Re: [Samba] Samba3 in W2k AD, W98 clients need password for Samba share
Im attaching the smb.conf file for review. http://loophole.mine.nu/misc/smb.conf Greets, Blaz Hello everybody, I've setup a file server with Debian GNU/Linux (Sarge) and Samba v3.0.10 with ACL, Kerberos etc... so I can join the Windows 2000 domain. I can use users from domain on file server without problems and Windows 2000, XP clients can access Samba shares. But when I try to connect to \\fs from Windows 98 client (in domain) it requests password from me (\\fs\IPC$). I have read through the mailing list but haven't come across a userful hint... Before this Linux, Windows 2000 were doing the job and everything worked okay for Windows 98 clients too, so I believe I misconfigured something. I'm using encrypted passwords in Samba and shares have set: guest ok = no. What else can I try?! Suggestions are truly wanted! Thanks, Blaz. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] vampire question
Hi Kurt, Don't know if this is any help. We currently have a similar problem on RHAS 3 4. RedHat bug report: https://www.redhat.com/archives/fedora-test-list/2004-November/msg01576.html Phil Kurt A. Brust [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/03/2005 18:34 To [EMAIL PROTECTED] cc Subject [Samba] vampire question . when running net rpc vampire -S ntserver -U Administrator%stacy182 --- everything seems to run fine however I do get could not create posix account info for 'machine name$' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Questions about 3.0.12rc1
Hello!
Before this post, i'm send 3 problems in 3.0.11
I'm compiled 3.0.12rc1 and found next:
1) Settings primary group problem solved, but question to developer
You append to mapping.c in smb_set_primary_group
ret = smbrun(add_script,NULL);
flush_pwnam_cache();
But not check ret code .if my script exit in code != 0, i'm change
primary group ... ( script set primary group still needed ? )
2) Next in this code is winbind, but debug message string have code
DEBUG(3,(smb_delete_group:
You use copy/paste ;)
This is affect in function: smb_add_user_group,smb_delete_user_group
smb_add_user_group have bug
if ( winbind_add_user_to_group( unix_user, unix_group ) ) {
DEBUG(3,(smb_delete_group: winbindd added user (%s) to the group
(%s)\n,
unix_user, unix_group));
return -1;
^^
needed return 0;
}
3) I'm analized problems 1
( user who not have privileges add machine account )
In function _samr_create_user ( srv_samr_nt.c ) you have code:
if ( can_add_account )
become_root();
And if user not have privileges(user|machine) you MAY CREATE USER (
posix account or machine account ) through SCRIPT :(
I'm change code to:
if ( can_add_account == False ) {
return NT_STATUS_ACCESS_DENIED;
}
it's fixed problem
I'm do simple test and is work correct, ... but i'm do not full test.
and I want to apologize for my english, well .. you understand ;)
Sergey Loskutov
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [SMB 3.0.10] File Locking Mechanism Windows - Unix
Hello, Iam facing a problem in locking of files across samba shares. We have samba 3.0.10 running on Solaris 9 with the smb.conf as follows. # Global parameters [global] workgroup = NMUINT netbios name = NMUINTFS interfaces = IP bind interfaces only = Yes security = DOMAIN password server = XXX.XXX.XXX.XXX log level = 1 ldap ssl = no #oplocks = no kernel oplocks = no [Share1] path = /export/home/Testdev/share read only = No oplocks = no strict locking = yes level2 oplocks = no The files under this directory are modified both from Windows and Solaris programatically. When ever a process accesses a file in this directory, it opens it in an exclusive mode ( DENY_ALL ). Now, this works fine between two processes on Windows and between two UNIX process (Gives equivalent of Winods error 53, File is used by another process) . But this does not work between Winodws and Unix. i.e Both of them are able to open the file in exclusive mode!! I ran the 'fuser' command in such a situation ( when both had exclusive accesses to the file) and to my surprise I found that both smbd and the unix process are listed bash-2.05# fuser /export/home/Testdev/share/test.txt /export/home/Testdev/share/test.txt: 1655o1567o bash-2.05# ps -e | grep filetest 1655 pts/50:00 filetest bash-2.05# ps -e | grep 1567 1567 ?0:00 smbd Also I tried to rename the file when only samba was locking it . The rename was successful. This is not possible if only unix process (filetest) is locking it. It will fail with a Permission denied error. Can any one help me in getting this file lock working? Thanking you in anticipation asif -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Pdbedit - Account Description..?
Hmm, might be me, but how do i alter a account description with pdbedit(or another samba tool) ?? i couln't find annything about changing the description of users within samba..? Thx Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Trouble with samba, ldap and kerberos..please help me
Hello together, i'm working on the following problem. I want to install samba as the only protocol to connect a couple of linux and windows-pcs. My software versions are SUSE 9.1 Pro, Windows XP Pro. I have updates to samba 3.0.6. Now I want to share the user home of the samba-server to all the client machines. To provide some comfort, user authentication should happen via ldap and kerberos. ldap and kerberos work's very well, but the samba-share of the user home is not mounted to the client machine and therfore kde is not starting. The login to a command line shell works, so I think the problem is in the pam- system of my client machine. I use the pam-module pam-mount to mount the samba share. Is there any docu, where I can read about how to configure a system of samba, ldap, kerberos and tie these parts together? I've googled around, but yet I've found nothing that fit's to it all. thank you for helping. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Citrix, Samba PDC experiences.
Hi all, I've dug through the lists and google, but haven't found very much info on using Citrix with a samba PDC. The small number of messages and information I've found, lead me to believe it will work. Does anyone have any first hand knowledge they'd be willing to share? I'm currently involved in rolling out Citrix for proprietary windows apps for remote offices. We've always used samba internally, though I'm still authenticating to a real old NT domain. The Citrix rollout includes needing more windows CAL's, so rather then A/D, I really want to use a SAMBA PDC if possible. thanks, Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Citrix, Samba PDC experiences.
I'm using Windows 2000 Terminal Servers here, which is the base for Citrix installations. In addition, I've previously ran Winframe 1.7 and Metaframe on NT4.0; all of which have worked fine with SAMBA. I did have a problem 6-7 years ago with Winframe where I had to disable some NT specific support to get locking to work with SAMBA, however this was pre SAMBA 2.x, so you'll not see that problem. I'm currently running some 170 users spread over 3 thin Windows 2000 Terminal Servers connecting to a single SuSE 9.2 Professional box running SAMBA 3.0.11 and winbindd to our NT 4.0 PDC / BDC combination without problems on the file sharing side. I have massive problems with printer sharing, and have moved this onto a second box so that I can more easily bounce samba / winbindd. Problems seem to revolve around winbindd authentication, and to be honest I'm probably going to move print serving back onto a Windows box for now, as it's got to the point where users are screaming at my staff. SAMBA PDC may also solve my winbindd problems (as may AD), and in fact we're being pushed into AD by other developments. Cheers Gordon -Original Message- From: Mark Nehemiah [mailto:[EMAIL PROTECTED] Sent: 14 March 2005 13:19 To: samba@lists.samba.org Subject: [Samba] Citrix, Samba PDC experiences. Hi all, I've dug through the lists and google, but haven't found very much info on using Citrix with a samba PDC. The small number of messages and information I've found, lead me to believe it will work. Does anyone have any first hand knowledge they'd be willing to share? I'm currently involved in rolling out Citrix for proprietary windows apps for remote offices. We've always used samba internally, though I'm still authenticating to a real old NT domain. The Citrix rollout includes needing more windows CAL's, so rather then A/D, I really want to use a SAMBA PDC if possible. thanks, Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba This e-mail has been scanned for all viruses by Star. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk Mortgages plc is authorised and regulated by the Financial Services Authority. Your home may be repossessed if you do not keep up repayments on your mortgage. Please note that not all types of mortgages are regulated by the Financial Services Authority. This e-mail has been scanned for all viruses by Star. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Your email message was blocked
The following message was blocked: Message: BB0426fb3f.0001.mml From:samba@lists.samba.org To: [EMAIL PROTECTED] Subject: Returned mail: see transcript for details This is due to automatic rules that have determined that certain potentially dangerous filetypes are not allowed. Rule: Staples - Anti-Virus and Misc (Inbound) : Staples - strip ZIP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and WinXP + PDC
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Good Morning Folks. I have a reoccurring error here when trying to join a Windows XP SP2 workstation to a Samba domain (accounts stored in LDAP) The error is The user name cannot be found Our LDAP directory looks like this dc=na ~ o=ourdomain ~ ou=Groups ~ ou=Staff ~ ou=Computers My problem at the moment is all the windows clients are using pGina to login to the windows workstations, and modifying the LDAP directories is really less than desirable as we have several fail over servers (replication etc..) Mail and all user SSH logins depend on that structure. It would be a VERY large task on my part to change the structure, however I need a solution as pGina is no longer something we can continue to use. pam_ldap along with nsswitch is in place and working just fine for ldap The user accounts are all stored in ou=Staff, and during the joining process the machine account is created in ou=Computers via the IDEALX smbldap scripts. According to the trace I am sending with this email the root user is round and authorized so what gives ? This Winblows machine was patched to current yesterday. Samba versions: [EMAIL PROTECTED] root]# rpm -qa |grep samba samba-common-3.0.10-1.fc2 samba-3.0.10-1.fc2 samba-client-3.0.10-1.fc2 Any advice or thoughts would be much appreciated. - -- John Zakhar [EMAIL PROTECTED] Systems Administrator. Ventus Networks 800 Connecticut Ave Norwalk, CT. 06854 Work 1-(203)-642-2800 Home 1-(860)-318-0276 Cell 1-(203)-257-4165 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCNZ5FY1bWd3KJkG4RAiW2AJ9l2nP7ZNZFhheq5XLYXvGCoB/LZQCbBxX+ rhyePWCJoGCeBLDwEvNM6NY= =nZRk -END PGP SIGNATURE- [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [030] 00 00 00 00 00 64 00 00 C0 .d.. . [2005/03/11 10:33:52, 6] lib/util_sock.c:write_socket(449) write_socket(5,116) [2005/03/11 10:33:52, 6] lib/util_sock.c:write_socket(452) write_socket(5,116) wrote 116 [2005/03/11 10:33:52, 10] lib/util_sock.c:read_smb_length_return_keepalive(505) got smb length of 128 [2005/03/11 10:33:52, 6] smbd/process.c:process_smb(1090) got message type 0x0 of len 0x80 [2005/03/11 10:33:52, 3] smbd/process.c:process_smb(1091) Transaction 33 of length 132 [2005/03/11 10:33:52, 5] lib/util.c:show_msg(486) [2005/03/11 10:33:52, 5] lib/util.c:show_msg(496) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=916 smb_uid=100 smb_mid=2048 smt_wct=16 smb_vwv[ 0]=0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]=0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]=0 (0x0) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]=0 (0x0) smb_vwv[ 7]=0 (0x0) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]=0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]=2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=29396 (0x72D4) smb_bcc=61 [2005/03/11 10:33:52, 10] lib/util.c:dump_data(1999) [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\ [010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 06 00 00 .,.. [020] 00 14 00 00 00 00 00 01 00 00 00 00 00 05 00 00 [030] 00 00 00 00 00 5F BA 31 42 8F 78 00 00 ._.1 B.x.. [2005/03/11 10:33:52, 3] smbd/process.c:switch_message(886) switch message SMBtrans (pid 30863) conn 0x8473898 [2005/03/11 10:33:52, 4] smbd/uid.c:change_to_user(194) change_to_user: Skipping user change - already user [2005/03/11 10:33:52, 3] smbd/ipc.c:reply_trans(538) trans \PIPE\ data=44 params=0 setup=2 [2005/03/11 10:33:52, 5] smbd/ipc.c:reply_trans(557) calling named_pipe [2005/03/11 10:33:52, 3] smbd/ipc.c:named_pipe(334) named pipe command on name [2005/03/11 10:33:52, 5] smbd/ipc.c:api_fd_reply(267) api_fd_reply [2005/03/11 10:33:52, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168) search for pipe pnum=72d4 [2005/03/11 10:33:52, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1172) pipe name samr pnum=72d4 (pipes_open=2) [2005/03/11 10:33:52, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1172) pipe name lsarpc pnum=72d1 (pipes_open=2) [2005/03/11 10:33:52, 3] smbd/ipc.c:api_fd_reply(296) Got API command 0x26 on pipe samr (pnum 72d4) [2005/03/11 10:33:52, 10] smbd/ipc.c:api_fd_reply(301) api_fd_reply: p:0x84709e8 max_trans_reply: 1024 [2005/03/11 10:33:52, 6] rpc_server/srv_pipe_hnd.c:write_to_pipe(852) write_to_pipe: 72d4 name: samr open: Yes len: 44 [2005/03/11 10:33:52, 10] rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(874) write_to_pipe: data_left = 44 [2005/03/11 10:33:52, 10] rpc_server/srv_pipe_hnd.c:process_incoming_data(777) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2005/03/11 10:33:52, 10] rpc_server/srv_pipe_hnd.c:fill_rpc_header(399) fill_rpc_header: data_to_copy = 44,
Re: [Samba] Questions about 3.0.12rc1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sergey Loskutov wrote:
| Hello!
|
| Before this post, i'm send 3 problems in 3.0.11
| I'm compiled 3.0.12rc1 and found next:
|
| 1) Settings primary group problem solved, but question to developer
|You append to mapping.c in smb_set_primary_group
|ret = smbrun(add_script,NULL);
|flush_pwnam_cache();
|
| But not check ret code .if my script exit in code != 0, i'm change
| primary group ... ( script set primary group still needed ? )
It's just flushing the internal pwnam cache. Semantically this is ok.
Probably not optimal. I'll look at it later.
| 2) Next in this code is winbind, but debug message string have code
| DEBUG(3,(smb_delete_group:
|
| You use copy/paste ;)
|
| This is affect in function: smb_add_user_group,smb_delete_user_group
|
| smb_add_user_group have bug
|
| if ( winbind_add_user_to_group( unix_user, unix_group ) ) {
| DEBUG(3,(smb_delete_group: winbindd added user (%s) to the group
| (%s)\n,
| unix_user, unix_group));
| return -1;
| ^^
| needed return 0;
|
| }
The 'winbind local accounts' code is deprecated at this point. So this
code will eventually be removed anyways. However, I'll clean up the
debug messages and check return codes before the final 3.0.12.
| 3) I'm analized problems 1
| ( user who not have privileges add machine account )
|
| In function _samr_create_user ( srv_samr_nt.c ) you have code:
|
| if ( can_add_account )
| become_root();
|
| And if user not have privileges(user|machine) you MAY CREATE USER (
| posix account or machine account ) through SCRIPT :(
|
| I'm change code to:
|
| if ( can_add_account == False ) {
| return NT_STATUS_ACCESS_DENIED;
| }
| it's fixed problem
| I'm do simple test and is work correct, ... but i'm do
| not full test.
I've thought about this before. The problem is actually that
your 'add user script' can be run successfully as a non-root user.
A simple 'chmod 700 script; chown root script' will solve this.
I'll look at it some more but this is not a pressing issue I don't
think. smbd is not doing anything that the normal user couldn't do
anyways. And your fix doesn't cover all the possible scenarios
(e.g. root user with no assigned privileges should still be able to join
clients to the domain).
Thanks for the feedback.
cheers, jerry
=
Alleviating the pain of Windows(tm) --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCNaHJIR7qMdg1EfYRAgFkAJ9RYuBYrAJkidjOAg7M3ffe/bNo1ACgkV2e
AoI7f/tiRTxysi6x8wSQmPY=
=Rgb4
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can SAMBA be useful for me ?
Windows 98 Exposed to the internet as your, fileserver and your sudo router? Madness!!! lol You should buy a cheap D-Link or Linksys router to start. I would agree that SAMBA make no sense at all. SAMBA is designed primarily for Windows users to connect to non-windows server. Take your w98 PC, format the hard drive, throw away the w98 CD and install Linux. Dan T On Mar 12, 2005, at 10:07 AM, Pareti, Joseph wrote: I am planning to set up a small compute farm consisting of x86 notebooks on a switched ethernet lan. These only have one nic and limited disk, so that I need to import a data partition from an external file server. For this purpose I'd like to use a w98 PC that has access to internet over dsl. I envisage connecting all machines to the ethernet switch using 10/100 links. The ip addresses would be (i) the DHCP-assigned address for the w98 machine, and (ii) local addresses for the linux machines, such as 10.0.0.* Can I use SAMBA to turn the w98 box into a file-server and use the linux notebooks as SAMBA-clients? Any links to good how-to sites, cookbooks and the like would be greatly appreciated. Thanks, Joseph -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Citrix, Samba PDC experiences.
Hi thanks for the quick reply. I really just needed the fact that it works, and people are using it ok, before I go through the openLDAP, pdc setup. I've looked over the samba docs, and the docs at http://www.unav.es/cti/ldap-smb-howto.html and they seem pretty good. I have not set up openLDAP before, except for email addresses. Any advice, or howto information would be appreciated. Is there any other sources of info that you would refer to besides SAMBA docs, and the link above for openLDAP, SAMBA pdc information? Thanks, Mark. On Mon, March 14, 2005 8:38 am, Prakash Velayutham said: Mark Nehemiah wrote: Hi all, I've dug through the lists and google, but haven't found very much info on using Citrix with a samba PDC. The small number of messages and information I've found, lead me to believe it will work. Does anyone have any first hand knowledge they'd be willing to share? I'm currently involved in rolling out Citrix for proprietary windows apps for remote offices. We've always used samba internally, though I'm still authenticating to a real old NT domain. The Citrix rollout includes needing more windows CAL's, so rather then A/D, I really want to use a SAMBA PDC if possible. thanks, Mark Hi, I have a Samba-3 PDC which supports 10 Windows PCs and 2 Citrix servers. The PCs and Citrix servers authenticate against a central LDAP directory through the samba server. Citrix servers are a part of a different NT domain (which my Samba PDC has trust relationship with). But as far as I can say, this setup is working fine for me. If you have any specifics, please ask. Thanks, Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Citrix, Samba PDC experiences.
It's good to hear. I hope that the sambaPDC won't have the printiing auth issues. I'm sorry to hear about being pushed to A/D. I have come really close to thinking NOW is the time to install it with this big Citrix push we're in. We're still fighting exhange(5.5 in domain), and I hope to have it out of here soon. Without exchange, I'm hoping we won't need a real A/D and can go from NT PDC 250 users to Samba PDC 250 internal users, additional 50-100 citrix users for remote offices. Mark On Mon, March 14, 2005 7:33 am, Gordon McCrae said: I'm using Windows 2000 Terminal Servers here, which is the base for Citrix installations. In addition, I've previously ran Winframe 1.7 and Metaframe on NT4.0; all of which have worked fine with SAMBA. I did have a problem 6-7 years ago with Winframe where I had to disable some NT specific support to get locking to work with SAMBA, however this was pre SAMBA 2.x, so you'll not see that problem. I'm currently running some 170 users spread over 3 thin Windows 2000 Terminal Servers connecting to a single SuSE 9.2 Professional box running SAMBA 3.0.11 and winbindd to our NT 4.0 PDC / BDC combination without problems on the file sharing sid I have massive problems with printer sharing, and have moved this onto a second box so that I can more easily bounce samba / winbindd. Problems seem to revolve around winbindd authentication, and to be honest I'm probably going to move print serving back onto a Windows box for now, as it's got to the point where users are screaming at my staff. SAMBA PDC may also solve my winbindd problems (as may AD), and in fact we're being pushed into AD by other developments. Cheers Gordon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows ACL (beaten to death I know)
I've been ignoring the ACL issue because I have yet to get it to work. But now I am curious. I log in as root and create a text file in root's home directory. I look in the security properties and verify that the file is indeed owned by root. In Linux, the permissions of the file are 750, root owner, root group. In Windows, I try to add a user with read permissions. I get permission denied. I am able to change my own permissions but I'm unable to add another person into the permissions. I get the following in the log file: [2005/03/14 10:23:32, 2] smbd/open.c:open_file(245) root opened file bar.txt read=Yes write=No (numopen=3) [2005/03/14 10:23:32, 2] smbd/close.c:close_normal_file(270) root closed file bar.txt (numopen=2) [2005/03/14 10:23:32, 2] smbd/open.c:open_file(245) root opened file bar.txt read=Yes write=No (numopen=3) [2005/03/14 10:23:32, 2] smbd/close.c:close_normal_file(270) root closed file bar.txt (numopen=2) Thinking maybe the 'root' group is causing trouble because it is not mapped into a Samba group, I change the group to Domain Users. I try to take away write access for a specific user who is in Domain Users and again get the Permission Denied. I verify that ACLs indeed work on my filesystem: oink:/usr/local/samba/lib # setfacl -m u:misty:r /root/bar.txt oink:/usr/local/samba/lib # getfacl /root/bar.txt getfacl: Removing leading '/' from absolute path names # file: root/bar.txt # owner: root # group: Domain\040Users user::rwx user:misty:r-- group::rw- mask::rw- other::--- I am really not sure what else to try. I did compile with ACLs enabled. Misty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem using usrmgr with Samba 3.0.11
Hi, I just upgraded to samba 3.0.11 using the new SerNet Debian packages. Thank you, SerNet, for proving this service! I am using Samba as PDC with OpenLDAP as Backend. Now I encounter the following problem, when I try to modify/edit/view a Domain User I get the following Error message: A device attached to the system is not functioning. and in the samba-log there is the following message: [2005/03/14 16:08:04, 0] rpc_parse/parse_samr.c:init_sam_dispinfo_1(1576) init_sam_dispinfo_1: User Administrator has SID S-1-5-21-4294955119-3368514841-2087710299-500, which conflicts with the domain sid S-1-5-21-1592171166-4025234219-3987515516. Failing operation. # net getlocalsid SID for domain NTFILESRV is: S-1-5-21-1592171166-4025234219-3987515516 And I already tried # pdbedit -U S-1-5-21-1592171166-4025234219-3987515516-500 -u Administrator -r I checked the smbldap-tools configuration, but there is my correct SID. Any help is appreciated. Marko -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: probleman adding user
On Saturday 12 March 2005 03:33 am, Jim C. wrote: | Good Morning, | I'm adding user mdonada in the smbldap-useradd -a -m mdonada, but | probleman: | [EMAIL PROTECTED] home]# smbldap-useradd -a -m mdonada | Can't call method get_value on an undefined value at | /usr/sbin/smbldap-useradd line 170, DATA line 283. | [EMAIL PROTECTED] home]# In case you didn't figure this out yet, it's because the -m switch indicates that you are adding a machine account, and expects a $. If you are in fact trying to add a user account, you need to leave the -m off. Try smbldap-useradd -h to see all of the available switches. Misty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SWAT features
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, all. I've been working on SWAT in trunk for the last few weeks. My work started as nothing more than a cosmetic redesign, trying to modernize SWAT and offer a clean, sophisticated interface. As I've gotten deeper into this, it seems to me that SWAT could use some improvements to its overall design -- not just aesthetically, but functionally. For example, some features seem aimed at making setup as easy as possible (the wizard tool) while others (globals and shares) offer complete editing capabilities to smb.conf. This working at cross-purposes became clear to me as I tried grouping functions under 3-4 over-arching navigation headings. My question then -- what do people use SWAT for? Is it primarily a web-based front end for editing smb.conf? An entry point for documentation? A gui for setting up Samba without knowing much about smb.conf? Also, what features do you like most/least? And what's missing from SWAT in your opinion? Thanks for the input. Cheers, deryck - -- Deryck Hodgehttp://www.devurandom.org/ Auburn University Libraries http://www.lib.auburn.edu/ Samba Team http://www.samba.org/ Have you ever stood and stared at it? Marveled at its beauty? Its genius? Billions of people just living out their lives, oblivious. - --from _The Matrix_(1999) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCNbYw4glRK0DaE8gRAkkPAJoDNIf/nqXuQ6pL4n/YlBPLVT8YXgCgmST8 EVMqHnAfQOpQZhEqkmoyP+k= =BMK7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Lotus Folders?
Greetings, Yes, our accounting dept, won't leave Lotus 96. Yes I know... On a Windows Share, the folders are fine, standard trunc to 7 characters. (ex: My Documents = mydocu~1 ) On a Samba Share, the Documents Folder is gibberish. Like b740sso ?? The Files Open fine... Is there any setting for this? Thanks Steven -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] I want shares on demand
I have many shares in my fstab which look just like so... //machinename/sharename /mnt/foo smbfs credentials=credfile,rw,user,gid=sambawrites,fmask=0774,dmask=0774 0 0 And they work generally fine. But sometimes weird things happen, i.e. the power goes out, and the linux server comes up before the machines with the shares do, or one of the machines with the shares gets turned off for a couple days, or there's just weird network problems around the office. When this happens the shares are obviously no good. What I'm looking for, is the ability to have the share automatically remounted next time someone attempts to access it. So if I go to /mnt/foo and /mnt/foo is not mounted, I want it automounted. Is this possible, am I in the wrong forum? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3 in W2k AD, W98 clients need password for Samba share
smb.conf: http://loophole.mine.nu/misc/smb.conf log for a Windows 98 client trying to access samba computer: http://loophole.mine.nu/misc/log.pt07_full http://loophole.mine.nu/misc/log.pt07_part (partial) Greets, Blaz. PS.: I'm sorry for sending 3 mail for the same subject but I had had access to log and config file before... Hello everybody, I've setup a file server with Debian GNU/Linux (Sarge) and Samba v3.0.10 with ACL, Kerberos etc... so I can join the Windows 2000 domain. I can use users from domain on file server without problems and Windows 2000, XP clients can access Samba shares. But when I try to connect to \\fs from Windows 98 client (in domain) it requests password from me (\\fs\IPC$). I have read through the mailing list but haven't come across a userful hint... Before this Linux, Windows 2000 were doing the job and everything worked okay for Windows 98 clients too, so I believe I misconfigured something. I'm using encrypted passwords in Samba and shares have set: guest ok = no. What else can I try?! Suggestions are truly wanted! Thanks, Blaz. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] I want shares on demand
So if I go to /mnt/foo and /mnt/foo is not mounted, I want it automounted. Look at autofs for that, you should be able to automate just about any type of mount with a little playing around in the config files. Is this possible, am I in the wrong forum? Kind of off topic, but people around here answer a lot of OT posts ;) -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] account migartion from NIS and Smbpasswd to LDAP
Hi, I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? Thanks a lot. I really appreciate it. -- Regards, Steve Zeng Systems Administrator Mainframe Entertainment Inc T: (604) 628-1000 ext 5293 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] account migartion from NIS and Smbpasswd to LDAP
I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? So by your subject line it appears that you have a smbpasswd file someplace. You can use the pdbedit command with import and export flags to move the relevant fields over to ldap. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Citrix, Samba PDC experiences.
Mark Nehemiah wrote: Hi thanks for the quick reply. I really just needed the fact that it works, and people are using it ok, before I go through the openLDAP, pdc setup. I've looked over the samba docs, and the docs at http://www.unav.es/cti/ldap-smb-howto.html and they seem pretty good. I have not set up openLDAP before, except for email addresses. Any advice, or howto information would be appreciated. Is there any other sources of info that you would refer to besides SAMBA docs, and the link above for openLDAP, SAMBA pdc information? Thanks, Mark. On Mon, March 14, 2005 8:38 am, Prakash Velayutham said: Mark Nehemiah wrote: Hi all, I've dug through the lists and google, but haven't found very much info on using Citrix with a samba PDC. The small number of messages and information I've found, lead me to believe it will work. Does anyone have any first hand knowledge they'd be willing to share? I'm currently involved in rolling out Citrix for proprietary windows apps for remote offices. We've always used samba internally, though I'm still authenticating to a real old NT domain. The Citrix rollout includes needing more windows CAL's, so rather then A/D, I really want to use a SAMBA PDC if possible. thanks, Mark Hi, I have a Samba-3 PDC which supports 10 Windows PCs and 2 Citrix servers. The PCs and Citrix servers authenticate against a central LDAP directory through the samba server. Citrix servers are a part of a different NT domain (which my Samba PDC has trust relationship with). But as far as I can say, this setup is working fine for me. If you have any specifics, please ask. Thanks, Prakash Please try not to top post. That aside, did you take a look at idealx documents? I used most of them directly, but there are somethings in that document you will need to change as it does not work. Prakash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] a request for a doc to get acl's working....
dear people, I've searched for hours, and I really can't seem to find *THE* solution. Is there a document somewhere that outlines how to get acl editing to work from windows? getfacl and setfacl all work, I can change whatever I want from the command line when I'm root. Using xfs, samba3.0.11 with ldap, and in my ldap is administrator. (because I thought that with 3.0.11 root is not needed anymore, because of the new privileges options) I ALWAYS get access denied when I try to change an acl. There must be a setting somewhere that I miss... My own account is in domain administrators group. I would like to be able to change acl's on my shares using my own account. Does anyone have a list of requirements, or a document describing how to realise this? I'm would be very grateful for ANY insight! Mourik Jan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] share outside domain
Hi, I have to give access to a machine joined to the domain from machines outside the domain (they arent members of any domain). The share is readable from everyone and from machines members of the domain I havent problems, but outside the xp member ask me tha password. Is it possible to give access to a machine from machines that arent members of the domain ? How do it ? thx. __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] account migartion from NIS and Smbpasswd to LDAP
Paul, Thanks for the great tips. There are both machine accounts and user accounts in the smbpasswd file. So pdbedit will automatically put machine accounts into ou=Computers and user accounts into ou=users, am I right? Steve I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? So by your subject line it appears that you have a smbpasswd file someplace. You can use the pdbedit command with import and export flags to move the relevant fields over to ldap. -- Regards, Steve Zeng Systems Administrator Mainframe Entertainment Inc T: (604) 628-1000 ext 5293 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] XP Home client problems.
Hi, Please ignore this mail if you have already received this mail before. I have been trying for 2 frustrating weeks to get my XP Home machine to talk to the Samba server on my SuSE 9.2 Linux box. Described below is the crux of the problem. When I do an smbclient on the Linux box I can see the Windows machine listed. However, when I do a net view on the Windows XP Home machine I do not see the Samba box. Also, I get a System 1 error on the XP machine if the XP is not the Local Master Browser and, if it is only the XP machine is visible in the output of the net view. I have removed all firewall services, enabled cleartext password in XP and enabled guest access and no encryption in Samba. Also, I have disabled the firewall on the Linux box. I don't know whether this will be of any use in debugging, When I do a net use on the XP box, and monitor the IP flow, I see traffic destined to port 80 on the Linux box from the XP box. I got the setup to work, however, after a reboot of the XP box I am back to the square one. Any help would be greatly appreciated. Thanks, -Venkata. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [SMB 3.0.10] File Locking Mechanism Windows - Unix
On Mon, Mar 14, 2005 at 03:12:34PM +0530, Asif, M wrote: The files under this directory are modified both from Windows and Solaris programatically. When ever a process accesses a file in this directory, it opens it in an exclusive mode ( DENY_ALL ). Now, this works fine between two processes on Windows and between two UNIX process (Gives equivalent of Winods error 53, File is used by another process) . But this does not work between Winodws and Unix. i.e Both of them are able to open the file in exclusive mode!! I ran the 'fuser' command in such a situation ( when both had exclusive accesses to the file) and to my surprise I found that both smbd and the unix process are listed What is the UNIX process doing to enforce exclusivity ? What system call do you think it does ? Remember, share modes have no meaning on UNIX. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Changing SMB Administrator account name
How do you change the Administrator account name for Samba/LDAP? On all of our Windows machines we change the default Administrator account name to something else. I want to do that for the Samba/LDAP PDC so that all the machines are in sync. Kevin B. McCrory Network Engineer - COPS US Government Solutions 13600 EDS Drive Mail stop: A4S-B21 Herndon, VA 20171 * phone: +01-703-733-3255 * mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] * AKO mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] account migartion from NIS and Smbpasswd to LDAP
There are both machine accounts and user accounts in the smbpasswd file. So pdbedit will automatically put machine accounts into ou=Computers and user accounts into ou=users, am I right? That I couldn't tell you honestly. It stands to reason that the command could figure out which is which, but I have no empirical data to back that up. I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? So by your subject line it appears that you have a smbpasswd file someplace. You can use the pdbedit command with import and export flags to move the relevant fields over to ldap. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP Home client problems.
I can't comment on most of your issue, but for this one I do have some advice: I don't know whether this will be of any use in debugging, When I do a net use on the XP box, and monitor the IP flow, I see traffic destined to port 80 on the Linux box from the XP box. I can't remember exactly what the proper term is for this, but it is the webclient service in XP doing that. It can cause some performance problems if not dealt with, so you have two basic options. 1. Disable the webclient service on the XP box. This stops the requests entirely. 2. Set up a web server on the linux box. This provides something that will give an explicit no when the XP machine comes looking for data rather than waiting for a timeout. I usually do this one because it's quicker for me to set up a basic web server than turn off every client in the network. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Changing SMB Administrator account name
How do you change the Administrator account name for Samba/LDAP? On all of our Windows machines we change the default Administrator account name to something else. I want to do that for the Samba/LDAP PDC so that all the machines are in sync. Have you tried to change the uid/rename the entry in LDAP? The SID is what matters, so the uid shouldn't matter. It probably won't let you rename the object, but you can create a copy with a new name and delete the old one -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] account migartion from NIS and Smbpasswd to LDAP
Paul, I will try that out and let you know. Thanks a lot. There are both machine accounts and user accounts in the smbpasswd file. So pdbedit will automatically put machine accounts into ou=Computers and user accounts into ou=users, am I right? That I couldn't tell you honestly. It stands to reason that the command could figure out which is which, but I have no empirical data to back that up. I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? So by your subject line it appears that you have a smbpasswd file someplace. You can use the pdbedit command with import and export flags to move the relevant fields over to ldap. -- Regards, Steve Zeng Systems Administrator Mainframe Entertainment Inc T: (604) 628-1000 ext 5293 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] account migartion from NIS and Smbpasswd to LDAP
On Monday 14 March 2005 12:22, Paul Gienger wrote: There are both machine accounts and user accounts in the smbpasswd file. If you do not specify a passdb backend the default is to use an smbpasswd backend and it will contain both user and machine accounts. If the passdb backend specifies LDAP Samba will place user and machine accounts into the locations specified by: ldap machine suffix = ldap user suffix = So pdbedit will automatically put machine accounts into ou=Computers and user accounts into ou=users, am I right? pdbedit will do as instructed in smb.conf via the above. That I couldn't tell you honestly. It stands to reason that the command could figure out which is which, but I have no empirical data to back that up. I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? There is no better solution because the passwords that are stored in NIS can not be decrypted and then recrypted into the format needed by Windows. On the other hand, if you already have an smbpasswd file that was previously used with NIS, then you can migrate just the NIS copmonent into the LDAP backend and then use: pdbedit -i smbpasswd -e ldapsam to migrate the existing Windows passwords. So by your subject line it appears that you have a smbpasswd file someplace. You can use the pdbedit command with import and export flags to move the relevant fields over to ldap. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP Home client problems.
Thanks for the heads up, we'll be adding net stop webclient to our login scripts. -- John Schmerold Katy Computer Wireless 20 Meramec Station Rd Valley Park MO 63088 636-861-6900 v 775-227-6947 f Paul Gienger wrote: I can't comment on most of your issue, but for this one I do have some advice: I don't know whether this will be of any use in debugging, When I do a net use on the XP box, and monitor the IP flow, I see traffic destined to port 80 on the Linux box from the XP box. I can't remember exactly what the proper term is for this, but it is the webclient service in XP doing that. It can cause some performance problems if not dealt with, so you have two basic options. 1. Disable the webclient service on the XP box. This stops the requests entirely. 2. Set up a web server on the linux box. This provides something that will give an explicit no when the XP machine comes looking for data rather than waiting for a timeout. I usually do this one because it's quicker for me to set up a basic web server than turn off every client in the network. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] please help....
I've got quite a weird and probably unique situation here. We have both an Active Directory server and an OpenLDAP server here. The ADS is for the windows boxes and the LDAP is for the linux boxes. My Problem is, there are a few overlapping usernames between the two (mainly just a handfull of developers). So I have been running into the problem that samba seems to authenticate the user and go with the info for the user from winbind instead of using the info from the ldap for local users. It's causing me quite a bit of a headache. I tried the sam_ignoredomain but that doesn't seem to work. Is there any way to make it try just the username and only try DOMAIN+username if username doesn't exist??? Thanks alot in advance for any help on this. Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] EA support for AIX 5.3
Jerry, Jeremy, Whilst fixing bug 2445, I stumbled across NFSv4 ACLs with EA version 2 capability. This is only supported on filesystems that are created JFS2 with Extended Attribute Version 2 support which is part of the NFSv4 ACL support native to JFS2 in AIX 5.3. This is new in AIX 5.3 and I'd like to get to work implementing it as an addition to Linux and IRIX EA support. Are the any docs that I can get started on making this happen? I'm looking through the EA code now, but any help would be greatly appreciated. I'd also be putting together documentation on how to implement this for AIX 5.3 admins. Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] New HP Printer Drivers wont upload (samba 3.0.11)
Maybe there's a trivial solution to this, but it's confused the hell out of me. I'm trying to upload the latest Windows XP PCL6 driver for our Laserjet 4250TN to my Samba 3.0.11 server. It works, and uploads the driver files, but then at the end it produces an error on the XP client the operation could not be completed. The logs on the samba server state: move_driver_to_download_area: Unable to rename [W32X86/HPC4250C.INI] to [W32X86/3/HPC4250C.INI] I've tried the PCL5e and PS drivers and I get similar errors. The filename it's complaining about does get uploaded, as I spammed 'ls' when it was uploading to the server and saw it, but upon error a small number of files end up in the W32X86/3/ and the rest of them disappear. But bizarrely if I try the Laserjet 4000 series PCL6 drivers, they work absolutely fine. Fortunately for me this driver is entirely compatible with the LJ 4250TN printer. But I'd still like to get the proper driver on there if possible. I've tried: -Clearing the tdb files. -printer admin = root, @Domain Admins in global instead of printers/print$ -Logging on as different users (but all in printer admin) - it seems only Administrator/root has the option to upload a driver as it's greyed out even for people in printer admin. I guess this is a recent Microsoft restrictware patch and I'll have to plough the registry to change it. Is any of this a known issue? Is there a fix? Is it just that HP's new drivers don't work with Samba? Out of interest I tried uploading random drivers and some would upload and some wouldn't (giving the same error as above if they wouldn't). Appreciate any guidance! Thanks Phil. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] please help....
It's causing me quite a bit of a headache. I tried the sam_ignoredomain but that doesn't seem to work. Is there any way to make it try just the username and only try DOMAIN+username if username doesn't exist??? How is your nsswitch.conf set up? If it's something like this passwd: files winbind ldap shadow: files winbind ldap group: files winbind ldap you could always reverse the order of ldap and winbind. Just a stab in the dark since I don't run winbind here, but it would stand to reason that it could work the other way. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] please help....
Nope, I've got: password: files ldap winbind etc. I think my only problem is in getting samba to only see if DOMAIN+username exists if username doesn't exist. So I'm guessing that it has something to do with the auth methods. Which right now I have mine set to: auth methods = guest sam_ignoredomain winbind:ntdomain Which still doesn't work...it seems to find username, but it still checks for DOMAIN+username... I'm baffled... Doug Paul Gienger wrote: It's causing me quite a bit of a headache. I tried the sam_ignoredomain but that doesn't seem to work. Is there any way to make it try just the username and only try DOMAIN+username if username doesn't exist??? How is your nsswitch.conf set up? If it's something like this passwd: files winbind ldap shadow: files winbind ldap group: files winbind ldap you could always reverse the order of ldap and winbind. Just a stab in the dark since I don't run winbind here, but it would stand to reason that it could work the other way. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] account migartion from NIS and Smbpasswd to LDAP
John, Thanks for your excellent explanation. For some reason I need to keep both NIS and LDAP running while NIS is the master passwd database. So is there any complete discussion about account migration in the Samba Documents? Steve On Monday 14 March 2005 12:22, Paul Gienger wrote: There are both machine accounts and user accounts in the smbpasswd file. If you do not specify a passdb backend the default is to use an smbpasswd backend and it will contain both user and machine accounts. If the passdb backend specifies LDAP Samba will place user and machine accounts into the locations specified by: ldap machine suffix = ldap user suffix = So pdbedit will automatically put machine accounts into ou=Computers and user accounts into ou=users, am I right? pdbedit will do as instructed in smb.conf via the above. That I couldn't tell you honestly. It stands to reason that the command could figure out which is which, but I have no empirical data to back that up. I've tried smbldap-migrate-unix-accounts to migrate NIS account into LDAP. It is a great tool. There is no problem if he/she authenticate from Linux machine with his old NIS account. But I found that I need to run smbldap-passwd to give a new passwd so that he/she can authenticate from windows machine. Does anyone has a better solution about it? There is no better solution because the passwords that are stored in NIS can not be decrypted and then recrypted into the format needed by Windows. On the other hand, if you already have an smbpasswd file that was previously used with NIS, then you can migrate just the NIS copmonent into the LDAP backend and then use: pdbedit -i smbpasswd -e ldapsam to migrate the existing Windows passwords. So by your subject line it appears that you have a smbpasswd file someplace. You can use the pdbedit command with import and export flags to move the relevant fields over to ldap. - John T. -- Regards, Steve Zeng Systems Administrator Mainframe Entertainment Inc T: (604) 628-1000 ext 5293 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New HP Printer Drivers wont upload (samba 3.0.11)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Phil Burrow wrote: | I'm trying to upload the latest Windows XP PCL6 | driver for our Laserjet 4250TN to my Samba 3.0.11 | server. It works, and uploads the driver files, | but then at the end it produces an error on the | XP client the operation could not | be completed. The logs on the samba server state: | | move_driver_to_download_area: Unable to | rename [W32X86/HPC4250C.INI] to [W32X86/3/HPC4250C.INI] if you send me the driver archive or download URL, I'll take a look. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCNfnZIR7qMdg1EfYRAsH5AJ42hd4yQHirBye1hAUHIKLoKbcyVgCfTjts tc7OoWBxngeo1BTcdVGny8c= =QkNi -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] share outside domain
On Monday 14 March 2005 01:48 pm, johon Doe wrote: Is it possible to give access to a machine from machines that arent members of the domain ? How do it ? thx. You would use guest ok = yes or else give them a username and password in the domain. They still need to authenticate even if their computers are not members of the domain. Misty __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] vampire question
Hi, aren't posix account names supposed to be without blanks ? I would be most surprised if a machine account with a blank would work with Samba ! Schlomo On Mon, 14 Mar 2005, Phil Dawson wrote: Hi Kurt, Don't know if this is any help. We currently have a similar problem on RHAS 3 4. RedHat bug report: https://www.redhat.com/archives/fedora-test-list/2004-November/msg01576.html Phil Kurt A. Brust [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/03/2005 18:34 To [EMAIL PROTECTED] cc Subject [Samba] vampire question . when running net rpc vampire -S ntserver -U Administrator%stacy182 --- everything seems to run fine however I do get could not create posix account info for 'machine name$' -- Regards, Schlomo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Why 0.0.0.0.log file?
Hi, yesterday (on 03/13/2005 at 14:39) you wrote: SS Samba (v3.0.10, on RHRL4) is writing to file 0.0.0.0.log on start-up. SS Below is an example of what is logged. SS I see (via Google) that others are experiencing this same situation, yet I SS can find no explantion of what is causing this. SS What is the source of these errors and how to I fix it? Same here, just to add some weight to this posting. -- Bye, Stefan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] vampire question
On Monday 14 March 2005 14:29, Schlomo Schapiro wrote: Hi, aren't posix account names supposed to be without blanks ? I would be most surprised if a machine account with a blank would work with Samba ! Is this no blank specified in any standards? It seems someone has decided that Linux should no longer permit blanks in user names and/or group names. - John T. Schlomo On Mon, 14 Mar 2005, Phil Dawson wrote: Hi Kurt, Don't know if this is any help. We currently have a similar problem on RHAS 3 4. RedHat bug report: https://www.redhat.com/archives/fedora-test-list/2004-November/msg01576.h tml Phil Kurt A. Brust [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/03/2005 18:34 To [EMAIL PROTECTED] cc Subject [Samba] vampire question . when running net rpc vampire -S ntserver -U Administrator%stacy182 --- everything seems to run fine however I do get could not create posix account info for 'machine name$' -- Regards, Schlomo -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Why 0.0.0.0.log file?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stefan G. Weichinger wrote: | Hi, | | yesterday (on 03/13/2005 at 14:39) you wrote: | | SS Samba (v3.0.10, on RHRL4) is writing to file 0.0.0.0.log on start-up. | SS Below is an example of what is logged. | | SS I see (via Google) that others are experiencing this same situation, yet I | SS can find no explantion of what is causing this. | | SS What is the source of these errors and how to I fix it? | | Same here, just to add some weight to this posting. if you search the arhives you'll find the answer. I've responded to the question at least 2 or 3 times I know. It's normal behavior. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCNgbxIR7qMdg1EfYRAuC5AJkBLL2ECF7Y/g7yMqNonpRyVNSVzQCgqb8J TlrOElEeqBJFRttGxNUagDY= =2IVg -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Why 0.0.0.0.log file?
Hi, Jerry, just now (on 03/14/2005 at 22:49) you commented: GJC if you search the arhives you'll find the answer. I've responded GJC to the question at least 2 or 3 times I know. It's normal behavior. So more googling ahead ;-) Thanks, Stefan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] a request for a doc to get acl's working....
On Monday 14 March 2005 11:22, mourik jan c heupink wrote: dear people, I've searched for hours, and I really can't seem to find *THE* solution. When you find it (or write it) please send it to me for inclusion in the HOWTO. Is there a document somewhere that outlines how to get acl editing to work from windows? Not specifically. getfacl and setfacl all work, I can change whatever I want from the command line when I'm root. Using xfs, samba3.0.11 with ldap, and in my ldap is administrator. (because I thought that with 3.0.11 root is not needed anymore, because of the new privileges options) How have you set the new privileges? What worked/failed? The 'root' account is no longer needed just to add machine accounts but it has not been superceded altogether. I ALWAYS get access denied when I try to change an acl. There must be a setting somewhere that I miss... Obviously, but you have not explained precisely what you have done and that means we need to guess your actions and what failed. A bit of a tall order if that is correct. :) My own account is in domain administrators group. I would like to be able to change acl's on my shares using my own account. Did you set all the privileges as documented in the new chapter in the Samba-HOWTO-Collection (Chapter 13) - see: http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf An example of application of the privileges is given in section 6.6.4 in the Samba-Guide. See: www.samba.org/samba/docs/Samba-Guide.pdf Does anyone have a list of requirements, or a document describing how to realise this? Yes! I do. I'd like to see you offer updates to the existing documentation and avoid (like the plague) creation of yet another howto (YAH!). I'm would be very grateful for ANY insight! Mourik Jan - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Why 0.0.0.0.log file?
No just go here http://us1.samba.org/samba/archives.html look at the bottom for searchable lists Stefan G. Weichinger wrote: Hi, Jerry, just now (on 03/14/2005 at 22:49) you commented: GJC if you search the arhives you'll find the answer. I've responded GJC to the question at least 2 or 3 times I know. It's normal behavior. So more googling ahead ;-) Thanks, Stefan -- Roger A. Crom Director of Systems Custom Computing Corporation (402) 341-2197 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] W2K Server and Workstation can't join SMB/LDAP domain
I have a SMB Domain set up with a PDC and BDC. The BDC is joined to the PDC domain fine and shows up in the LDAP directory. I can add and delete users to the LDAP directory. I can use the user accounts to access the Linux boxes. My W2K boxes see the domain and domain servers when browsing. I can access the shared drive on the PDC. I cannot join the Windows servers to the domain. I get an error that the domain mphq-cops can't be located. I've run an nbtstat that shows the domain name listed and its resolving to the correct IP address. In fact I turned off the BDC for a while so that there would only be one DC in the mix in case my config was wrong. The W2K machines showed the domain with the PDC IP address. When I turned the BDC back on nbstat showed the domain name resolving to the BDC ip address which is what I would expect would happen. I've tried adding the workstation accounts manually using smbldap-useradd -w . The machine name correctly appears when I do a ldapsearch -x -b however using getent group does not show the machine names in the Domain Computers group. Is this normal? I've checked and rechecked the Administrator account and made sure the password is correct for the account. Not sure where to go from here... Some pointers on what to look at would be greatly appreciated... Thanks Kevin B. McCrory Network Engineer - COPS US Government Solutions 13600 EDS Drive Mail stop: A4S-B21 Herndon, VA 20171 * phone: +01-703-733-3255 * mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] * AKO mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Client does not automatically remount Samba server after reboot?
Been googling for awhile for an answer to this problem without too much luck finding an answer. Although I have a hard time believing that this hasn't been run into before. Let me preface this by saying although I have some nfs experience, i'm pretty much a samba newb. When we reboot our samba server (redhat 9) all of our samba clients (also redhat 9--mount options listed below), lose the mount even after the server comes back up. Actually to be more specific, they still have the mount listed from the mount command, but a df -k on that mount reports erroneous size results and when you cd into the mount point, it shows files on the local filesystem. To fix the problem we have been unmounting and remounting everything again, but there has to be a better way. Is this typical samba behavior? Is there a way to ensure that the mounts come back automatically? Here is the mount cmd we are using from the linux client:: mount //mascis/music4 /music4 -t smbfs -o username=,password=,uid=505,gid=101 Thanks, Parker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Questions about 3.0.12rc1
Gerald (Jerry) Carter write:
Sergey Loskutov wrote:
| Hello!
|
| Before this post, i'm send 3 problems in 3.0.11
| I'm compiled 3.0.12rc1 and found next:
|
| 1) Settings primary group problem solved, but question to developer
|You append to mapping.c in smb_set_primary_group
|ret = smbrun(add_script,NULL);
|flush_pwnam_cache();
|
| But not check ret code .if my script exit in code != 0, i'm change
| primary group ... ( script set primary group still needed ? )
It's just flushing the internal pwnam cache. Semantically this is ok.
Probably not optimal. I'll look at it later.
I'm know that you flushing the cache... but thank you
| 3) I'm analized problems 1
| ( user who not have privileges add machine account )
|
| In function _samr_create_user ( srv_samr_nt.c ) you have code:
|
| if ( can_add_account )
| become_root();
|
| And if user not have privileges(user|machine) you MAY CREATE USER (
| posix account or machine account ) through SCRIPT :(
|
| I'm change code to:
|
| if ( can_add_account == False ) {
| return NT_STATUS_ACCESS_DENIED;
| }
| it's fixed problem
| I'm do simple test and is work correct, ... but i'm do
| not full test.
I've thought about this before. The problem is actually that
your 'add user script' can be run successfully as a non-root user.
A simple 'chmod 700 script; chown root script' will solve this.
I'll look at it some more but this is not a pressing issue I don't
think. smbd is not doing anything that the normal user couldn't do
anyways. And your fix doesn't cover all the possible scenarios
(e.g. root user with no assigned privileges should still be able to join
clients to the domain).
NO NO NO settings chmod or chown .
Why need privileges ? :) I'm want settings privileges add machine to
user, who not members in root
Sample :)
chmod 770 script; chown root.smart man script;
Look good :)
User: John ( member in smart man )
User: Leon ( member in smart man )
I want give privileges for John, but not for Leon ... :)
Why i must use setfacl|getfacl . i'm have privileges .
you decision ... bad
And anyway user who have uidNumber == 0 and not having privileges, not
able join machine and users ;) i'm checked this before send code.
And why i'm permit execute script if code semantic not allowed use ldap
not member in root ? Check you ldap code ;)
Thanks you help !
Sergey Loskutov
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Why 0.0.0.0.log file?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stefan G. Weichinger wrote: | Hi, Jerry, | | just now (on 03/14/2005 at 22:49) you commented: | | GJC if you search the arhives you'll find the answer. I've responded | GJC to the question at least 2 or 3 times I know. It's normal behavior. | | So more googling ahead ;-) I'll save you some trouble. found the linki in my sent mbox. http://marc.theaimsgroup.com/?l=sambam=110029538204413w=2 The 0.0.0.0 log file is created when logging to log.%m but the client has disconnected so we can get the name or ip address of the client. Hope this helps. ciao, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCNh+GIR7qMdg1EfYRAvP6AJ4ip34VFxqoqigYhO5W9mjY2SZwdACg3X/N 0yJpESAWGA4L2L4ib+hSZQw= =oYt4 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: Samba 3.0.11 won't compile on Solaris 8
On Tue, 8 Feb 2005, Celeste Suliin Burris wrote: Samba 3.0.11 won't compile on my Solaris 8 machine. It keeps getting compile errors in clitar [snip] I'm having this same problem. Wonder why it is failing with #ifdef HAVE_REGEX_H ? That macro is not defined anywhere. We don't even test for regex.h anyways. Can you check and see where HAVE_REGEX_H is defined. It turns out it is defined in gssapi.h from an MIT krb5 1.4 install. Given that you are surprised that this macro is defined, is it safe to assume that the code it surrounds is not supposed to be used? Can this code be safely removed from clitar.c? Thank you, Garrick James Washington Mutual UNIX Platform Services -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Documentation on Displaying Quotas
Hi John (and others on the list) Can I suggest that you add some information to the new Samba docs explaining how to make Linux (or I suppose other Unix) group quotas be reflected in My Computer and/or Explorer when a Windows user accesses a share that is supposed to controlled by a quota? Here was my particular situation this past week. I was setting quotas based on Linux groups. Each Linux group had one main directory on a storage volume. Inside that directory, each member of the group had his/her own directory. All files that went into either the group's directory or the user's sub-directories were set (via a sticky GID) to always belong to the particular Linux group. So, on the Linux side, the quotas worked perfectly. Set the quota to 200 GBs and when the total files stored in the Group's directory, including the user's subdirectories, reached 200 GBs, no more files could be written to the Group or User directories. The question was, how to make My Computer or Explorer show how much space the group had left when accessing a Samba share that either WAS the group directory or that was a User directory inside the Group directory. The answer, it turns out, was to use the force group = Group Name line in the share definition. We were relying on Linux to impose the group name on every file, which it was in fact doing perfectly. However, only the force group = Group Name line made Samba report to Windows that the amount of space left was what was left according to the quota. It would be nice to document this in The Official Samba-3 How-to -- under the force group listing in the smb.conf section, and in a separate place that was more about quotas (I don't know where). Unless this is the wrong way to get Windows to display this information. We certainly couldn't find much information on how to do this. Regards, Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Root can't login to domain workstations
Hi all, having this problem... after joining a machine to domain, users login ok, but not root. Any first toughts? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Empty Everyone ACL
hi, Samba (3.0.10) creates an empty Everyone ACL. Can I get rid of it? I found a patch (http://lists.samba.org/archive/samba-technical/2002-September/023945.html), which seems to be just that. The direct cause is what looks like a cygwin bug, i.e. cygwin lists that ACL as read on others which is ugly. But even with Windows it is confusing to have to investigate the acl to see that it is really empty (cacls lists it as special access). -- robin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba client configuration.
Hi, I am posting this on the list after 2 weeks of frustrating efforts to get my XP home machine to talk to the Samba server on my SuSE 9.2 Linux box. Described below is the crux of the problem. When I do an smbclient on the Linux box I can see the Windows machine listed. However, when I do a net view on the Windows XP Home machine I do not see the Samba box. Also, I get a System 1 error on the XP machine if the XP is not the Local Master Browser and if it is only the XP machine is visible in the output of the net view. I have removed all firewall services, enabled cleartext password in XP and enabled guest access in Samba. Also, I have disabled the firewall on the Linux box. I don't know whether this will be of any use in debugging, When I do a net use on the XP box, and monitor the IP flow, I see traffic destined to port 80 on the Linux box from the XP box. I got the setup to work, however, after a reboot of the XP box I am back to the square one. Any help would be greatly appreciated. Thanks, -Venkata. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba client configuration.
On your SAMBA server have you got wins enabled? wins support = yes Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Venkata Avasarala Sent: Tuesday, 15 March 2005 1:53 AM To: samba@lists.samba.org Subject: [Samba] Samba client configuration. Hi, I am posting this on the list after 2 weeks of frustrating efforts to get my XP home machine to talk to the Samba server on my SuSE 9.2 Linux box. Described below is the crux of the problem. When I do an smbclient on the Linux box I can see the Windows machine listed. However, when I do a net view on the Windows XP Home machine I do not see the Samba box. Also, I get a System 1 error on the XP machine if the XP is not the Local Master Browser and if it is only the XP machine is visible in the output of the net view. I have removed all firewall services, enabled cleartext password in XP and enabled guest access in Samba. Also, I have disabled the firewall on the Linux box. I don't know whether this will be of any use in debugging, When I do a net use on the XP box, and monitor the IP flow, I see traffic destined to port 80 on the Linux box from the XP box. I got the setup to work, however, after a reboot of the XP box I am back to the square one. Any help would be greatly appreciated. Thanks, -Venkata. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to access a Linux share with NO password
I am trying to make a public share on my Linux machine using Samba 3.0.10 for automatic setting of time by Windows 98 machines using a batch file that will run in the wee hours. My problem is the net use command always asks for a password which doesn't work for an automatically run batch file. The batch file lines run from windows are: c:\windows\net use \\linda\public c:\windows\net time \\linda /set /yes Every time the net use line runs a password is asked for. Although the password can be put in the batch file I'm reluctant to do that. It seems as though if I access linda (linux machine) and give it a password, that works unless I've rebooted either machine or re-started Samba. My public share is world readable and looks like: [public] comment = Public Stuff path = /public read only = No guest only = Yes guest ok = Yes Can anyone give me some advice? Larry -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Question about Samba share security.
Thank you for your reply! I think so, but I relly want a solution which base on server side. Let it do a server do. Thanks a lot! -Original Message- From: Adi Nugraha [mailto:[EMAIL PROTECTED] Sent: Thursday, March 10, 2005 12:59 PM To: Allen Subject: Re: [Samba] Question about Samba share security. I think thats because of the windows credentials, you need to log off or change the registry to disable credential caching ( I think), - Original Message - From: Allen [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Thursday, March 10, 2005 11:44 AM Subject: [Samba] Question about Samba share security. Dear All, Sorry about my poor english! I am using SAMBA 3.0.8 on Fedora Core 3 box. Otherwise, many winXP_pro_sp2 clients in my subnet. When I connect to my samba server (use windows nethood.) from one of clients. It prompted a window to authorize username and password. After given my username and password, I will saw my home directory and public directory very well. But~ the question happened! When I close the nethood's window with no opening file from samba server, and waiting more than 5 mins. I reconnect samba server, it doesn't prompt me the authorization window again except reboot or relogin. Why? What parameter I shoud add in my smb.conf for this security issue? Above is my smb.conf. [global] workgroup = BALI server string = Samba Server hosts allow = 127. 10.168.22.0/255.255.255.224 printcap name = /etc/printcap load printers = yes printing = cups cups options = raw log file = /var/log/samba/%m.log max log size = 1024 security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 10.168.22.1/27 local master = yes os level = 255 domain master = yes preferred master = yes wins support = yes dns proxy = no deadtime = 5 dos charset = CP950 unix charset = BIG5 hide dot files = yes # Share Definitions == idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no [homes] comment = Home Directories browseable = no writable = yes valid users = %S hide dot files = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [public] path = /home/public public = no only guest = no writable = yes printable = no Thank you very much! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: probleman adding user
On Mon, 2005-03-14 at 10:58 -0500, Misty Stanley-Jones wrote: On Saturday 12 March 2005 03:33 am, Jim C. wrote: | Good Morning, | I'm adding user mdonada in the smbldap-useradd -a -m mdonada, but | probleman: | [EMAIL PROTECTED] home]# smbldap-useradd -a -m mdonada | Can't call method get_value on an undefined value at | /usr/sbin/smbldap-useradd line 170, DATA line 283. | [EMAIL PROTECTED] home]# In case you didn't figure this out yet, it's because the -m switch indicates that you are adding a machine account, and expects a $. If you are in fact trying to add a user account, you need to leave the -m off. Try smbldap-useradd -h to see all of the available switches. No '-m' option is generally correct '-w' is for workstation you probably should have consulted the 'help' funtion before posting... # smbldap-useradd --help /usr/sbin/smbldap-useradd version [unknown] calling Getopt::Std::getopts (version 1.05 [paranoid]), running under Perl version 5.8.5. Usage: smbldap-useradd [-OPTIONS [-MORE_OPTIONS]] [--] [PROGRAM_ARG1 ...] The following single-character options are accepted: With arguments: -o -G -u -g -d -s -c -k -A -B -C -D -E -F -H -M -N -S -T Boolean (without arguments): -a -n -m -w -i -P -? Options may be merged together. -- stops processing of options. Space is not required between options and their arguments. For more details run perldoc -F /usr/sbin/smbldap-useradd [Now continuing due to backward compatibility and excessive paranoia. See ``perldoc Getopt::Std'' about $Getopt::Std::STANDARD_HELP_VERSION.] (c) IDEALX 2004 (http://www.idealx.com)- Licenced under GPL Usage: /usr/sbin/smbldap-useradd [-awmugdsckABCDEFGHMNPST?] username -oadd the user in the organazional unit (relative to the user suffix) -ais a Windows User (otherwise, Posix stuff only) -wis a Windows Workstation (otherwise, Posix stuff only) -iis a trust account (Windows Workstation) -uuid -ggid -Gsupplementary comma-separated groups -ndo not create a group -dhome -sshell -cgecos -mcreates home directory and copies /etc/skel -kskeleton dir (with -m) -Pends by invoking smbldap-passwd -Acan change password ? 0 if no, 1 if yes -Bmust change password ? 0 if no, 1 if yes -CsambaHomePath (SMB home share, like '\\PDC-SRV\homes') -DsambaHomeDrive (letter associated with home share, like 'H:') -EsambaLogonScript (DOS script to execute on login) -FsambaProfilePath (profile directory, like '\\PDC-SRV\profiles \foo') -HsambaAcctFlags (samba account control bits like '[NDHTUMWSLKI]') -Ncanonical name -Ssurname -Mlocal mailAddress (comma seperated) -TmailToAddress (forward address) (comma seperated) -?show this help message Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and WinXP + PDC
On Mon, 2005-03-14 at 08:48 -0700, John H Terpstra wrote: On Monday 14 March 2005 07:23, John Zakhar wrote: Good Morning Folks. I have a reoccurring error here when trying to join a Windows XP SP2 workstation to a Samba domain (accounts stored in LDAP) The error is The user name cannot be found Our LDAP directory looks like this dc=na ~ o=ourdomain ~ ou=Groups ~ ou=Staff ~ ou=Computers With this directory configuration the /etc/ldap.conf file needs to have: nss_base_passwd: o=ourdomain,dc=na?sub of course with this setup, samba would query the entire DSA for everything which might not be the most effective use of LDAP. Suggest that you consider... dc=na o=ourdomain ou=Accounts ou=Staff ou=Computer ou=Groups ou=Hosts ou=etc... and thus, padl stuff would be like... nss_base_passwd:ou=Accounts,o=ourdomain,dc=na?sub nss_base_shadow ou=Accounts,o=ourdomain,dc=na?sub nss_base_group ou=Groups,o=ourdomain,dc=na?one nss_base_hosts ou=Hosts,o=ourdomain,dc=na?one etc... This way, you can set the search base for your MTA/IMAP/etc. to only search the actual posix users... ou=Staff,ou=Accounts,o=ourdomain,dc=na and lastly - perhaps this was unintentional... dc = domain component...typical usage would be dc=domain_name,dc=tld o = organization c = country...typical usage would be o=organization,c=US Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] usermgr generates error when adding new group
I have Samba 3.0.12pre1 setup and working well so far. The current issue is when I run usermgr.exe to Manage Users and Groups. Managing Users works great. Managing Groups presents some errors. For example, Login with account that has been granted SeAddUsersPrivilege. Create a Group named Test Click OK Receive message Access Denied. Click OK Refresh list of groups. Test is now a valid group. Next try add a user to the Group by doing the following: Edit Group by double-clicking on it Add user Tester to Group Click OK Receive message Access Denied. In this case, no change was made. Instead, double-click on user Tester's entry Click on Group button Add Group Test to Tester's groups Click OK Everything works. Sergey Loskutov mentioned this same error in a previous post and it was indicated that 3.0.12pre1 might have a fix for this. It doesn't seem to. This is a bug, right? When might it be fixed or how can I follow up on it to know when it has been fixed? Thanks! Doug Campbell -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New HP Printer Drivers wont upload (samba 3.0.11)
Phil Burrow wrote: Is there a fix? Is it just that HP's new drivers don't work with Samba? Yes, probably. The only printers that gives me problems here are hp printers. Other printers we have here gave me no problem at all. For a deskjet 5800 I had to use the linux driver (foomatic/hpijs) and load the adobe ps driver, its windows driver would upload fine (in samba 3.0.10, the same error as you with samba 2.2.8) but then give plenty of exceptions on the windows client (to the point that I had *no* way to access the printer or remove it: I had to do it on the server using rpcclient). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Compiling samba 3.0.12pre1 on AIX 4.3.3
Hi All, I have made some headway. I have been able to successfully install kerberos v 5-1.3.5 CPPFLAGS='-I/usr/local/include'./configure --enable-dns --enable-dns-for-kdc --enable-dns-for-realm --disable-thread-support make; make instal openldap-2.2.3 /configure --disable-slurpd --disable-bdb --disable-slapd --without-threads make depend; make; make install I configured samba-3.0.12pre1 with the command below, but make (v 3.80) dies out with the (partial log) below: Any ideas please? I intend to try v 3.0.11 tomorrow to see if it will compile successfully. Apart from some differences in file versions, I am using the following link as a guide (for example, I discovered one needs binutils 2.15 in order to use gcc 3.4.3 - the guide specified binutils 2.9.1) http://lists.samba.org/archive/samba/2004-November/095699.html cd samba-3.0.12pre1 /configure --with-winbind --with-ldap --with-ads --with-krb5=/usr/local/krb5-1.3.5 make = . . . Compiling lib/access.c Compiling lib/smbrun.c Compiling lib/bitmap.c Compiling lib/crc32.c Compiling lib/snprintf.c Compiling lib/dprintf.c Compiling lib/xfile.c Compiling lib/wins_srv.c Compiling lib/util_str.c lib/util_str.c: In function `strstr_m': lib/util_str.c:1337: warning: return discards qualifiers from pointer target type lib/util_str.c: At top level: lib/util_str.c:1560: error: conflicting types for 'strnlen' lib/util_str.c:598: error: previous implicit declaration of 'strnlen' was here make: *** [lib/util_str.o] Error 1 bash-2.05b# -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r5786 - branches/SAMBA_3_0/source/include trunk/source/include
Author: tpot Date: 2005-03-14 11:00:31 + (Mon, 14 Mar 2005) New Revision: 5786 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5786 Log: Bugzilla #2443. Fix gcc4 compile found by Mark Loeser. Modified: branches/SAMBA_3_0/source/include/popt_common.h trunk/source/include/popt_common.h Changeset: Modified: branches/SAMBA_3_0/source/include/popt_common.h === --- branches/SAMBA_3_0/source/include/popt_common.h 2005-03-14 01:11:13 UTC (rev 5785) +++ branches/SAMBA_3_0/source/include/popt_common.h 2005-03-14 11:00:31 UTC (rev 5786) @@ -21,6 +21,8 @@ #ifndef _POPT_COMMON_H #define _POPT_COMMON_H +#include popt.h + /* Common popt structures */ extern struct poptOption popt_common_samba[]; extern struct poptOption popt_common_connection[]; Modified: trunk/source/include/popt_common.h === --- trunk/source/include/popt_common.h 2005-03-14 01:11:13 UTC (rev 5785) +++ trunk/source/include/popt_common.h 2005-03-14 11:00:31 UTC (rev 5786) @@ -21,6 +21,8 @@ #ifndef _POPT_COMMON_H #define _POPT_COMMON_H +#include popt.h + /* Common popt structures */ extern struct poptOption popt_common_samba[]; extern struct poptOption popt_common_connection[];
svn commit: samba-web r579 - in trunk/news/users: .
Author: deryck Date: 2005-03-14 15:33:16 + (Mon, 14 Mar 2005) New Revision: 579 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=579 Log: Adding news item about http://enterprisesamba.com/. deryck Added: trunk/news/users/enterprise_samba_launched.html Changeset: Added: trunk/news/users/enterprise_samba_launched.html === --- trunk/news/users/enterprise_samba_launched.html 2005-03-13 18:25:25 UTC (rev 578) +++ trunk/news/users/enterprise_samba_launched.html 2005-03-14 15:33:16 UTC (rev 579) @@ -0,0 +1,27 @@ +h3a name=enterprise_samba_launchedEnterprise Samba Website Launched/a/h3 + +div class=article +pa href=http://www.sernet.de/;SerNet/a has been providing Samba packages + for Novell's SLES and Red Hat's RHEL for some time now, but the company has + launched a href=http://enterprisesamba.com/;http://enterprisesamba.com//a + to provide a central access point to Samba packages for enterprise ready + Linux distributions./a/p + + pFrom the new site:/p + + blockquote + pSeveral hundred downloads a week of those packages for each distribution + show the importance of this offering (also proven by Google's page rank for + this server: Look for ftp.sernet.de + a href=http://www.google.com/search?hl=deamp;q=samba+sles; target=_exthere/a + or a href=http://www.google.com/search?hl=deamp;q=samba+rhel; target=_exthere/a)./p + + pFor Cebit 2005 SerNet launches this web site that offers detailed information + about the provided packages and additional services./p + /blockquote + + pVisit a href=http://enterprisesamba.com/;http://enterprisesamba.com//a + for more information./p + /div + +
svn commit: samba-web r580 - in trunk/download: .
Author: deryck Date: 2005-03-14 15:45:15 + (Mon, 14 Mar 2005) New Revision: 580 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=580 Log: Adding link to http://enterprisesamba.com/ to download page. Also, fix link to ftp mirrors list. deryck Modified: trunk/download/index.html Changeset: Modified: trunk/download/index.html === --- trunk/download/index.html 2005-03-14 15:33:16 UTC (rev 579) +++ trunk/download/index.html 2005-03-14 15:45:15 UTC (rev 580) @@ -33,8 +33,11 @@ h3 align=centerBinaries/h3 Samba binaries are available for many popular platforms. You can download them via http a href=/samba/ftp/Binary_Packageshere/a or from one of - several a href=/samba/mirror sites/a. Note that the latest - version may not always be available for every platform. + several a href=/samba/download/ftp_mirrors.htmlmirror sites/a. Note + that the latest version may not always be available for every platform. + + pa href=http://enterprisesamba.com/;http://enterprisesamba.com//a + offers Samba packages for SLES, RHEL, and Debain./p /td td /td
svn commit: samba-web r581 - in trunk/GUI: .
Author: deryck Date: 2005-03-14 15:57:03 + (Mon, 14 Mar 2005) New Revision: 581 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=581 Log: Update link for QtSmbstatus on GUIs. deryck Modified: trunk/GUI/index.html Changeset: Modified: trunk/GUI/index.html === --- trunk/GUI/index.html2005-03-14 15:45:15 UTC (rev 580) +++ trunk/GUI/index.html2005-03-14 15:57:03 UTC (rev 581) @@ -188,9 +188,7 @@ of administering remote machines. QtSmbstatus was designed as a client/server system (with SSL). Possibilities include: view connections, disconnect a user, or send a message (with smbclient -M). For more info see, -a href=http://www.adella.org/spip/article.php3?id_article=26;this article/a -(in French), or -a href=http://rocher.daniel.free.fr/qtsmbstatus.html;download here/a./p +a href=http://qtsmbstatus.free.fr/;http://qtsmbstatus.free.fr//a./p h3Samba Console/h3 /pa href=http://imc.sourceforge.net/samba-console.html;Samba Console/a is the
svn commit: samba-docs r416 - in trunk/Samba-Guide: .
Author: jht Date: 2005-03-14 17:07:57 + (Mon, 14 Mar 2005) New Revision: 416 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=416 Log: Adding notes regarding LDAP and Computer Accounts. Modified: trunk/Samba-Guide/Chap06-MakingHappyUsers.xml Changeset: Modified: trunk/Samba-Guide/Chap06-MakingHappyUsers.xml === --- trunk/Samba-Guide/Chap06-MakingHappyUsers.xml 2005-03-13 19:20:25 UTC (rev 415) +++ trunk/Samba-Guide/Chap06-MakingHappyUsers.xml 2005-03-14 17:07:57 UTC (rev 416) @@ -206,6 +206,54 @@ /para sect1 +titleRegarding LDAP Directories and Windows Computer Accounts/title + + para + Computer (machine) accounts can be placed where ever you like in an LDAP directory subject to some + constraints that are described in this section. + /para + + para + The POSIX and SambaSAMAccount components of computer (machine) accounts are both used by Samba. + i.e.: Machine accounts are treated inside Samba in the same way that Windows NT4/200X treats + them. A user account and a machine account are indistinquishable from each other, except that + the machine account ends in a '$' character, as do trust accounts. + /para + + para + The need for Windows user, group, machine, trust, etc. accounts to be tied to a valid UNIX uid + is a design decision that was made a long way back in the history of Samba development. It is + unlikely that this decision will be reversed of changed during the remaining life of the + Samba-3.x series. + /para + + para + The resolution of a UID from the Windows SID is achieved within Samba through a mechanism that + must refer back to the host operating system on which Samba is running. The Name Service + Switcher (NSS) is the preferred mechanism that shields applications (like Samba) from the + need to know everything about every host OS it runs on. + /para + + para + Samba asks the host OS to provide a UID via the passwd, shadow and group facilities + in the NSS control (configuration) file. What tool is used by the UNIX administrator is + up to him. It is not imposed by Samba. Samba provides winbindd together with its support + libraries as one method. It is possible to do this via LDAP - and for that Samba provides + the appropriate hooks so that all account entities can be located in an LDAP directory. + /para + + para + If the weapon of choice (as it is for LDAP) is to use the PADL nss_ldap utility it must + be configured so that computer accounts can be resolved to a POSIX/UNIX account UID. That + is fundamentally an LDAP design question. The information provided on the Samba list and + in the documentation is directed at providing working examples only. The design + of an LDAP directory is a complex subject that is beyond the scope of this documentation. + /para + +/sect1 + + +sect1 titleIntroduction/title para
svn commit: samba-docs r417 - in trunk/xslt: .
Author: jelmer Date: 2005-03-14 17:53:01 + (Mon, 14 Mar 2005) New Revision: 417 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=417 Log: Fix links for smbconfoptions. Modified: trunk/xslt/expand-sambadoc.xsl Changeset: Modified: trunk/xslt/expand-sambadoc.xsl === --- trunk/xslt/expand-sambadoc.xsl 2005-03-14 17:07:57 UTC (rev 416) +++ trunk/xslt/expand-sambadoc.xsl 2005-03-14 17:53:01 UTC (rev 417) @@ -133,13 +133,13 @@ xsl:attribute name=moreinfo xsl:textnone/xsl:text /xsl:attribute - xsl:value-of select=name/ + xsl:value-of select=@name/ /xsl:element xsl:choose - xsl:when test=value != '' + xsl:when test=text() != '' xsl:text = /xsl:text - xsl:value-of select=value/ + xsl:value-of select=text()/ /xsl:when /xsl:choose /xsl:variable @@ -151,7 +151,7 @@ xsl:otherwise xsl:element name=link xsl:attribute name=linkend - xsl:value-of select=translate(translate(string(name),' ',''),'abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ')/ + xsl:value-of select=translate(translate(string(@name),' ',''),'abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ')/ /xsl:attribute xsl:value-of select=$linkcontent/ /xsl:element
svn commit: samba r5787 - in trunk/source: include printing utils
Author: gd Date: 2005-03-14 18:26:20 + (Mon, 14 Mar 2005) New Revision: 5787 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5787 Log: A couple of printerdb fixes: * correctly list drivers * add get_printers() for migration purpose * add the missing dependentfiles to file_get_drivers() * finish file_get_printer() * finish net-migrate-tool Guenther Modified: trunk/source/include/printerdb.h trunk/source/printing/nt_printing.c trunk/source/printing/printerdb.c trunk/source/printing/printerdb_file.c trunk/source/printing/printerdb_ldap.c trunk/source/printing/printerdb_tdb.c trunk/source/utils/net.c Changeset: Sorry, the patch is too large (658 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5787
svn commit: samba-web r582 - in trunk/news/users: .
Author: deryck Date: 2005-03-14 18:37:04 + (Mon, 14 Mar 2005) New Revision: 582 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=582 Log: Fix an HTML format goof. deryck Modified: trunk/news/users/enterprise_samba_launched.html Changeset: Modified: trunk/news/users/enterprise_samba_launched.html === --- trunk/news/users/enterprise_samba_launched.html 2005-03-14 15:57:03 UTC (rev 581) +++ trunk/news/users/enterprise_samba_launched.html 2005-03-14 18:37:04 UTC (rev 582) @@ -5,7 +5,7 @@ for Novell's SLES and Red Hat's RHEL for some time now, but the company has launched a href=http://enterprisesamba.com/;http://enterprisesamba.com//a to provide a central access point to Samba packages for enterprise ready - Linux distributions./a/p + Linux distributions./p pFrom the new site:/p
svn commit: samba-docs r418 - in trunk/Samba-Guide: .
Author: jht Date: 2005-03-14 18:50:40 + (Mon, 14 Mar 2005) New Revision: 418 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=418 Log: Update from Misty Stanlet-Jones Modified: trunk/Samba-Guide/Chap01-WindowsNetworkingPrimer.xml trunk/Samba-Guide/Chap08b-MigrateNW4Samba3.xml Changeset: Sorry, the patch is too large (386 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=418
svn commit: samba r5788 - in trunk/source/lib: .
Author: jra Date: 2005-03-14 20:03:27 + (Mon, 14 Mar 2005) New Revision: 5788 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5788 Log: Patch from William Jojo [EMAIL PROTECTED] - AIX has no default ACLs. Bug #2445. Jeremy. Modified: trunk/source/lib/sysacls.c Changeset: Modified: trunk/source/lib/sysacls.c === --- trunk/source/lib/sysacls.c 2005-03-14 18:26:20 UTC (rev 5787) +++ trunk/source/lib/sysacls.c 2005-03-14 20:03:27 UTC (rev 5788) @@ -20,6 +20,9 @@ #include includes.h +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ACLS + /* This file wraps all differing system ACL interfaces into a consistent one based on the POSIX interface. It also returns the correct errors @@ -2277,6 +2280,10 @@ int rc = 0; uid_t user_id; + /* AIX has no DEFAULT */ + if ( type == SMB_ACL_TYPE_DEFAULT ) + return NULL; + /* Get the acl using statacl */ DEBUG(10,(Entering sys_acl_get_file\n));
svn commit: samba r5790 - in branches/SAMBA_3_0/source/utils: .
Author: jht
Date: 2005-03-15 00:42:38 + (Tue, 15 Mar 2005)
New Revision: 5790
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5790
Log:
Added ability to set account description.
Modified:
branches/SAMBA_3_0/source/utils/pdbedit.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/pdbedit.c
===
--- branches/SAMBA_3_0/source/utils/pdbedit.c 2005-03-14 20:03:32 UTC (rev
5789)
+++ branches/SAMBA_3_0/source/utils/pdbedit.c 2005-03-15 00:42:38 UTC (rev
5790)
@@ -299,6 +299,7 @@
static int set_user_info (struct pdb_context *in, const char *username,
const char *fullname, const char *homedir,
+ const char *acct_desc,
const char *drive, const char *script,
const char *profile, const char *account_control,
const char *user_sid, const char *group_sid,
@@ -346,6 +347,8 @@
if (fullname)
pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED);
+ if (acct_desc)
+ pdb_set_acct_desc(sam_pwent, acct_desc, PDB_CHANGED);
if (homedir)
pdb_set_homedir(sam_pwent, homedir, PDB_CHANGED);
if (drive)
@@ -641,6 +644,7 @@
uint32 setparms, checkparms;
int opt;
static char *full_name = NULL;
+ static char *acct_desc = NULL;
static const char *user_name = NULL;
static char *home_dir = NULL;
static char *home_drive = NULL;
@@ -673,13 +677,14 @@
{verbose, 'v', POPT_ARG_NONE, verbose, 0, be verbose,
NULL },
{smbpasswd-style, 'w',POPT_ARG_NONE, spstyle, 0, give
output in smbpasswd style, NULL},
{user,'u', POPT_ARG_STRING, user_name, 0, use
username, USER },
+ {account-desc,'N', POPT_ARG_STRING, acct_desc, 0,
set account description, NULL},
{fullname,'f', POPT_ARG_STRING, full_name, 0, set full
name, NULL},
{homedir, 'h', POPT_ARG_STRING, home_dir, 0, set home
directory, NULL},
{drive, 'D', POPT_ARG_STRING, home_drive, 0, set home
drive, NULL},
{script, 'S', POPT_ARG_STRING, logon_script, 0, set
logon script, NULL},
{profile, 'p', POPT_ARG_STRING, profile_path, 0, set
profile path, NULL},
- {user SID,'U', POPT_ARG_STRING, user_sid, 0, set user
SID or RID, NULL},
- {group SID, 'G', POPT_ARG_STRING, group_sid, 0, set group
SID or RID, NULL},
+ {user-SID,'U', POPT_ARG_STRING, user_sid, 0, set user
SID or RID, NULL},
+ {group-SID, 'G', POPT_ARG_STRING, group_sid, 0, set group
SID or RID, NULL},
{create, 'a', POPT_ARG_NONE, add_user, 0, create
user, NULL},
{modify, 'r', POPT_ARG_NONE, modify_user, 0, modify
user, NULL},
{machine, 'm', POPT_ARG_NONE, machine, 0, account is a
machine account, NULL},
@@ -960,6 +965,7 @@
}
return set_user_info (bdef, user_name, full_name,
home_dir,
+ acct_desc,
home_drive,
logon_script,
profile_path, account_control,
svn commit: samba r5792 - in branches/SAMBA_3_0/source: param printing smbd
Author: jra Date: 2005-03-15 01:19:58 + (Tue, 15 Mar 2005) New Revision: 5792 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5792 Log: Added new parameter inherit owner. If set on a share, the created file/directory will be owned by the same uid as the containing directory. Doing this for directories in a race-free mannor has only been tested on Linux (it depends on being able to open a directory and then do a fchown on that file descriptor). If this functionality is not available then the code silently downgrades to not changing the ownership of a new directory. This new parameter (docs to follow) finally makes it possible to create drop boxes on Samba, which requires all files within a directory to be commonly owned. A HOWTO on how to use this will follow. Jeremy. Modified: branches/SAMBA_3_0/source/param/loadparm.c branches/SAMBA_3_0/source/printing/nt_printing.c branches/SAMBA_3_0/source/smbd/filename.c branches/SAMBA_3_0/source/smbd/open.c branches/SAMBA_3_0/source/smbd/reply.c Changeset: Sorry, the patch is too large (379 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5792
svn commit: samba r5791 - in trunk/source: param printing smbd
Author: jra Date: 2005-03-15 01:19:58 + (Tue, 15 Mar 2005) New Revision: 5791 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5791 Log: Added new parameter inherit owner. If set on a share, the created file/directory will be owned by the same uid as the containing directory. Doing this for directories in a race-free mannor has only been tested on Linux (it depends on being able to open a directory and then do a fchown on that file descriptor). If this functionality is not available then the code silently downgrades to not changing the ownership of a new directory. This new parameter (docs to follow) finally makes it possible to create drop boxes on Samba, which requires all files within a directory to be commonly owned. A HOWTO on how to use this will follow. Jeremy. Modified: trunk/source/param/loadparm.c trunk/source/printing/nt_printing.c trunk/source/smbd/filename.c trunk/source/smbd/open.c trunk/source/smbd/reply.c Changeset: Sorry, the patch is too large (379 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5791
