Re: [Samba] W2K Workstation not reading NTConfig.pol
--- Ilia Chipitsine [EMAIL PROTECTED] escribi?: I have recently set up an small SAMBA network(just my server and a W2K SP4 Workstation). My Server is acting as a PDC. Everything seems to work flawlessly, users, roaming profiles, netlogon script, etc... But I cannot make this machine to read my NTConfig.pol file. I have it at my NETLOGON share [/srv/netlogon] with rwxr-xr-x permissions. I have tried with different filenames (NTConfig.POL, ntconfig.pol, etc...) but none seems to work. just few ideas: 1) try turn on audit on that share (audit is special module for samba, it does not have all the features Windows audit has, but samba will log read events), audit is described very well in Samba Official Howto I have found that my Workstation doesn't even try to read the file NTConfig.pol. It just opens the logon batch file. 2) look at Settings -- Control Panel -- Administration -- Events on a workstation (if You are lucky, You can try to find checked/debug build of userenv.dll, which handles policies and profiles. I was never lucky) I couldn't find anything here. yeah!!! just tried to find anything on microsoft.com on this subject ... article ID 221833 How to enable user environment debug logging in retail build of Windows I've no idea why some of workstations read policy and other reject it. (I assume all of them are configured in the same way ?) Thanks. I have tried to setup ntconfig.pol with poledit to just one user (root) and one machine(ibm) or to default user and default machine. but nothing changes. Any ideas? My server is a DELL POWEREDGE SC1420 running CENTOS 4.1 x86-64. The client is an IBM Aptiva running W2K SP4. Thanks, and excuse my poor English. __ Renovamos el Correo Yahoo! Nuevos servicios, m?s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Renovamos el Correo Yahoo! Nuevos servicios, m?s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] W2K Workstation not reading NTConfig.pol
make sure you have at least 644 on this file en that this share has guest access. -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Ilia Chipitsine Verzonden: woensdag 6 juli 2005 9:11 Aan: Tirant Lo Blanc CC: samba@lists.samba.org Onderwerp: Re: [Samba] W2K Workstation not reading NTConfig.pol --- Ilia Chipitsine [EMAIL PROTECTED] escribi?: I have recently set up an small SAMBA network(just my server and a W2K SP4 Workstation). My Server is acting as a PDC. Everything seems to work flawlessly, users, roaming profiles, netlogon script, etc... But I cannot make this machine to read my NTConfig.pol file. I have it at my NETLOGON share [/srv/netlogon] with rwxr-xr-x permissions. I have tried with different filenames (NTConfig.POL, ntconfig.pol, etc...) but none seems to work. just few ideas: 1) try turn on audit on that share (audit is special module for samba, it does not have all the features Windows audit has, but samba will log read events), audit is described very well in Samba Official Howto I have found that my Workstation doesn't even try to read the file NTConfig.pol. It just opens the logon batch file. 2) look at Settings -- Control Panel -- Administration -- Events on a workstation (if You are lucky, You can try to find checked/debug build of userenv.dll, which handles policies and profiles. I was never lucky) I couldn't find anything here. yeah!!! just tried to find anything on microsoft.com on this subject ... article ID 221833 How to enable user environment debug logging in retail build of Windows I've no idea why some of workstations read policy and other reject it. (I assume all of them are configured in the same way ?) Thanks. I have tried to setup ntconfig.pol with poledit to just one user (root) and one machine(ibm) or to default user and default machine. but nothing changes. Any ideas? My server is a DELL POWEREDGE SC1420 running CENTOS 4.1 x86-64. The client is an IBM Aptiva running W2K SP4. Thanks, and excuse my poor English. __ Renovamos el Correo Yahoo! Nuevos servicios, m?s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Renovamos el Correo Yahoo! Nuevos servicios, m?s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] W2K Workstation not reading NTConfig.pol
make sure you have at least 644 on this file en that this share has guest access. no, guest access is not neccessary for ntconfig.pol to work. that file is read when user logs into workstation and user's (not guest) right are applied for reading that file. -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Ilia Chipitsine Verzonden: woensdag 6 juli 2005 9:11 Aan: Tirant Lo Blanc CC: samba@lists.samba.org Onderwerp: Re: [Samba] W2K Workstation not reading NTConfig.pol --- Ilia Chipitsine [EMAIL PROTECTED] escribi?: I have recently set up an small SAMBA network(just my server and a W2K SP4 Workstation). My Server is acting as a PDC. Everything seems to work flawlessly, users, roaming profiles, netlogon script, etc... But I cannot make this machine to read my NTConfig.pol file. I have it at my NETLOGON share [/srv/netlogon] with rwxr-xr-x permissions. I have tried with different filenames (NTConfig.POL, ntconfig.pol, etc...) but none seems to work. just few ideas: 1) try turn on audit on that share (audit is special module for samba, it does not have all the features Windows audit has, but samba will log read events), audit is described very well in Samba Official Howto I have found that my Workstation doesn't even try to read the file NTConfig.pol. It just opens the logon batch file. 2) look at Settings -- Control Panel -- Administration -- Events on a workstation (if You are lucky, You can try to find checked/debug build of userenv.dll, which handles policies and profiles. I was never lucky) I couldn't find anything here. yeah!!! just tried to find anything on microsoft.com on this subject ... article ID 221833 How to enable user environment debug logging in retail build of Windows I've no idea why some of workstations read policy and other reject it. (I assume all of them are configured in the same way ?) Thanks. I have tried to setup ntconfig.pol with poledit to just one user (root) and one machine(ibm) or to default user and default machine. but nothing changes. Any ideas? My server is a DELL POWEREDGE SC1420 running CENTOS 4.1 x86-64. The client is an IBM Aptiva running W2K SP4. Thanks, and excuse my poor English. __ Renovamos el Correo Yahoo! Nuevos servicios, m?s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Renovamos el Correo Yahoo! Nuevos servicios, m?s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem with initializing printer at hwprintserv + cups + samba
Hi here. I have LaserJet 2500 connected to network via D-Link DP-300+ printserver, and configured in CUPS as lpd://printserv/lj2500 Printer works well from linux (SUSE ES 9). In samba it is installed (using cupsaddsmb) with cups ps driver (cupsdrvr.dll etc) and native PPD from windows2000 driver. rpc enumprinters and enumdrivers show everything OK. This printer connected on win2k client, all dll and ppd files downloaded properly into /winnt/system32/spool/drivers/2/ However, trying to get properties of printer fails with erg... ~= driver is not installed, only queue properties can be shown Printing, of cause, does not work as well. Could someone explain why ? Could i provide some addtional info to help solving problem ? (egg samba log of connect/print session, but it is 260M) thanks in advance. -- qMax -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] problem with initializing printer at hwprintserv + cups + samba
Hi, I cannot help but I was just writing on this list for a similar problem with a Dell 3000cn. I also have lots of debugging info should someone help. Cyrille [EMAIL PROTECTED] a écrit sur 06/07/2005 09:58:21 : Hi here. I have LaserJet 2500 connected to network via D-Link DP-300+ printserver, and configured in CUPS as lpd://printserv/lj2500 Printer works well from linux (SUSE ES 9). In samba it is installed (using cupsaddsmb) with cups ps driver (cupsdrvr.dll etc) and native PPD from windows2000 driver. rpc enumprinters and enumdrivers show everything OK. This printer connected on win2k client, all dll and ppd files downloaded properly into /winnt/system32/spool/drivers/2/ However, trying to get properties of printer fails with erg... ~= driver is not installed, only queue properties can be shown Printing, of cause, does not work as well. Could someone explain why ? Could i provide some addtional info to help solving problem ? (egg samba log of connect/print session, but it is 260M) thanks in advance. -- qMax -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: RE [Samba] problem with initializing printer at hwprintserv + cups+ samba
No no, we did create a raw printer and we uploaded the Windows drivers to the server as described. We get the same error message as qMax. Thanks anyway. Louis van Belle [EMAIL PROTECTED] a écrit sur 06/07/2005 10:14:11 : because u use the cups driver. if you want to setup with Windows drivers, create a raw printer. reload samba and cups then browse to the Printer Faxes wizard, here you see your queue richt klik and properties, At the first question say NO !!! go to the Advanced Tab, klik new driver. this is the way to add a windows printer driver to your samba/cups spooler queue good luck. -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Cyrille Bollu Verzonden: woensdag 6 juli 2005 10:07 Aan: samba@lists.samba.org Onderwerp: RE [Samba] problem with initializing printer at hwprintserv + cups+ samba Hi, I cannot help but I was just writing on this list for a similar problem with a Dell 3000cn. I also have lots of debugging info should someone help. Cyrille [EMAIL PROTECTED] a écrit sur 06/07/2005 09:58:21 : Hi here. I have LaserJet 2500 connected to network via D-Link DP-300+ printserver, and configured in CUPS as lpd://printserv/lj2500 Printer works well from linux (SUSE ES 9). In samba it is installed (using cupsaddsmb) with cups ps driver (cupsdrvr.dll etc) and native PPD from windows2000 driver. rpc enumprinters and enumdrivers show everything OK. This printer connected on win2k client, all dll and ppd files downloaded properly into /winnt/system32/spool/drivers/2/ However, trying to get properties of printer fails with erg... ~= driver is not installed, only queue properties can be shown Printing, of cause, does not work as well. Could someone explain why ? Could i provide some addtional info to help solving problem ? (egg samba log of connect/print session, but it is 260M) thanks in advance. -- qMax -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Need urgent help witch create mask rights
Hello, I've found this in the newsgroup and it works fine with the inherit owner option. The user is not able to delete the files he has created. Se below. But my problem is that this doesn't work if you create a new folder and the new create files in this new folder. Any ideas how I can get the users to not delete the folder an the files under the folder? Thank's a lot. On Tuesday 17 May 2005 09:31, Jonathan Kelly wrote: Hello, I want to configure a Samba server to serve as an archive where users would be allowed to read, write new files, but not overwrite or delete them once they're there. I guess a script that changes the file permissions (ran, say, every 10 minutes) would do the trick but I was wondering if a cleaner way exists. Jeremy Allison implemented support for this, now called Drop-Box support, very recently. I have yet to document it. I hope to do that soon. Here is the core of what you need to do: 1. Create a directory share point 2. Set the owner to someone who is NOT a member of the group that owns the directory 3. Set permissions to: rwxrws--- 4. In smb.conf: a) Create a share stanza b) Add: inherit permissions = Yes inherit owner = Yes 5. Users must be members of the group that owns the directory and the files within it. That is the rough notes I took at the time. I have not tested this - so be warned that I suffer bit-rot and may have left something out. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Arno Streuli Crédit Agricole (Suisse) SA Chemin de Bérée 46-48, ch-1010 Lausanne 10 Tél. +41 58 321.5215 - Fax +41 58 321.5251 http://www.ca-suisse.com ** DISCLAIMER - E-MAIL --- The information contained in this E-Mail is intended for the named recipient(s). It may contain certain privileged and confidential information, or information which is otherwise protected from disclosure. If you are not the intended recipient, you must not copy,distribute or take any action in reliance on this information ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] problem with initializing printer at hwprintserv + cups +samba
Wednesday, July 6, 2005, 3:11:16 PM, Louis van Belle wrote: LvB because u use the cups driver. I need PS driver to setup page accounting. Page counters do not work with raw printers. -- qMax -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with initializing printer at hwprintserv + cups + samba
For LaserJet 2500 problem solved using foomatic/postscript PPD instead of native driver. (i guess it misses something, but main options are in place) But the same situation for LaserJet 1015 (non PS) and cups driver + foomatic/hpjs driver. Driver installed, but printing/getting options fails.Wednesday, July 6, 2005, 2:58:21 PM, qMax wrote: q Hi here. q I have LaserJet 2500 connected to network via q D-Link DP-300+ printserver, q and configured in CUPS as lpd://printserv/lj2500 q Printer works well from linux (SUSE ES 9). q In samba it is installed (using cupsaddsmb) with q cups ps driver (cupsdrvr.dll etc) and native PPD from q windows2000 driver. q rpc enumprinters and enumdrivers show everything OK. q This printer connected on win2k client, q all dll and ppd files downloaded properly into q /winnt/system32/spool/drivers/2/ q However, trying to get properties of printer fails with q erg... ~= driver is not installed, only queue properties can be shown q Printing, of cause, does not work as well. q Could someone explain why ? q Could i provide some addtional info to help solving problem ? q (egg samba log of connect/print session, but it is 260M) q thanks in advance. q -- q qMax -- qMax -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba share problem accessing from w2k client
Hi Joshua, I think that if the client workstation has not joined a domain, then it will simply ask for a valid username/password combination for that share in order to try and access it's content. The machines have a valid machine account, and i have thought of this possibility too and re-joined them in the domain. When accessing a share for which he is authorised there is no problem and no box show up on the client. Just when he tries to access a non-authorised share. Might it have something to do with the fact that the user is in more then one domaingroup? for example group users and group employees? ps i never had this problem with samba 2.2 using smbpasswd as backend. Maybe it would be best not to show the share at all except for valid users. Something like: --begin-- [example] comment = example path = /example create mask = 0760 browseable = no valid users = @allowedusers2 read only = No wrtie list = @allowedusers2 --end This way you won't have to worry about message boxes and stuff like that. If the user is not in the valid list, the share shouldn't even show up. Hope it helps. Cheers, David El Martes, 5 de Julio de 2005 10:14, J. van Santen escribió: Hi, I got a problem with accessing some share's on my samba PDC (3.0.14) When a user tyr to access a share for which he is not authorised a box show up to suplly a name and password to access the share. Why doesnt the user get a box with 'access denied'? When u supply a username (DOMAINNAME\USERNAME) and password which is authorised for the share u get the message: 'SERVERNAME\SHARENAME access denied. the credential supplied conflict with a existing set of credentials' What could be the problem? Im using samba 3.0.14 with tdbsam as backend. security is set to user. an example of a share defined in smb.conf: [example] comment = example path = /example invalid users = user1 read only = No I hope someone can give me the answer Joshua -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Files missing when using windows XP and samba
The only thins I have noticed is that there are some files which have spaces in their names. When viewed on the Unix machines, the spaces are intact. If I view them on the Linux box, the spaces appear as '?' - obviously, windows would have trouble with this. Just waiting to see if changing these spaces to '-' will make any difference. Just for the record, I have renamed the offending files, replacing spaces with hyphens. Now all files are visible from the Windows machines. Stuart. -- --- Stuart Bailey BSc (hons) CEng CITP MBCS LinuSoft (Proprietor) Linux Specialist (01953) 601294 (07778) 383739 http://www.linusoft.co.uk ** This email and any files transmitted with it are confidential. If you are not the intended recipient, please email [EMAIL PROTECTED] immediately. You should not copy or use this email or attachments for any purpose nor disclose their contents to any other person. NO BINDING CONTRACT WILL RESULT FROM THIS E-MAIL UNTIL SUCH TIME AS A WRITTEN DOCUMENT IS SIGNED ON BEHALF OF LinuSoft. LinuSoft cannot accept any responsibility for the completeness or accuracy of this message as it has been transmitted over public networks. * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using OID as Samba3 backend
I'm running samba3 Using OID (Oracle Internet Directory) as backend, almost works ok, but the final trick that doesn't work is the change of the passwords from windows dialog box, this change the samba passwords but don't change the userpassword, i have found this line on samba logs files: ldap password change requested, but LDAP server does not support it -- ignoring. windows password change dialog modifies LM and NT hashes (probably, just NT one), changing of user password can be achived in two ways: 1) modifying UserPassword attribute (ldapmodify request, which is standard one) 2) some special request sich as extended operation in OpenLDAP, non standard requests. extended operations are not non-standard, although they may or may not be implemented by a particular DSA. You can determine the 'exops' supported by your DSA by looking at the rootDSA. where can I read more about rootDSA ? Google seems to know almost nothing about it. sorry, it is rootDSE Samba should be able to sync the password and lm and ht hashes by itself. Just set the ldap passwd sync = yes directive, see the smb.conf for he possible settings (yes, no, and only ?). This will work with or without exop password change support. And i found in samba.org fourum that this problem is solved with this ACL: access to dn.base= by * read. Already i have put them, but doesn't works, Anybody help me? What does you root DSE look like? signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba and Windows 2003 with SP1
[Accidentally sent to samba-technical --dave] Stubel Timo wrote: Hello List, hope anybody can help me. We have problems with our squid porxy with userauthentication. The error is: authenticateNTLMHandleReply: Error validating user via NTLM. Error returned 'BH NT_STATUS_ACCESS_DENIED' We are using debian machines with samba-3.0.14a-3 and squid-2.5.10-1 on it. Could you send me an eMail, if there is an update available, or if there is a workaround to solve the problem? Thank you... Mit freundlichem Gruß Timo Stubel Systemadministration BKK TSC eG Karlstrasse 34 - 44 D-50679 Köln Telefon: +49 (0) 221 / 828 05-31 Fax: +49 (0) 221 / 828 05 99-31 Mobil:+49 (0) 173 / 74 57 899 eMail:[EMAIL PROTECTED] www:www.bkk-tsc.de http://www.bkk-tsc.de/ Anfragen zum technischen Support richten Sie bitte an [EMAIL PROTECTED] BLOCKED::mailto:[EMAIL PROTECTED] Unsere technische Hotline erreichen Sie auch unter 0221 / 82805-88. -- David Collier-Brown, | Always do right. This will gratify Sun Microsystems, Toronto | some people and astonish the rest [EMAIL PROTECTED] | -- Mark Twain (416) 263-5733 (x65733) | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba and lprng
hello, I'm using samba 3.x and lprng on debian stable. My Problem is described by the following: smbclient -L Sharename Type Comment - --- printer6Printer lpp6 printer5Printer lpp5 lpp4Printer printer4 lpp3Printer printer3 lpp1Printer printer1 lpp0Printer printer0 my printcap like this: printer6|lpp6:... printer5|lpp5:... printer4|lpp4:... printer3|lpp3:... printer2|lpp2:... printer1|lpp1:... printer0|lpp0:... One printer wasn't loaded to samba, ok shit happens. But how i could control which name would be picked as Sharename from samba -- from printcap. By default printcap: printer|alias1|alias2|...:... But samba picks a random name als sharename? Sometimes printer, somtimes alias1 a.s.o. Whats going wrong? I want a List of shares like this (after import of printcap): smbclient -L Sharename Type Comment - --- printer6Printer lpp6 printer5Printer lpp5 printer4Printer lpp4 printer3Printer lpp3 printer1Printer lpp1 printer0Printer lpp0 Anyone could help? ty Ji -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Temporary files with word
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have a strange problem with samba 3.0.14a. One of my users is experiencing a lot of temporary files created by winword 2003. Winword does delete the temp files under any other userid. The only difference I know of is that the problematic user was created after the automatic switch from samba 2.2.8a to 3.0.14a. Has anyone an idea what could be wrong and where I could look to understand this problem? Cheers Nicki - -- Linksystem Muenchen GmbH [EMAIL PROTECTED] Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 PGP Keys: https://www.link-m.de/pgp/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1-nr1 (Windows XP) Comment: Get keys at: https://www.link-m.de/pgp iD8DBQFCy9Tb6zWc+bXuIEMRAtQDAJ9a2/bnfAQaWi0LJ9SEvMvz+jXAMwCghGgf oMozprT9isUU2+YsyMdFc58= =4AhB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Possible Samba Memory Leak
As you're doing this on an embedded system as I recall you might want to cut down on the stat cache (which can grow unlimited on normal systems). I just read up on the stat cache options, and from what I saw, the default stat cache size is 50KB. Is that incorrect? To turn it off set : stat cache = False I'll give this a try. It should be noted that I was able to reproduce the same issue on a dual P3 550, with 512MB of RAM. It took a fair bit longer to reach the point of failure, but it did fail. I believe we reached around 1300 iterations of writing 3500+ small files, then reading those back to compare them. Thanks, Anthony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Questions regarding ADS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | I 've spent the last week troubleshooting a configuration issue regarding | samba not being able to connect to other domains beside the domain of which | it 's a member server (samba 3.0.14a, krb 1.3.6, w2k). | | I have some doubts perhaps someone can answer... | | Suppose this scenario: | | Samba name : SAMBA | Main domain: DOMAINA (domain controller = DCA) | Others domains : DOMAINB, DOMAINC (domain controllers DCB y DCC) | | | 1) When samba tries to connect via kerberos to others | domains, which principal is supposed to use? I 'd think | it is [EMAIL PROTECTED] What I see is that it first connects | via LDAP using this machine account but then tries to connect | via kerberos with [EMAIL PROTECTED] or [EMAIL PROTECTED] Is this | correct or I am not understanding the logfiles correctly? It should be obtaining a service for [EMAIL PROTECTED] That's probably what you are seeing. | 2) Is wbinfo --set-auth-user still needed? I 'm not using | it because I read somewhere that with 3.0+ is not needed | anymore. Generally it is not needed. Certainly not when all the domains are AD and the Samba host is configured with 'security = ads'. | 3) My krb5.conf doesn 't contain any references to | servers. All it contains is dns_lookup_realm=true, | dns_lookup_kdc=true and default_realm=X. Do I | need anything specific or current krb5 can obtain everything | it needs from the DNS? DNS is fine. That's how I run. Make sure that the appropriate SRV records are in DNS though. | 4) Do I need to do the ktpass thing at the windows DC? Nope. It is all handled by the AD trusts. Hope this helps. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy9eZIR7qMdg1EfYRAqisAJ9rX1cPqnc6nFsiaOrWlzdpySPThgCg5Sr8 WYhFbq5OfcZc37LNf/Nva+U= =ESfW -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] group doesn't show up in poledit and nitrobit policy editor
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Νικος Σαραντοπουλος wrote: | i am using samba 3.0.14a as recommended but it seems | that for some reason that i can't understand, no domain | groups show up on any administration tool | like poledit and nitrobit policy editor | | groups like | users (domain not local) | and ntadmins | where are they? If they show up in the ACL editor editor for example, they should show up in the policy editor as well. on Samba DCs, on mapped groups will show up though. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy9lGIR7qMdg1EfYRArBmAKDlYMGSXqiJV3SHe0jyxjpOzxpAXQCfe7B/ qUnwj808YsB4CJPHUN8TOgM= =Squ2 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pdb_init_sam errors on upgrade to Samba 3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Brodbelt wrote: | make_server_info_info3: pdb_init_sam failed! | | It may be pertinent that this user has a different | unix username from Windows one, and I'm using the | username map in samba to point to a file with | the mappings. Better read the relerase notes for the 3.0.8 (IIRC) release about the changes to username map semantics when dealing with domain users. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy9mlIR7qMdg1EfYRAlewAJ9uWzbI2NiV7hEx55rKSOKJMXzBmACfT/Sc h5+sUjMHvZOw8Q3atRMFW+U= =iTe1 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] xp add to domain error message
Hi, When i add a computer to the domain the computer is created in the ldap database but XP gets a message unable to find username i check my logs and i saw the the respond back to xp does its search in the OU=Users and not in the OU=Computers getent passwd gives back all the users and computers. -- *** Bazuin Partners Managed E-mail Filter scanned this email for viruses *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Questions regarding ADS
Thanks Jerry, that 's very useful information. The particular problem I am facing is that when samba tries to connect to another domain, kerberos can 't find the principal, as in this example: libads/sasl.c:ads_sasl_spnego_bind(211) ads_sasl_spnego_bind: got server principal name [EMAIL PROTECTED] libsmb/clikrb5.c:ads_krb5_mk_req(389) ads_krb5_mk_req: krb5_get_credentials failed for [EMAIL PROTECTED] (Server not found in Kerberos database) nsswitch/winbindd_ads.c:ads_cached_connection(81) ads_connect for domain SIDERAR failed: Server not found in Kerberos database What I understand is that the principal sarswdc3$ doesn 't exist. If I try to kinit [EMAIL PROTECTED] it consecuentelly fails. The thing I don 't understand is why if I kinit [EMAIL PROTECTED] (note the abscense of the dollar sign) it finds it (I mean, it prompts for a password). Any ideas I can try or anything further I can watch? Best regards, Martin -- Martin arpon Original Message: - From: Gerald (Jerry) Carter [EMAIL PROTECTED] Date: Wed, 06 Jul 2005 08:07:38 -0500 To: [EMAIL PROTECTED], samba@lists.samba.org Subject: Re: [Samba] Questions regarding ADS [EMAIL PROTECTED] wrote: | I 've spent the last week troubleshooting a configuration issue regarding | samba not being able to connect to other domains beside the domain of which | it 's a member server (samba 3.0.14a, krb 1.3.6, w2k). | | I have some doubts perhaps someone can answer... | | Suppose this scenario: | | Samba name : SAMBA | Main domain: DOMAINA (domain controller = DCA) | Others domains : DOMAINB, DOMAINC (domain controllers DCB y DCC) | | | 1) When samba tries to connect via kerberos to others | domains, which principal is supposed to use? I 'd think | it is [EMAIL PROTECTED] What I see is that it first connects | via LDAP using this machine account but then tries to connect | via kerberos with [EMAIL PROTECTED] or [EMAIL PROTECTED] Is this | correct or I am not understanding the logfiles correctly? It should be obtaining a service for [EMAIL PROTECTED] That's probably what you are seeing. | 2) Is wbinfo --set-auth-user still needed? I 'm not using | it because I read somewhere that with 3.0+ is not needed | anymore. Generally it is not needed. Certainly not when all the domains are AD and the Samba host is configured with 'security = ads'. | 3) My krb5.conf doesn 't contain any references to | servers. All it contains is dns_lookup_realm=true, | dns_lookup_kdc=true and default_realm=X. Do I | need anything specific or current krb5 can obtain everything | it needs from the DNS? DNS is fine. That's how I run. Make sure that the appropriate SRV records are in DNS though. | 4) Do I need to do the ktpass thing at the windows DC? Nope. It is all handled by the AD trusts. Hope this helps. cheers, jerry mail2web - Check your email from the web at http://mail2web.com/ . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Rejected posting to ACCMAIL@LISTSERV.AOL.COM
You are not authorized to send mail to the ACCMAIL list from your samba@LISTS.SAMBA.ORG account. You might be authorized to send to the list from another of your accounts, or perhaps when using another mail program which generates slightly different addresses, but LISTSERV has no way to associate this other account or address with yours. If you need assistance or if you have any question regarding the policy of the ACCMAIL list, please contact the list owners: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] XP samba join domain
From my logs. conn=105 op=4 SRCH base=dc=rotterdam,dc=bazuin,dc=nl scope=2 deref=2 filter=(uidNumber=2100) conn=105 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=105 op=5 ADD dn=uid=ms249-wxp-016$,ou=Computers,dc=rotterdam,dc=bazuin,dc=nl conn=105 op=5 RESULT tag=105 err=0 text= conn=105 op=6 UNBIND conn=104 op=11 SRCH base=ou=Users,dc=rotterdam,dc=bazuin,dc=nl scope=1 deref=0 filter=((objectClass=posixAccount)(uid=ms249-wxp-016$)) conn=104 op=11 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass conn=104 op=11 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=105 fd=28 closed conn=104 op=12 SRCH base=ou=Users,dc=rotterdam,dc=bazuin,dc=nl scope=1 deref=0 filter=((objectClass=posixAccount)(uid=ms249-wxp-016$)) conn=104 op=12 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass conn=104 op=12 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=103 fd=25 closed Im missing the SRCH base=ou=Computers,dc=rotterdam,dc=bazuin,dc=nl What's wrong, i f... cant find it.. -- *** Bazuin Partners Managed E-mail Filter scanned this email for viruses *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Joop Martens is afwezig.
I will be out of the office starting 07/04/2005 and will not return until 07/18/2005. Ik antwoord op uw bericht wanneer ik terug ben. Voor dringende zaken kunt u contact op nemen met George Schlusen ([EMAIL PROTECTED]). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + Cups error show jobs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Xim Tur i Massanet wrote: | Hi!! | | I can see this error every time a windows client tries see the jobs for | any of the printers on the print server: | (log.smbd) | | [2005/07/05 16:22:12, 0] printing/print_cups.c:cups_queue_get(790) | Unable to get jobs for ipp://localhost/printers/oce_ - | client-error-not-found | | The result is that clients can't view (cancel or pause) any of the jobs | on the queue. | | I also can see this error on the cups error log: | (error_log) | | E [05/Jul/2005:16:22:12 +0200] get_jobs: resource name '/printers/oce_' | no good! | | | Of course, printer oce_ on localhost doesn't exist. Printer | is named oce$. I guess samba is translating $ to _. | On the other hand, users can print without problem. I | looks like the problem appears only showing the jobs. | | Is there any way to correct this? It's our bug apparently. I'll try to look at it. If you could file a bug report for me at https://bugzilla.samba.org/ that would help. Thanks. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy+b8IR7qMdg1EfYRAin9AJ4uEFL8ZWACfQvdttn3TVS3jAy/SwCgzGk5 DQX4DXCYX5R895Zc1TsXtMU= =MUJW -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error building Samba 3.0.14a on Solaris 9
Hi all, Compiling Samba 3.0.14a on Solaris 9 with gcc 3.4.2 results in an error: --- Compiling libsmb/clifile.c libsmb/clifile.c: In function `cli_unix_stat': libsmb/clifile.c:265: error: `STAT_ST_BLOCKSIZE' undeclared (first use in this function) libsmb/clifile.c:265: error: (Each undeclared identifier is reported only once libsmb/clifile.c:265: error: for each function it appears in.) *** Error code 1 make: Fatal error: Command failed for target `libsmb/clifile.o' --- This error first occurred while compiling 3.0.8 ; 3.0.7 compiles OK. What could cause this error? Best regards, Remy Zandwijk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pdb_init_sam errors on upgrade to Samba 3
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Brodbelt wrote: | make_server_info_info3: pdb_init_sam failed! | | It may be pertinent that this user has a different | unix username from Windows one, and I'm using the | username map in samba to point to a file with | the mappings. Better read the release notes for the 3.0.8 (IIRC) release about the changes to username map semantics when dealing with domain users. Thank for the pointer - I found them some time after posting the original question, and have now got it working again. Thanks, Mike. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems when upgrading to samba 3.0.14
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Xavi León wrote: | We had a Debian sarge box with samba version 3.0.7 | and worked ok. When we upgraded to the new stable | version in Debian (3.0.14a) we noticed that the | samba daemon (smbd) did'nt bind to its port | (139) when running in daemon mode. That's doesn't sound right. I'll bet there's another service dominating that port. Inetd maybe (from your other comments). cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy+hnIR7qMdg1EfYRAsW1AKCyWDbtIMbrSkzokfRYAFPse8u2+QCfZGbd 3C9VlZ21OhojUaK0B9Qz3IU= =ooCY -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba LDAP timeout
Hello, I'm having trouble configuring an Ubuntu Hoary Samba server to use LDAP for authentication (the server is named dixie). I'm basing my configuration on another server here at work that connects just fine. When I try to just list samba shares on dixie with $ smbclient -L dixie -U faker It takes quite some time for the request to go through before failing. Looking at the log file reveals that it can't access the ldap server: [2005/07/06 09:26:35, 0] lib/smbldap.c:smbldap_connect_system(812) ldap_connect_system: Failed to retrieve password from secrets.tdb [2005/07/06 09:26:35, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 15 try! [2005/07/06 09:26:37, 0] lib/smbldap.c:fetch_ldap_pw(312) fetch_ldap_pw: neither ldap secret retrieved! [2005/07/06 09:26:37, 0] lib/smbldap.c:smbldap_connect_system(812) ldap_connect_system: Failed to retrieve password from secrets.tdb [2005/07/06 09:26:37, 0] lib/smbldap.c:smbldap_search_suffix(1155) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) But from a shell on dixie I /can/ do ldap requests: $ ldapsearch uid=faker -b ou=people,dc=marlboro,dc=edu -h ldap.marlboro.edu -x # extended LDIF # # LDAPv3 # base ou=people,dc=marlboro,dc=edu with scope sub # filter: uid=faker # requesting: ALL # # faker, people, marlboro.edu dn: uid=faker,ou=people,dc=marlboro,dc=edu objectClass: eduMarlboroPerson objectClass: posixAccount objectClass: radiusProfile objectClass: sambaSamAccount sn: Fakerson givenName: Faker cn: Faker Fakerson displayName: Faker Fakerson gecos: Faker Fakerson uid: faker mail: [EMAIL PROTECTED] loginShell: /bin/bash uidNumber: 11702 homeDirectory: /home/guest/faker dialupAccess: TRUE eduMarlboroJobDescription: This is a fake job description. The quick brown fox jumped over the lazy dog. eduMarlboroNetworkAccess: false gidNumber: 50004 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 The ldap portion of my smb.conf is exactly the same as it is in the server where this works: security = user encrypt passwords = true passdb backend = ldapsam:ldaps://ldap.marlboro.edu ldap ssl = yes ldap suffix = dc=marlboro,dc=edu ldap user suffix = ou=people ldap admin dn = cn=smbadmin,ou=People,dc=marlboro,dc=edu ldap delete dn = no ldap filter = (|((objectclass=posixAccount)(uid=%u)(|(gidNumber=50001)(gidNumber=50003))(!(eduMarlboroNetworkAccess=false)))((objectclass=posixAccount)(uid=%u)(!(gidNumber=50001))(!(gidNumber=50003))(eduMarlboroNetworkAccess=true))) obey pam restrictions = yes I've tried setting SSL to no and the backend to ldapsam:ldap://ldap.marlboro.edu;, but it has no effect on the connectivity. Is there a related configuration setting that I'm overlooking? Samba /is/ compiled to use ldap: $ ldd /usr/sbin/smbd | grep ldap libldap.so.2 = /usr/lib/libldap.so.2 (0xb7fb1000) Any help on this matter would be greatly appreciated. Thanks much. -Ian Smith-Heisters -- http://www.0x09.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba LDAP timeout
Hi, Have you stored your bind DN ldap password with smbpasswd -w your password? Best regards, Bruno Guerreiro -Original Message- From: Ian Smith-Heisters [mailto:[EMAIL PROTECTED] Sent: quarta-feira, 6 de Julho de 2005 15:12 To: samba@lists.samba.org Subject: [Samba] Samba LDAP timeout Hello, I'm having trouble configuring an Ubuntu Hoary Samba server to use LDAP for authentication (the server is named dixie). I'm basing my configuration on another server here at work that connects just fine. When I try to just list samba shares on dixie with $ smbclient -L dixie -U faker It takes quite some time for the request to go through before failing. Looking at the log file reveals that it can't access the ldap server: [2005/07/06 09:26:35, 0] lib/smbldap.c:smbldap_connect_system(812) ldap_connect_system: Failed to retrieve password from secrets.tdb [2005/07/06 09:26:35, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 15 try! [2005/07/06 09:26:37, 0] lib/smbldap.c:fetch_ldap_pw(312) fetch_ldap_pw: neither ldap secret retrieved! [2005/07/06 09:26:37, 0] lib/smbldap.c:smbldap_connect_system(812) ldap_connect_system: Failed to retrieve password from secrets.tdb [2005/07/06 09:26:37, 0] lib/smbldap.c:smbldap_search_suffix(1155) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) But from a shell on dixie I /can/ do ldap requests: $ ldapsearch uid=faker -b ou=people,dc=marlboro,dc=edu -h ldap.marlboro.edu -x # extended LDIF # # LDAPv3 # base ou=people,dc=marlboro,dc=edu with scope sub # filter: uid=faker # requesting: ALL # # faker, people, marlboro.edu dn: uid=faker,ou=people,dc=marlboro,dc=edu objectClass: eduMarlboroPerson objectClass: posixAccount objectClass: radiusProfile objectClass: sambaSamAccount sn: Fakerson givenName: Faker cn: Faker Fakerson displayName: Faker Fakerson gecos: Faker Fakerson uid: faker mail: [EMAIL PROTECTED] loginShell: /bin/bash uidNumber: 11702 homeDirectory: /home/guest/faker dialupAccess: TRUE eduMarlboroJobDescription: This is a fake job description. The quick brown fox jumped over the lazy dog. eduMarlboroNetworkAccess: false gidNumber: 50004 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 The ldap portion of my smb.conf is exactly the same as it is in the server where this works: security = user encrypt passwords = true passdb backend = ldapsam:ldaps://ldap.marlboro.edu ldap ssl = yes ldap suffix = dc=marlboro,dc=edu ldap user suffix = ou=people ldap admin dn = cn=smbadmin,ou=People,dc=marlboro,dc=edu ldap delete dn = no ldap filter = (|((objectclass=posixAccount)(uid=%u)(|(gidNumber=50001)(gidNumber=50003))( !(eduMarlboroNetworkAccess=false)))((objectclass=posixAccount)(uid=%u)(!(gi dNumber=50001))(!(gidNumber=50003))(eduMarlboroNetworkAccess=true))) obey pam restrictions = yes I've tried setting SSL to no and the backend to ldapsam:ldap://ldap.marlboro.edu;, but it has no effect on the connectivity. Is there a related configuration setting that I'm overlooking? Samba /is/ compiled to use ldap: $ ldd /usr/sbin/smbd | grep ldap libldap.so.2 = /usr/lib/libldap.so.2 (0xb7fb1000) Any help on this matter would be greatly appreciated. Thanks much. -Ian Smith-Heisters -- http://www.0x09.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Update Rollup 1 for Windows 2000 SP4
On Fri, 01 Jul 2005 09:07:00 +0200, Oktay Akbal wrote: Hello. Anyone else experiencing Problems with this update ? We do have W2k AD. And Samba Member-Server. This is done via Winbind without using Kerberos. After installing the Update to our AD-Servers. It seems that winbind lost its connectivity. wbinfo -t worked. wbinfo -u showed errors. After removing the update from all our servers, winbind works again. Should I move our configuration to kerberos ? Thanks. Oktay Akbal Several of our W2K workstations here would not boot up after this rollup. It turned out there was a conflict with our antivirus software. Uninstalling or disabling the antivirus made things work again. I think they rolled out an fix patch a couple days ago. Not sure if that's any help :/ -- http://www.0x09.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] *Funding available ID:Yptrffhh2622165837
*Government financing available Business publications 4865 hwy 138 r.r. 1 St-Andrews w. On K0C 2A0 The most complete and affordable reference for anyone looking for financing. It is the perfect tool for new and existing businesses, individuals, foundations and associations Complete guide containing more than 3000 programs New 2005 edition Legal Deposit-National Library of Canada Business.$ 69.95 CD-Rom Academic printed$ 149.95 (430 pages) Toll free: 8 6 63 2 23 3 7 6 0844126086724032056340070710664410403075403008Pupncrjknq -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] *Funding available ID:Yptrffhh2622165837
So to all companies, please spam them. in The Netherlands Spam to companies is allowed ;-) ( for now, law is comming ) And Just send them Mail not email mail, but dont put a stamp on it. and i can send 9 Kilogram without stamp :D make them pay the . ( you know ) ;-) Registrant: Canadian Publications ATTN: 3223376.NET c/o Network Solutions P.O. Box 447 Herndon, VA. 20172-0447 Domain Name: 3223376.NET Administrative Contact: Canadian Publications [EMAIL PROTECTED] tration.com ATTN: 3223376.NET c/o Network Solutions P.O. Box 447 Herndon, VA 20172-0447 570-708-8780 Technical Contact: Network Solutions, LLC. [EMAIL PROTECTED] 13200 Woodland Park Drive Herndon, VA 20171-3025 US 1-888-642-9675 fax: 571-434-4620 Record expires on 03-Sep-2005. Record created on 03-Sep-2004. Database last updated on 6-Jul-2005 10:38:27 EDT. Domain servers in listed order: NS1.ANZWERSNET.BIZ 211.140.139.108 NS2.ANZWERSNET.BIZ 218.5.74.47 -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens [EMAIL PROTECTED] Verzonden: dinsdag 5 juli 2005 16:26 Aan: [EMAIL PROTECTED] Onderwerp: [Samba] *Funding available ID:Yptrffhh2622165837 *Government financing available Business publications 4865 hwy 138 r.r. 1 St-Andrews w. On K0C 2A0 The most complete and affordable reference for anyone looking for financing. It is the perfect tool for new and existing businesses, individuals, foundations and associations Complete guide containing more than 3000 programs New 2005 edition Legal Deposit-National Library of Canada Business.$ 69.95 CD-Rom Academic printed$ 149.95 (430 pages) Toll free: 8 6 63 2 23 3 7 6 0844126086724032056340070710664410403075403008Pupncrjknq -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error building Samba 3.0.14a on Solaris 9
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Remy Zandwijk wrote: | Hi all, | | Compiling Samba 3.0.14a on Solaris 9 with gcc 3.4.2 results in | an error: | | --- | Compiling libsmb/clifile.c | libsmb/clifile.c: In function `cli_unix_stat': | libsmb/clifile.c:265: error: `STAT_ST_BLOCKSIZE' undeclared | (first use in this function) | libsmb/clifile.c:265: error: (Each undeclared identifier is | reported only once | libsmb/clifile.c:265: error: for each function it appears in.) | *** Error code 1 | make: Fatal error: Command failed for target `libsmb/clifile.o' | --- | | This error first occurred while compiling 3.0.8 ; 3.0.7 compiles OK. | | What could cause this error? our bug. The attached patch should fix it. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy+tOIR7qMdg1EfYRAgKmAKCp6UnrD3aGIW7rv2bTnjOfkg4OjQCeM/l/ AXRp+QtJ/F7XdQA1YjAoSzc= =4UAN -END PGP SIGNATURE- Index: libsmb/clifile.c === --- libsmb/clifile.c(revision 8183) +++ libsmb/clifile.c(working copy) @@ -262,7 +262,12 @@ sbuf-st_size = IVAL2_TO_SMB_BIG_UINT(rdata,0); /* total size, in bytes */ sbuf-st_blocks = IVAL2_TO_SMB_BIG_UINT(rdata,8); /* number of blocks allocated */ +#if defined (HAVE_STAT_ST_BLOCKS) defined(STAT_ST_BLOCKSIZE) sbuf-st_blocks /= STAT_ST_BLOCKSIZE; +#else + /* assume 512 byte blocks */ + sbuf-st_blocks /= 512; +#endif sbuf-st_ctime = interpret_long_date(rdata + 16);/* time of last change */ sbuf-st_atime = interpret_long_date(rdata + 24);/* time of last access */ sbuf-st_mtime = interpret_long_date(rdata + 32);/* time of last modification */ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] *Funding available ID:Yptrffhh2622165837
Just give them a call at their toll-free number: 866-322-3376 It costs them money and you can annoy the crap out of them. I just called and someone actually answered. I told her to expect lots of calls! -Jeff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Louis van Belle Sent: Wednesday, July 06, 2005 10:42 AM To: samba@lists.samba.org Subject: RE: [Samba] *Funding available ID:Yptrffhh2622165837 So to all companies, please spam them. in The Netherlands Spam to companies is allowed ;-) ( for now, law is comming ) And Just send them Mail not email mail, but dont put a stamp on it. and i can send 9 Kilogram without stamp :D make them pay the . ( you know ) ;-) Registrant: Canadian Publications ATTN: 3223376.NET c/o Network Solutions P.O. Box 447 Herndon, VA. 20172-0447 Domain Name: 3223376.NET Administrative Contact: Canadian Publications [EMAIL PROTECTED] tration.com ATTN: 3223376.NET c/o Network Solutions P.O. Box 447 Herndon, VA 20172-0447 570-708-8780 Technical Contact: Network Solutions, LLC. [EMAIL PROTECTED] 13200 Woodland Park Drive Herndon, VA 20171-3025 US 1-888-642-9675 fax: 571-434-4620 Record expires on 03-Sep-2005. Record created on 03-Sep-2004. Database last updated on 6-Jul-2005 10:38:27 EDT. Domain servers in listed order: NS1.ANZWERSNET.BIZ 211.140.139.108 NS2.ANZWERSNET.BIZ 218.5.74.47 -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens [EMAIL PROTECTED] Verzonden: dinsdag 5 juli 2005 16:26 Aan: [EMAIL PROTECTED] Onderwerp: [Samba] *Funding available ID:Yptrffhh2622165837 *Government financing available Business publications 4865 hwy 138 r.r. 1 St-Andrews w. On K0C 2A0 The most complete and affordable reference for anyone looking for financing. It is the perfect tool for new and existing businesses, individuals, foundations and associations Complete guide containing more than 3000 programs New 2005 edition Legal Deposit-National Library of Canada Business.$ 69.95 CD-Rom Academic printed$ 149.95 (430 pages) Toll free: 8 6 63 2 23 3 7 6 0844126086724032056340070710664410403075403008Pupncrjknq -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD Domain Member: User Mapping w/out winbind ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dan Am wrote: | Hello everybody, | I have set up authentication for a Linux Host | using MS SFU. Works fine: getent passwd show my | users, they can login... | | On the same host I want to set up Samba 3.0.9 as a | domain member. The question: Can I use the AD Controller | as idmap_backend _directly_ , skipping the use | of winbind ? The problem with using winbind is that | users will show up twice in getent passwd and the | parallel use of NFS becomes a problem, as files belong | to the winbind user if created with Samba , and | to the SFU User if created with NFS. Dan, Just don't define the idmap uid/gid parameters in smb.conf. Winbindd will still run but not allocate any uids or gids for accounts. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy/KoIR7qMdg1EfYRAliFAJ94xoGeZfq546SZ6Sq+bEAPKKm8qACfckkx C5NHjwAGbfdZJvznWSNwmOk= =wNKk -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba and lprng
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ji wrote: | hello, | | I'm using samba 3.x and lprng on debian stable. My | Problem is described by the following: | But samba picks a random name als sharename? Sometimes | printer, somtimes alias1 a.s.o. Whats going wrong? I want | a List of shares like this (after import of printcap): | | smbclient -L | | Sharename Type Comment | - --- | printer6Printer lpp6 | printer5Printer lpp5 | printer4Printer lpp4 | printer3Printer lpp3 | printer1Printer lpp1 | printer0Printer lpp0 | | | Anyone could help? Sounds like bug in out printcap parsing code. Mind filing a bug and attaching your printcap file? Thanks. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy/ORIR7qMdg1EfYRAulMAJwKduVECj5b6p5bX+mRdxpXihtWPgCg5NkS ecRTH3Mg/ePTXAskyzlIL88= =pwKJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error building Samba 3.0.14a on Solaris 9
our bug. The attached patch should fix it. The most impressive patch I've ever seen ;-) It's working, thanks. Remy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba LDAP timeout
[2005/07/06 09:26:35, 0] lib/smbldap.c:smbldap_connect_system(812) ldap_connect_system: Failed to retrieve password from secrets.tdb - Did you set the LDAP bind password? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Files and folders disappear after created
Hi: Theatre: Samba Server 3 PDC and Windows 2000 Professional stations 1. Please excuse my english 2. New files or folders created with Windows 2000 FileManager disappear 2a. Those new files and folders are shown in Win98 or linux server console, but not in Win 2000. 3. Linux file/directory attributes are what I expect to be. Please give me some guidelines to resolve this problem. Thanks in advance. Walter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba LDAP timeout
Adam Tauno Williams wrote: [2005/07/06 09:26:35, 0] lib/smbldap.c:smbldap_connect_system(812) ldap_connect_system: Failed to retrieve password from secrets.tdb - Did you set the LDAP bind password? Yes! That did the trick. Thank you very much. I shouldn't have overlooked something so simple. It now works without SSL. With SSL is a different issue. [2005/07/06 10:48:24, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 10 try! [2005/07/06 10:48:25, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 11 try! [2005/07/06 10:48:26, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 12 try! [2005/07/06 10:48:27, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 13 try! [2005/07/06 10:48:29, 0] lib/smbldap.c:smbldap_search_suffix(1155) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) It appears that SSL may not be compiled into Samba, as there is no libssl.so listing in ldd /usr/sbin/smbd. While I could compile from source, this would slightly complicate long term maitenance of the server. Does anyone have advice for using SSL with Samba/LDAP on Ubuntu Hoary? Thanks again, Ian -- http://www.0x09.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba LDAP timeout
It now works without SSL. With SSL is a different issue. [2005/07/06 10:48:24, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 10 try! [2005/07/06 10:48:25, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 11 try! [2005/07/06 10:48:26, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 12 try! [2005/07/06 10:48:27, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 13 try! [2005/07/06 10:48:29, 0] lib/smbldap.c:smbldap_search_suffix(1155) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) It appears that SSL may not be compiled into Samba, as there is no libssl.so listing in ldd /usr/sbin/smbd. While I could compile from source, this would slightly complicate long term maitenance of the server. Does anyone have advice for using SSL with Samba/LDAP on Ubuntu Hoary? I've never used Ubuntu; but I'd be surprised your Samba is really built without SSL support, in fact, I think it is really your libldap that is in question. Are you setting ldap ssl = start_tls ??? Don't use an ldaps:/// URL. If you LDAP server is local just use ldapi:/// with is faster anyway and you don't need any encryption. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] *Funding available ID:Yptrffhh2622165837
In the US snail mail doesn't work like that. Mail gets returned to the sender for insufficient postage. Eric Hines Louis van Belle wrote: So to all companies, please spam them. in The Netherlands Spam to companies is allowed ;-) ( for now, law is comming ) And Just send them Mail not email mail, but dont put a stamp on it. and i can send 9 Kilogram without stamp :D make them pay the . ( you know ) ;-) snip -- He can compress the most words into the smallest ideas of any man I ever met. - Abraham Lincoln -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] *Funding available ID:Yptrffhh2622165837
Eric Hines wrote: In the US snail mail doesn't work like that. Mail gets returned to the sender for insufficient postage. Unless you use one of those postage paid evelopes, which you're free to stuff, with whatever junk mail you've got at hand. ;-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] *Funding available ID:Yptrffhh2622165837
The call trick also works in reverse. Shortly after the PRC started minting their Panda gold coins, I got a long distance call (MI to NM, and in those days, Ma Bell was still a regulated monopoly--that call's per minute rate was not low) from a broker offering to let me in on the ground floor of buying a supply of these wonderful, valuable collector's items for only a little above the face value of those coins. He called just as I was sitting down to supper after painting my house, so I was in a bad mood (I hate painting houses). Rather than blowing him off and hanging up, though, I engaged him in conversation about the relative merits of gold bullion vs gold coins, the gold coins of other nations (including the US) as collector's items, the investing value of collector's item gold coins vs the value of simply buying bullion, where we thought the price of gold was going, and in which nation as its economy evolved, the value of gold vs silver, platinum, mines, other commodities in general (I even got him onto coal for a little bit). I kept him on the phone on his nickel (lots of them) for an hour. And at the end, when he asked if I were going to buy any Pandas, and I said no, hadn't he been listening, I could hear the phone slam down on his end. I not only never heard from that company again, but for the next several months the number of cold calls coming in offering me any good deals was a good approximation of zero. Eric Hines Jeff Frantz wrote: Just give them a call at their toll-free number: 866-322-3376 It costs them money and you can annoy the crap out of them. I just called and someone actually answered. I told her to expect lots of calls! -Jeff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Louis van Belle Sent: Wednesday, July 06, 2005 10:42 AM To: samba@lists.samba.org Subject: RE: [Samba] *Funding available ID:Yptrffhh2622165837 So to all companies, please spam them. in The Netherlands Spam to companies is allowed ;-) ( for now, law is comming ) And Just send them Mail not email mail, but dont put a stamp on it. and i can send 9 Kilogram without stamp :D make them pay the . ( you know ) ;-) Registrant: Canadian Publications ATTN: 3223376.NET c/o Network Solutions P.O. Box 447 Herndon, VA. 20172-0447 Domain Name: 3223376.NET Administrative Contact: Canadian Publications [EMAIL PROTECTED] tration.com ATTN: 3223376.NET c/o Network Solutions P.O. Box 447 Herndon, VA 20172-0447 570-708-8780 Technical Contact: Network Solutions, LLC. [EMAIL PROTECTED] 13200 Woodland Park Drive Herndon, VA 20171-3025 US 1-888-642-9675 fax: 571-434-4620 Record expires on 03-Sep-2005. Record created on 03-Sep-2004. Database last updated on 6-Jul-2005 10:38:27 EDT. Domain servers in listed order: NS1.ANZWERSNET.BIZ 211.140.139.108 NS2.ANZWERSNET.BIZ 218.5.74.47 -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens [EMAIL PROTECTED] Verzonden: dinsdag 5 juli 2005 16:26 Aan: [EMAIL PROTECTED] Onderwerp: [Samba] *Funding available ID:Yptrffhh2622165837 *Government financing available Business publications 4865 hwy 138 r.r. 1 St-Andrews w. On K0C 2A0 The most complete and affordable reference for anyone looking for financing. It is the perfect tool for new and existing businesses, individuals, foundations and associations Complete guide containing more than 3000 programs New 2005 edition Legal Deposit-National Library of Canada Business.$ 69.95 CD-Rom Academic printed$ 149.95 (430 pages) Toll free: 8 6 63 2 23 3 7 6 0844126086724032056340070710664410403075403008Pupncrjknq -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- He can compress the most words into the smallest ideas of any man I ever met. - Abraham Lincoln -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] *Funding available ID:Yptrffhh2622165837
Eric Hines wrote: I not only never heard from that company again, but for the next several months the number of cold calls coming in offering me any good deals was a good approximation of zero. What I like to do, is put telemarkets on hold, without telling them. I can watch the flashing hold light, to see how long they stay on the line. One, this morning, stayed on for almost two minutes! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: Samba-3 By Ex Chapt 3]
Yes, I am--or at least I think so; the daemon is running, and it's configured according the the Chapt 3 example. The /etc/resolv.conf file says it's written by /etc/dhclient-script, so I disabled that file, adjusted the resolv and tried again. No effect. Also, during reboot, when dhcpd started up, I got the error message Not configured to listen on any interface. Wrote 5 new leases. When the reboot completed, I had no Internet connection whatsoever. I had to re-enable dhclient-script and reboot. So I remain with the problems that I have no DNS resolution capability, and I cannot edit, with permanence, /etc/resolv.conf. I'd probably be satisfied with the latter if I could get DNS to work. Thanks Eric Hines Chris Nicholls wrote: Are you using dhcp to get an IP address on that server? Every time dhcpcd gets an IP address it overwrites the resolv.conf. So I think that's why it's changing every time you reboot. dhcpcd can be run with the -R option to prevent it from overwriting resolv.conf (check out the dhcpcd man page). I'm not sure where you'd specify that as i don't use FC. But it's probably easier to just give that machine a static IP. Chris Eric Hines wrote: One more thing I forgot to mention. The chapter calls for editing /etc/resolv.conf, but in my case it won't stay edited--it keeps getting set back to an original form (for searching my ISP) on every reboot. Thanks again. snip I'm running Samba v 3.0.14a on an FC3 machine. I've got two basic problems: one centers on my DNS set up and the other is an authenticated logon problem. With /etc/nsswitch.conf set to hosts: dns, I cannot ping my samba server--Host not found. Nor does host lserver1.test.biz (which appears in my /etc/hosts file) resolve the name (incidentally, host -f ... just tells me the f is an illegal option). WINS seems to resolve OK (at least the test for that in the chapter passes). I've checked my files several times, and I can find no error in them. snip Any help on these two would be greatly appreciated. Eric Hines -- He can compress the most words into the smallest ideas of any man I ever met. - Abraham Lincoln -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] *Funding available ID:Yptrffhh2622165837
Eric Hines wrote: The call trick also works in reverse. Shortly after the PRC started minting their Panda gold coins, I got a long distance call (MI to NM, I've noticed that sometimes when you call that toll free number, you get an answering machine. I wonder how long a call it'll take, before hanging up? Could get expensive. ;-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] *Funding available ID:Yptrffhh2622165837
I suppose I could put the receiver next to my radio. Or perhaps record some bible thumper from the TV or radio and play that. ;-) Ron Loxton wrote: Just start reading from the paper or something. You should be able to get about 3mins before it disconnects as long as you are talking. If enough do it, the voice mail box will fill and they will have to foot the bill for the toll free access...and oh they will also need to filter through the useless voice mails hahaha Ron */James Knott [EMAIL PROTECTED]/* wrote: Eric Hines wrote: The call trick also works in reverse. Shortly after the PRC started minting their Panda gold coins, I got a long distance call (MI to NM, I've noticed that sometimes when you call that toll free number, you get an answering machine. I wonder how long a call it'll take, before hanging up? Could get expensive. ;-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can Samba join two domains?
Hi all, If I have a Samba server that is say a PDC for domain DOM-A can I have Samba join an ADS server that is DOM-B and have people authenticate against it without having an account on DOM-A? Does winbind provide this? -- George Farris [EMAIL PROTECTED] Malaspina University-College -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Invalid user name when adding machine to domain
useradd: invalid user name 'paulgrav$' Any ideas of what could be causing this? Your version of useradd doesn't allow '$'. This keeps getting fixed and then reverted on many distros...what are you using? Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA jmcd at us dot ibm dot com jmcd at samba dot org Phone: 1-877-228-1846 IBM tie-line: 349-5335 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: Samba-3 By Ex Chapt 3]
Eric Hines said:
Yes, I am--or at least I think so; the daemon is running, and it's
configured according the the Chapt 3 example. The /etc/resolv.conf file
says it's written by /etc/dhclient-script, so I disabled that file,
adjusted the resolv and tried again. No effect. Also, during reboot,
when dhcpd started up, I got the error message Not configured to listen
on any interface. Wrote 5 new leases. When the reboot completed, I
had no Internet connection whatsoever. I had to re-enable
dhclient-script and reboot.
So I remain with the problems that I have no DNS resolution capability,
and I cannot edit, with permanence, /etc/resolv.conf. I'd probably be
satisfied with the latter if I could get DNS to work.
You need to understand the difference between dhcpd and dhcpcd. dhcpd is
the server that provides network configuration information to other
clients out on the network. dhcpcd is the client part that requests that
configuration info from the server. If the other machines on your
internal network have static IP addresses, then you don't need to be
running dhcpd. However, you probably do want to run dhcpcd on your
gateway machine because it gets the network config info from your ISP.
You can tell dhclient to get the IP address and gateway info, but to
ignore what the server tells it to do for the DNS server. Look at the man
pages for dhclient-script. If you create an executable script called
/etc/dhclient-enter-hooks and in there define the function
'make_resolv_conf()', you can override how your /etc/resolv.conf gets
handled. I have one on a FC3 machine at home. I can't get to it at the
moment, but from memory I believe that you can do something like this in
dhclient-enter-hooks:
===8-
#!/bin/bash
make_resolv_conf() {
cat /etc/resolv.conf EOF
search mydomain.net
nameserver 192.168.52.1
EOF
}
===8-
Of course, you could also just define make_resolv_conf() as an empty
function and it will just leave the current /etc/resolv.conf alone.
/dwight
--
Dwight N. Tovey
email: [EMAIL PROTECTED]
-
Work to Live : Live to Ride : Ride to Work
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: Samba-3 By Ex Chapt 3]
Dwight Tovey said: Eric Hines said: Yes, I am--or at least I think so; the daemon is running, and it's configured according the the Chapt 3 example. The /etc/resolv.conf file says it's written by /etc/dhclient-script, so I disabled that file, adjusted the resolv and tried again. No effect. Also, during reboot, when dhcpd started up, I got the error message Not configured to listen on any interface. Wrote 5 new leases. When the reboot completed, I had no Internet connection whatsoever. I had to re-enable dhclient-script and reboot. So I remain with the problems that I have no DNS resolution capability, and I cannot edit, with permanence, /etc/resolv.conf. I'd probably be satisfied with the latter if I could get DNS to work. You need to understand the difference between dhcpd and dhcpcd. dhcpd is the server that provides network configuration information to other clients out on the network. dhcpcd is the client part that requests that configuration info from the server. If the other machines on your internal network have static IP addresses, then you don't need to be running dhcpd. However, you probably do want to run dhcpcd on your gateway machine because it gets the network config info from your ISP. And before anybody else notices the big chunk that I left out, Eric is not running dhcpcd. That client has been replaced by 'dhclient'. You need to run that on your Internet interface to get the IP configuration info from your ISP (with the hook that I gave before to ignore the resolv.conf part). If you want the machines on your internal intranet to be configured via dhcp, then you may run 'dhcpd' on the internal network interface to serve them. Hope I didn't cause too much confusion before. /dwight -- Dwight N. Tovey email: [EMAIL PROTECTED] - Work to Live : Live to Ride : Ride to Work -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba LDAP timeout
Adam Tauno Williams wrote: I've never used Ubuntu; but I'd be surprised your Samba is really built without SSL support, in fact, I think it is really your libldap that is in question. ldd /usr/lib/libldap.so reveals that it is not linked to libssl, while it is on the server that has this working. Are you setting ldap ssl = start_tls ??? Don't use an ldaps:/// URL. I have tried all combinations of ldap://, ldaps://, ssl = on, ssl = start_tls. All variations yield similar results. If you LDAP server is local just use ldapi:/// with is faster anyway and you don't need any encryption. Unfortunately, it is not local. I've started a thread on Ubuntu forums. If I learn anything useful I'll post it here. Thanks for the thoughts. -- http://www.0x09.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can Samba join two domains?
George Farris wrote: Hi all, If I have a Samba server that is say a PDC for domain DOM-A can I have Samba join an ADS server that is DOM-B and have people authenticate against it without having an account on DOM-A? Well...no, but you can set up trust account between the domains, that will accomplish a similar thing. Does winbind provide this? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Migrating user profiles from local to domain
Hi, I am trying to plan a migration of approximately 160 PC's from a workgroup environment to using Samba (3.0.14a) as a PDC (on AIX 4.3, to be 5.3 in near future). They will NOT be using roaming profiles, as this is not appropriate for the client. Joining the machine to the domain, logging in works, everything's cool. These computers were all in a workgroup previously and had a local user set up for them to use. After joining the domain and logging into the domain, they get a default desktop. Appropriately so, as they are a different user than the local one that they used to use on the computer. Browsing the local hard disk, I can see that there is a keith user that is a local user. There is also a keith.domain user, which is obviously the user for the domain. I have a couple of questions. 1. When the user on a PC (eg: XP SP2) logs on into the domain the first time, how does Windows know what kind of Default Profile to create for the user? I assume that it comes from the Samba server. On the Samba Server, I have done a net rpc group addmem Administrators DOM\Keith When Keith logs into a PC, is that what is giving him Domain Administrator rights? What if he belongs to multiple groups? What group wins for his default group? The one with the highest rights? His default Unix group? 2. We want to copy the enviroment (Desktop, Bookmarks, My Documents, etc) of the local user to the new Domain User. Remember, we are not using roaming profiles. We can do that using System Properties-User Profiles-Copy To. Is this the BEST way to accommplish this? Is it going to affect the rights assigned from the Primary Domain Controller? (because it's being done as the local administrator, in theory it might have permission to do this. 3. Just a shot in the dark, is there any way to share the profile between a local user and the domain user? I can't imagine so, given permission problems and everything. Everything needs to be done RIGHT, as someone has to walk around to every PC to do this, and we only want to have to do that once! :-) (and yes, they are turning on Remote Desktop at the same time ;-) ). In the Samba3-HOWTO.pdf, I found: 26.2.5.3 moveuser.exe The Windows 200x professional resource kit has moveuser.exe. moveuser.exe changes the security of a profile from one user to another. This allows the account domain to change and/or the username to change. This command is like the Samba profiles tool. I'm a bit confused... would this sequence of events work? 1. Log in as the local administrator 2. Join PC to the domain 3. Use the moveuser.exe to change the local profile for keith to be the profile for the domain user keith 4. Delete the local user keith Could it be that simple? Unfortunately I'm about 4000 km away from the server any PC's right now, and have to walk unskilled people through any testing, so I can't really test experiment too much on my own. Also, I'm trying to find the RIGHT way to do this, rather than just a way that WORKS. Thanks for any assistance! Cheers, Steve Williams -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.13 ADS domain member on AIX 5.2
All, I'm trying to figure out if I missed some steps in configuring Samba 3.0.13 on AIX 5.2 as a Windows 2003 ADS domain member server of the domain DEVELOPMENT. Samba is compiled with Heimdal Kerberos and openLDAP support, and I successfully joined the ADS domain using net ads join after running a kinit. Kerberos appears to be working, wbinfo -u and wbinfo -g work; net ads status works fine, smbtree works. However, when I try to authenticate to a test share using either a domain user ID or a user ID from another domain (CORP) that has a trust relationship with the domain that the Samba server is joined to, I see NT_STATUS_NO_SUCH_USER in the log.smbd. So, my two questions are: do I need to be running winbindd? Does it have to have PAM support, or is that just for using domain logins on the unix side? smb.conf follows: [global] realm = READING.DEVPORTAL.NET workgroup = DEVELOPMENT password server = usrd106.reading.devportal.net security = ADS encrypt passwords = yes #debug level = 7 winbind separator = + idmap uid = 1-2 idmap gid = 1-2 winbind enum users=yes winbind enum groups=yes client use spnego = yes [public] comment = Public data directory read only = no path = /sambapublic user = @DEVELOPMENT+domain users @CORP+domain users -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.13 ADS domain member on AIX 5.2
Scruggs, Ronald wrote: All, I'm trying to figure out if I missed some steps in configuring Samba 3.0.13 on AIX 5.2 as a Windows 2003 ADS domain member server of the domain DEVELOPMENT. Samba is compiled with Heimdal Kerberos and openLDAP support, and I successfully joined the ADS domain using net ads join after running a kinit. Kerberos appears to be working, wbinfo -u and wbinfo -g work; net ads status works fine, smbtree works. However, when I try to authenticate to a test share using either a domain user ID or a user ID from another domain (CORP) that has a trust relationship with the domain that the Samba server is joined to, I see NT_STATUS_NO_SUCH_USER in the log.smbd. So, my two questions are: do I need to be running winbindd? Yes Does it have to have PAM support, Yes...pam needs to authenticate using ldap/ads or is that just for using domain logins on the unix side? smb.conf follows: [global] realm = READING.DEVPORTAL.NET workgroup = DEVELOPMENT password server = usrd106.reading.devportal.net security = ADS encrypt passwords = yes #debug level = 7 winbind separator = + idmap uid = 1-2 idmap gid = 1-2 winbind enum users=yes winbind enum groups=yes client use spnego = yes [public] comment = Public data directory read only = no path = /sambapublic user = @DEVELOPMENT+domain users @CORP+domain users -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] getpeername failed, Error was Transport endpoint is not connected
Hello, Using Samba 3.014 on SLES9 on a proliant Xeon server. All clients (XP) fixed IP addresses, Ip hostname in hosts table. During the boot of a XP client I receive these messages in the log file's Can anybody explain why or what is causing this. Most of the XP clients reporting none of these messages. Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:get_peer_addr(1150) Jul 6 12:50:24 server4 smbd[27787]: getpeername failed. Error was Transport endpoint is not connected Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:write_socket_data(430) Jul 6 12:50:24 server4 smbd[27787]: write_socket_data: write failure. Error = Connection reset by peer Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:write_socket(455) Jul 6 12:50:24 server4 smbd[27787]: write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:send_smb(647) Jul 6 12:50:24 server4 smbd[27787]: Error writing 4 bytes to client. -1. (Connection reset by peer) Name resolve order in the smb.conf file: lmhosts hosts wins bcast Thanks Harry [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] read_socket_data: recv failure for 4. Error = No route to host
Hello, During the logoff of a XP client, the samba log show this error. Jul 6 17:54:06 server4 smbd[16054]: [2005/07/06 17:54:06, 0] lib/util_sock.c:read_socket_data(384) Jul 6 17:54:06 server4 smbd[16054]: read_socket_data: recv failure for 4. Error = No route to host Only a few XP stations causing this message. Can anybody explain why or what is doing this? What is the reason? Running Samba 3.014 on SLES9 on a HP Proliant Xeon server. After this, the services are closing. Best regards, Harry [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NetBIOS Name Resolution Problem?
All, 1. Here is my network configuration: One NT4 PDC One NT4 BDC Two Sun boxes, both configured as Domain Member servers running Samba version 3.0.10 providing file and print sharing. Three Windows 2000 boxes configured as Citrix servers Two Sun boxes configured as Sun Ray servers (used in conjunction with the Citrix servers) One UNIX box used as a DNS Master Server One UNIX box used as a DNS Slave Server One UNIX box used as an LDAP server Several Mac OS 9 workstations Several Mac OS X workstations Several Sun workstations Note: At the moment there is no synchronization between the PDC/BDC and the LDAP server. All syncronization (passwords, users, groups, etc are done manually). 2. Problem: My Windows 2000 clients can see and use all samba services provided by both servers. However, there appears to be NetBIOS resolution problems at the PDC and BDC. When running smbclient L samba server on both samba servers, shares are listed. However, in the work group portion of the report I get the following result: Session request to SAMBA_SERVER failed (Called name not present) Session request to *SMBSERVER failed (Called name not present) NetBIOS over TCP disabled workgroup unavailable. The only reason I noticed this problem is that Mac OS X clients under development could not connect to the samba shares. However, Samba, as is, is satisfying my user base with no problems. 3. Troubleshooting Both Samba servers passed ping tests. To themselves, to the PDC and BDC, and from the PDC and BDC to the Samba servers. No firewalls are in use. Ran testparm against the smb.conf file. Passed. Verified that the smbd and nmbd daemons were running on both Samba servers. Ran nmblookup B samba_server on both servers. Passed. Ran nmblookup B domain_controller * on both the PDC and BDC. Passed. From both Samba servers ran nmblookup d 2 *. Passed. On both Samba servers, ran the smbclient test listed in the above problem section with the noted results. From both the PDC and BDC, ran the net view command without any arguments. Both Samba servers were listed. From both the PDC and BDC ran net view \\samba _server and got the following error: System error 53 has occurred The network path was not found Finally, I ran the smbclient and nmblookup tests on both Samba servers with a debugging level of 4. The tests produced the following fatal error: Error loading module /usr/local/smaba/charset/ ..so. The modules each server was attempting to load were not in the /usr/local/samba/charset directory. 4. Questions Is this a hostname resolution problem? Are the missing charset modules causing my problem? Will a recompilation fix the problem, or will I have to do a complete de-installation? Is there a work-around? - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Seeking help with Samba shares OPLOCKS Quickbooks databases
I thought I had things figured out, but guess not. I have multi-user Quickbooks databases that functioned fine on a Novell server but are behaving badly on a Samba share. I have created a separate share for the Quickbook databases, users are running Win XP Pro, latest patches, and the Quickbooks application installed on the desktop. It is a multiuser version. Server is RedHat ES 3, Samba 3.0.14. Here is the config for the Quickbooks share: [accting] comment = Accounting Volume path = /accting writeable = yes valid users = a list of valid users level2 oplocks = no veto oplock files = /*.*db/*.ldb/*.mde/*.xls/*.QB*/*.*/ blocking locks = no locking = no strict locking = no share modes = no The first user opens the database, and as soon as the second person attempts to access the same database, the database is corrupting and crashing. Does anyone else out there have a similar setup or experience that works and can help me resolve my issue?? Much thanks! Liz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Seeking help with Samba shares OPLOCKS Quickbooks databases
Liz Ackerman wrote: I thought I had things figured out, but guess not. I have multi-user Quickbooks databases that functioned fine on a Novell server but are behaving badly on a Samba share. I have created a separate share for the Quickbook databases, users are running Win XP Pro, latest patches, and the Quickbooks application installed on the desktop. It is a multiuser version. Server is RedHat ES 3, Samba 3.0.14. Here is the config for the Quickbooks share: [accting] comment = Accounting Volume path = /accting writeable = yes valid users = a list of valid users level2 oplocks = no veto oplock files = /*.*db/*.ldb/*.mde/*.xls/*.QB*/*.*/ blocking locks = no locking = no strict locking = no share modes = no The first user opens the database, and as soon as the second person attempts to access the same database, the database is corrupting and crashing. Yes, because you need to run your oplocks. You have two solutions. The easiest to implement is the force user line in smb.conf. The harder but cleaner way is to use acl's. Does anyone else out there have a similar setup or experience that works and can help me resolve my issue?? Much thanks! Liz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain member server on AIX 5.3
Hi, I'm trying to setup samba 3.0.14a as domain member on AIX 5.3. My test environment is: - PDC and ldap master on RH8.0 (samba 3.0.14a, openldap 2.1.29) - Ldap slave on FC3 (openldap 2.2.13) - Samba domain member on FC4 (samba 3.0.14a) - XP clients - and Samba domain member on AIX 5.3 (samba 3.0.14a) This is what I did: - Compiled samba ./configure --with-fhs --with-quotas --with-syslog --with-utmp \ --with-libsmbclient --with-acl-support \ --with-shared-modules=idmap_rid --enable-cups=yes \ --with-libiconv=/usr/local --with-ads=no successfully with gcc (gcc-3.3.2-5) or vac (7.0) against openldap 2.2.27 and libiconv 1.9.2 (see: http://lists.samba.org/archive/samba/2005-May/105333.html) - Client ldap setup on AIX with secldapclntd or nss_ldap-239 (nss_ldap see: http://bugzilla.padl.com/show_bug.cgi?id=202) This is what works on the aix domain member: - smbpasswd -w secret - net rpc join - net rpc info - net groupmap list - id user - lsuser user - lsgroup group - wbinfo -g - wbinfo -u - wbinfo -t - passwd user (only with secldapclntd) - smbpasswd user - ssh, telnet, rlogin from clients to aix domain member server - anonymous connects via smbbclient -Llocalhost -U% My samba configuration is: [global] workgroup = DOMAIN password server = * socket options = SO_RCVBUF=8192 SO_SNDBUF=8192 enable privileges = yes wins server = 192.168.xx.xx create mask = 0644 unix charset = ISO-8859-15 display charset = ISO-8859-15 username map = /usr/local/samba/etc/samba/username.map security = domain passdb backend = ldapsam:ldap://ldap2 ldap://ldap1; ldap admin dn = uid=admin,dc=example,dc=com ldap suffix = dc=example,dc=com ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=systems ldap idmap suffix = ou=Idmap idmap backend = ldap:ldap://ldap1 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind trusted domains only = Yes log file = /var/log/samba/log.%m.%a log level = 3 syslog = 0 max log size = 500 utmp = no This is what not works on aix domain member from Unix: - first try: smbbclient -Llocalhost -Uusername Password: Domain=[DOMAIN] OS=[Unix] Server=[Samba 3.0.14a] Sharename Type Comment - --- local Disk /usr/local with ACLs IPC$IPC IPC Service (Samba 3.0.14a) ADMIN$ IPC IPC Service (Samba 3.0.14a) session setup failed: Call returned zero bytes (EOF) NetBIOS over TCP disabled -- no workgroup available - second, third ... try: smbbclient -Llocalhost -Uusername Password: session setup failed: Call returned zero bytes (EOF) - restart samba (goto: first try) This is what works on aix domain member from XP (after restarting samba (only first connect)): - open, save and rename files - changing acl's After disconnecting from aix member server, there are no further connections available (Error message: the networkname is not available). My samba domain member setup works perfectly with FC3 and FC4. I had the same problems (NetBIOS over TCP disabled -- no workgroup available) after updating from 3.0.10 to 3.0.11 on the rh8.0 pdc. Updating from nss_ldap-198 to nss_ldap-207 (rebuild from SRPM) solved the problem. Any ideas? Regards Carsten -- . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question regarding SWAT
Hi everyone,
In the last few days I've spended hours and hours on the web surching for a
solution to my problems. Eventhough it looked like there where several other
people having the same problem I couldn't find a way to solve it.
Therefore I'm hoping that one of you could help me with the following problem.
I've installed Samba 3.0.14a on RedHat 9.0. Samba is working perfectly.
But the problem lies with SWAT. When I type in my browser
http://localhost:901; I get the following error:
Connection was refused when attempting to contact localhost:901
My config files look like this:
--/etc/xinetd.conf--
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
instances = 60
log_type= SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
includedir /etc/xinetd.d
swat stream tcp nowait.400 root /usr/sbin/swat swat
--/etc/xinetd.d/swat
# default: off
# description: SWAT is the Samba Web Admin Tool. Use swat \
# to configure your Samba server. To use SWAT, \
# connect to port 901 with your favorite web browser.
service swat
{
disable = no
port= 901
socket_type = stream
wait= no
only_from = localhost
user= root
server = /usr/sbin/swat
log_on_failure += USERID
}
--
and in my services I've added the line: swat 901/tcp
I'm not using a firewall.
So, the service samba is working fine, but when I start xinetd he failes.
service xinetd status then gives : xinetd dead but pid file exists.
When I look into my /var/log/messages I come across the following statements:
---
Jul 6 15:12:33 localhost xinetd: xinetd shutdown failed
Jul 6 15:12:33 localhost xinetd[2456]: missing service keyword [line=20]
Jul 6 15:12:33 localhost xinetd[2456]: missing } in last service entry
[line=20]
Jul 6 15:12:33 localhost xinetd[2456]: 2456 {general_handler} (2456)
Unexpected signal: 11 (Segmentation fault)
Jul 6 15:12:33 localhost last message repeated 9 times
Jul 6 15:12:33 localhost xinetd[2456]: 2456 {bad_signal} Received 10 signals
in 1 seconds. Exiting...
Jul 6 15:12:33 localhost xinetd: xinetd startup succeeded
But I can't find the file where the } is missing in line 20.
I trully hope someone could help me with this because I really really want to
get this working.
I would be very thankfull, if you got some usefull info.
Thanks,
P.J. Wolters
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Seeking help with Samba shares OPLOCKS Quickbooks databases
On Wed, Jul 06, 2005 at 12:54:03PM -0600, Liz Ackerman wrote: [accting] comment = Accounting Volume path = /accting writeable = yes valid users = a list of valid users level2 oplocks = no veto oplock files = /*.*db/*.ldb/*.mde/*.xls/*.QB*/*.*/ blocking locks = no locking = no strict locking = no share modes = no The first user opens the database, and as soon as the second person attempts to access the same database, the database is corrupting and crashing. man smb.conf /locking \(S\) Be careful about disabling locking either globally or in a specific service, as lack of locking may result in data corruption. Well, switch locking back. -- Udvozlettel Zsiga -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [SAMBA] How to stop winbindd from granitng UID=0? Security hole?
But now there is a real problem. There is a domain user root. If the domain is present, we can login to the client with putting simple root as a username, and using domain password. And we are actually getting uid 0, so we are real root, not just dorm user with funny-looking username. Of course this behaviour is great for normal (unprivileaged) user account, but not for root account. So, domain operators can have root domain acocunt and this way get root acces to all linux boxes with this setup. Does anyone know how can I stop it? I'll post configs if requested, but maybe it is just a simple problem... man slapd-access -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd
I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. -- Tomek WPKG - automated software installation with Samba http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question regarding SWAT
I had a similar problem, and the only way I could get SWAT to come up
(I'm still not sure I should have to--what's name resolution for?) was
to use, in the swat file:
only_from = 127.0.0.1
instead of
only_from = localhost
Eric Hines
[EMAIL PROTECTED] wrote:
Hi everyone,
In the last few days I've spended hours and hours on the web surching for a
solution to my problems. Eventhough it looked like there where several other
people having the same problem I couldn't find a way to solve it.
Therefore I'm hoping that one of you could help me with the following problem.
I've installed Samba 3.0.14a on RedHat 9.0. Samba is working perfectly.
But the problem lies with SWAT. When I type in my browser
http://localhost:901; I get the following error:
Connection was refused when attempting to contact localhost:901
My config files look like this:
--/etc/xinetd.conf--
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
instances = 60
log_type= SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
includedir /etc/xinetd.d
swat stream tcp nowait.400 root /usr/sbin/swat swat
--/etc/xinetd.d/swat
# default: off
# description: SWAT is the Samba Web Admin Tool. Use swat \
# to configure your Samba server. To use SWAT, \
# connect to port 901 with your favorite web browser.
service swat
{
disable = no
port= 901
socket_type = stream
wait= no
only_from = localhost
user= root
server = /usr/sbin/swat
log_on_failure += USERID
}
--
and in my services I've added the line: swat 901/tcp
I'm not using a firewall.
So, the service samba is working fine, but when I start xinetd he failes.
service xinetd status then gives : xinetd dead but pid file exists.
When I look into my /var/log/messages I come across the following statements:
---
Jul 6 15:12:33 localhost xinetd: xinetd shutdown failed
Jul 6 15:12:33 localhost xinetd[2456]: missing service keyword [line=20]
Jul 6 15:12:33 localhost xinetd[2456]: missing } in last service entry
[line=20]
Jul 6 15:12:33 localhost xinetd[2456]: 2456 {general_handler} (2456)
Unexpected signal: 11 (Segmentation fault)
Jul 6 15:12:33 localhost last message repeated 9 times
Jul 6 15:12:33 localhost xinetd[2456]: 2456 {bad_signal} Received 10 signals
in 1 seconds. Exiting...
Jul 6 15:12:33 localhost xinetd: xinetd startup succeeded
But I can't find the file where the } is missing in line 20.
I trully hope someone could help me with this because I really really want to
get this working.
I would be very thankfull, if you got some usefull info.
Thanks,
P.J. Wolters
--
He can compress the most words into the smallest ideas of any man
I ever met.
- Abraham Lincoln
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] su broken after ldap auth
hi, first of all, thanks to all the samba team for your great work and documentation. Well done! I have followed the 'By Example' guide, everything is working fine, except one thing. As indicated on chapter 5, point 14 of Configuration of smbldap-tools, when I try: # getent passwd | grep root I have 2 results, both id 0 root:x:0:0:root:/root:/bin/bash root:x:0:512:Netbios Domain Administrator:/root:/bin/bash The problem arises when, as root, I try su-ing to another user. It asks me for a password! Which is quite embarrassing if the account you try to su to has none (like the account for the fetchmail daemon, for instance). This all on a debian sarge, samba 3.0.14a, openldap 2.2.23.8. My /etc/pam.d/su is this: #%PAM-1.0 auth sufficient /lib/security/pam_ldap.so authrequisite pam_wheel.so group=wheel debug auth required /lib/security/pam_unix_auth.so use_first_pass accountsufficient/lib/security/pam_ldap.so accountrequired /lib/security/pam_unix_acct.so password required /lib/security/pam_ldap.so use_first_pass use_authtok sessionrequired /lib/security/pam_unix_session.so thanks in advance, N.Asenjo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Files missing when using windows XP and samba - not size-dependent
Hi again folks, Contrary to what I wrote yesterday, further testing has shown that whether a file is missing or not does not depend on the file size. Unlike Stuart Bailey, renaming the missing files did not help my situation. I have so far determined that which files are missing does not depend on permissions, file name or file size. All files are visible on the Windows client (as they should be) with Samba 3.0.0; some files become invisible with Samba 3.0.14a. I have not tried any intermediate versions of Samba, so I do not know when this bug was introduced. Is anyone else seeing this? Any troubleshooting suggestions would be greatly appreciated! Thanks, Paul Paul Dunphy wrote: Hi Stuart, By any chance, are the missing files very large? I am having a similar problem with Samba 3.0.14a on Irix 6.5.17, and in my case it appears to be related to file size. Large files (1.2 GB) and the folders containing them do not show up on the Windows client. This problem did not exist in my previous version of Samba, 3.0.0 (which I've been forced to revert to). Cheers, Paul Stuart Bailey wrote: Hi, I am using Fedora Core 3 as a server for both Unix (Solaris and HPUX) and Windows Xp clients. The Unix clients view the files through an NFS v3 share, and windows client use samba (3.0.8-0.pre1.3). When looking at a directory from the server, or from a Unix client, I can see 132 files. However, from the Windows client, I can only see 65 files. There appear to be nothing special about the files names (we have already removed spaces etc from the filenames incase they caused a problem). If I mount the samba shares via smbfs on the server (to a new mount point), I can see all 132 files, so I suspect the problem is not samba. I have checked the file permissions, and although they have various owners, all permissions are 666. There seems to be no consistency between files that are missing. I have tried a number of different Xp machines and they all exhibit the same symptoms. Any ideas or suggestions would be appreciated. Many thanks Stuart. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Tomasz Chmielewski wrote: Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Compile Error on 3.0.7 and 3.0.8 Pre 1 on X64 Fedora
Hi Thank Guus. Your advise helped. I am now able to pinpoint the exact code that creates this error. References below are to Samba 3.0.20Pre1 dynconfig.c has an include statement that incorporate the file include/includes.h. This latter file. On line 494 in this file a macro is runned if you have valgrind installed (valgrind is a memory check utility designed for x86 processors): /* Special macros that are no-ops except when run under Valgrind on * x86. They've moved a little bit from valgrind 1.0.4 to 1.9.4 */ #if HAVE_VALGRIND_MEMCHECK_H /* memcheck.h includes valgrind.h */ #include valgrind/memcheck.h #elif HAVE_VALGRIND_H #include valgrind.h #endif Using your advise Guus, I edited the Makefile to create .S file an analyzed it. As the error report stated during normal compilation, I found on both reported error lines the following assembler code: movl %rsi, %eax This statement doesn't seem to be valid for the AMD64 processor. I also tryed to download a fresh new version of valgrind. That to bailed out in error because of this statement. IMHO it looks like that valgrind isn't 64 bit compliant. Further on it also look like samba detect the 64 bit prosecor as x86 (which isn't tatally wrong :-)) ) and therefor include valgrind code if that is installed. On Fedora 64 bit version, valgrind is included in the 32 bit parts, and thus is used. Suggestion: A better test should be included to not select valgrind on 64 bit systemes, or better - valgrind should be rewritten to be 64 bit compliant. Medicine: Delete the above section in include/includes.h, then compilation run just fine. All tests was done on Fedora Core 3 64 bit dual opteron system. Very best regards Bent Vangli -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Scott Mayo wrote: Tomasz Chmielewski wrote: Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. Well, looks like I might see the problem. After checking the man pages for smbpasswd, it does not look like the passwword can be added to the command line anymore, unless I am missing something. On my other samba server (the one I am getting ready to replace), I could do the following: smbpasswd username passwd I don't see where I can do that anymore in Samba-3. Am I overlooking something? -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] su broken after ldap auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi ! My /etc/pam.d/su is this: I had the same problem and many more. Now my pam.d/su looks like this: /etc/pam.d/su ### authsufficient pam_rootok.so @include common-auth @include common-account @include common-session ## /etc/pam.d/common-auth authsufficient pam_ldap.so authrequiredpam_unix.so nullok_secure try_first_pass ## ### /etc/pam.d/common-account ### account sufficient pam_ldap.so account requiredpam_unix.so try_first_pass ## ### /etc/pam.d/common-session ### session requiredpam_mkhomedir.so skel=/etc/skel_suse/ umask=0022 session requiredpam_limits.so session requiredpam_unix.so session optionalpam_ldap.so # It took me many days to get this working. I like pam. :-) Thorsten R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCzEiTbWtKWOfip4sRAk1DAKDNVagpQBXvqSUMnTyArfVaeu9+ugCgg0Dh 7wlvDcBsTdiosA+M8wVuegA= =X6my -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Policy Violation
The following message sent by this account has violated system policy: From: samba@lists.samba.org To: [EMAIL PROTECTED] Date: Wed, 06 Jul 2005 16:20:30 -0500 Subject: Delivery failed The following violations were detected: --- Scan information follows --- Virus Name: [EMAIL PROTECTED] File Attachment: brandenburg.com.zip Attachment Status: deleted --- File name Block information follows --- File Attachment: brandenburg.com.zip Matching file name: Message is considered to be a mass-mailer. --- File name Block information follows --- File Attachment: M2005070616203016646.mes/brandenburg.com.zip Matching file name: *.zip -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] read_socket_data: recv failure for 4. Error = No route to host
Hello, During the logoff of a XP client, the samba log show this error. Jul 6 17:54:06 server4 smbd[16054]: [2005/07/06 17:54:06, 0] lib/util_sock.c:read_socket_data(384) Jul 6 17:54:06 server4 smbd[16054]: read_socket_data: recv failure for 4. Error = No route to host Only a few XP stations causing this message. Can anybody explain why or what is doing this? What is the reason? Running Samba 3.014 on SLES9 on a HP Proliant Xeon server. After this, the services are closing. Best regards, Harry [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] getpeername failed, Error was Transport endpoint is not connected
Hello, Using Samba 3.014 on SLES9 on a proliant Xeon server. All clients (XP) fixed IP addresses, Ip hostname in hosts table. During the boot of a XP client I receive these messages in the log file's Can anybody explain why or what is causing this. Most of the XP clients reporting none of these messages. Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:get_peer_addr(1150) Jul 6 12:50:24 server4 smbd[27787]: getpeername failed. Error was Transport endpoint is not connected Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:write_socket_data(430) Jul 6 12:50:24 server4 smbd[27787]: write_socket_data: write failure. Error = Connection reset by peer Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:write_socket(455) Jul 6 12:50:24 server4 smbd[27787]: write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer Jul 6 12:50:24 server4 smbd[27787]: [2005/07/06 12:50:24, 0] lib/util_sock.c:send_smb(647) Jul 6 12:50:24 server4 smbd[27787]: Error writing 4 bytes to client. -1. (Connection reset by peer) Name resolve order in the smb.conf file: lmhosts hosts wins bcast Thanks Harry [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
On Wed, Jul 06, 2005 at 03:54:50PM -0500, Scott Mayo wrote: Scott Mayo wrote: snip/ Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. Well, looks like I might see the problem. After checking the man pages for smbpasswd, it does not look like the passwword can be added to the command line anymore, unless I am missing something. On my other samba server (the one I am getting ready to replace), I could do the following: smbpasswd username passwd I don't see where I can do that anymore in Samba-3. Am I overlooking something? ye -s and last week postings on this mailing list GSt signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
ons, 06.07.2005 kl. 22.02 skrev Scott Mayo: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. How about building smbpasswd into your script? smbpasswd modifies both the Unix and Windows passwords at the same time. Two possible shell solutions, one from Nick Soracco and one from an answer to Wim Bakke (which I don't have), both from this list June last (copy 'n paste): printf password\npassword\n | smbpasswd -a -s username echo -n -e $PASS1\n$PASS2 | smbpasswd -as $USERNAME Just read the passwords from your list of details for each pupil. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. It's just that I'm in exactly the same situation as you, with a high school of 750+ pupils, teachers, staff, etc. and everyone in different groups. Best, --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] kind of ldap operation changing password from windows
On Tue, Jul 05, 2005 at 05:35:15PM -0500, Alex Canizales wrote: snip/ Already i had put the ldap passwd sync=yes What does you root DSE look like? This is my root DSE access control point rules: dn: changetype: modify replace: orclaci orclaci: access to entry by * (browse) orclaci: access to attr=(*) by * (search,read,compare) orclentrylevelaci: access to entry by * (browse) The problems isn't here, I have access to attrs=sambaLMPassword,sambaNTPassword by self ssf=128 write by anonymous ssf=128 auth by dn=cn=smbadmin,ou=People,dc=gpm,dc=stappers,dc=nl ssf=128 write by dn=cn=admin,ou=People,dc=gpm,dc=stappers,dc=nl ssf=128 write by * none is there any samba developer that tell me what other kind of ldap operation make when change the password from windows? why i got the message: ldap password change requested, but LDAP server does not support it -- ignoring ? if Oracle Ldap doesn't support this, why it's changing just the samba password and not the userpassword, and why it is changed when i use the smbldap-password command? smbldap-password probably uses smbadmin ( has write accces on OID ) Windows probably uses self ( has no write access on OID ) GSt signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] kind of ldap operation changing password from windows
On Wed, 2005-07-06 at 23:43 +0200, Geert Stappers wrote: On Tue, Jul 05, 2005 at 05:35:15PM -0500, Alex Canizales wrote: snip/ Already i had put the ldap passwd sync=yes What does you root DSE look like? This is my root DSE access control point rules: dn: changetype: modify replace: orclaci orclaci: access to entry by * (browse) orclaci: access to attr=(*) by * (search,read,compare) orclentrylevelaci: access to entry by * (browse) The problems isn't here, I have access to attrs=sambaLMPassword,sambaNTPassword by self ssf=128 write by anonymous ssf=128 auth by dn=cn=smbadmin,ou=People,dc=gpm,dc=stappers,dc=nl ssf=128 write by dn=cn=admin,ou=People,dc=gpm,dc=stappers,dc=nl ssf=128 write by * none is there any samba developer that tell me what other kind of ldap operation make when change the password from windows? why i got the message: ldap password change requested, but LDAP server does not support it -- ignoring ? if Oracle Ldap doesn't support this, why it's changing just the samba password and not the userpassword, and why it is changed when i use the smbldap-password command? smbldap-password probably uses smbadmin ( has write accces on OID ) Windows probably uses self ( has no write access on OID ) Windows is *not* touching ldap directly, only asking Samba to change the NT4 domain password in a SAM, which happens to be Samba on LDAP. You can see what the smbldap script is doing by reading the script, but the Samba 'ldap password sync = yes', is making the OpenLDAP password set exop call. This it hopes might set some LDAP password, in the hope of keeping everything in sync. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] compromising security
On Mon, 2005-07-04 at 16:57 -0500, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: All that should be done is to unplug the workstation from the network, then plug a laptop with a network sniffer into the workstation (connect the network cards), and watch the traffic... If the laptop acts with a name of a real server, and has encrypt passwords = no - would the workstation send the credentials in plaintext, and thus, all carefully crafted security would be compromised? Or is something fundamentally wrong in my thinking (hopefully)? Current Windows clients will not send the clear text of a password unless you have configured a registry setting to tell them it is OK. Around Windows NT 4.0 SP3, MS had the same thought you did. However, the lanman password that is still sent by default is not difficult to crack, but it does take much longer than just reading the network sniff. It is best to use 14 char passwords for such accounts, as windows will not store nor use the LM password in that case (the other option involves the registry, and disabling that). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: Samba-3 By Ex Chapt 3]
I tried both versions of /etc/dhclient-enter-hooks below, and in each
case, following a reboot my /etc/resolv.conf was overwritten to its
original form by dhclient-script.
Unless this is related to my DNS functionality, which I've written IAW
BYEXAMPLE Chapt 3 (although, apparently not, as it doesn't work), not
working, I'd just as soon focus on that, for the time being. Thanks for
all the help on /etc/resolv.conf, though, that most assuredly was not
time wasted. It'll be useful when I come back to this problem.
Eric Hines
Dwight Tovey wrote:
Eric Hines said:
snip
So I remain with the problems that I have no DNS resolution capability,
and I cannot edit, with permanence, /etc/resolv.conf. I'd probably be
satisfied with the latter if I could get DNS to work.
You can tell dhclient to get the IP address and gateway info, but to
ignore what the server tells it to do for the DNS server. Look at the man
pages for dhclient-script. If you create an executable script called
/etc/dhclient-enter-hooks and in there define the function
'make_resolv_conf()', you can override how your /etc/resolv.conf gets
handled. I have one on a FC3 machine at home. I can't get to it at the
moment, but from memory I believe that you can do something like this in
dhclient-enter-hooks:
===8-
#!/bin/bash
make_resolv_conf() {
cat /etc/resolv.conf EOF
search mydomain.net
nameserver 192.168.52.1
EOF
}
===8-
Of course, you could also just define make_resolv_conf() as an empty
function and it will just leave the current /etc/resolv.conf alone.
/dwight
--
He can compress the most words into the smallest ideas of any man
I ever met.
- Abraham Lincoln
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: McAfee 8 incompatible with Samba
Since I've updated McAfee to version 8 many applications which open file chooser dialogs report Access denied when trying to open a Samba share, including the users's own home directory. Is this the version of McAfee that includes a Windows firewall program? I find it's necessary to tell it to trust the local subnet (or, at very least, the PDC and any fileservers) to get anything to work right in a domain setting. It took me forever to figure this out the first time I tried to join a McAfee-infested machine to our domain. A very good hint, David. Stil, I don't install the firewall explicitly because all of the boxes are behind a firewall anyway. This Access denied error comes up even if all of the components of McAfee are disabled. Only a deinstall helps. But perhaps I should go with the flow and let the firewall install with the rest and then configure it as you suggested. I'll keep you posted. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Authenticate machine accounts with ntlm_auth
On Thu, 2005-06-30 at 21:28 +0200, Jérémy Cluzel wrote: Hi, Is it possible to authenticate a machine account with ntlm_auth ? When a machine tries to authencate itself, the username looks like this: host/hostname.domain.org I don't know if ntlm_auth is able to understand this format... It shouldn't mess with the username too much. The problem (I think, but I'll need to see traces) is the backend talking to ADS, which determines if the unusual case of a machine account doing an NTLM login can proceed. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] remove wins entries - samba 3
Hi, I am having the same problem. Did you figure out how to do this? Any help in how to remove stale WINS entries from Samba would be greatly appreciated. Cheers, -farshad -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] remove wins entries - samba 3
Hi, Farshad, I'm too new at this to be of much help. My WINS seems to be working, but I'm clueless as to why, just as I'm clueless as to why my DNS is not working. Eric Hines Farshad Abasi wrote: Hi, I am having the same problem. Did you figure out how to do this? Any help in how to remove stale WINS entries from Samba would be greatly appreciated. Cheers, -farshad -- He can compress the most words into the smallest ideas of any man I ever met. - Abraham Lincoln -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: Samba-3 By Ex Chapt 3]
Geoff Scott wrote: Eric Hines wrote: Geoff, What do your logs say about NT_STATUS_LOGON_FAILURE for the stuff below? What type of sam are you running? Ldapsam / tdbsam ? It's set for tdbsam. I've not got that set up right, though, according to the smbd log. I've frankly walked away from this problem, though, until I get DNS resolution running. My WINS does seem to be, tested with nsswitch set solely to wins. Now it's set back to hosts: files dns wins. I've been in log.nmbd, log.smbd, log.winbindd, and smbd. Smbd yells about Unable to open TDB rid database! There's a pretty clear hint; I just haven't had time to pursue it. There was a thread titled logon.bat that started a bit before this one. Have a look at that for example logon script settings. I'm studying that, too. That may help with my logon problem, but it doesn't address my DNS problem. When I run the logon.bat file from my Win2k box, I get the following in a DOS window: net time \\lserver1 /set /yes System error 5 has occurred. I'd guess that would work if you had wins set in your nsswitch It is, though: hosts: files dns wins Access is denied. net use h: /home The user's home directory has not been specified. Well that's just clearly wrong. As John said in that post I mentioned: net use o: %LOGONSERVER%\sharename Or net use o: \\lserver1\sharename But none of those is going to work unles name resolution is working. Particularly wins for this example. Agree on both. I still need to study John's post, but I'm concentrating on getting DNS to work for now. WINS does seem to be working. Regards Geoff Scott Thanks Eric Hines -- He can compress the most words into the smallest ideas of any man I ever met. - Abraham Lincoln -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] remove wins entries - samba 3
Eric Hines wrote: Hi, Farshad, I'm too new at this to be of much help. My WINS seems to be working, but I'm clueless as to why, just as I'm clueless as to why my DNS is not working. Eric Hines The questions you need to ask yourself are simple. Where is my DNS server? Where is my machine that I am pinging from pointing to in terms of DNS? Does that DNS server have the records to do with my lserver1 samba server? Are you running a local name server as per JHT's docs? Are you pointing your DNS on your lserver1 samba server to an external name server? Answer each of these questions for us and we'll see where we can help. Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] David Trask (Mailbox or Conference is full.)
Can we get this guy removed? There is no way for me to contact the mailbox owner. It's getting annoying having this bounce back spam every time one posts to the list. Regards Geoff Scott -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
ons, 06.07.2005 kl. 22.02 skrev Scott Mayo: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. How about building smbpasswd into your script? smbpasswd modifies both the Unix and Windows passwords at the same time. Two possible shell solutions, one from Nick Soracco and one from an answer to Wim Bakke (which I don't have), both from this list June last (copy 'n paste): printf password\npassword\n | smbpasswd -a -s username echo -n -e $PASS1\n$PASS2 | smbpasswd -as $USERNAME Just read the passwords from your list of details for each pupil. That is actually what my old script did. I just found the '-s' after I posted this message. I do have a question about this though. Since Samba is using ldap, is it alright to use smbpasswd? Do I not have to use smbldap-passwd? Do they modify the same file? Thanks. Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] David Trask (Mailbox or Conference is full.)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Geoff Scott wrote: Can we get this guy removed? There is no way for me to contact the mailbox owner. It's getting annoying having this bounce back spam every time one posts to the list. ok. I've mailed him. If this mail bounces as well (which I assume it will), I'll remove him. It's kind of annoying isn't it? cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCzIOJIR7qMdg1EfYRAkUOAJ4gNlFf8gxxIbN8RrCXCWbUTRxSbgCgp5DI oSUkyTWks89PLpHRW2TXlPY= =kLBv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 'deadtime' in Samba 3.0.13
Hi, I currently have deadtime = 15 in my smb.conf. This featured worked good to disconnect clients that have been idle for 15 minutes in the past. With the 3.0.13 version, it seems to do nothing. As in, it just keeps the user connected indefinitely. Here is what I see when no one is currently at the office and everyone is logged off their computer. Thanks [EMAIL PROTECTED] p]# smbstatus Samba version 3.0.13 PID Username Group Machine --- 30929 anniegna gna1 (192.168.0.203) 20848 scott ops tech5(192.168.0.238) 19045 deedee gna gna2 (192.168.0.204) 20848 scott ops tech5(192.168.0.238) 30575 ed sales gna7 (192.168.0.239) 24569 leeops tech4(192.168.0.249) 24569 leeops tech4(192.168.0.249) 22741 ken ops tech2(192.168.0.212) 22741 ken ops tech2(192.168.0.212) 4456 roaadmin gna8 (192.168.0.237) 19045 deedee gna gna2 (192.168.0.204) 19435 ralph ops tech1(192.168.0.240) 30929 anniegna gna1 (192.168.0.203) 30575 ed sales gna7 (192.168.0.239) Service pid machine Connected at --- IPC$ 24569 tech4 Wed Jul 6 09:26:47 2005 IPC$ 19045 gna2 Wed Jul 6 11:34:13 2005 IPC$ 22741 tech2 Thu Jun 23 07:53:11 2005 IPC$ 30929 gna1 Tue Jul 5 14:59:59 2005 Intranet 4456 gna8 Tue Jul 5 11:47:09 2005 deedee 19045 gna2 Wed Jul 6 08:12:04 2005 IPC$ 19045 gna2 Tue Jul 5 09:54:10 2005 IPC$ 30575 gna7 Fri Jul 1 13:24:03 2005 IPC$ 22741 tech2 Wed Jul 6 09:00:20 2005 IPC$ 19435 tech1 Wed Jun 22 15:28:52 2005 IPC$ 29941 firesafe Wed Jul 6 12:57:52 2005 Lemon4456 gna8 Tue Jul 5 08:57:26 2005 Ops 19435 tech1 Wed Jun 29 20:28:57 2005 IPC$ 24569 tech4 Fri Jun 17 10:49:16 2005 IPC$ 4456 gna8 Tue Jul 5 08:50:30 2005 IPC$ 20848 tech5 Wed Jul 6 13:13:46 2005 IPC$ 30575 gna7 Wed Jul 6 12:51:04 2005 IPC$ 20848 tech5 Thu Jun 30 08:15:54 2005 IPC$ 30929 gna1 Fri Jul 1 12:45:32 2005 Thanks for the help! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] remove wins entries - samba 3
I have the following setup. It's not fancy as I'm just trying to learn Linux and Samba. My test LAN consists of a Win2k, SP4 box (mustelidae) and an FC3 (kernel 2.6.11-1.35_FC3) server (lserver1) running Samba 3.0.14a. A Samsung printer also is present via a print server plugged into its back. I can print to it from lserver1, although the URI for the printer uses its IP address, so this probably doesn't mean much. As mustelidae also can be on a larger home LAN with access to the Internet, and lserver1 also has access to the Internet, the whole arrangement sits behind an 8-port Linksys router/firewall. As I have only a 2 box set up, I'm only struggling with one subnet out of the two that John has in his BYEXAMPLE book (adding a second subnet ought to be a piece of cake after I get this part running and understood). My DNS server sits on lserver1. I'm trying to ping lserver1 from lserver1. With nsswitch set only to files or only to wins (/e.g./, hosts: files), this is successful. With nsswitch set only to dns, I cannot get name resolution, although I can successfully ping by IP address. I can ping lserver1 by name or by IP successfully from mustelidae. Where is lserver1 pointing in terms of DNS? How do I tell? At this point, all I can say is that I've set up named.conf (and dhcpd.conf) as John has them in his Chapt 3 example, with the sole differences being that I'm using one subnet and not two (a DHCP issue), I'm calling my server lserver1.test.biz, vice diamond.abmas.biz, and lserver1's IP address is 192.168.1.103, vice the one John's using in his example. Aside from these edits, named.conf (and dhcpd.conf) are cut and pastes from John's latest on line. Is /etc/resolv.conf part of this answer? That's the file I can't keep from being overwritten by dhclient-script, even with the two dhclient-enter-hooks examples posted earlier today. Same, probably not very responsive, answer for whether this DNS server has the records to do with lserver1. The router/firewall has its own DHCP server, and it gets its config from our ISP and from a list of DNS servers that were loaded into the router/firewall when it was provisioned. lserver1 gets it address from this router. There's been some discussion earlier of the wisdom of this, but it's a stable address, if not static, as it's a long-term lease. I do intend to put lserver1 onto a static address, but only after I've worked out all the files that have lserver1 stored by its current address, so I can keep them current. Lserver1's address hasn't changed in months, and as I'm on it daily, its address won't change anytime soon under the present arrangement. My named.conf and dhcpd.conf are built from John's example, as mentioned above. /Etc/hosts has the IP address/name pairs he calls for. I think that means I'm running a local name server. As you can see, I have very little understanding of what's going on here; I've rather slavishly followed John's example, and I'm clearly making mistakes I'm not recognizing. Thanks Eric Hines Geoff Scott wrote: Eric Hines wrote: Hi, Farshad, I'm too new at this to be of much help. My WINS seems to be working, but I'm clueless as to why, just as I'm clueless as to why my DNS is not working. Eric Hines The questions you need to ask yourself are simple. Where is my DNS server? Where is my machine that I am pinging from pointing to in terms of DNS? Does that DNS server have the records to do with my lserver1 samba server? Are you running a local name server as per JHT's docs? Are you pointing your DNS on your lserver1 samba server to an external name server? Answer each of these questions for us and we'll see where we can help. Regards Geoff Scott -- He can compress the most words into the smallest ideas of any man I ever met. - Abraham Lincoln -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] remove wins entries - samba 3
Eric Hines wrote: My DNS server sits on lserver1. I'm trying to ping lserver1 from Do: ping lserver1.test.biz Response is? lserver1. With nsswitch set only to files or only to wins (/e.g./, hosts: files), this is successful. With nsswitch set only to dns, I cannot get name resolution, although I can successfully ping by IP address. I can ping lserver1 by name or by IP successfully from mustelidae. Where is lserver1 pointing in terms of DNS? How do I tell? At this John also mentions setting in resolv.conf nameserver 127.0.0.1(this is your loopback address) nameserver 192.168.0.2 (this should be the ip of your router/firewall) (you can have a maximum of 3 nameserver listed point, all I can say is that I've set up named.conf (and dhcpd.conf) as John has them in his Chapt 3 example, with the sole differences being that I'm using one subnet and not two (a DHCP issue), I'm calling my server lserver1.test.biz, vice diamond.abmas.biz, and lserver1's IP address is 192.168.1.103, vice the one John's using in his example. Aside from these edits, named.conf (and dhcpd.conf) are cut and pastes from John's latest on line. Is /etc/resolv.conf part of this answer? YES! My named.conf and dhcpd.conf are built from John's example, as mentioned above. /Etc/hosts has the IP address/name pairs he calls for. I think that means I'm running a local name server. No. The hosts file bypasses dns eg. Nsswitch is usually set to files dns wins Check files 1st then dns, then wins to find names on your lan Files is your hosts files the rest should be self explanitory As you can see, I have very little understanding of what's going on here; I've rather slavishly followed John's example, and I'm clearly making mistakes I'm not recognizing. You need to learn about DNS elsewhere. Go here, and read this: http://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch14.ht ml Particularly this: http://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch14s06 .html Then apply it to your situation. Thanks Eric Hines The over view is this: The way out of this mess from my point of veiw is to switch off dhcp from the router/firewall. Your samba server needs to know it can be a dns server. It finds this out from the resolv.conf file. Make it have a static ip. Any windows machine that is obtaining an IP address via DHCP needs to have the wins server ipaddress handed to it otherwise it will use broadcasts. You can see how to do this if your samba server becomes the dhcp server on your lan, from john's section on configuring the dhcpd. It sounds like the samba server is correctly configured for wins. (really you should show us your resolv.conf and your smb.conf + your nsswitch.conf) Most real servers have static IP's for fairly obvious reasons. And then other things should start to fall into place for you. Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Can't get Local DNS to Run [Was[[Samba] remove wins entries - samba 3]]
Further on this. I just ran an ethereal trace on an attempt to ping lserver1 from lserver1, and it appears that my DNS isn't staying local at all, but I have no idea what's gone wrong (other than my /etc/resolv.conf file). The trace (I'd include the relevant parts, but I can't get it to save anything in textual form) had lserver1.test.biz going out through the router/firewall for resolution. As the firewall strips the local domain stuff and appends instead the ISP's domain stuff, the request, going to the ISP, was for lserver1.hsd1.etc.etc. And of course, the answer came back, Who? Hence no resolution. I'm not sure of the role of /etc/resolv.conf in all this, though. When I do edit that file per John's example and don't reboot, but merely restart everything (named, dhcpd (I don't know about the client side of this), smbd, and winbindd), the resolv.conf remains as I edited it, but I still can't get local name resolution. Whether I have the IP address in John's example, or lserver1's address, I get no name resolution. Also, with only the domain parts (e.g., test.biz test.us) of the machine names present in the search line I can't restart smb--it just hangs. If I put an FQN in the search line (lserver1.test.biz), which is what dhclient-script does when it rewrites the file, then smb restarts OK. Also, John's example has several instantiations of named running; I have only one. Eric Hines Original Message Subject:Re: [Samba] remove wins entries - samba 3 Date: Wed, 06 Jul 2005 21:20:55 -0500 From: Eric Hines [EMAIL PROTECTED] To: samba@lists.samba.org References: [EMAIL PROTECTED] I have the following setup. It's not fancy as I'm just trying to learn Linux and Samba. My test LAN consists of a Win2k, SP4 box (mustelidae) and an FC3 (kernel 2.6.11-1.35_FC3) server (lserver1) running Samba 3.0.14a. A Samsung printer also is present via a print server plugged into its back. I can print to it from lserver1, although the URI for the printer uses its IP address, so this probably doesn't mean much. As mustelidae also can be on a larger home LAN with access to the Internet, and lserver1 also has access to the Internet, the whole arrangement sits behind an 8-port Linksys router/firewall. As I have only a 2 box set up, I'm only struggling with one subnet out of the two that John has in his BYEXAMPLE book (adding a second subnet ought to be a piece of cake after I get this part running and understood). My DNS server sits on lserver1. I'm trying to ping lserver1 from lserver1. With nsswitch set only to files or only to wins (/e.g./, hosts: files), this is successful. With nsswitch set only to dns, I cannot get name resolution, although I can successfully ping by IP address. I can ping lserver1 by name or by IP successfully from mustelidae. Where is lserver1 pointing in terms of DNS? How do I tell? At this point, all I can say is that I've set up named.conf (and dhcpd.conf) as John has them in his Chapt 3 example, with the sole differences being that I'm using one subnet and not two (a DHCP issue), I'm calling my server lserver1.test.biz, vice diamond.abmas.biz, and lserver1's IP address is 192.168.1.103, vice the one John's using in his example. Aside from these edits, named.conf (and dhcpd.conf) are cut and pastes from John's latest on line. Is /etc/resolv.conf part of this answer? That's the file I can't keep from being overwritten by dhclient-script, even with the two dhclient-enter-hooks examples posted earlier today. Same, probably not very responsive, answer for whether this DNS server has the records to do with lserver1. The router/firewall has its own DHCP server, and it gets its config from our ISP and from a list of DNS servers that were loaded into the router/firewall when it was provisioned. lserver1 gets it address from this router. There's been some discussion earlier of the wisdom of this, but it's a stable address, if not static, as it's a long-term lease. I do intend to put lserver1 onto a static address, but only after I've worked out all the files that have lserver1 stored by its current address, so I can keep them current. Lserver1's address hasn't changed in months, and as I'm on it daily, its address won't change anytime soon under the present arrangement. My named.conf and dhcpd.conf are built from John's example, as mentioned above. /Etc/hosts has the IP address/name pairs he calls for. I think that means I'm running a local name server. As you can see, I have very little understanding of what's going on here; I've rather slavishly followed John's example, and I'm clearly making mistakes I'm not recognizing. Thanks Eric Hines Geoff Scott wrote: Eric Hines wrote: Hi, Farshad, I'm too new at this to be of much help. My WINS seems to be working, but I'm clueless as to why, just as I'm clueless as to why my DNS is not working. Eric Hines
Re: [Samba] remove wins entries - samba 3
Geoff Scott wrote:
Eric Hines wrote:
My DNS server sits on lserver1. I'm trying to ping lserver1 from
Do:
ping lserver1.test.biz
Response is?
With /etc/resolv.conf edited per John's example (subject to the changes
I discussed in a posting just made), there's a long pause and then
unknown host. With /etc/resolv.conf in its original form
(dhclient-script generated), there's a short pause and then unknown host.
lserver1. With nsswitch set only to files or only to wins (/e.g./,
hosts: files), this is successful. With nsswitch set only to dns, I
cannot get name resolution, although I can successfully ping by IP
address. I can ping lserver1 by name or by IP successfully from
mustelidae.
Where is lserver1 pointing in terms of DNS? How do I tell? At this
John also mentions setting in resolv.conf
nameserver 127.0.0.1(this is your loopback address)
nameserver 192.168.0.2 (this should be the ip of your router/firewall)
(you can have a maximum of 3 nameserver listed
I made that correction (it wasn't clear from John's example what that IP
address was for), but I still got unknown host) when I tried to ping
lserver1 and lserver1.test.biz.
. Is /etc/resolv.conf part of this
answer?
YES!
My resolv.conf, nsswitch.conf, and smb.conf are attached. The nsswitch
is set to dns only, now for test. Normally it's set to files dns wins.
My named.conf and dhcpd.conf are built from John's example, as
mentioned above. /Etc/hosts has the IP address/name pairs he calls
for. I think that means I'm running a local name server.
No. The hosts file bypasses dns eg. Nsswitch is usually set to files dns
wins
Check files 1st then dns, then wins to find names on your lan
Files is your hosts files the rest should be self explanitory
That much I'd figured out: I meant the aggregate4 of all of those, since
that was the goal of John's set up, which included all of those.
As you can see, I have very little understanding of what's going on
here; I've rather slavishly followed John's example, and I'm clearly
making mistakes I'm not recognizing.
You need to learn about DNS elsewhere.
Go here, and read this:
http://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch14.ht
ml
Particularly this:
http://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch14s06
.html
Then apply it to your situation.
Going there tonight.
Thanks
Eric Hines
The over view is this:
The way out of this mess from my point of veiw is to switch off dhcp from
the router/firewall.
How? I can't switch off the router/firewall.
Regards Geoff Scott
--
He can compress the most words into the smallest ideas of any man
I ever met.
- Abraham Lincoln
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2005/07/05 15:28:39
# Global parameters
[global]
workgroup = DOM_TEST
interfaces = eth0, lo
bind interfaces only = Yes
passdb backend = tdbsam
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n
*Password*changed*
username map = /etc/samba/smbusers
unix password sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /tmp '%u'
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = \scripts\login.bat
logon path = \\%L\profiles\%U
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap ssl = no
utmp = Yes
idmap uid = 1-2
idmap gid = 1-2
map acl inherit = Yes
veto files = /*.eml/*.nws/*.{*}/
veto oplock files = /*.doc/*.xls/*.mdb/
## Shares omitted to same space.; generated by /sbin/dhclient-script
; search hsd1.tx.comcast.net.
; nameserver 63.240.76.198
; nameserver 204.127.199.8
search lserver1.test.biz
nameserver 127.0.0.1
nameserver 192.168.1.1#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that
