[Samba] The problem on joining a computer running FreeBSD(v5.4) to a Windows 2003 Active Directory domain using samba3.
Hi, I encountered a problem when I joined a FreeBSD machine to a windows 2003 AD domain. I passed following steps successfully: 1.#net ads join �CUAdministrator 2.#wbinfo �Cu 3.#wbinfo �Cg But when I check: #id Domain\\username (I can find this username using command “wbinfo �Cu”) Id Domain\\username: no such user I found: After restarting samba, there is a error message in file log.winbindd: “[2005/10/09 11:17:44, 1] nsswitch/winbindd.c:main(864) winbindd version 3.0.12 started. Copyright The Samba Team 2000-2004 [2005/10/09 11:17:44, 0] nsswitch/winbindd_util.c:winbindd_param_init(555) winbindd: idmap uid range missing or invalid --- I set “idmap” in smb.conf: idmap uid = 1 -2 and idmap gid = 1 - 2 [2005/10/09 11:17:44, 0] nsswitch/winbindd_util.c:winbindd_param_init(556) winbindd: cannot continue, exiting. [2005/10/09 11:17:44, 1] nsswitch/winbindd.c:main(897) Could not init idmap -- netlogon proxy only) And also other messages: ” 2005/10/09 11:20:00, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282) No rid for Account Operators !? [2005/10/09 11:20:00, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282) No rid for Administrators !? …… [2005/10/09 11:20:00, 1] nsswitch/winbindd_group.c:winbindd_getgrent(704) could not look up gid for group All IT [2005/10/09 11:20:00, 1] nsswitch/winbindd_group.c:winbindd_getgrent(704) could not look up gid for group Enterprise Admins …… [2005/10/09 11:24:45, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'Domain\username' does not exist What is the problem? Any feedback will be appreciated? Thanks! Best Regards, Liu, Hong Quan IT Department New World Business Solution Corporation Limited 29F, Building A, Eagle Run Plaza, No.26, Xiaoyun Road, Chaoyang District, Beijing 100016 新世界软件有限公司 北京市朝阳区霄云路26号 鹏润大厦A座29层 邮编 100016 Tel(电话): 86-10-6468 - 8808 Fax(传真): 86-10-84584158 Email(电邮): [EMAIL PROTECTED] Website(网址): www.nwbsc.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP reconnect
On Fri, 2005-10-07 at 10:53 +0200, Michael Trimarchi wrote: > Bruno Guerreiro wrote: > > >Hi there, > >It may be an overloaded LDAP server or maybe network connectivity problems. > > > > > Is not a network problem, because the samba and ldap are on the same > machine. And the ldap server is not overloaded, because there are only > 25 computers on the net. > > Regards Michael This is normal for nss_ldap after Samba 3.0.20 (or was it 3.0.14, my memory suffers). In any case, the issue is that samba does an NSS lookup, then forks, and makes more lookups. This cases nss_ldap to reconnect (to avoid using one socket in two processes), and hence the message. The message has been killed in more recent releases of nss_ldap. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles change when migrating from NT4 to Samba PDC
On Sat, 2005-10-08 at 09:29 -0500, Philip Washington wrote: > I was under the impression that once the PDC was transferred then USER2 > could log into the MACHINE2 and not have any indication that there was a > difference in the platform the PDC was running on or that there had been > a change. This very much depends on what the values on the old PDC are and what you have set in your new smb.conf. You haven't told us very much about how your domain is setup, what values you found in the replica LDAP, and in particular what you saw the client doing in the domain logon. In particular, is the logon path filled in, in the SamLogon reply? (observed best with a level 10 debug). Does the client attempt to contact the roaming profile server? What is your logon path set to in NT4, and what is the value in LDAP now? Anything else in the logs? Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: MS SQL server and samba
Perhaps this will help. It shows the conditions under which SQL Server will backup to a remote drive. http://support.microsoft.com/default.aspx?scid=kb;en-us;555128 UNC pathnames are preferred. Mapped drives are unreliable. Note that most people use Enterprise Manager to backup from SQL to the local drive. They then use backup software to backup from disk to tape or disk to disk. Backup up over the network from within SQL server uses up a lot of network bandwidth. Let me know if this works with Samba. "Hans du Plooy" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi guys, > > I setup a Samba box to act as a backup server (storage), for the windows > servers to dump their backups on. The MS SQL 2000 server won't see the > samba box. Windows it self does, but SQL not. Even if I map a network path > to a local drive, it still doesn't see it, so I cannot point the backups that > way. > > Is there any special trick to getting this to work? > > Thanks > Hans > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] MS SQL server and samba
On Sat, Oct 08, 2005 at 03:53:53PM +0200, Hans du Plooy wrote: > Hi guys, > > I setup a Samba box to act as a backup server (storage), for the windows > servers to dump their backups on. The MS SQL 2000 server won't see the > samba box. Windows it self does, but SQL not. Even if I map a network path > to a local drive, it still doesn't see it, so I cannot point the backups that > way. > > Is there any special trick to getting this to work? As I recall from a NetApp CIFS conference presentation, SQL Server was deliberately prevented from working with CIFS by Microsoft. I think the intimation was that they didn't want it being able to work with NetApp filers. But remember "they're committed to interoperability !" :-). Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Performance issues
Thank you both for your replies. > I can't guarantee that this will solve your problem, but since you > mention that you've replaced a server, there's a good chance that there > are some stale & invalid shortcuts lying around. It could be that > Windows periodically is going out there looking for these nonexistent > shares, and in the process interrupts your connection. Hey, it's worth a > shot. I'll give it a try. That makes sense and won't take much time to test. Appreciate it, -Ryan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] inherit owner parameter
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cybionet a écrit : > Greeting Jeremy Allison, > > I can't have better answer than for the creator of this feature. > :-) I must apologize, the result of the testparm don't give warning > or error (on Samba 3.0.20). My mistake was that the word 'owner' > was not reconize in smb.conf. > > In conclusion this feature did not resolve my ACL(EA) entry problem > with Samba. > > Robert > The inherit owner parameter is a feature for permit to a administrator to put a file in a home (for example) and this file take the owner of parent's folder. The problem which you explain is a strange problem, I also see that in some ACL entry. I think is because there are different reaction about the owner with Office 97, 2000, XP. Maybe the samba 3.0.20a with SeTakeOwnerShip privilege can resolve this problem ? Stéphane Purnelle - -- Stéphane Purnelle <[EMAIL PROTECTED]> Site Web : http://www.linuxplusvalue.be -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDR/5W8tswkE3d0ecRArQuAJ9/WBzMktvmdMb2qirAZF45i9kPqwCfc3c7 GlPYG5X6qf/uPLpBV19FXtU= =Dgu5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] inherit owner parameter
On Sat, 2005-10-08 at 12:28 -0400, Cybionet wrote: > Greeting Jeremy Allison, > > I can't have better answer than for the creator of this feature. :-) I > must apologize, the result of the testparm don't give warning or error > (on Samba 3.0.20). My mistake was that the word 'owner' was not reconize > in smb.conf. > > In conclusion this feature did not resolve my ACL(EA) entry problem with > Samba. perhaps it would be best to start anew - describe the problem, what you have done to fix it, perhaps quote the relevant portions of testparm and then maybe one of us can see something. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] inherit owner parameter
Greeting Jeremy Allison, I can't have better answer than for the creator of this feature. :-) I must apologize, the result of the testparm don't give warning or error (on Samba 3.0.20). My mistake was that the word 'owner' was not reconize in smb.conf. In conclusion this feature did not resolve my ACL(EA) entry problem with Samba. Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles change when migrating from NT4 to Samba PDC
Craig White wrote: On Fri, 2005-10-07 at 17:52 -0700, Craig White wrote: On Fri, 2005-10-07 at 19:22 -0500, Philip Washington wrote: After migration of an NT4 domain to Samba we find that when users log in they have a new profile. Since we cannot deal with this on all of the computers with all of the users we have had to stop the migration. I have searched through the archive and not been able to find any answers to this issue, I did find a relevant article though and apparently they didn't have an answer in 2002. http://lists.samba.org/archive/samba/2002-August/050163.html Has anyone found a way to resolve this? We are not using roaming profiles. I am hoping that you really aren't looking for wild speculation as to what may be the problem. Some things that you should consider sharing with us so that we might be able to make a useful suggestion... samba version ? SID ? 'net getlocalsid' does this match the SID of the domain that the machines that were already joined to the domain? Did you actually 'net setlocalsid' to match? from your smb.conf passdb ? logon path = ? security = ? domain logons = ? domain master = ? preferred master = ? If we took an example of one or two users who had a problem with their profiles...what's output of things like pdbedit -L USER_NAME ? does the profile path actually work? Is it reachable from a Windows system? privileges on profile server permit access? otherwise, I would just say that you're having a bad day. I should have pointed out... logon path = (that's right - blank) prevents roaming profiles and perhaps, because I am not very smart and was trying to populate LDAP with which I was pretty unfamiliar, I had to run through the vampire process a lot of times before I got everything working the way I wanted it. My second time doing the vampire thing to LDAP was considerably easier. Even though the documentation was excellent, the devil is in the details. Craig Sorry if this is a double post, but I believe that I replied directly to Craig instead of to the group. We transfered the DOMAINA from NT4 to SambaPDC-LDAP logged TESTUSER1 onto TESTMACHINE1 and were able to authenticate without getting roaming profiles. The user and Machine had been transfered from the NT4 PDC We then tried another machine MACHINE2 and were able to log in using TESTUSER1. We then tried logging in USER2 onto MACHINE2 and were able to get authenticated, but the desktop changed the, Outlook treated this as a new user and USER2 was not able to open files with his specific user permisions. We worked on trying to resolve this for a day, but we had already gone through about 3 days with vampire issues and roaming profile problems. Did we miss something and incorrectly do something when using vampire. We were trying to follow the directions, I believe it was Ch8 in Samba3 by example. We are contemplating whether to try this again, but if we can't resolve this we may have to throw in the towel. We have to many users and machines with diverse application setups to try and work around this manually. I was under the impression that once the PDC was transferred then USER2 could log into the MACHINE2 and not have any indication that there was a difference in the platform the PDC was running on or that there had been a change. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] MS SQL server and samba
Hi guys, I setup a Samba box to act as a backup server (storage), for the windows servers to dump their backups on. The MS SQL 2000 server won't see the samba box. Windows it self does, but SQL not. Even if I map a network path to a local drive, it still doesn't see it, so I cannot point the backups that way. Is there any special trick to getting this to work? Thanks Hans -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] strange thing with two way trust
the setup is: samba-3.0.20 <-(two way trust)-> w2k3 ads in mixer mode when sitting in samba domain I can easily get users and groups from AD without any password prompt. when sitting in AD domain I am asked for password when I get users from samba domain. how can I avoid that password prompt ? Cheers, Ilia Chipitsine -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba