Re: [Samba] PDC/BDC without WINS

[Tomasz Chmielewski]

Pablo Gainza Cirauqui schrieb:

Hello,

Our company is trying to implement central Windows Domain at HQ and
replicated across all its regional offices.  The implementation will
have a PDC/LDAP-master on HQ and BDC/LDAP-slave on each regional
office.

In the hopes of saving bandwidth we are trying to avoid the use of
WINS between WAN links.


I don't know how big your network is, but if it's up to 100 computers, 
you'll probably save somethink like few kBytes per minute, if your 
WAN/VPN doesn't use compression, when the workstations are being turned 
on (after they are on, there should be less traffic).

If it does use compression, it should be even less.

Even if you use analog modems, it sholdn't be much.


You can also use broadcasts instead of WINS, but it will mean more 
traffic than WINS.



--
Tomek
WPKG - automated software deployment with Samba
http://wpkg.org
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] (no subject)

[mail]

Un message dont vous etes le destinataire a ete refuse par exim
Il contenait un fichier attache non autorise : exe,bat,zip,... 
l'auteur de ce mail est : WinGate Mailserver <>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Delivery failure

[WinGate Mailserver]

This is a system generated message - Please do not reply

--
 Permanent delivery failure
--

Your message has encountered permanent delivery problems to the following 
recipients:

[EMAIL PROTECTED]


Reason: Some recipients were not accepted


--
 A transcript of the session follows
--

*  Domain MX record lookup succeeded
*  Attempting connection to apex2000.net.mail1.psmtp.com[64.18.4.10] - succeeded
<= 220 Postini ESMTP 95 r6_2_0c7 ready.  CA Business and Professions Code 
Section 17538.45 forbids use of this system for unsolicited electronic mail 
advertisements.
=> EHLO proxy
<= 250-Postini says hello back
<= 250-STARTTLS
<= 250-8BITMIME
<= 250 HELP
=> STARTTLS
<= 220 Go ahead
=> EHLO proxy
<= 250-Postini says hello back
<= 250-8BITMIME
<= 250 HELP
*  Attempting connection to apex2000.net.mail2.psmtp.com[64.18.4.10] - succeeded
<= 220 Postini ESMTP 133 y6_2_0c7 ready.  CA Business and Professions Code 
Section 17538.45 forbids use of this system for unsolicited electronic mail 
advertisements.
=> EHLO proxy
<= 250-Postini says hello back
<= 250-STARTTLS
<= 250-8BITMIME
<= 250 HELP
=> STARTTLS
<= 220 Go ahead
=> EHLO proxy
<= 250-Postini says hello back
<= 250-8BITMIME
<= 250 HELP
*  Attempting connection to apex2000.net.mail3.psmtp.com[64.18.4.10] - succeeded
<= 220 Postini ESMTP 9 r6_2_0c7 ready.  CA Business and Professions Code 
Section 17538.45 forbids use of this system for unsolicited electronic mail 
advertisements.
=> EHLO proxy
<= 250-Postini says hello back
<= 250-STARTTLS
<= 250-8BITMIME
<= 250 HELP
=> STARTTLS
<= 220 Go ahead
=> EHLO proxy
<= 250-Postini says hello back
<= 250-8BITMIME
<= 250 HELP
*  Attempting connection to apex2000.net.mail4.psmtp.com[64.18.4.10] - succeeded
<= 220 Postini ESMTP 85 r6_2_0c7 ready.  CA Business and Professions Code 
Section 17538.45 forbids use of this system for unsolicited electronic mail 
advertisements.
=> EHLO proxy
<= 250-Postini says hello back
<= 250-STARTTLS
<= 250-8BITMIME
<= 250 HELP
=> STARTTLS
<= 220 Go ahead
=> EHLO proxy
<= 250-Postini says hello back
<= 250-8BITMIME
<= 250 HELP
=> MAIL FROM:<[EMAIL PROTECTED]>
<= 250 Ok
=> RCPT TO:<[EMAIL PROTECTED]>
<= 550 <[EMAIL PROTECTED]> is not a valid mailbox

--
 Your original message (in part):
--

Received: From samba.org (unverified [192.168.0.251]) by SMTP Server 
[192.168.0.1]
 (WinGate SMTP Receiver v6.0.3 (Build 1005)) with SMTP id <[EMAIL PROTECTED]>;
 Fri, 8 Jul 2005 11:46:44 +0530
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: hello
Date: Fri, 8 Jul 2005 11:52:19 +0530
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=_NextPart_000_0007_1A5B0FB7.A4C95D4D"
X-Priority: 3
X-MSMail-Priority: Normal

This is a multi-part message in MIME format.

--=_NextPart_000_0007_1A5B0FB7.A4C95D4D
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit

The message cannot be represented in 7-bit ASCII encoding and has been sent as 
a binary attachment.


--=_NextPart_000_0007_1A5B0FB7.A4C95D4D
Content-Type: application/octet-stream;
name="body.pif"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="body.pif"

TVpLRVJORUwzMi5ETEwAAExvYWRMaWJyYXJ5QQBHZXRQcm9jQWRkcmVzcwAAVXBhY2tCeUR3
aW5nQFBFAABMAQIA4AAPAQsBACQAsBDgAADWwQIAAPCg
AQAAAEAAABACAAAEAAQAAEADAAACAgAAEAAAEAAQ
AAAQEAAAK8QCACgA

LlVwYWNrAAIAABAA
4AAA4C5yc3JjADABAAAQAgBTtAIAAOAAAOAsxEIABwAA
AAAQQgAA/wEBAQEABBBAAKXDQgDxw0IA9MNCAALEQgDdw0IA
fAcAAMQLAAD8D0AAScNCAEvDQgDswUIAyANCAH8DAAAnxEIAbfxBAD3DQgBB
vNu3fuurBYMcLS6BIbXfRqGHR595tGShs37iNMaLwFIL3+L1i5RANjQMotVr2xGMwWkGuEhTzcMi
nFGJR5jMbYdZDhVJZlDB5qbBzaGzP8SsUkYA/PFwYnpA8zFkXYvzt8sdr+egF0kFeXkdt1EZnj75
9yDtJ2KOg7iO7IMCpjAYxmh4ZRkgmudn7+evcBjQ6nxzd7PBfOG1rOlFnMYuwzVe9VV5SMllBh3d
KLX5RdZQoHKfR3eJsw3a/MLxPWhRft20GP8YB+saiEgQXA4XhOIjboiCvX+vvadPST01tnuEk6+s
Bo94Tbedrs1BJLJn9iNqXoS8pYgFuPZ0ODFsGsBS7pFrj/zibsvzXyuYt8pmDhXc3lnW0Mg7l6Az
LlMQpmpdpSV6/d06+E/2Gqei+1jmuNk+JKEdKWoUL7DI8hSI1+nVgQZKAnD1OMYO5XFyp9Pk7YA0
GFhDWMdNvwrSnyrwyHRNEwMhkLaKjfDK27IwLh+5I/JR1kuYpA3nWAhPUdFV6MjUjLt+OR/PdvLk
gdfGx8jRi7I7nU4jI73FkvU+OcSOeYmM9sAkMI/AtrG7tZ8zn3/J4OoHxjtcsLiZXAHQVFmdW+ZA
/TjGPn5Be7K8ETM9icsu1JTxTOiLhd3qnXetTwHybJdsb21O5wsG+8cztw5m6cge77MS9bZ+iPlm
EDPZtyhQzJ1N0sY/srCbchwucCouIDZ+njW4w6HvbMKi5OwJ2YY3yvUnpm0jOx+lZd20WlWz0I9O
K0ZMzvmfGOsYRjMcQcyjlKSMJKvDpXXC9mqgnanPg/lCGDf967LnBbcVAtPKLYOhtoSTh2W/uCvj

-- 
To 

samba@lists.samba.org

[[EMAIL PROTECTED]]

Ｑ１．最近楽しいことが無い。
　　　①はい　②いいえ

Ｑ２．自分に自信が無い。
　　　①はい　②いいえ

Ｑ３．日ごろの生活に満足していない。
　　　①はい　②いいえ　

Ｑ４．平凡な毎日に、退屈してる。
　　　①はい　②いいえ

Ｑ５．出会いを求めたパーティーに参加したことがありますか。
　　　①はい　②いいえ

Ｑ６．出会い系サイトを利用したことがありますか。
　　　①はい　②いいえ

Ｑ７．騙された事がある。
　　　①はい　②いいえ

以上の中に「①はい」が１つでも見つかった方は下記へお進み下さい。

突然のメールに驚いたかと思いますが、
VenusNetwork【ヴィーナス・ネットワーク】代表富田ゆかりと申します。
新たな未来をサポートするクラブを設立しております。

簡単な自己紹介をさせて頂きますと、
私は、アメリカ留学 帰国後、 外資系企業に勤務

２４歳で世に言う「ねるとんパーティー」型イベント会社に転職

同会社が５年後出会い系サイトに形を変えるものの、
実際に出会えるまでが遠回りである事に疑問を持ちはじめ、
女性紹介クラブの立ち上げに至っております。

私が体験しました、自らの経験を生かし、
今まで出会えなかった沢山の方々のサポートを行っております。

私は、自らの写真・プロフィールを出していますので、一切嘘は申しません。
当クラブは、女性をご紹介するに当たって一切の料金も頂いておりません。
それは、女性会員様からのご融資でまかなっておりますのでお気軽にご利用下さい。

なぜこの様なクラブを立ち上げたかと申しますと、
私は海外留学や、様々な仕事を行ってきたこともあり、
交流が幅広く、交友関係がとても多くあります。
前職業柄のせいか、多くの女性から“出会い”の相談が絶えません。

そこで、自らクラブを立ち上げました。

当クラブの女性会員様は、セレブな方も多くいらっしゃいまして、お金を
出してまでも男性と知り合いたいと思っている方も多々いらっしゃいます。

真剣に結婚を考えている方、恋人を探している方、
秘密で刺激を求めている方も数多くいらっしゃいます。

是非、この機会に、刺激的な生活を求めてみませんか。


それでは、
アンケートの意味も込めまして、気軽な気持ちで下記の質問にお答え下さい。

Ｑ１．貴方のお住まいもしくは、会いたい都道府県をお教え下さい。


Ｑ２．当クラブをご利用されるにあたっての希望

　　　①《真面目な交際》
　結婚相手・恋人を探す。

　　　②《サポート》
　お金に余裕のあるセレブの方からのサポート。

　　　③《割り切り交際》
　秘密厳守で逢う。刺激的な交際。

  ④《４０歳以上の交際》
　４０歳以上から始まる交際。

メール返信で上記の質問にお答え頂ければ、こちらで希望に合った女性を
ご紹介差し上げます。

このメールは以前ご連絡のあった皆様にご返信しておりますが、万が一
見覚えがない、またはこのメールを信じれない。不審に思うという方は、
そのまま破棄されるか「配信不要」とお書きになり、ご返信頂きます様
お願い致します。

 『VenusNetwork』代表 富田ゆかり 








-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Help with ntlm error on Samba 3.0.14a

[Arno . STREULI]

Hello,
I'm having some trouble with the winbind process I'm getting a lot of
error:
[2005/07/04 14:14:48, 0] libsmb/clientgen.c:cli_send_smb(155)
  Error writing 494 bytes to client. -1 (Broken pipe)
[2005/07/04 14:14:48, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435)
  cli_pipe: return critical error. Error was Write error: Broken pipe
[2005/07/04 14:14:49, 0] lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Broken pipe
[2005/07/04 14:14:49, 0] lib/util_sock.c:write_socket(455)
  write_socket: Error writing 202 bytes to socket 17: ERRNO = Broken pipe
[2005/07/04 14:14:49, 0] libsmb/clientgen.c:cli_send_smb(155)
  Error writing 202 bytes to client. -1 (Broken pipe)
[2005/07/04 14:14:49, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435)
  cli_pipe: return critical error. Error was Write error: Broken pipe
[2005/07/06 09:09:06, 0] lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Broken pipe
[2005/07/06 09:09:06, 0] lib/util_sock.c:write_socket(455)
  write_socket: Error writing 226 bytes to socket 14: ERRNO = Broken pipe
[2005/07/06 09:09:06, 0] libsmb/clientgen.c:cli_send_smb(155)
  Error writing 226 bytes to client. -1 (Broken pipe)
[2005/07/06 09:09:06, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435)
  cli_pipe: return critical error. Error was Write error: Broken pipe

any clue why/how can I solve this ?

here is my config:
# Global parameters
[global]
workgroup = D-CH3
password server = *
security = DOMAIN
winbind uid = 1-2
winbind gid = 1-2
netbios name = squid3
server string = squid3 gva %v
encrypt passwords = Yes
client ntlmv2 auth = yes
preferred master = No
local master = No
domain master = No
name resolve order = wins host bcast
wins server =  10.1.2.8 10.1.1.9

thanks for any input.

regards,
Arno Streuli




**
DISCLAIMER - E-MAIL
---
The information contained in this E-Mail is intended for the named
recipient(s). It may  contain certain  privileged and confidential
information, or  information  which  is  otherwise  protected from
disclosure. If  you  are  not the intended recipient, you must not
copy,distribute or take any action in reliance on this information
**
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] PDC/BDC without WINS

[Pablo Gainza Cirauqui]

Thanks a lot Andrew! We hadn't thought of that.

Just one more question, would you be able to have users moving from
one regional office to another without changing their domain
configuration? Would they accept the local PDC as their own (if it had
the same domain and SID)?

On 7/7/05, Andrew Bartlett <[EMAIL PROTECTED]> wrote:
> On Thu, 2005-07-07 at 16:56 -0600, Pablo Gainza Cirauqui wrote:
> > Hello,
> >
> > Our company is trying to implement central Windows Domain at HQ and
> > replicated across all its regional offices.  The implementation will
> > have a PDC/LDAP-master on HQ and BDC/LDAP-slave on each regional
> > office.
> >
> > In the hopes of saving bandwidth we are trying to avoid the use of
> > WINS between WAN links.
> >
> > Is there any way of not using WINS and still have the clients find the
> > PDC (for updating purposes as well as for redundancy)?
> 
> For updating purposes, you can declare each site to have it's own PDC,
> and let the LDAP layer handle the replication/data update issues.
> Provided the different 'PDC's can't see each other, they should not be
> bothered by this.
> 
> This doesn't help with redundancy, but doing that over a WAN is pretty
> bad anyway.
> 
> Andrew Bartlett
> 
> --
> Andrew Bartletthttp://samba.org/~abartlet/
> Samba Developer, SuSE Labs, Novell Inc.http://suse.de
> Authentication Developer, Samba Team   http://samba.org
> Student Network Administrator, Hawker College  http://hawkerc.net
> 
> 
> BodyID:4367189653.2.n.logpart (stored separately)
> 
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Troubles setting up winbind for nt4 style samba domain

[Geoff Scott]

I'm getting these errors on starting up winbindd, and I am not sure if this
is normal in my situation, I have no trust accounts, I don't deal in AD
domains.  Can somone tell me if I need to worry about this?:


[2005/07/08 11:23:24, 1] lib/smbldap.c:another_ldap_try(1011)
  Connection to LDAP server failed for the 15 try!
[2005/07/08 11:23:25, 0] lib/smbldap.c:smbldap_open_connection(599)
  ldap_initialize: Time limit exceeded
[2005/07/08 11:23:25, 0] sam/idmap.c:idmap_init(138)
  idmap_init: failed to initialize remote backend!
[2005/07/08 11:23:25, 1] nsswitch/winbindd.c:main(897)
  Could not init idmap -- netlogon proxy only

The ldap backend has idmap in it as entered by the smbldap-populate tools:

dn: ou=Idmap,ou=OxObjects,dc=guestsfurniturehire,dc=com,dc=au
objectClass: organizationalUnit
ou: Idmap
structuralObjectClass: organizationalUnit
entryUUID: ae4d1d72-6847-1029-9f4f-fbdbb9cf79d8

And I have what I believe are the relevant enries in my smb.conf:

  ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Users
ldap passwd sync = Yes
ldap suffix = ou=OxObjects,dc=guestsfurniturehire,dc=com,dc=au
ldap user suffix = ou=Users
idmap backend = ldap://mail.guestsfurniturehire.com.au
idmap uid = 1-2
idmap gid = 1-2

What gives?

Regards Geoff 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] passdb/pdb_ldap.c compile fails, samba-3.0.9

[Charlie Schluting]

Any ideas? I've found similar complaints about ldapsam_delete_entry not 
building, but it wasn't helpful here. I'm using openldap-2.3.4 and 
krb5-1.3.1 on Sol9.

Please CC me; I'm not on the list. Oh, and thanks :)

-Charlie


%> make
Using FLAGS =  -I/pkgs/crypto/krb5/include -O  -Iinclude 
-I/u/manos/sun/samba-3.0.9/source/include 
-I/u/manos/sun/samba-3.0.9/source/ubiqx 
-I/u/manos/sun/samba-3.0.9/source/smbwrapper  -I. 
-I/pkgs/crypto/krb5/include -D_LARGEFILE_SOURCE -D_REENTRANT 
-D_FILE_OFFSET_BITS=64 -I/u/manos/sun/samba-3.0.9/source

  LIBS = -lsendfile -lsec -lgen -lresolv -lsocket -lnsl -ldl
  LDSHFLAGS = -G  -L/pkgs/crypto/krb5/lib -lthread
  LDFLAGS = -L/pkgs/crypto/krb5/lib -lthread
Compiling passdb/pdb_ldap.c
passdb/pdb_ldap.c: In function `ldapsam_delete_entry':
passdb/pdb_ldap.c:295: warning: assignment makes pointer from integer 
without a cast

passdb/pdb_ldap.c: In function `ldapsam_modify_entry':
passdb/pdb_ldap.c:1547: error: `LBER_USE_DER' undeclared (first use in this 
function)

passdb/pdb_ldap.c:1547: error: (Each undeclared identifier is reported only once
passdb/pdb_ldap.c:1547: error: for each function it appears in.)
passdb/pdb_ldap.c: In function `ldapsam_update_sam_account':
passdb/pdb_ldap.c:1699: warning: assignment makes pointer from integer 
without a cast

passdb/pdb_ldap.c: In function `ldapsam_add_sam_account':
passdb/pdb_ldap.c:1846: warning: assignment makes pointer from integer 
without a cast
passdb/pdb_ldap.c:1894: warning: assignment makes pointer from integer 
without a cast

passdb/pdb_ldap.c: In function `ldapsam_add_group_mapping_entry':
passdb/pdb_ldap.c:2297: warning: assignment makes pointer from integer 
without a cast

passdb/pdb_ldap.c: In function `ldapsam_update_group_mapping_entry':
passdb/pdb_ldap.c:2382: warning: assignment makes pointer from integer 
without a cast

passdb/pdb_ldap.c: In function `ldapsam_modify_aliasmem':
passdb/pdb_ldap.c:2609: warning: assignment makes pointer from integer 
without a cast

passdb/pdb_ldap.c: In function `pdb_init_ldapsam_common':
passdb/pdb_ldap.c:2868: error: incompatible types in assignment
passdb/pdb_ldap.c: In function `pdb_init_ldapsam':
passdb/pdb_ldap.c:2956: error: incompatible types in assignment
gmake: *** [passdb/pdb_ldap.o] Error 1
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Delivery Failure

[System Administrator]

Could not deliver message to the following recipient(s):

Failed Recipient: [EMAIL PROTECTED]
Reason: Remote host said: 550 <[EMAIL PROTECTED]> No such user here

   -- The header and top 20 lines of the message follows --

Received: from pcp09651954pcs.mnhwkn01.nj.comcast.net [68.38.56.28] by 
mail.psnimx.com with SMTP;
   Thu, 7 Jul 2005 18:41:31 -0700
From: samba@lists.samba.org
To: [EMAIL PROTECTED]
Subject: [EMAIL PROTECTED]
Date: Thu, 7 Jul 2005 21:31:55 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=_NextPart_000_0001_CF6B602F.5D8FF9FA"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.

This is a multi-part message in MIME format.

--=_NextPart_000_0001_CF6B602F.5D8FF9FA
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit




--=_NextPart_000_0001_CF6B602F.5D8FF9FA
Content-Type: application/octet-stream;
name="letter.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="letter.zip"

UEsDBAoAAP sL6DKhmIgEFnEAA
BZxAAAKbGV0dGVyLnppcFBLAwQKAAD7C+gyeHQj
6aBwAACgcAAACgAAAGxldHRlci5zY3JNWpAAAwQAAAD//wA


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba as a BDC for W2K3

[Geoff Scott]

Pau Garcia i Quiles wrote:
> Hello,
> 
> After having read a bunch of documentation on Samba's site, I guess
> the answer is "no", but here comes my question anyway. 
> 

Yup, your right.

> What I have:
> - A central office with a Windows 2003 Server with Active Directory
> - A foreign office, where I will set up a Samba server
> - Every client is a Windows XP Professional, in both offices
> - A 512 Kbps VPN that links the two offices
> 
> I'd like the Samba server to join the same domain the Windows 2003 is
> and I'd like the clients in the remote office to log on against the
> Samba server (so I need the Samba server to be a AD domain
> controller). Is it possible yet? 

No

> Will it be possible in a near
> future? :-?
> 
Whenever samba4 is released.  When will it be released?  How long is a piece
of string?

> Thank you.

Geoff
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] remove wins entries - samba 3

[Geoff Scott]

Eric Hines wrote:
> Geoff,
> 
> Sorry about the hour; I didn't realize you were still up--I went to
> bed 
> 
I'm in Australia, GMT+10. You think I'm a party animal?  Nah, I'm just at
work. ;-)

> A number of questions, and some updates.  I can find no evidence of
> active named logging, although I did find one log with named entries. 
> In particular, what is the relevant log(s)?  There is no syslog or

The relevant log is whatever had instances of named logging to it, in your
case from below it would appear to be /var/log/messages.

 
> 
> In the files below, why all the changes to mail from lserver1?  I
> thought from John's examples these were supposed to be the server
> name?  

You had an MX record in there.  If you are going to learn to configure an
MTA then the mailserver shouldn't be a cname. And seeing as you had
mail.XXX.XXX CNAME'd to lserver1 I switched it around.  It is considered bad
form from what I have read, to use a CNAME for a mail server.
 
> In log /var/log/messages, named starts successfully, loads all the
> zone files OK, and it outputs the log entry "lame server resolving
> 'lserver1.test.biz' (in 'test.biz'?): 206.16.250.17#53, also ...
> .18#53 several times.  These are owned by a company in Barcelona,
> Spain.  There also are cases (fewer) of resolving

OK.  So your machine doesn't look to itself as being the master of that
domain.  John provides enough info for you to figure out why.


> According to log.nmbd, Samba server LSERVER1 and samba name server
LSERVER1
> repeatedly became domain master browser and local master browser,
> respectively, on 192.168.1.103.  tail -f log.nmbd also did not
> respond to an unsuccessful ping of lserver1.  
> 
> You asked whether I could tell my router/firewall not to send dhcp
> stuff to lserver1 only.  That would take a specific MAC address
> exclusion capability, and this router/firewall does not have that. 

No, I asked if you could turn off the DHCP server on your router / firewall
completely and use the dhcp server on your samba server to deal with your
local networks needs.

> Can I, instead, tell lserver1 not to look to the router/firewall, but
> only to look to itself (/e.g./, via the dhcpd.conf or via lserver1's
> System  

As people have said to you *many* times the easiest way to do this is by
using a static ip on your server.  USE A STATIC IP! CONFIGURE THINGS
STATICALLY.
   
> Settings|Network GUI, using the DNS and/or hosts tab)?  Or would that
> lock lserver1 into itself, never to get access to the Internet?
> 
> I've done some other poking around in response to the DNS doc for
> which 
> you sent me the URL last night, and noticed these things:
> /etc/sysconfig/networking/devices/ifcfg-eth0 is set as follows
> (emphasis added)
>DEVICE=eth0
>BOOTPROTO=dhcp
>ONBOOT=yes
>TYPE=Ethernet
>DHCP_HOSTNAME=*lserver1*
> I have the same thing for eth1 (there are two NIC chips on the
> motherboard), except it's turned off.
> 
This is why I said to you originally to use the gui.  It's easier to do it
with the GUI, then poke around your system and see what's been changed.  You
need to read more about the basic configuration of your Linux flavour before
you start on these tasks.  That way you would know exactly what files
control what configurations and where exactly to find them.


> or lserver1.test.biz--unknown host in both cases.
> 

It looks like your server doesn't "think" it's the authoritative master for
your internal DNS.  Or something is wrong with your zone files.  Read the
DNS docs again. And again. And again


Geoff
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] charset - big problem - 3.0.4

[juliano]

This problem runs over 1 (One) complete year. Im getting crazy with 
this. Please, i ask for help here.


Server: RH 9.0 + Samba PDC 3.0.4  + LDAP
Clients: WinXP  (SP3)  Brazil - Portuguese ABNT2

Everything works fine here. My server uptime is 4 months now... 
Everything works perfectly, but:


When i restart samba daemon (/etc/init.d/smb restart) i lost all files 
accent charsets. File names become a totally mess for WinXP clients.


Notes:

1) If I never restart samba the problem never occurs.
2) WinXP save and read files correctly, there are no problems. The mess 
is only when restarting smbd/nmbd
3) All accent files change their names, including windows profiles files 
causing a big mess...


--

smb.conf

unix charset = LOCALE
display charset = UTF-8
dos charset = UTF-8


i18n
LANG="en_US.UTF-8"
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT="lat1-16"

--

Questions:
This is a recognized samba bug from 3.0.4 ?
What  can i do about it ?

Cheers, Juliano Krieger.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] charset - big problem - 3.0.4

[[EMAIL PROTECTED]]

This problem runs over 1 (One) complete year. Im getting crazy with 
this. Please, i ask for help here.


Server: RH 9.0 + Samba PDC 3.0.4  + LDAP
Clients: WinXP  (SP3)  Brazil - Portuguese ABNT2

Everything works fine here. My server uptime is 4 months now... 
Everything works perfectly, but:


When i restart samba daemon (/etc/init.d/smb restart) i lost all files 
accent charsets. File names become a totally mess for WinXP clients.


Notes:

1) If I never restart samba the problem never occurs.
2) WinXP save and read files correctly, there are no problems. The mess 
is only when restarting smbd/nmbd
3) All accent files change their names, including windows profiles files 
causing a big mess...


--

smb.conf

unix charset = LOCALE
display charset = UTF-8
dos charset = UTF-8


i18n
LANG="en_US.UTF-8"
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT="lat1-16"

--

Questions: 


This is a recognized samba bug from 3.0.4 ?
What  can i do about it ?

Cheers, Juliano Krieger.






--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] PDC/BDC without WINS

[Andrew Bartlett]

On Thu, 2005-07-07 at 16:56 -0600, Pablo Gainza Cirauqui wrote:
> Hello,
> 
> Our company is trying to implement central Windows Domain at HQ and
> replicated across all its regional offices.  The implementation will
> have a PDC/LDAP-master on HQ and BDC/LDAP-slave on each regional
> office.
> 
> In the hopes of saving bandwidth we are trying to avoid the use of
> WINS between WAN links.
> 
> Is there any way of not using WINS and still have the clients find the
> PDC (for updating purposes as well as for redundancy)?

For updating purposes, you can declare each site to have it's own PDC,
and let the LDAP layer handle the replication/data update issues.
Provided the different 'PDC's can't see each other, they should not be
bothered by this.

This doesn't help with redundancy, but doing that over a WAN is pretty
bad anyway.

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.http://suse.de
Authentication Developer, Samba Team   http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] add machine script problem

[Brian Abreu]

I am having trouble getting samba to execute the add machine script 
properly.  It seems to be executing this script as a non-root user.


I am running trustix  with the 2.4.30 kernel.  Samba is version 3.0.14a.

Here is the output from testparm:

Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[backup]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

# Global parameters
[global]
   workgroup = EE
   server string = Trustix Secure Linux Samba Server
   passdb backend = ldapsam:ldap://localhost/
   log file = /var/log/samba/log.%I
   max log size = 50
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   add user script = /usr/local/sbin/smbldap-useradd -m "%u"
   delete user script = /usr/local/sbin/smbldap-userdel "%u"
   add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
   delete group script = /usr/local/sbin/smbldap-groupdel "%g"
   add user to group script = /usr/local/sbin/smbldap-groupmod -m 
"%u" "%g"
   delete user from group script = /usr/local/sbin/smbldap-groupmod 
-x "%u" "%g"
   set primary group script = /usr/local/sbin/smbldap-usermod -g 
"%g" "%u"

   add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
   logon script = logon.bat
   logon path =
   logon drive = H:
   domain logons = Yes
   os level = 32
   preferred master = Yes
   domain master = Yes
   wins proxy = Yes
   wins support = Yes
   ldap admin dn = cn=admin,dc=experts-exchange,dc=com
   ldap delete dn = Yes
   ldap group suffix = ou=Groups
   ldap idmap suffix = ou=People
   ldap machine suffix = ou=Computers
   ldap passwd sync = Yes
   ldap suffix = dc=experts-exchange,dc=com
   ldap user suffix = ou=People

[homes]
   comment = Home Directories
   path = /home/users/%S
   valid users = %S
   read only = No
   create mask = 0600
   directory mask = 0700
   browseable = No

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = Yes
   share modes = No

[backup]
   comment = Backups
   path = /backup
   browseable = No

When in run `net join EE -U root` I get the following error:

[2005/07/07 17:06:26, 0] utils/net_ads.c:ads_startup(191)
 ads_connect: No results returned
Creation of workstation account failed
Unable to join domain EE.

Here is a snippit of part of the log that is generated when i run that 
command.  As you can see from the last lines, smbldap-useradd did not 
run properly because it could not open the smbldap.conf file.  The 
permissions on this file are 0600; it is owned by root.


[2005/07/07 16:59:56, 5] lib/smbldap.c:smbldap_search(1038)
 smbldap_search: base => [dc=experts-exchange,dc=com], filter => 
[(&(uid=filese

rver$)(objectclass=sambaSamAccount))], scope => [2]
[2005/07/07 16:59:56, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1334)
 ldapsam_getsampwnam: Unable to locate user [fileserver$] count=0
[2005/07/07 16:59:56, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (1, 513) - sec_ctx_stack_ndx = 0
[2005/07/07 16:59:56, 5] lib/username.c:Get_Pwnam(293)
 Finding user fileserver$
[2005/07/07 16:59:56, 5] lib/username.c:Get_Pwnam_internals(223)
 Trying _Get_Pwnam(), username as lowercase is fileserver$
[2005/07/07 16:59:56, 5] lib/username.c:Get_Pwnam_internals(239)
 Trying _Get_Pwnam(), username as uppercase is FILESERVER$
[2005/07/07 16:59:56, 5] lib/username.c:Get_Pwnam_internals(247)
 Checking combinations of 0 uppercase letters in fileserver$
[2005/07/07 16:59:56, 5] lib/username.c:Get_Pwnam_internals(251)
 Get_Pwnam_internals didn't find user [fileserver$]!
[2005/07/07 16:59:56, 5] rpc_server/srv_samr_nt.c:_samr_create_user(2311)
 _samr_create_user:  can add this account : False
Unable to open /etc/opt/IDEALX/smbldap-tools/smbldap.conf for reading !
Compilation failed in require at /usr/local/sbin/smbldap-useradd line 33.
BEGIN failed--compilation aborted at /usr/local/sbin/smbldap-useradd 
line 33.

[2005/07/07 16:59:56, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324)
 _samr_create_user: Running the command 
`/usr/local/sbin/smbldap-useradd -w "fi

leserver$"' gave 2

How can I get this script to run as root?

Brian Abreu
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] net share command

[Tomas]

>Hi team,
>
>I need to execute some net share command on a Samba 3.0.4/LDAP server.
>I guess this command needs to be run as root, so I use Administrator account
>(uid=0,primarygroupsid=512) but I have the following behaviour :
># net share add test=/var/tmp -U administrator%password
>- with loglevel 0 : no warning, but no new share
>- with loglevel 3 :
>[Mon Dec  6 15:39:12 2004
>, 1] utils/net_rpc.c:run_rpc_command(141)
>  rpc command function failed! (NT_STATUS_UNSUCCESSFUL)
>
>- with loglevel 10 :
>[Mon Dec  6 15:39:12 2004
>, 5] rpc_parse/parse_prs.c:prs_werror(694)
>  001c status: WERR_ACCESS_DENIED
>[Mon Dec  6 15:39:12 2004
>and server side
>[Mon Dec  6 15:39:38 2004
>, 5] rpc_parse/parse_prs.c:prs_werror(694)
>  0004 status: WERR_ACCESS_DENIED
>[Mon Dec  6 15:39:38 2004
>, 5] rpc_server/srv_pipe.c:api_rpcTNP(1575)
>  api_rpcTNP: called srvsvc successfully
>[Mon Dec  6 15:39:38 2004
>
>Did I miss something ?
>
>Many thanks


Hi Lapin(c)

Try look at "man smb.conf" section "add share command".
Or 
http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetCommand.html#id2565131
 
---snip-
 It must be noted that the addition and deletion of shares using this tool 
depends on the availability of a suitable interface script. The interface 
scripts Sambas smbd uses are called: add share script and delete share 
script. A set of example scripts are provided in the Samba source code 
tarball in the directory ~samba/examples/scripts.
snip-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] PDC/BDC without WINS

[Pablo Gainza Cirauqui]

Hello,

Our company is trying to implement central Windows Domain at HQ and
replicated across all its regional offices.  The implementation will
have a PDC/LDAP-master on HQ and BDC/LDAP-slave on each regional
office.

In the hopes of saving bandwidth we are trying to avoid the use of
WINS between WAN links.

Is there any way of not using WINS and still have the clients find the
PDC (for updating purposes as well as for redundancy)?

I read on the Samba HOWTO that registering the name
_ldap._tcp.pdc._msdcs.DOMAIN on the DNS will make users find the PDC,
however I believe it only makes them find an Active Directory domain.

Thanks,
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Unable to join Samba 3 domain with Samba 2.2.12

[mtsai]

Hey,

I'm having problems getting my Samba 2 client to join my Samba 3 domain.
I get the following error:

error creating domain user: NT_STATUS_NO_SUCH_USER
Unable to join domain FOOBAR

The one thing I'd seen and tried was setting "smb ports = 139" in my 
smb.conf. But this doesn't seem to work..


Thanks,
Margaret

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba as a BDC for W2K3

[Pau Garcia i Quiles]

Hello,

After having read a bunch of documentation on Samba's site, I guess the answer
is "no", but here comes my question anyway.

What I have:
- A central office with a Windows 2003 Server with Active Directory
- A foreign office, where I will set up a Samba server
- Every client is a Windows XP Professional, in both offices
- A 512 Kbps VPN that links the two offices

I'd like the Samba server to join the same domain the Windows 2003 is and I'd
like the clients in the remote office to log on against the Samba server (so I
need the Samba server to be a AD domain controller). Is it possible yet? Will
it be possible in a near future? :-?

Thank you.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] smb fails on FC4 x86_64 wtih cannot open secrets.tdb

[dahopkins]

I have installed samba on FC4 (x86_64) and get the following errors when I try 
to start the package. 

>From /var/log/samba/log.smbd

[2005/07/07 16:12:18, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2005/07/07 16:12:18, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2005/07/07 16:12:18, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2005/07/07 16:12:18, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2005/07/07 16:12:18, 0] passdb/machine_sid.c:pdb_generate_sam_sid(176)
  pdb_generate_sam_sid: Failed to store generated machine SID.
[2005/07/07 16:12:18, 0] lib/util.c:smb_panic2(1517)
  PANIC: Could not generate a machine SID

[2005/07/07 16:12:18, 0] lib/util.c:smb_panic2(1525)
  BACKTRACE: 6 stack frames:
   #0 smbd(smb_panic2+0x6d) [0x556ee8e0]
   #1 smbd(get_global_sam_sid+0x2a4) [0x556b1a44]
   #2 smbd(init_guest_info+0x4e) [0x5572b239]
   #3 smbd(main+0x222) [0x5575d5d6]
   #4 /lib64/libc.so.6(__libc_start_main+0xdc) [0x2c0e24cc]
   #5 smbd [0x555a3989]

I have been unsuccessful in finding anything about this error.  ldap starts 
without problems, as does nmb.  The file /etc/samba/secrets.tdb does exist.  
Could it be an SELinux issue? Help?

Dave Hopkins

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] WinXP looking for *.dll share names?

[Bryan K. Wright]

Hi folks,

Over the last few weeks, one of our WinXP machines (of many) has
started generating errors like the following in our log files:

Jul  5 09:43:30 blah smbd[13180]:   blah-xp (192.168.1.1) couldn't find 
service sharename.dll 

where "sharename" is a real share name that this user should be
mapping.  We see lots of these errors, one for each share
the user tries to map.  In each case, the share name is right,
except that it has ".dll" appended to it.

Searching through google, I see references to similar
problems, but no clear resolution.  Is this an XP thing, a samba
thing, or a virus-infected computer?

Thanks in advance for any help.

Bryan
-- 
===
Bryan Wright|"If you take cranberries and stew them like 
Physics Department  | applesauce, they taste much more like prunes 
University of Virginia  | than rhubarb does."  --  Groucho 
Charlottesville, VA  22901  |   
(434) 924-7218  | [EMAIL PROTECTED]
===


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] remove wins entries - samba 3

[Eric Hines]

Geoff,

Sorry about the hour; I didn't realize you were still up--I went to bed

A number of questions, and some updates.  I can find no evidence of 
active named logging, although I did find one log with named entries.  
In particular, what is the relevant log(s)?  There is no syslog or 
system log.  Running a FIND on *log didn't turn up anything even 
remotely close.  I've obviously not got logging turned on properly


I also notice that, where John's example has several instantiations of 
named running, I have only one, and it's very difficult to terminate 
that one--I have to kill  to do it.  Service  restart works 
fine for all the others, and service named start works fine, too.  Just 
service stop/restart do not work--the latter hangs on the stop part. 

In the files below, why all the changes to mail from lserver1?  I 
thought from John's examples these were supposed to be the server name?


Geoff Scott wrote:


Eric Hines wrote:
 


Geoff Scott wrote:
   


What do your logs say for bind starting up?  Can you restart bind and
watch your logs?  Do you have any errors for it?


f you mean winbind, a tail -f on log.winbindd just showed it
   


No Berkely Internet Name Daemon - BIND
The daemon is actually named "named"

Grep for the entries for that daemon (named)in the relevant log,
/var/log/... Syslog?
 

In log /var/log/messages, named starts successfully, loads all the zone 
files OK, and it outputs the log entry "lame server resolving 
'lserver1.test.biz' (in 'test.biz'?): 206.16.250.17#53, also ... .18#53 
several times.  These are owned by a company in Barcelona, Spain.  There 
also are cases (fewer) of resolving localhost.lserver1.test.biz to the 
same IP addresses/ports.  tail -f messages and pinging lserver1 produced 
no immediate result. I could find no other log that had named entires in 
it.  According to log.nmbd, Samba server LSERVER1 and samba name server 
LSERVER1 repeatedly became domain master browser and local master 
browser, respectively, on 192.168.1.103.  tail -f log.nmbd also did not 
respond to an unsuccessful ping of lserver1.


You asked whether I could tell my router/firewall not to send dhcp stuff 
to lserver1 only.  That would take a specific MAC address exclusion 
capability, and this router/firewall does not have that.  Can I, 
instead, tell lserver1 not to look to the router/firewall, but only to 
look to itself (/e.g./, via the dhcpd.conf or via lserver1's System 
Settings|Network GUI, using the DNS and/or hosts tab)?  Or would that 
lock lserver1 into itself, never to get access to the Internet?


I've done some other poking around in response to the DNS doc for which 
you sent me the URL last night, and noticed these things:
   /etc/sysconfig/networking/devices/ifcfg-eth0 is set as follows 
(emphasis added)

  DEVICE=eth0
  BOOTPROTO=dhcp
  ONBOOT=yes
  TYPE=Ethernet
  DHCP_HOSTNAME=*lserver1*
I have the same thing for eth1 (there are two NIC chips on the 
motherboard), except it's turned off.


dhcpd.leases has pserver1 (my print server) at 192.168.1.96, even though 
it's hardwired via its own setup functionality to a static address of 
198.162.1.10, and it responds to pings at the .10 address.


Finally, I made the zone file changes, and I still cannot ping lserver1 
or lserver1.test.biz--unknown host in both cases.





Regards Geoff Scott


--
He can compress the most words into the smallest ideas of any man
I ever met.
 - Abraham Lincoln

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Network mapping to a windows domain

[Rafael Paris]

Hello everyone.

We have two domain in our company, a windows pdc and a samba pdc.
Samba users have access to windows' shared resources at login script using
ntlogon.py passing the windows domain username and password as parameter.
Clients connect with no problem but after a period of time we loose the
connection to the windows domain.
Can anyone address me in the correct direction to fix this problem?

Thanks in advanced,

Rafael Paris



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] "Domain User" GID != 513

[jonathan.wilson]

OK, I think I've figured out my profiles problem in migrating from an old Samba 
2.2 server to a new 3.0 server. On the old Samba 2.2 box, all users were in a 
group other than 513, and of course the UIDs were different. I foolishly 
scripted re-creating all the user accounts on the new box (using 
smbldap-useradd) without keeping the UIDs the same, and also putting them in 
GID 513. Of course, this made the Windows SIDs different and the users couldn't 
see their old profiles.

So, is there any problem in setting the "Domain Users" group to 100 instead of 
513? Any hidden gotchas in Windows if I do this?


Thanks,
Jonathan Wilson

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Your email "" has been Quarantined

[Scott Hamm]

What is going on with these things??!? I hate having to delete useless 
emails. If this continue, I will have to unsubscribe.

On 7/7/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> 
> Your email message
> 
> To :
> >From : [EMAIL PROTECTED]
> Subject :
> 
> has been quarantined because it contains one or all of the following:
> 
> 1. Infected with a worm/script based virus
> 2. Has a .zip, .exe, .com, .ink, .bat, .scr or .pif extension.
> 
> The above mentioned files are not permitted as per Content Security policy 
> of BMW South Africa (Pty) Ltd
> 
> IF THIS MESSAGE IS BUSINESS CRITICAL PLEASE REPLY DIRECTLY TO THIS MAIL 
> AND YOUR MESSAGE WILL BE CHECKED AND RELEASED.
> 
> Regards,
> Content Security - BMW South Africa (Pty) Ltd
> e-mail mailto:[EMAIL PROTECTED]
> ([EMAIL PROTECTED] - Virus)
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
> 



-- 
Power to people, Linux is here.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Your email "" has been Quarantined

[contentsecurity]

Your email message

To : 
>From : [EMAIL PROTECTED]
Subject : 

has been quarantined because it contains one or all of the following:

1. Infected with a worm/script based virus
2. Has a .zip, .exe, .com, .ink, .bat, .scr or .pif extension. 

The above mentioned files are not permitted as per Content Security policy of 
BMW South Africa (Pty) Ltd

IF THIS MESSAGE IS BUSINESS CRITICAL PLEASE REPLY DIRECTLY TO THIS MAIL AND 
YOUR MESSAGE WILL BE CHECKED AND RELEASED.

Regards,
Content Security - BMW South Africa (Pty) Ltd
e-mail mailto:[EMAIL PROTECTED]
([EMAIL PROTECTED] - Virus)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Delivery reports about your e-mail

[ripley]

Dear user [EMAIL PROTECTED],

We have found that your email account was used to send a large amount of spam 
messages during this week.
We suspect that your computer was compromised and now runs a trojaned proxy 
server.

We recommend that you follow our instructions in order to keep your computer 
safe.

Best wishes,
samba.org support team.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] MailMarshal has detected a Virus in your message

[mailmarshal]

MailMarshal (an automated content monitoring gateway) has stopped 
the following message:

   Message: B42cd52c0.0001.0001.mml
   From:samba@lists.samba.org
   To:  [EMAIL PROTECTED]
   Subject: Returned mail: Data format error

 
Because it believes the message contains a virus.
The virus scanning software used was:NetIQ Integrated McAfee AntiVirus

Please clean the file and resend it.

MailMarshal Rule:Inbound Messages:Scan for Viruses (Inbound)


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Winbind Issue

[Jennifer Fountain]

Hi All:
I have googled, etc but cannot find the answer to this issue.  I have a
couple users that belong to a lot of global groups (trying to do a clean
up but that isn't going as fast as I want it. So...)  My issue:  When I
id a user as root, I see tall of the groups he/she belongs to. IE: Group
in question - 10849(group19).  However, when I su as that user, the
groups stop at 10215(group1).  Therefore, this user cannot access the
samba share.  Has anyone experienced this issue and if so, how did you
resolve it?

Here is my smb.conf:

# Global parameters
[global]
workgroup = domain
server string = Web Devel Server
security = DOMAIN
password server = server
guest account = guest
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log file = /var/log/samba.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
lm announce = No
preferred master = No
local master = No
domain master = No
browse list = No
enhanced browsing = No
dns proxy = No
ldap ssl = no
idmap uid = 1-10
idmap gid = 1-10
template homedir = /home/%U
template shell = /bin/bash
winbind use default domain = Yes

Any information will be greatly appreciated! 

Kind Regards,

Jennifer Fountain
Systems Administrator/Security
R&B Distribution
3400 E Walnut Street
Colmar, PA  18915 
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem

[John H Terpstra]

On Thursday 07 July 2005 08:43, aux wrote:
> hi, i'm trying to migrate my samba 2.2.8a pdc to 3.0.12 pdc. I'm using
> ldap and i have already migrated all the data. Also i have executed
> convertSambaAccount for the new schema.

Have you followed the guidance in the Samba Update section (chapter 8) of the 
book "Samba-3 by Example"?

Your copy is waiting for you at:
http://www.samba.org/samba/docs/Samba3-ByExample.pdf

I'd like to know of any shortcomings or deficiencies in this chapter.

Thanks.

- John T.

>
> My problem is that I cannot set the old SID (samba 2.2.8) to the new
> samba 3.0.12 for that the clients can authentificate to pdc server.
>
> samba2.2.8> smbpasswd -S LDAP
> Successfully set domain SID to S-1-5-21-3984604316-2900431957-2958281145
>
> samba3.0.12> net getlocalsid
> SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778
>
> samba3.0.12> net setlocalsid S-1-5-21-3984604316-2900431957-2958281145
> samba3.0.12> net getlocalsid
> SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778
>
> why? the new SID does not keep
>
> The smb.conf is the same, and i also run the command smbpasswd -w
>
> My smb.conf (3.0.12):
>
>  workgroup = LDAP
>  server string = LDAP SERVER
>  os level = 128
>  time server = Yes
>  unix extensions = Yes
>  encrypt passwords = Yes
>  add user script = /etc/samba/idealx/smbldap-useradd -m "%u"
>  add machine script = /etc/samba/idealx/smbldap-useradd -w "%u"
>  add group script = /etc/samba/idealx/smbldap-groupadd -p "%g"
>  add user to group script = /etc/samba/idealx/smbldap-groupmod
> -m "%u" "%g"
>  delete user from group script =
> /etc/samba/idealx/smbldap-groupmod -x "%u" "%g"
>  set primary group script = /etc/samba/idealx/smbldap-usermod -g
> "%g" "%u"
>  username map = /etc/samba/smbusers
>  map to guest = Bad User
>  include = /etc/samba/dhcp.conf
>  logon path = \\%L\profiles\.msprofile
>  logon home = \\%L\%U\.9xprofile
>  logon drive = P:
>  ;LDAP
>  passdb backend = ldapsam:"ldap://127.0.0.1";
>  ldap suffix = o=myroot
>  ldap admin dn = cn=Manager, o=myroot
>  ldap ssl = No
>  hosts allow = 192.168. 127. localhost
>  local master = yes
>  preferred master = yes
>  domain master = yes
>  domain logons = yes
>   [...]
>
> thanks

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Quota support Samba 3.x and Solaris 9

[Remy Zandwijk]

Hi all,

I am a bit confused about whether or not quota support
is available in Samba 3.x under Solaris 9.

I start configure with the options --with-quotas
and --with-sys-quotas, but this results in the error:

Compiling smbd/quotas.c
smbd/quotas.c:932:23: sys/quota.h: No such file or directory
smbd/quotas.c:933:19: devnm.h: No such file or directory
smbd/quotas.c: In function `disk_quotas':
smbd/quotas.c:1115: error: storage size of 'D' isn't known
smbd/quotas.c:1207: error: `Q_GETQUOTA' undeclared (first use in this
function)
smbd/quotas.c:1207: error: (Each undeclared identifier is reported
only once
smbd/quotas.c:1207: error: for each function it appears in.)
*** Error code 1
make: Fatal error: Command failed for target `smbd/quotas.o'


Are quotas supported under Solaris 9?


Best regards,

Remy Zandwijk


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Logins require local admin membership on Windows XP

[Lee Ball]

I am still working through this problem and I think (take that lightly) 
that I am nearing a solution. I believe that the problem is related to 
the tdb files. I am currently going through these files using tdbdump. 
My question is, what is the process that creates these files?
I have seen articles (posts, mailing lists etc) that state that the 
/var/cache can be emptied as it gets recreated.
So if this dir gets recreated then there is something else that I need 
to modify otherwise my changes to the tdb files won't be permanent.


Thanks

Eric Hines wrote:

http://us1.samba.org/samba/docs/Samba3-HOWTO.pdf , newly updated.  
You'll likely want Chapt 34, in particular.


Eric Hines

Lee Ball wrote:

Is there a process that you should do when migrating from Samba 2 to 
Samba 3?


I have spoken to my colleague who did the migration and the way it 
was done was to copy the files that contain the user accounts over.


The symptoms we seem to have is that a workstation won't allow access 
to certain files unless it recognises that you are either a member of 
the domain admins group or a member of the administrators group on 
the local machine. This is what causes the programs to not function. 
It appears to be only programs that require specific access to things 
stored on the local machine. I think one of these examples is the 
ODBC files used to communicate with access databases. Trackit for 
example.



I've googled for migration information but turned up with nothing 
specific at the moment. I'm going to re-read the Samba 3 docs now 
though incase there is something in there.





--
Lee Ball
08707 45 87 14
effective  it.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem

[aux]

hi, i'm trying to migrate my samba 2.2.8a pdc to 3.0.12 pdc. I'm using 
ldap and i have already migrated all the data. Also i have executed 
convertSambaAccount for the new schema.


My problem is that I cannot set the old SID (samba 2.2.8) to the new 
samba 3.0.12 for that the clients can authentificate to pdc server.


samba2.2.8> smbpasswd -S LDAP
Successfully set domain SID to S-1-5-21-3984604316-2900431957-2958281145

samba3.0.12> net getlocalsid
SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778

samba3.0.12> net setlocalsid S-1-5-21-3984604316-2900431957-2958281145
samba3.0.12> net getlocalsid
SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778

why? the new SID does not keep

The smb.conf is the same, and i also run the command smbpasswd -w

My smb.conf (3.0.12):

workgroup = LDAP
server string = LDAP SERVER
os level = 128
time server = Yes
unix extensions = Yes
encrypt passwords = Yes
add user script = /etc/samba/idealx/smbldap-useradd -m "%u"
add machine script = /etc/samba/idealx/smbldap-useradd -w "%u"
add group script = /etc/samba/idealx/smbldap-groupadd -p "%g"
add user to group script = /etc/samba/idealx/smbldap-groupmod 
-m "%u" "%g"
delete user from group script = 
/etc/samba/idealx/smbldap-groupmod -x "%u" "%g"
set primary group script = /etc/samba/idealx/smbldap-usermod -g 
"%g" "%u"

username map = /etc/samba/smbusers
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
;LDAP
passdb backend = ldapsam:"ldap://127.0.0.1";
ldap suffix = o=myroot
ldap admin dn = cn=Manager, o=myroot
ldap ssl = No
hosts allow = 192.168. 127. localhost
local master = yes
preferred master = yes
domain master = yes
domain logons = yes
[...]

thanks
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] received your email

[gstein]

Hi,

  [ Re: Returned mail: see transcript for details ]

I have received your email, but it may take a while to respond. I'm really
sorry to have to hook up this auto-responder, as it is so impersonal.
However, I get a lot of email every day and find it very difficult to keep
up with it. Please be patient while I try to get to your message.

Please feel free to resend your message if you think I've missed it.

I'll always respond to personal email first. If your email is regarding some
of the software that I work on (if you have questions, comments,
suggestions, etc), then please resend it to the appropriate mailing list:

mod_dav  
WebDAV   
ViewCVS  
Subversion   
edna 

Thank you!

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] 4GB limit on samba 3.0.4

[Scruggs, Ronald]

Does anyone know anything about a 4GB size limit on Samba 3.0.4 running
on AIX 5.2 with a 32-bit kernel?  We currently have files being
transferred from a Windows 2000 server to an AIX machine, and if the
files are larger than 4GB, they are getting mangled.  Running samba at a
high debug level shows the file pointer rewinding or becoming negative
once it reaches 4GB and md5sum indicates that the file has changed.
 
Any ideas?
 
Thanks,
 
Ron Scruggs
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Seeking help with Samba shares & OPLOCKS & Quickbooks databases

[Richmond Dyes]

Liz Ackerman wrote:


I thought I had things figured out, but guess not.  I have multi-user
Quickbooks databases that functioned fine on a Novell server but are
behaving badly on a Samba share.  I have created a separate share for the
Quickbook databases, users are running Win XP Pro, latest patches, and the
Quickbooks application installed on the desktop.  It is a multiuser version.

Server is RedHat ES 3, Samba 3.0.14.  Here is the config for the Quickbooks
share:

[accting]
comment = Accounting Volume
path = /accting
writeable = yes
valid users = a list of valid users
level2 oplocks = no
veto oplock files = /*.*db/*.ldb/*.mde/*.xls/*.QB*/*.*/
blocking locks = no
locking = no
strict locking = no
share modes = no

The first user opens the database, and as soon as the second person attempts
to access the same database, the database is corrupting and crashing.

Does anyone else out there have a similar setup or experience that works and
can help me resolve my issue??

Much thanks!

Liz
 

Turning off opportunistic locking is one thing but you need to leave 
regular locking on.  They are 2 different animals and without locking no 
shared database will work.


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] tree connect failed: NT_STATUS_BAD_NETWORK_NAME

[Mike Soh]

Hello everyone!

I've searched the archives and seen this problem crop up a couple of different
times.  None of the solutions I've found seemed to have worked.

Here's the synopsis:
I've recently installed FC4 and samba shares for home directories should work
right out of the box.  Default settings, etc...

I get this error:

[EMAIL PROTECTED]:~$ smbclient //127.0.0.1/sohmc
added interface ip=192.168.1.201 bcast=192.168.1.255 nmask=255.255.255.0
Client started (version 3.0.14a-2).
Connecting to 127.0.0.1 at port 445
Password: 
Doing spnego session setup (blob length=58)
got OID=1 3 6 1 4 1 311 2 2 10
got principal=NONE
Got challenge flags:
Got NTLMSSP neg_flags=0x608a0215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60080215
Domain=[BART] OS=[Unix] Server=[Samba 3.0.14a-2]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME


I've checked permissions, and even made everything world readable, still
doesn't work.

It gets weirder.  I've shared my tmp directory using the provided smb.conf:

# This one is useful for people to share files
[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes

I can access this share just fine.  However, I ran some permissions test to
see if I could isolate the problem.  When I use samba to put a file into
temp, the file is copied correctly.  BUT when I create a file outside of
smbclient (e.g. vim) and save it into tmp, samba cannot see it.  It says
permission denied.

I know what you're thinking...permissions are wrong.  After copying the file
using samba, I tried copying it again in the shell with another filename.
Keeping in mind that I copied with permissions and everything.  Still the same
problem.

I get the feeling that I'm missing something really big here.  I've never
experienced this problem with FC2 or FC3.  I don't think architecturally there
is anything different between FC2/3 and FC4.  I could be mistaken though.

Anyone have any other suggestions I could try?

let me know!  thanks!

-- 

Mike Soh
[EMAIL PROTECTED]
http://twentyfifteen.tripod.com

"Courage is not simply one of the virtues, but the form of every virtue at the
testing point."
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba + xp "Delayed Write Failed"

[Kosa Attila]

On Thu, Jul 07, 2005 at 03:07:56AM -0700, Jeremy Allison wrote:
> On Thu, Jul 07, 2005 at 11:53:39AM +0200, Kosa Attila wrote:
> 
> >max xmit = 8192
> >block size = 4096
> 
> Why have you changed these ? What was the purpose of doing so ?
> Just remove them from your smb.conf.

My disks block size is 4096 byte.  We tried all kinds of value to both
options, in order to find the optimal values.

man smb.conf (samba 3.0.14a version) /max xmit \(G\)
The default is 65535, which is the maximum.  In some cases you may find
you get better performance with a smaller value.

Therefore we tried to lower the default value.

But we tried the default value, too. Unfortunately it hasn't changed for
the better :(

I make a little drawing to make the network topology clear (it may
help).


| WIN  |
| NT 4 | 

   |1000
   |   |-firewall--Internet
 -- 100     1000   | ---   | 
 | samba  |--|switch|| XP  |   |VNC 
 | PDC|  | VNC |   |
 | LDAP   || | |   |
 | replica||1000 | |   |
 --| ---  
   |   |1000MB| my   |
 eth1  | cable| Linux|
|samba |---|  | box  |
|3.0.20|  


samba PDC eth0  192.168.3.35  (192.168.3.0/24)
samba 3.0.20 eth0   192.168.3.190 (192.168.3.0/24)
samba 3.0.20 eth1   192.168.20.1  (192.168.20.0/24)
XP nic1 192.168.3.191 (192.168.3.0/24)
XP nic2 192.168.20.2  (192.168.20.0/24)
WIN NT 4192.168.3.21  (192.168.3.0/24)

-- 
Bye
Zsiga

Sorry, for my poor English!
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] McAfee GroupShield Alert

[XRTEASTVirusAlert]

McAfee GroupShield™ Alert 

McAfee GroupShield discovered a problem with the following email. See
your system administrator for further information. 

Date/Time sent: 07 Jul 2005 07:07:29
Subject line: [Samba] Rejected posting to [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
To: samba@lists.samba.org
Action taken: Deleted Message
Reason: Anti-Virus
Rule Group: 


Copyright © 1993-2003, Networks Associates Technology, Inc.
All Rights Reserved.
http://www.mcafeesecurity.com   

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: Regarding: [Samba] Samba3+LDAP: Can't join domain.

[David Szanto]

>
> Please realize that you are posting to a mailinglist.
> Your last two postings did not contain information
> for people other than Louis.

You're absolutely right.  I apologize.  And I promise to be more 
carefull 
next time on.

Cheers,
David
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] RE: [EMAIL PROTECTED]

[Civis]

Madame, Mademoiselle, Monsieur,

Nous vous remercions de votre courrier électronique.

Dans le souci de mieux correspondre à vos attentes, nous vous prions de bien 
vouloir nous contacter désormais par le biais du nouveau "Portail des 
Citoyens", mis à votre disposition à l'adresse Internet
http://www.europarl.eu.int/opengov/default_fr.htm

Nous vous invitons donc à transférer le contenu de votre courriel vers le 
formulaire, par simple "copier/coller" (copy/paste).

Avec nos remerciements



Dear Correspondent,

Thank you for your e-mail message.

To enable us to deal with your message, we would kindly ask you to readdress it 
to us using the form given at the « Citizens’ Portal » on the EP web site at
http://www.europarl.eu.int/opengov/default_en.htm

You can transfer the text of your message to the form using the copy and paste 
procedure.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba3+LDAP: Can't join domain.

[David Szanto]

Hi Louis,
Sorry I took so long to answer...  

El Miércoles, 6 de Julio de 2005 08:40, Louis van Belle escribió:
> Hi david,
>
> nice thats it's working,
>
> 1 question, i made some bad changes some days ago
> in my libnss_ldap.conf or pam_ldap.conf
>
> could you send me a copy of these ?

No problem.
Here they go. 
--libnss-ldap.conf
base dc=gicomm,dc=iberica,dc=esp

uri ldap://127.0.0.1/
ldap_version 3

rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=esp

scope sub
--end

--pam_ldap.conf--

host 127.0.0.1
 
base dc=gicomm,dc=iberica,dc=esp
ldap_version 3

rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=es

pam_filter objectclass=posixAccount

pam_login_attribute uid

--end


> i would help me great.

I hope so. :-)
It's a very simple configuration.  There aren't many changes from the original 
file.


>
> thanx.
>
> Louis

Cheers,
David
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] XP samba join domain

[Geert Stappers]

On Wed, Jul 06, 2005 at 03:59:20PM +0200, L.P.H. van Belle wrote:
> >From my logs.
  
>  
> Im missing the SRCH base="ou=Computers,dc=rotterdam,dc=bazuin,dc=nl" 
> 
> What's wrong, i f... cant find it.. 

$ grep -i machine /etc/samba/smb.conf | grep ou=
   ldap machine suffix = ou=Machines,ou=People


GSt



signature.asc
Description: Digital signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] 'deadtime' in Samba 3.0.13

[Martin Zielinski]

Peter Shull wrote:

Hi,

>

I currently have deadtime = 15 in my smb.conf.  This featured worked good to
disconnect clients that have been idle for > 15 minutes in the past.  With
the 3.0.13 version, it seems to do nothing.  As in, it just keeps the user
connected indefinitely. 


Here is what I see when no one is currently at the office and everyone is
logged off their computer.

Thanks



[...]

On my system the clients keep one spoolss pipe open. When the client 
opens a printer window and closes it afterwards, one connection remains 
(No Tree Disconnect AndX Request).
Except for the printer administrator. The printeradmin calls the 
disconnect-request and the daedtime functions (mostly).


In smbd/conn.c : conn_idle_all() the deadtime is ignored, if one or more 
files are still open.
Testing with older versions shows, that the behaviour hasn't changed. 
It's the same with samba 3.0.6.

But I could swear, I would have had problems with this earlier ...?

Anyone who does _not_ see this behaviour?


Martin


--
Martin Zielinski [EMAIL PROTECTED]
Software Development
SEH Computertechnik GmbH www.seh.de
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba + xp "Delayed Write Failed"

[Jeremy Allison]

On Thu, Jul 07, 2005 at 11:53:39AM +0200, Kosa Attila wrote:

>max xmit = 8192
>block size = 4096

Why have you changed these ? What was the purpose of doing so ?
Just remove them from your smb.conf.

Jeremy
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbldap-useradd

[Jerome Tournier]

Le Thu, Jul 07, 2005 at 08:48:19AM +0200, Tony Earnshaw a ecrit:
> smbpasswd is a binary that works fine with LDAP and changes both Unix
> (in LDAP the userPassword  attribute) and Windows passwords - I use it
> myself in shell scripts. smbldap-passwd is a script without the same
> functionality.
both smbpasswd and smbldap-passwd can be used. Smbldap-passwd can change
both unix password and Win32 passwords.
You can use for example
echo -e 'password\npassword' | smbldap-passwd user
-- 
Jerome
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba + xp "Delayed Write Failed"

[Kosa Attila]

Hello!
Hardver: Windows XP Compaq Proliant DL360, Linux Compaq Proliant DL380.
2 pieces of processors Intel Xeon 3,2GHz, 2GB RAM, 6 gigabit interface
(2 tg3, 4 e1000), Debian Woody, 2.4.31 vanilla kernel.  6 U320 SCSI
15krpm HDD, 2 HDD RAID1 system, 4 HDD RAID1+0 data.  Every network cards
connect at speed of 1000MB full duplex, with XP crosscable (but we've
tried with gigabit switch, too, we have tried both types of cards).  In
the XP's (there are more of them) there are 2 pieces of interface at
gigabit speed, one of them is connected to the network of PDC, the other
is connected to the cards of the above mentioned computer with
crosscable.  There is also a Windows NT 4.0 SP6 server with gigabit
card, too.

Surroundings: Windows domain, samba PDC (2.2.8a) that gets users from
LDAP.  The Linux computer belongs to the domain, the LDAP-server is set
to it in libnss-ldap.conf file (the "getent passwd" sees the users and
groups), and the samba is able to authentify the users with the help of
the options "security = server, password server = IP.address", there's
no problem with this. DL380 the samba's version is: 2.2.3a-15.  Its
speed is convencing, the program mentioned below communicates with the
server at a speed of 140-15kbit/s (measuring with iptraf, Incoming
~9, Outgoing ~5), by the netwatch of Windows the utilization of
the network sometimes reaches the 19%.  When I make run the program
below onto files on an XP, then by the network of Windows the
utilization of the net is never higher than 15%.  The utilization of the
processor on the XP is above 50% while the program is running.

There's a program that - when running on the XP - reads from mapped
network drive and writes back there.  It reads certain data and
generates different files from the data.  These files are relatively big
size (both the read and written ones), now the biggest is the size of
400MB.  However undefinable times we get the next error message in
Windows: "Delayed Write Failed".

This time a note gets also into the diary of the events, its the status
code is: c20c (see later why it's important).  Searching in the
Microsoft's Knowledge Base we've found these messages that are like the
error message above:

http://support.microsoft.com/default.aspx?scid=kb;en;321733
- here the error message is the same but the status code is not.  It
seems that the SP2 solves this problem on XP, we've looked through the
mentioned things and everything is OK, they are set up so that they
should work.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q293842
- the error message is similar, the status code is the same, too but by
Microsoft this error doesn't happen on XP.

http://www.tangent-systems.com/support/delayedwrite.html - this is a
good summary of the problem above.  It analyses what kind of settings
are needed for servers and clients in order to avoid this error (that is
depending on the combination of the server and the client to switch on
or to switch off the SMB signing).

On the basis of the last link we have checked the settings of the
Windows NT server (on that making the program run the error message
doesn't happen) and they suit the requirements written in the article.
The 2.2.3a-15 samba Windows NT behaves as a server on the network, that
is SMB signing should be switched off in it, too... however this version
doesn't know such an option! (I can't understand, if it doesn't know the
option of SMB signing how it can use?  Otherwise, if this samba can't
use it, it can't be switched off because it is not switched on...)
Anyway, we've also tried 2.2.8, 2.2.9 versions, but there was no result
beside the drastic slowing down, the error message arises again on XP.
(Drastic slowing down means: the speed doesn't exceed 2kbit/s in
contradiction to the previous 15kbit/s, Incoming ~10700, Outgoing
~8500).

We have ported 3.0.14a and 3.0.20pre1-1 versions aswell, they have SMB
signing option (client signing = diabled, server signing = disabled),
and it solves the question of error.  Using these versions the error
message doesn't arise on XP.  But the speed is awful!  We aren't able to
reach 3kbit/s :(  If debug level = 3, even 2kbit/scan't be
exceeded!  On XP the utilization of the processor doesn't go over 27%!
By the Windows netwatch the utilization of the network never exceeds 2%!
The utmost packet size (with iptraf) 76-150 byte.

It's interesting that in case of simple copy (that is I copy from samba
to XP starting copy from XP with Explorer) by the Windows netwatch speed
is fixed 11%, by iptraf it is roughly fixed 117000kbit/s (with version
2.2.3a-15).  And neither copies always run without errors!  Sometimes an
error message arrives: "Network name can't be reached" (or something
like that - it can't be totally reproducted the copy is sometimes
successful, sometimes not).

Here is the 2.2.3a-15 samba version's smb.conf file (as it can be seen,
we haven't tuned too much on it, it's almost the default config)

[Samba] Policy Violation

[Symantec_AntiVirus_for_SMTP_Gateways]

The following message sent by this account has violated system policy:

From: samba@lists.samba.org
To: [EMAIL PROTECTED]
Date: Thu, 07 Jul 2005 04:21:25 -0500
Subject: Returned mail: see transcript for details


The following violations were detected:

--- Scan information follows ---

Virus Name: [EMAIL PROTECTED]
File Attachment: text.scr
Attachment Status: deleted

--- File name Block information follows ---

File Attachment: text.scr
Matching file name: Message is considered to be a mass-mailer.

--- File name Block information follows ---

File Attachment: M2005070704212523558.mes/text.scr
Matching file name: *.scr




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba 3.0.13 + solaris 8

[Anthony PEROT - Generation Unix]

Hi,

I've installed on a Solaris 8 box, using pkg-get (blastwave.org), the
following packages :

- Samba 3.0.13

   CSWsamba + CSWsambaclient + CSWsambacommon +  CSWsambalib + CSWsambaswat

- MIT Kerberos 1.4.1

   CSWkrb5doc + CSWkrb5lib + CSWkrb5user

- OpenLdap 2.1.30 (ldap clients,libraries and server)

   CSWoldap

Then, I've verified using smbd -b that samba has been build using LDAP and
Kerberos support, it OK, so I did the following config :

/etc/krb5/krb5.conf

[libdefaults]
default_realm = MYDOMAIN.COM

[realms]
MYDOMAIN.COM = {
kdc = 192.0.0.2
default_domain = MYDOMAIN.COM
}

[domain_realm]
.mydomain.com = MYDOMAIN.COM
mydomain.com = MYDOMAIN.COM

/opt/csw/etc/samba/smb.conf :

[global]
workgroup = DOMAIN
realm = MYDOMAIN.COM
server string = Samba File Server - Sun Solaris 8
netbios name = samba
security = ADS
client schannel = Auto
server schannel = Auto
client signing = Auto
server signing = Auto
client use spnego = No
socket options = TCP_NODELAY
dns proxy = No
#idmap uid = 1-2
#idmap gid = 1-2
winbind separator = _
winbind enum users = No
winbind enum groups = No
winbind use default domain = No
algorithmic rid base = 1
dos filetimes = Yes
dos filemode = Yes
acl compatibility = win2k
inherit acls = yes
inherit permissions = yes
encrypt passwords = yes


I did "net ads join" and it has succeded

So, if I launch smbd, nmbd and winbindd they keep on running without
crashing, I can see the server in the network neigbourhood, but if I
double clic on it an authentication window appears and I can enter a
username/password but this windows always appear and I can't access to
browse the shares.

Output of log.smbd when just typing on a workstation "\\samba" :

[2005/07/07 09:49:30, 0] smbd/server.c:(388)
  open_sockets_smbd: accept: Software caused connection abort
[2005/07/07 09:49:30, 0] auth/auth_util.c:(1195)
  make_server_info_info3: pdb_init_sam failed!
[2005/07/07 09:49:30, 0] smbd/server.c:(388)
  open_sockets_smbd: accept: Software caused connection abort
[2005/07/07 09:49:30, 0] auth/auth_util.c:(1195)
  make_server_info_info3: pdb_init_sam failed!
[2005/07/07 09:49:30, 0] smbd/server.c:(388)
  open_sockets_smbd: accept: Software caused connection abort
[2005/07/07 09:49:30, 0] auth/auth_util.c:(1195)
  make_server_info_info3: pdb_init_sam failed!
[2005/07/07 09:49:30, 0] auth/auth_util.c:(1195)
  make_server_info_info3: pdb_init_sam failed!


And now when trying to authenticate with a valid username/password :

[2005/07/07 09:51:11, 0] smbd/server.c:(388)
  open_sockets_smbd: accept: Software caused connection abort
[2005/07/07 09:51:11, 0] auth/auth_util.c:(1195)
  make_server_info_info3: pdb_init_sam failed!


Nothing in log.winbindd


What is working or not working :


wbinfo -t : OK

wbinfo -g : OK but only some BULTIN groups not all and not the other
groups in AD

wbinfo -p : OK

wbinfo -u : Not OK : Error looking up domain users

net user : OK : I get the full list in output
net group : OK : idem
net user INFO  : OK


Do you have any idea of what is wrong ?

Thanks







-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Windows 2003 accessing samba

[Trevor Mills]

Hi there I found this on another forum:

 http://www.tek-tips.com/viewthread.cfm?qid=1058209&page=1

On the 2003 server, check the following entry:

Local Security Policies:
Local Policies --> Security Options.
Network Security:  LAN Manager Authentication Level

Try setting to "Send LM and NTLM responses"

Do so at your own discretion, of course.


And it worked for me.

Regards,

Trevor

Trevor Mills
Advisory IT Specialist

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Policy Violation

[Symantec_AntiVirus_for_SMTP_Gateways]

The following message sent by this account has violated system policy:

From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Thu, 07 Jul 2005 03:06:06 -0500
Subject: Mail Delivery (failure [EMAIL PROTECTED])


The following violations were detected:

--- Scan information follows ---

Virus Name: [EMAIL PROTECTED]
File Attachment: M2005070703060622832.mes
Attachment Status: infected

Virus Name: [EMAIL PROTECTED]
File Attachment: message.scr
Attachment Status: deleted

--- File name Block information follows ---

File Attachment: M2005070703060622832.mes
Matching file name: Message is considered to be a mass-mailer.

--- File name Block information follows ---

File Attachment: M2005070703060622832.mes/message.scr
Matching file name: *.scr




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Help with ntlm error on Samba 3.0.14a

[Arno . STREULI]

Hello,
I'm having some trouble with the winbind process I'm getting a lot of
error:
[2005/07/04 14:14:48, 0] libsmb/clientgen.c:cli_send_smb(155)
  Error writing 494 bytes to client. -1 (Broken pipe)
[2005/07/04 14:14:48, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435)
  cli_pipe: return critical error. Error was Write error: Broken pipe
[2005/07/04 14:14:49, 0] lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Broken pipe
[2005/07/04 14:14:49, 0] lib/util_sock.c:write_socket(455)
  write_socket: Error writing 202 bytes to socket 17: ERRNO = Broken pipe
[2005/07/04 14:14:49, 0] libsmb/clientgen.c:cli_send_smb(155)
  Error writing 202 bytes to client. -1 (Broken pipe)
[2005/07/04 14:14:49, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435)
  cli_pipe: return critical error. Error was Write error: Broken pipe
[2005/07/06 09:09:06, 0] lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Broken pipe
[2005/07/06 09:09:06, 0] lib/util_sock.c:write_socket(455)
  write_socket: Error writing 226 bytes to socket 14: ERRNO = Broken pipe
[2005/07/06 09:09:06, 0] libsmb/clientgen.c:cli_send_smb(155)
  Error writing 226 bytes to client. -1 (Broken pipe)
[2005/07/06 09:09:06, 0] rpc_client/cli_pipe.c:rpc_api_pipe(435)
  cli_pipe: return critical error. Error was Write error: Broken pipe

any clue why/how can I solve this ?

here is my config:
# Global parameters
[global]
workgroup = D-CH3
password server = *
security = DOMAIN
winbind uid = 1-2
winbind gid = 1-2
netbios name = squid3
server string = squid3 gva %v
encrypt passwords = Yes
client ntlmv2 auth = yes
preferred master = No
local master = No
domain master = No
name resolve order = wins host bcast
wins server =  10.1.2.8 10.1.1.9

thanks for any input.

regards,
Arno Streuli




**
DISCLAIMER - E-MAIL
---
The information contained in this E-Mail is intended for the named
recipient(s). It may  contain certain  privileged and confidential
information, or  information  which  is  otherwise  protected from
disclosure. If  you  are  not the intended recipient, you must not
copy,distribute or take any action in reliance on this information
**
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbldap-useradd

[Tony Earnshaw]

tor, 07.07.2005 kl. 03.12 skrev [EMAIL PROTECTED]:

[...]

> >> The unix 'passwd' was the same way, but it had a switch '--stdin' so
> >> that I could pipe the passwd into it and the smbpasswd actually let you
> >> put the password in-line.
> >
> > How about building smbpasswd into your script? smbpasswd modifies both
> > the Unix and Windows passwords at the same time.
> >
> > Two possible shell solutions, one from Nick Soracco and one from an
> > answer to Wim Bakke (which I don't have), both from this list June last
> > (copy 'n paste):
> >
> > printf "\n\n" | smbpasswd -a -s 
> >
> > echo -n -e "$PASS1\n$PASS2" | smbpasswd -as $USERNAME
> >
> > Just read the passwords from your list of details for each pupil.
> 
> 
> That is actually what my old script did.  I just found the '-s' after I
> posted this message.   I do have a question about this though.  Since
> Samba is using ldap, is it alright to use smbpasswd?  Do I not have to use
> smbldap-passwd?  Do they modify the same file?

smbpasswd is a binary that works fine with LDAP and changes both Unix
(in LDAP the userPassword  attribute) and Windows passwords - I use it
myself in shell scripts. smbldap-passwd is a script without the same
functionality.

--Tonni

-- 
mail: [EMAIL PROTECTED]
http://www.billy.demon.nl


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba