As I remember, this part (LDAP) was troublesome for me. | | It would be also nice to hear about software | installation/updates/deploayment on clients, controlled from the PDC/BDC | - I use WPKG for that - http://wpkg.sf.net | | My 3 cents, you asked for that :) | | | Tomek | Hi, Well LDAP is beyond the target scope of my article... It's intended for small businesses only. I really didn't want to both with LDAP, as I have no use for it... at least not yet anyway... And application deploy might be a thought for the future... Thanks for your thoughts, Pascal de Bruijn -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7VsrOauq/dYfFnQRAjCwAJ49SKfrCt4J03gKly2xbHh5mojF3wCeJlNG NOaYjnsFritwACD4biPlPco= =1Du8 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind fails to connect to \PIPE\NETLOGON with 3.0.10 and 3.0.9
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joining a mixed 2000 domain worked correctly for Samba 3.0.2a. After upgrading to either samba 3.0.9 or 3.0.10, the net ads join command completes successfully, and wbinfo -u returns a list of users, but any attempt to actually authenticate those users fails with NT_STATUS_PIPE_NOT_AVAILABLE. wbinfo -t also does not work, and produces the log file attached. The smb.conf is identical to the 3.0.2 version. Joining in NT4 (rpc) mode works correctly. Are there changes to the smb.conf that I am not aware of? wbinfo -a bob plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc064) error messsage was: No such user Could not authenticate user bob with plaintext password challenge/response password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc064) error messsage was: No such user Could not authenticate user bob with challenge/response which produces these logs: [2005/01/18 10:58:48, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(464) ~ [25073]: pam auth crap domain: MIXEDDOMAIN user: [EMAIL PROTECTED] [2005/01/18 10:58:48, 8] lib/util.c:is_myname(1797) ~ is_myname(MIXEDDOMAIN) returns 1 [2005/01/18 10:58:48, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(498) ~ Authentication for domain MIXEDDOMAIN (local domain to this server) not supported at this stage [2005/01/18 10:58:48, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(637) ~ NTLM CRAP authentication for user [EMAIL PROTECTED] returned NT_STATUS_NO_SUCH_USER (PAM: 10) [2005/01/18 10:58:48, 10] nsswitch/winbindd.c:client_write(524) I know my domain isn't that great, but is it really crap? :) - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFB7Vp42dxAfYNwANIRAhbrAKCXeupnutlsB8z+enwchiaq8SHg0gCbBriN EiFXyR1dq2ZhG4UyABVqiJo= =SF8s -END PGP SIGNATURE- [2005/01/18 10:45:50, 10] nsswitch/winbindd.c:client_write(558) client_write: client_write: complete response written. [2005/01/18 10:45:50, 6] nsswitch/winbindd.c:new_connection(356) accepted socket 20 [2005/01/18 10:45:50, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 0 bytes. Need 1824 more for a full request. [2005/01/18 10:45:50, 5] nsswitch/winbindd.c:winbind_client_read(475) read failed on sock 18, pid 22958: EOF [2005/01/18 10:45:50, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 1824 bytes. Need 0 more for a full request. [2005/01/18 10:45:50, 10] nsswitch/winbindd.c:process_request(321) process_request: request fn ENDPWENT [2005/01/18 10:45:50, 3] nsswitch/winbindd_user.c:winbindd_endpwent(375) [22958]: endpwent [2005/01/18 10:45:50, 10] nsswitch/winbindd.c:client_write(524) client_write: wrote 1300 bytes. [2005/01/18 10:45:50, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 0 bytes. Need 1824 more for a full request. [2005/01/18 10:45:50, 5] nsswitch/winbindd.c:winbind_client_read(475) read failed on sock 20, pid 22958: EOF [2005/01/18 10:45:53, 6] nsswitch/winbindd.c:new_connection(356) accepted socket 18 [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 1824 bytes. Need 0 more for a full request. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:process_request(321) process_request: request fn INTERFACE_VERSION [2005/01/18 10:45:53, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(261) [22964]: request interface version [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:client_write(524) client_write: wrote 1300 bytes. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 1824 bytes. Need 0 more for a full request. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:process_request(321) process_request: request fn WINBINDD_PRIV_PIPE_DIR [2005/01/18 10:45:53, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297) [22964]: request location of privileged pipe [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:client_write(524) client_write: wrote 1300 bytes. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:client_write(569) client_write: need to write 35 extra data bytes. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:client_write(524) client_write: wrote 35 bytes. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:client_write(558) client_write: client_write: complete response written. [2005/01/18 10:45:53, 6] nsswitch/winbindd.c:new_connection(356) accepted socket 20 [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 0 bytes. Need 1824 more for a full request. [2005/01/18 10:45:53, 5] nsswitch/winbindd.c:winbind_client_read(475) read failed on sock 18, pid 22964: EOF [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:winbind_client_read(470) client_read: read 1824 bytes. Need 0 more for a full request. [2005/01/18 10:45:53, 10] nsswitch/winbindd.c:process_request(321) process_request: request fn
Re: [Samba] how to check IP addresses of machines in the network?
Tomek, So you know the netbios name of the machine you want to access, but not it's IP address. My suggestion would be to modify the /etc/nsswitch.conf file on whichever machine you need to VNC from. Find the line containing hosts: files,dns (or something to that effect) and appends wins to that list, eg: hosts: files,dns,wins Now your machine should resolve netbios names as well as IP addresses, so you could type: 'vncviewer SERWER:0' and be on your way. There's also the nmblookup tool, which might be easier to use if you don't have root access to modify nsswitch.conf. HTH, -- Nick p.s.: first post to this list, hope I followed the correct etiquette. p.p.s: the above suggestion works with Samba 3, I'm not sure about samba 2.2 or older. Tomasz Chmielewski Wrote: So, if there is no better way, I think I would have to check wins.dat file on a PDC machine (it's also w WINS server), it seems to have a copy of all netbios names with corresponding IPs. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] user-rights
Hello! I've got some problems with the user-rights setting to my linux-machine. I want to create a file-server-system with samba where I can create a copy-directory, too. To this copy-directory every person, who can connect to the samba-machine, should be able to write through this directory and to make changes on documents, like word-documents, which are saved in this directory. My problem is that only the person, who has created a file through this directory, is able to make changes on this file. Other persons only can open this file to watch the content. I have no idea, which options I must change in the smb.conf-file so that every person is able to make changes on every file that is saved in the copy-directory. The security-level is set to user-security and every person connects with a username and a password to the samba-machine. Can anyone help me to solve my problem? Thanks! Buchbach -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Yes. I have a share called NRL Folders I can't browse it or any other shares. On the local machine I can; that is, on the server I can use the smbclient to connect to 127.0.0.1 and list shares that way. But not from another machine. It's not a network thing, because it is user-specific. Any user who has been added, or who has had his or her password changed, since the migration to the new machine cannot log on from other computers (but can connect with smbclient on 127.0.0.1). So I assumed it was a problem related to secrets.tdb, since the names of the machines have changed and I know this sort of thing is in the secrets.tdb file. -Ed :: Ed Holden :: Administrator, Research Information Systems :: McLean Hospital :: Tel: (617) 855-2822 :: Web: http://research.mclean.harvard.edu/ris Tomasz Chmielewski wrote: Ed Holden wrote: Actually it's not a PDC. Most of the clients are Mac OS X, with a few Windows machines here and there, so no client machines are actually joined to the domain. The issue is purely with connecting. so what do you mean by logging in? browsing a share protected with username/password, or what? Tomek Any information, including protected health information (PHI), transmitted in this email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential and or exempt from disclosure under applicable Federal or State law. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon, protected health information (PHI) by persons or entities other than the intended recipient is prohibited. If you received this email in error, please contact the sender and delete the material from any computer. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Using ssh for samba authentication?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | I use ssh port forwarding to connect to a samba server from Windows ... | ask for any password for shares? Why not set ssh up for public key auth? Coupled with Samba's own encryption, it should be secure enough. ;-) Jim C. - -- - - | I can be reached on the following Instant Messenger services: | |---| | MSN: j_c_llings @ hotmail.com AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llingsJabber: jcllings @ njs.netlab.cz| - - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7Wgs57L0B7uXm9oRAptVAJ0XO5hOyTsvr3LGfJsjVOvUu0ln/ACfahD0 LKKCycfEbpZinPSV6JkQcK8= =HDEt -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Entry in username-map being ignored
Samba version 3.0.10 seems to be ignoring the map file on my system. I have the line: root = administrator in the file but when the administrator account tries to access the system the add user script is run for the user administrator. -- Michael St. Laurent Hartwell Corporation -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Ed Holden wrote: Yes. I have a share called NRL Folders I can't browse it or any other shares. On the local machine I can; that is, on the server I can use the smbclient to connect to 127.0.0.1 and list shares that way. But not from another machine. It's not a network thing, because it is user-specific. Any user who has been added, or who has had his or her password changed, since the migration to the new machine cannot log on from other computers (but can connect with smbclient on 127.0.0.1). So I assumed it was a problem related to secrets.tdb, since the names of the machines have changed and I know this sort of thing is in the secrets.tdb file. So we can assume this has nothing to do with machine passwords, as it's not needed for browsing shares. The only thing that comes to my mind is: hosts allow = hosts deny = users allow = etc. in smb.conf - but I'm sure you already checked that? Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Yeah, I've checked that. I have none of those settings enabled. I did a diff between this smb.conf and the one on the old server, and they are identical. -Ed :: Ed Holden :: Administrator, Research Information Systems :: McLean Hospital :: Tel: (617) 855-2822 :: Web: http://research.mclean.harvard.edu/ris Tomasz Chmielewski wrote: Ed Holden wrote: Yes. I have a share called NRL Folders I can't browse it or any other shares. On the local machine I can; that is, on the server I can use the smbclient to connect to 127.0.0.1 and list shares that way. But not from another machine. It's not a network thing, because it is user-specific. Any user who has been added, or who has had his or her password changed, since the migration to the new machine cannot log on from other computers (but can connect with smbclient on 127.0.0.1). So I assumed it was a problem related to secrets.tdb, since the names of the machines have changed and I know this sort of thing is in the secrets.tdb file. So we can assume this has nothing to do with machine passwords, as it's not needed for browsing shares. The only thing that comes to my mind is: hosts allow = hosts deny = users allow = etc. in smb.conf - but I'm sure you already checked that? Tomek Any information, including protected health information (PHI), transmitted in this email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential and or exempt from disclosure under applicable Federal or State law. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon, protected health information (PHI) by persons or entities other than the intended recipient is prohibited. If you received this email in error, please contact the sender and delete the material from any computer. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to check IP addresses of machines in the network?
Nick Soracco wrote: Tomek, So you know the netbios name of the machine you want to access, but not it's IP address. My suggestion would be to modify the /etc/nsswitch.conf file on whichever machine you need to VNC from. Find the line containing hosts: files,dns (or something to that effect) and appends wins to that list, eg: hosts: files,dns,wins Now your machine should resolve netbios names as well as IP addresses, so you could type: 'vncviewer SERWER:0' and be on your way. this might work, but again, not in my case. 1) this network is separated from the others, that means that people that will VNC to these hosts don't use the same WINS/DNS - that's one problem (they can reach by IP only), 2) people that will VNC are rather windows technicians, helping with software etc. So they should enter a page: https://PDC/hosts - and then see list of hosts with corresponding IPs - after seeing that, they should know where to VNC. So I guess I will stick with my WINS idea of parsing wins.dat file. But smbclient -L --show-ips pdc /var/www/html/hosts run from a cronjob would be so much easier - I will probably spend an hour to figure out how to parse wins.dat file to remove unnecessary stuff. Well, one hour is about what I spent writing on this topic to the list anyway :)) There's also the nmblookup tool, which might be easier to use if you don't have root access to modify nsswitch.conf. p.s.: first post to this list, hope I followed the correct etiquette. you should quote below the post / appropriate sentences etc. :) Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and ACL's
Hey All, I am trying to get Samba to work with winbind and ACL's on Fedora Core 2. So far so good as far as getting winbind to work with Samba but I am having trouble getting Samba to recognize ACL's. I am wondering if there is a command I can run to determine if my Samba install is ACL capable... Any ideas? Cheers, Travis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Entry in username-map being ignored
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael St. Laurent wrote: | Samba version 3.0.10 seems to be ignoring the map file on my | system. I have the line: | | root = administrator | | in the file but when the administrator account tries to | access the system the add user script is run for the | user administrator. Are you using either 'security = domain' or 'security = ads' ? If so then read the WHATSNEW. This change was documented several releases back. If not, then we'll need more details. The username map works fine in my tests. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7W6UIR7qMdg1EfYRAijQAJ9T0vhKpDxOQwqHAAjXvJHH6T6DcQCfcX5i 1hls3gLcxmznJ+jO/9XGg1A= =IXyJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users with changed passwords can't log on remotely (but can locally)
Ed Holden wrote: Yeah, I've checked that. I have none of those settings enabled. I did a diff between this smb.conf and the one on the old server, and they are identical. shouldn't you at least specify hosts allow? it's getting late so my memory weakens... did you paste your config for that share here, and also samba logs when you try to browse this share (maybe with increased verbosity)? Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: auth samba+squid+ntlm
Xavier Callejas wrote: Hi. I need to use the ntlm_auth module to auth. users so a group can use Internet and other not, using squid. The users that belong to Internet group may use Internet. I've being looking for info. about this but there is no much info. in google. Until now this is the only info. that I had found: for squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=dominio+Internet the dominio+internet: I made proof of dominio\internet , dominio\\internet and always there is an error like this: [2005/01/18 11:58:23, 0] utils/ntlm_auth.c:get_require_membership_sid(237) Winbindd lookupname failed to resolve dominio+Internet into a SID! so I tried the SID: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=S-1-5-21-2357639956-1676252757-504000632-2005 and: [2005/01/18 11:59:20, 10] utils/ntlm_auth.c:manage_squid_request(1610) Got 'ibcinc+xavier acacadac' from squid (length: 22). [2005/01/18 11:59:21, 3] utils/ntlm_auth.c:check_plaintext_auth(292) NT_STATUS_OK: Success (0x0) OK But, even doing this (putting the SID) the users can't be authenticated by the server. Squid and the smb PDC are the same box, is this possible??? this the error from log when a user run its web browser and ask for a user/password: Is your winbind separator = + in the smb.conf file? By the first example you gave, I believe it should be. On my box to get the --require-membership-of=domain.group to work, I had to tack on --username=%LOGIN as well. After that, it works like a champ. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Entry in username-map being ignored
Gerald (Jerry) Carter mailto:[EMAIL PROTECTED] wrote: Samba version 3.0.10 seems to be ignoring the map file on my system. I have the line: root = administrator in the file but when the administrator account tries to access the system the add user script is run for the user administrator. Are you using either 'security = domain' or 'security = ads' ? If so then read the WHATSNEW. This change was documented several releases back. If not, then we'll need more details. The username map works fine in my tests. Yes, security = domain. Okay, got it. I need to prefix the Windows login with the Domain so the line should read: root = OURDOMAIN\administrator Thanks for the pointer. -- Michael St. Laurent Hartwell Corporation -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: auth samba+squid+ntlm
On Tue, 2005-01-18 at 15:20 -0500, Kevin Kobb wrote: On my box to get the --require-membership-of=domain.group to work, I had to tack on --username=%LOGIN as well. After that, it works like a champ. I'm really not sure what you are doing there, but I can't see how -- username=%LOGON does anything... Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Winbind fails to connect to \PIPE\NETLOGON with 3.0.10 and 3.0.9
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 O.k. I've nailed the change down to the upgrade from 3.0.2a to 3.0.3. I'm going to try and figure out what changed there. Tom Dickson wrote: | Joining a mixed 2000 domain worked correctly for Samba 3.0.2a. | | After upgrading to either samba 3.0.9 or 3.0.10, the net ads join command | completes successfully, and wbinfo -u returns a list of users, but any | attempt to | actually authenticate those users fails with NT_STATUS_PIPE_NOT_AVAILABLE. | | wbinfo -t also does not work, and produces the log file attached. The | smb.conf is | identical to the 3.0.2 version. Joining in NT4 (rpc) mode works | correctly. Are | there changes to the smb.conf that I am not aware of? | | wbinfo -a bob | plaintext password authentication failed | error code was NT_STATUS_NO_SUCH_USER (0xc064) | error messsage was: No such user | Could not authenticate user bob with plaintext password | challenge/response password authentication failed | error code was NT_STATUS_NO_SUCH_USER (0xc064) | error messsage was: No such user | Could not authenticate user bob with challenge/response | | which produces these logs: | | [2005/01/18 10:58:48, 3] | nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(464) | ~ [25073]: pam auth crap domain: MIXEDDOMAIN user: [EMAIL PROTECTED] | [2005/01/18 10:58:48, 8] lib/util.c:is_myname(1797) | ~ is_myname(MIXEDDOMAIN) returns 1 | [2005/01/18 10:58:48, 3] | nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(498) | ~ Authentication for domain MIXEDDOMAIN (local domain to this server) not | supported at this stage | [2005/01/18 10:58:48, 2] | nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(637) | ~ NTLM CRAP authentication for user | [EMAIL PROTECTED] returned | NT_STATUS_NO_SUCH_USER (PAM: 10) | [2005/01/18 10:58:48, 10] nsswitch/winbindd.c:client_write(524) | | I know my domain isn't that great, but is it really crap? :) | | -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFB7XU12dxAfYNwANIRAj0OAJ9YaUmWwtDBJurneIWu7kYn/49YsgCeOWZr pfNQQxGLV61l2/kmQ8zOMhE= =O14x -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] [Fwd: password quality compliance]
On Tue, 2005-01-18 at 08:31 -0600, Chris Snider wrote: I would also like to see a force strong password feature added. Which is has been. Simo did the dirty work, and packaged my cracklib code into an example app, and setup a 'script' hook to call it. The parameter missed documentation for a while, but should be in the latest snapshot as 'check password script', with the cracklib code in examples/auth/crackcheck. (By using a script, simo allowed the silly exit(1) behaviour of cracklib to continue, without killing smbd). Hmm, we should make this a little easier to find - I was looking under 'password quality script' originally... Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: password quality compliance]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew Bartlett wrote: | Which is has been. Simo did the dirty work, and packaged | my cracklib code into an example app, and setup a 'script' hook | to call it. The parameter missed documentation for a while, | but should be in the latest snapshot as 'check password script', | with the cracklib code in examples/auth/crackcheck. Ahh...I forgot about that that. Thanks Andrew. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7Xj2IR7qMdg1EfYRAtR6AJwNl28TRCe9ZevFRPAYjImtMI3b7wCfehQD c8Qxh6WwQkisnTL253fSeAY= =IZSp -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Re: Question about win2000 and samba
On 23/12/2004 Bart Hendrix wrote: When I go to my computer, I see a red cross in every sharemapping. But when I click on the sharemapping it seems to work fine end I can see al files. On 24/12/2004 Gémes Géza wrote: Changed the NICs and other hardware (even the servers), and of course the Samba release (a couple of times) since the problem first apeared in 2001 (then we got our first Win2k workstations). I haven't inspected Samba logs (yet) haunting for such simptoms, but I've did it many times Indeed, today I finally replaced the NIC on the machine which is giving me the exact same problem, to no avail: the red crosses remained. Small reminder: I manage a network of 12 Win2000 machines connected to a Samba PDC and file server, and only one of them is having this problem. The machine is almost identical to another one, both in hardware and software (the OS was cloned from the other one); the main difference is that it has a Pioneer DVD burner, beside the regular CD reader, and Nero installed. I already had the same problem in the past, which I eventually discovered was caused by the installation of Easy CD Creator 5. So, recalling something about past problems with Easy CD Creator, here's what I did today: I removed the Upperfilters and Lowerfilters values from the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318} (I hope that's the right number at the end, I'm not at that machine now and copied it from a MS article; anyway the two values were something like Cdr4_2K and Cdralw2k.) I then only had the possibility to test the machine for a few minutes, but the problem seemed to be gone (it usually appeared right from login or very soon after). Can you try doing the same? Do a backup of the registry key before deleting those values, you never know. Please make me know if it helps, thanks. -- Ciao, Marco. ...You Had It Coming, Jeff Beck 2001 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Using ssh for samba authentication?
On Tue, 18 Jan 2005 11:49:00 -0800, Jim C. [EMAIL PROTECTED] said: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | I use ssh port forwarding to connect to a samba server from Windows ... | ask for any password for shares? Why not set ssh up for public key auth? Coupled with Samba's own encryption, it should be secure enough. ;-) I already use public key authentication in ssh and for this reason the additional password typing is annoyance that can potentially leak passwords. So I thought that maybe there was a way to start samba from ssh connection and assume that user already authentificated among the lines of sftp subsystem in ssh. Regards, Igor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Permission denied when using RCS from windows with Samba 3.0.10
We just upgraded our server to run Mandrake 10.1. It is using kernel 2.6.8 and we are now using Samba 3.0.10. I am using the RCS commands on a Windows XP Professional computer. Before the upgrade, I had no problem checking files out with the co -l command no matter who owned the file. Now I get a Permission denied error unless I'm the owner of the RCS control file. The delete readonly option is set to yes but does not seem to be helping. Any suggestions would be greatly appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: auth samba+squid+ntlm
Andrew Bartlett wrote: On Tue, 2005-01-18 at 15:20 -0500, Kevin Kobb wrote: On my box to get the --require-membership-of=domain.group to work, I had to tack on --username=%LOGIN as well. After that, it works like a champ. I'm really not sure what you are doing there, but I can't see how -- username=%LOGON does anything... Andrew Bartlett Well silly me. I swear at one time without this I couldn't get squid to work by AD group membership. However, I took it out and can indeed still get out with squid. I have updated my OS and Samba since I set this config up many months ago, so maybe it was a problem, or perhaps I was just being foolish, which is probably much more likely ;-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Finished print jobs, Samba 3.0.9
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Taylor, Marc wrote: | Has there been any further progress on the finished | print jobs piling up issue? In the last few emails | there was mention of a fix by Monday. | | Any updates would be greatly appreciated. I've got an increasing number of reports that this is fixed in the latest SAMBA 3.0 svn code. See https://bugzilla.samba.org/show_bug.cgi?id=2170 for detauls. copying a mail to you: ### Gerald (Jerry) Carter wrote: | printing/printing.c: In function `print_cache_expired': | printing/printing.c:1038: warning: passing arg 3 of `tdb_fetch_uint32' | from incompatible pointer type | | Could this be a problem? I don't think so. The warning is from a cast of time_t* to uint32*. I'll look at the other messages soon. here is an really good prepared log from the print queue update problem from Maximilian Pasternak: http://download.eisfair.org/tombork/test/log.zip Maybe it will take up to one hour till you can download the zipped log. This is from 3.0.11pre1 with the little patch release_print_db(pdb); ### Are there other fixes for the problem in SVN other than printig patch post 3.0.10v2 + patch release_print_db(pdb);? Can you look at the log in http://download.eisfair.org/tombork/test/log.zip please? der tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP deletes read-only files. Windows 98 does not.
Hi, Perhaps someone can help. Recently, my office was set up with a new server and new XP machines. The server is on Samba. After porting files into the the server, the files can only be 'read-only' by other machines. Any suggestions? Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem adding user to Administrator list
Hi, i noticed this too at my last ldap pdc smb setup with 3.0.10 i cant add any user to the Administrators group, this worked in former versions of samba with an equal ldap setup, i opened a bug in bugzilla about that. But maybe this is now by design , and i missed a changelog entry about that Regards . [EMAIL PROTECTED] schrieb: Hi, all, We are using Samba 3.0.10 with an LDAP backend. It's been working fine for a long time. One strange thing that has come up today : I cannot add 1 specific domain user to the local Administrator group of Windows servers that are also in the domain. Adding the user to the admin group on a workstation works just fine. Adding other users to the admin group on the Windows servers works fine as well. It is just this one user that is being refused. This is the logging from Samba : (for the failing user edockx) [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx [2005/01/18 15:37:00, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: edockx This is the logging for another user : [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 100 [2005/01/18 15:37:16, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain PEOPLEWARE - S-1-5-21-2146849782-3868185098-1 958755654 [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez [2005/01/18 15:37:16, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: bpottiez Any thoughts ? (Sorry about the lengthy message) Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] missing smbpasswd program
I am new to linux and am playing with debian woody trying to get samba working. I have inadvertently deleted or some how corrupted the smbpasswd program file. I have tried uninstalling and reinstalling the samba package but with no luck. I am wondering how to get this file back. Note it is not the smbpasswd database file but the program Thanks in advance. john leap and the net will appear - zen saying -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Finished print jobs, Samba 3.0.9
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Bork wrote: | http://download.eisfair.org/tombork/test/log.zip Yes. I know. I'm still working on that log file. But I have to finish up one more file on the privilege support for 3.0.11. All I said is that some people are reporting success with the current 3.0 code in svn. Not everyone obviously. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7Zu7IR7qMdg1EfYRApPvAKCQraobkiYsoT7jIpncdX0cKrzUrgCglGnO Ua4HrI64UbUY4Adwjx8s1/U= =G9HM -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] About access the samba server through VPN connection
John Wong wrote: Dear all, We are facing the problem for accessing the samba server through the VPN connection. How's the VPN done? And also using the samba-2.2.3a-6 with the Red Hat Linux 7.3 (Kernel 2.4.18-3). Really old version. You should upgrade. Any solution can provide?? Best regards, John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] windows problem with samba
hi, Now I have tow computers, one is RH9 linux , the other is windows 2000. I have configed samba 3.0.7 running on linux, so windows could share linux computer's files. But there's a problem : when windows using network neighborhood connect linux samba server, I login into a folder using account and password for this folder, windows will remember this account and password, and now I couldn't login into another folder using account and password for that folder until I use net use * /del command, who can help me resolve this problem or who can analyse this problem detailedly? Best regard Anders Ma -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] About access the samba server through VPN connection
Dear all, Is there any restriction for access the samba server through the VPN connection. We are trying to do the remote access the samba server through the VPN client. And the VPN server isn't apply any rule for blocking any service. Any suggestion we can do??? Best regards, John Wong -Original Message- From: Thomas M. Skeren III [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 19, 2005 9:43 AM To: John Wong Cc: [EMAIL PROTECTED] Subject: Re: [Samba] About access the samba server through VPN connection John Wong wrote: Dear all, We are facing the problem for accessing the samba server through the VPN connection. How's the VPN done? And also using the samba-2.2.3a-6 with the Red Hat Linux 7.3 (Kernel 2.4.18-3). Really old version. You should upgrade. Any solution can provide?? Best regards, John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem adding user to Administrator list - part 2
This is the output from net groupmap list : root (S-1-5-21-2146849782-3868185098-1958755654-512) - Domain Admins Domain Users (S-1-5-21-2146849782-3868185098-1958755654-513) - Domain Users Backup Operators (S-1-5-21-2146849782-3868185098-1958755654-551) - Backup Operators Replicator (S-1-5-21-2146849782-3868185098-1958755654-552) - Replicator Domain Computers (S-1-5-21-2146849782-3868185098-1958755654-553) - Domain Computers users (S-1-5-21-2146849782-3868185098-1958755654-3001) - users management (S-1-5-21-2146849782-3868185098-1958755654-1205) - management projectgroup (S-1-5-21-2146849782-3868185098-1958755654-1207) - projectgroup accounting (S-1-5-21-2146849782-3868185098-1958755654-1209) - accounting lan (S-1-5-21-2146849782-3868185098-1958755654-1211) - lan PPTP_USERS (S-1-5-21-2146849782-3868185098-1958755654-1205) - PPTP_USERS Bert Thomas Bork [EMAIL PROTECTED] 18-01-2005 17:20 To [EMAIL PROTECTED] cc Subject Re: [Samba] Problem adding user to Administrator list - part 2 Hi Bert, Ok, I disabled the win firewall on the machine,and indeed I got another :-( error message 'A device attached to this system is not functioning' double mapping of Domain Admin Group? Show net groupmap list. der tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem adding user to Administrator list - part 2
I am kind of convinced that it is not the client machines that are causing the problem. None of the other users have this problem; they can log on to any machine in the network. It is just this one user that has the problem. Bert Tomasz Chmielewski [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 18-01-2005 17:13 To samba@lists.samba.org cc Subject Re: [Samba] Problem adding user to Administrator list - part 2 [EMAIL PROTECTED] wrote: Ok, I disabled the win firewall on the machine,and indeed I got another :-( error message 'A device attached to this system is not functioning' Trying another user on the same machine without changing anything (on the same login window) : no problem Did you try rebooting the windows machine? :) Perhaps this is something else, but specifying WINS servers on windows is also a good idea (try ipconfig /all on windows to see if they are configured). Tomek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User in passdb, but getpwnam() fails!
I'm using Mandrake 10.0, the nsswitch.conf file is already configured, and from getent passwd, i can see the user name that I'm using, BTW I tried to reconfigure everything from the begining again, and now I can login using the root password, but stilll not as a Domain user, still the same problem getpwnam() fails, - Original Message - From: Daniel Wilson [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, January 18, 2005 5:56 PM Subject: Re: [Samba] User in passdb, but getpwnam() fails! what is the Operating System on the samba server? Also you need to edit your nsswitch conf file, usually /etc/nsswitch.conf to have: passwd: files ldap group: files ldap Your problem is that your OS isnt looking at ldap for its user accounts, its also looking at your passwd file (/etc/passwd) Adi Nugraha wrote: Hi my problem is just like the subject, I could browse the shares with the same username password but I can't login to the domain, I'm using samba 3.0.2.a with ldap backend, can anyone help me with this, I know it's been posted before but I can't find a solution. thanks -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: User in passdb, but getpwnam() fails!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | I'm using Mandrake 10.0, the nsswitch.conf file is already configured, and ... | getpwnam() fails, Post the output of the appropriate testparm program. It will give folks a better idea of what they are looking at. Jim C. - -- - - | I can be reached on the following Instant Messenger services: | |---| | MSN: j_c_llings @ hotmail.com AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llingsJabber: jcllings @ njs.netlab.cz| - - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7gcB57L0B7uXm9oRAu+KAJ9Ggb04sNIgWf+MMCcE2i7YAaIxZwCeNV8x T5wC5RsJJNU+EsBDvm38GtE= =2zAS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba