Re: [Samba] Bind to eth1 only problem
On Fri, Nov 04, 2005 at 02:19:44PM +0100, Louis van Belle wrote: > you can also define it as this. > > interfaces = eth0 lo > bind interfaces only = yes I've written up a little article about multiple interfaces, and the testing thereof. I'm also trying to learn about docbook. (-: http://samba.org/~tpot/articles/multiple-interfaces.html Tim. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: bugzilla.samba.org down for maintanence/upgrades
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gerald (Jerry) Carter wrote: | Should be back up shortly Back on-line. jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDeSyEIR7qMdg1EfYRAnvHAJ97UZgUeHG47+1vNGWxKPB4+A0k6gCgx5fq Htsg+yfF52sV9AFt4Hn0DTA= =Rmjs -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] CTRL+ALT+DEL Samba PDC
Samba is causing problems changing the samba users password from the domain machines. Gives a message "Cannot change the password as the Domain Testdom cannot be found". But the machine trust relation is already established and the users are authenticated and are able to login to the client machines. Any help will be greatly appreciated. Thankx in advance pavan. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] bugzilla.samba.org down for maintanence/upgrades
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Should be back up shortly cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDeSEkIR7qMdg1EfYRAmtXAJ9UBAX2q/PZeuENNlXcijenh+q78ACgljhg 7DUNH4zjHr1rHSBIxvt3OM8= =OG3j -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: net rpc vampire - cannot login to migrated computer accounts
On Mon, 2005-11-14 at 11:59 +0100, Christoph Peus wrote: > Yes, but what's the underlying technical cause for the cause? ;-) > It would be interesting to see how two identical XP-maschines would > differ after having joined the one to a NT4-Domain and the other to an > ADS domain. Which regkyes differ? Has somebody tried to make a "back to > NT4-Style trust" conversation tool for Win2k/XP-maschines? > Otherwise I have to search a solution now for the task of letting 500 > clients rejoin the domain unattended/automatically somehow. So, back in the early days of Samba3, a new RPC (QueryInfoPolicy2 on lsarpc) was added, as we started to understand a bit more about ADS. The problem was, this was found to be the 'are you ADS' call, and seemed to create a rachet like mechanism. Being the silly boy I am, I was running early Samba 3.0 pre-release code in production, and I still have a lab of machines that I joined to that domain, while it was 'sort of ADS'. While in this case they still worked with Samba3, they would not honour the NT4 style system policies. It was a mess, and we quickly removed this call from Samba, so that we would not over-state our capabilities. On the flip side, with Samba4 we can now really do ADS style logins, and we really support the new RPCs, LDAP, Kerberos (including the PAC) and all the rest... Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding Nested Partitions To A Mount Point
On 11/14/05, Stefan Smietanowski <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hi. > > > For linux, there is lvm2 and evms. Evms is a bit, well, it's totally > > invasive to your system and kernel, so look into lvm2. lvm2 is quite > > How is EVMS invasive? > > EVMS is basically a collection of software that uses the DM driver > just like LVM2. > > It USED (2002) to have it's own kernel driver but that was > ages ago. > > It's like saying Samba can't be a PDC just because Samba 2.x didn't > really have the code for it. > > // Stefan If that has all changed and has properly been 'aged/tested' for reliability reasons, great, my bad, and by all means vive les evms. But last time I tinkered with it, it wanted it's own partition types (that nothing else seemed to understand), tried to grab every fs on the system, and don't even go looking to do a root partition on evms (oh what fun it is to have to hack your initrd). And yes, in the latter event lvm2 is similar, but at least there were tools about to make this as painless as possible. Or perhaps it's just not invasive by your standards, kind of how like goatse.cx man wouldn't consider a bottle up his bum invasive. Meanwhile, I know lvm2 works just ducky with all necessary kernel parts in the current vanilla kernel, and is more than sufficient for the op's usage. Which also falls in line with the kiss principal. so that's why I just said lvm2. -- Noah Dain -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] connecting from Windows XP x64 Edition
Hi there, I have a problem connecting from a Windows XP x64 Edition machine (nettle) to a Samba server (zeus). When I open an Explorer window and enter "\\zeus\work" in the address line, I receive an error message: "Widnows cannot find '\\zeus\work'. Check the spelling and try again, or try searching for the item by clicking the Start button and then clicking Search." Okay, Windows wants me to search for zeus, and I will do so. Look, it is found! But when I click on zeus in the "Search Results - Computers" window, Windows x64 says: "\\zeus is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The request is not supported." Of course I checked with the administrator of zeus and nettle (luckily that's me) and made sure I am allowed to access the share on zeus. And of course there is no Firewall or anything the like running on nettle. But now things become really strange: nettle actually is a dual-boot system, and when it is running Windows XP (32 bit), it can connect to zeus' shares instantly. But even when running XP x64, it can connect to other Samba servers running the same version and other versions of Samba. The whole issue is driving me nuts ... I double-checked the other servers' Samba configuration with that of zeus - to no avail. That's where I am now, so I ask you: Do you know about this problem or maybe even have a solution? Or perhaps you can at least give me some advice on how to proceed to further "debug" this issue. Here's the info about zeus: zeus# pkg_info | grep samba samba-3.0.20b,1 A free SMB and CIFS client and server for UNIX zeus# uname -a FreeBSD zeus 5.4-STABLE FreeBSD 5.4-STABLE #2: Thu Apr 7 19:19:51 CEST 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 And that's nettle: Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp. One of the other Samba servers that nettle can reach while running x64 looks like this: ollik:root # pkg_info | grep samba samba-3.0.11,1 A free SMB and CIFS client and server for UNIX ollik:root # uname -a FreeBSD ollik 5.4-PRERELEASE FreeBSD 5.4-PRERELEASE #2: Fri Feb 25 19:00:04 CET 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/MOD64 amd64 Thanks in advance for your help. Bye, K&K, T-Zee -- [EMAIL PROTECTED] - http://Hausmeister.Maedchenpension.at/ Mirko Thiesen - Soemmeringstrasse 41 - D-10589 Berlin - Germany Fax: +49 30 34389203 - NetBSD: Powering your servers since 1993 "We're with you all the way, mostly" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] execute desktop app on folder entry?
Greetings, I've hunted around, but cannot find anything on this. I know I read about it - primarily in context with printers, but let me explain what I'm trying to accomplish, and you all can tell me if this feasible. I have a music share now that has all of my mp3s in it. I installed gnump3d (very slick, by the way) which is a streaming media server with a web frontend. I want that when people click the folder in samba, that it no longer shares the data via smb, but instead opens up the users default browser with the gnump3d URL in it. Is this possible? And if so, can someone point me to the relevant options I need in smb.conf? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Using group membership to access a symlink directory
John H Terpstra <[EMAIL PROTECTED]> wrote: > Check the man page for the "wide links" parameter. After checking several references, it appears the "wide links" setting by default is "yes". Since I do not have it specified explicitly in my smb.conf file, it should be using the default setting. Next thing I should look for? -- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Chris Barnes AOL IM: CNBarnes [EMAIL PROTECTED]Yahoo IM: chrisnbarnes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Strange Samba permissions
Scott Mayo wrote: I have a problem with some Samba permissions. Here is the share. [bhs] path = /school/bhs read only = no valid users = @teacher @admin @bhs create mask = 660 force create mode = 2660 directory mask = 770 force directory mode = 3770 T: is mapped to a DFS share with permissions 3777, then the 'bhs' share is a link in the DFS share. I get inconsistent directories when they are created. Here are two directories that were created within 1 minute of each other, in the 'bhs' share, by the same user, and they got different permissions. drwxrwx--T2kertzbteacher 4096Sep 22 03:41 word computer two drwxrws--T2kertzbteacher 4096Sep 22 03:42 Word Chapter one The 2nd one got the SGUID bit carried over, the first did not. Why would this happen? I never heard anything on this. Is this a possible glitch? I see no reason why the SGUID bit does not get carried over in the first instance. Thanks. -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Giving my users the right to manage their print jobs(cf. CreatorOwner msg)
Joris De Pooter a écrit : Hi, I already send the list an email about users not able to manage their print job (pausing, resuming and cancelling). Below is typical error I get in my logs : [2005/10/27 12:24:31, 0] printing/print_cups.c:cups_job_delete(339) Unable to cancel job 27827 - client-error-not-authorized I quote Jerry from a previous mail exchange : "The current print security checks for removing jobs is based on matching the requesting client's user name against the owner of the job (sort of a built in creator owner) and then falling back to the manage documents permission in the security descriptor." OK, now why am I seeing this since I didn't send this job as root : #ls -l /var/spool/cups -rw-r- 1 root lp 48564 Oct 27 11:27 d27827-001 Changing permission with "chown" to force the job to match the creator owner doesn't work. Can anyone explain what steps should I verify to debug this annoying issue ? Cheers, joris ! PS: I'm using winbind. I have maybe a start of an answer : let's say domain user JOHN connects to my samba, a child process of smbd is created and started as JOHN. am I correct ? Up, I didn't find any solution yet :( -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using group membership to access a symlink directory
On Thursday 10 November 2005 15:56, Chris Barnes wrote: > I am having a problem getting Samba to use the linux group membership > when following a symlink. > > On the Linux side, I have a soft link from the user's home directory to > the shared directory. > ln -s /home/shared/testgroup testshare > > In the smb.conf I have: > [homes] >comment = Home Directories >browseable = no >writable = yes >valid users = %S >force create mode = 0660 >delete readonly = yes >map archive = no >case sensitive = yes >follow symlinks = yes > > [testshared] > comment = Test Shared > browsable = no > path = /home/shared/testgroup > valid users = @test > writable = yes > force create mode = 0660 > force directory mode = 0771 > force group = test > > > IF the user maps to the "testshared" share, it works perfectly (ie. uses > the group membership to give access). However, if they try to browse to > the testgroup "directory", it does not grant them access. > > It shouldn't matter, but I have even changed the symlink 'file' to have > the user be the owner. Still no dice. Check the man page for the "wide links" parameter. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Access denied with hide dot file AND map hidden enabled
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I experienced a problem with Eclipse, but I was able to track it down to the following behavior: My config: Samba Server 3.0.20b exporting Homes Win XP SP2 Clients with mounted homedir as drive z: 1) I created a textfile named .project on the local drive of the xp machine. 2) With Windows Explorer I copied the file to the samba share z: - the file was created. 3) I copied the file again to z: - windows asked "sure to replace?" - if I answered yes, I get the acces denied message This happens when setting 'hide dot files = yes' AND 'map hidden = yes' in smb.conf. If I set one parameter to 'no' I'm able to copy the .project-file. But that is not what I want. :-) Any ideas? Thomas Fruend Here is a snippet of the log.smbd set to debuglevel 10: - - [2005/11/14 13:08:21, 10, pid=25540, effective(2004, 1), real(0, 0)] lib/util.c:dump_data(2053) [000] 00 5C 00 2E 00 70 00 72 00 6F 00 6A 00 65 00 63 .\...p.r .o.j.e.c [010] 00 74 00 00 00.t... [2005/11/14 13:08:21, 3, pid=25540, effective(2004, 1), real(0, 0)] smbd/process.c:switch_message(900) switch message SMBntcreateX (pid 25540) conn 0x2de308 [2005/11/14 13:08:21, 4, pid=25540, effective(2004, 1), real(0, 0)] smbd/uid.c:change_to_user(217) change_to_user: Skipping user change - already user [2005/11/14 13:08:21, 10, pid=25540, effective(2004, 1), real(0, 0)] smbd/nttrans.c:reply_ntcreate_and_X(506) reply_ntcreateX: flags = 0x16, access_mask = 0x30196 file_attributes = 0x20, share_access = 0x3, create_disposition = 0x5 create_options = 0x44 root_dir_fid = 0x0 [2005/11/14 13:08:21, 5, pid=25540, effective(2004, 1), real(0, 0)] smbd/filename.c:unix_convert(108) unix_convert called on file ".project" [2005/11/14 13:08:21, 10, pid=25540, effective(2004, 1), real(0, 0)] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for name [.PROJECT] -> [.project] [2005/11/14 13:08:21, 3, pid=25540, effective(2004, 1), real(0, 0)] smbd/dosmode.c:unix_mode(121) unix_mode(.project) returning 0744 [2005/11/14 13:08:21, 10, pid=25540, effective(2004, 1), real(0, 0)] smbd/open.c:open_file_ntcreate(1236) open_file_ntcreate: fname=.project, dos_attrs=0x20 access_mask=0x30196 share_access=0x3 create_disposition = 0x5 create_options=0x44 unix mode=0744 oplock_request=3 [2005/11/14 13:08:21, 8, pid=25540, effective(2004, 1), real(0, 0)] smbd/dosmode.c:dos_mode(294) dos_mode: .project [2005/11/14 13:08:21, 8, pid=25540, effective(2004, 1), real(0, 0)] smbd/dosmode.c:dos_mode_from_sbuf(162) dos_mode_from_sbuf returning a [2005/11/14 13:08:21, 8, pid=25540, effective(2004, 1), real(0, 0)] smbd/dosmode.c:dos_mode(328) dos_mode returning ha [2005/11/14 13:08:21, 10, pid=25540, effective(2004, 1), real(0, 0)] smbd/open.c:open_match_attributes(949) open_match_attributes: file .project old_dos_attr = 0x22, existing_unx_mode = 0100744, new_dos_attr = 0x20 returned_unx_mode = 00 [2005/11/14 13:08:21, 5, pid=25540, effective(2004, 1), real(0, 0)] smbd/open.c:open_file_ntcreate(1391) open_file_ntcreate: attributes missmatch for file .project (22 20) (0100744, 0744) [2005/11/14 13:08:21, 10, pid=25540, effective(2004, 1), real(0, 0)] smbd/trans2.c:set_bad_path_error(2583) set_bad_path_error: err = 13 bad_path = 0 [2005/11/14 13:08:21, 3, pid=25540, effective(2004, 1), real(0, 0)] smbd/error.c:unix_error_packet(91) unix_error_packet: error string = Permission denied [2005/11/14 13:08:21, 3, pid=25540, effective(2004, 1), real(0, 0)] smbd/error.c:error_packet(147) error packet at smbd/trans2.c(2592) cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED [2005/11/14 13:08:21, 5, pid=25540, effective(2004, 1), real(0, 0)] lib/util.c:show_msg(454) [2005/11/14 13:08:21, 5, pid=25540, effective(2004, 1), real(0, 0)] lib/util.c:show_msg(464) - --- smb.conf [global] workgroup = EDVSZ netbios name = SMBSRV3 server string = test bind interfaces only = Yes security = DOMAIN password server = SMBSRV1 smb passwd file = /usr/samba/private/smbpasswd log level = 10 max log size = 10 debug pid = Yes debug uid = Yes time server = Yes deadtime = 5 os level = 0 preferred master = No local master = No domain master = No oplock break wait time = 100 case sensitive = No dos filetime resolution = Yes [homes] comment = Homedirectory invalid users = root read only = No map hidden = Yes browseable = No - -- Dipl.-Ing. Thomas Fründ Fachhochschule Osnabrück EDV-Schulungszentrum Fakultät Ingenieurwissenschaften und Informatik Tel: +49-541-969-3021Albrechtstr
[Samba] Using group membership to access a symlink directory
I am having a problem getting Samba to use the linux group membership when following a symlink. On the Linux side, I have a soft link from the user's home directory to the shared directory. ln -s /home/shared/testgroup testshare In the smb.conf I have: [homes] comment = Home Directories browseable = no writable = yes valid users = %S force create mode = 0660 delete readonly = yes map archive = no case sensitive = yes follow symlinks = yes [testshared] comment = Test Shared browsable = no path = /home/shared/testgroup valid users = @test writable = yes force create mode = 0660 force directory mode = 0771 force group = test IF the user maps to the "testshared" share, it works perfectly (ie. uses the group membership to give access). However, if they try to browse to the testgroup "directory", it does not grant them access. It shouldn't matter, but I have even changed the symlink 'file' to have the user be the owner. Still no dice. -- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Chris Barnes AOL IM: CNBarnes [EMAIL PROTECTED] Yahoo IM: chrisnbarnes You always have freedom of choice, but you never have freedom of consequence. -- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Chris Barnes AOL IM: CNBarnes [EMAIL PROTECTED]Yahoo IM: chrisnbarnes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] is this a DNS resolution problem ?
Hi again, It seems the problem is solved by these two lines in smb.conf, [global] section : interfaces = x1.x2.x3.x4/yy, z1.z2.z3.z4/vv, etc... (enumerate all IP addresses, with the associated mask) bind interfaces only = yes Before, the smb.conf was like that : interfaces = * On the client side, TCP/IP over Netbios must be enabled, no WINS required( it even seems that enabling a wins server may produce problems). Everything seems quiet ok now. I hope it will work. Valéry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows client and kerberos without ADS
Ok, now I have added the cifs/hostname in the keytab and now it works ! thank you !! But do you have any idea why Windows doesnt do a netbios lookup if I try to access \\hotsname.domain where domain correspond to the domain and workgroup that I am in. It just prints an error without sending any packets. If I only do \\hostname it does the Netbios lookup for hostname. And if I try \\nonexistent.test.com or any other FQDN that does not end with my Workgroup it will also try to resolve it. 2005/11/14, Andrew Bartlett < [EMAIL PROTECTED]>: > > On Mon, 2005-11-14 at 11:20 +0100, Skander wrote: > > Are you connecting from the client as FQDN, or the netbios > > name. > > windows clients are very painful in that they will not use the > > FQDN, nor > > even alter the case of their requests. > > > > I have used the command ksetup /domain > > Now at least it contacts the KDC otherwise it only tries NTLM. > > But as you said, it tries to obtain a ticket for > > cifs/name_entered_in_browser. No matter if the name is netbios or IP > > address. > > And my problem now is that it doesnt try to do a dns resolution before > > the netbios resolution. So, I can't use the FQDN in the Windows brower > > and obtain the correct service ticket. > > > > How can I activate dns resolution for smb protocol on my Windows > > client ? (DNS works for the other protocols). > > You cannot. Windows clients do not support it. You must enter every > combination of case and name that a windows client may use into your > KDC, and issue the keys back to keytab on the samba server. > > Yes, it sucks. > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Student Network Administrator, Hawker College http://hawkerc.net > > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQBDeG8ez4A8Wyi0NrsRAjCKAJ4+0LD9028JWDqpNOfDcgHwmvEAKwCgkPJY > KZPu5E1dsVRfb3Ix9vw3+eM= > =kzns > -END PGP SIGNATURE- > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Have to love MS, Was: -> Re: w32time and Samba PDC Domains
Matthew Easton wrote: Probably everything that a windows dhcp client can configure is revealed in the command ipconfig /all Except over at microsoft.com they have KB articles about adding keys as I did to pick up additional DHCP options (by number) and map them to user defined targets in the registy. One guess I have is possibly the DHCP client caches the options it received and will not process these mappings until they are changed at some point, so I will try that. Otherwise, it appears this mapping DHCP options area of the registry is dead / unused. -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux Primary Domain Controller Authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Siju George wrote: | On 11/11/05, Gerald (Jerry) Carter <[EMAIL PROTECTED]> wrote: |> -BEGIN PGP SIGNED MESSAGE- |> Hash: SHA1 |> |> Craig White wrote: |> |>> this was one of the primary reasons that I proposed having a |>> samba wiki to dispel some of these legendary misinformations. |>> |>> another thought was where to deflect people who ask about |>> 'the endpoint has disconnected' messages in logs. |>> |>> one other thought was a samba troubleshooting checklist... |> So do you have a favorite wiki? We've looked at twiki |> (written in python) before. Do you have a recommendation? |> | | How about | | http://pimki.rubyforge.org/ Right now Deryck and I are looking into MediaWiki (http://www.mediawiki.org/). We don't really have any Ruby experise on the team which is a little bit of a problem with pimki. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDeJTHIR7qMdg1EfYRAgdQAKDIu8TKrnJQQ+jBtn+5y+EGORviVgCfQUHF eRV2U7NW6XORELaki8q0vQU= =XLth -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help with error message: Can't become connected user
I cannot even start troubleshooting until I buy a clue. What does "Can't become connected user" mean? It shows up fairly often. Aside from happening when I try to access a share, there's no pattern that I can see. -- 6 11:34:40 badlands smbd[20524]: [2005/11/06 11:34:40, 0] smbd/service.c:make_connection_snum(577) Nov 6 11:34:40 badlands smbd[20524]: Can't become connected user! -- Just point me to what the message actually means and I'll go from there. Thanks! Mike- -- Mornings: Evolution in action. Only the grumpy will survive. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Folder Name with spaces
Hello I have three samba servers with Fedora Core 4, and when i have a folder with spaces in the name the explorer windows in Windows XP, don't refresh any more, when creating new files/folders, moving on renaming. Is there any way to resolve this issue?? Best Regards Marcelo Lopes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding Nested Partitions To A Mount Point
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi. > For linux, there is lvm2 and evms. Evms is a bit, well, it's totally > invasive to your system and kernel, so look into lvm2. lvm2 is quite How is EVMS invasive? EVMS is basically a collection of software that uses the DM driver just like LVM2. It USED (2002) to have it's own kernel driver but that was ages ago. It's like saying Samba can't be a PDC just because Samba 2.x didn't really have the code for it. // Stefan -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFDeGN8Brn2kJu9P78RApcQAJ9mojDeW5ZYoLZjx6s0oeIT5uWxEwCgmhT1 8cvKAT+orLA9T+C0xjP8xPs= =QWuB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows client and kerberos without ADS
> > Are you connecting from the client as FQDN, or the netbios name. > windows clients are very painful in that they will not use the FQDN, nor > even alter the case of their requests. I have used the command ksetup /domain Now at least it contacts the KDC otherwise it only tries NTLM. But as you said, it tries to obtain a ticket for cifs/name_entered_in_browser. No matter if the name is netbios or IP address. And my problem now is that it doesnt try to do a dns resolution before the netbios resolution. So, I can't use the FQDN in the Windows brower and obtain the correct service ticket. How can I activate dns resolution for smb protocol on my Windows client ? (DNS works for the other protocols). I am using XP SP2 under VMWare. Thank you -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Mounting W2k3 share on Linux client.
Markus/Filip Thanks for the responses. Markus Where did you find the info regarding "it is a problem with digitally signed connections which isn't supported by samba". It would be nice to know exactly what the problem was. Is it a problem with SAMBA or with W2k3, I wonder? Is it something that is fixable or will it always be broken? Does any one else know? Filip When you fixed it using CIFS was the client Linux and the host a W2k3 DC using AD/kerberos etc. Once agin thanks for the response. Paul Hi, I have posted the same question to the smb clients list but got no answer. Basically, smbfs is pretty much unsupported. I eventually upgraded to a 2.6 kernel and used cifs instead of smbfs. Worked without any problems. Here's a copy of my original mail & followup: http://archive.netbsd.se/?ml=smb-clients&a=2005-10&t=1348952 I would still be interested in knowing what exactly is causing the problem, since I have seen smbfs work with 2003 machines... Is it a domain controller vs. non-domain controller thing ? Regards, Filip -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba --- This email and any attachments transmitted with it are confidential (and potentially legally privileged) and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender and do not store, copy or disclose the content to any other person. It is the responsibility of the recipient to ensure that opening this message and/or any of its attachments will not adversely affect its systems. No responsibility is accepted by the sender. --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: net rpc vampire - cannot login to migrated computer accounts
John H Terpstra wrote:
I know that "net rpc vampire" is NT4-style and that samba-3 is not capable
of being an ADS server, but does this imply that the migration of maschine
accounts (which work afterwards) from a mixed mode AD is not possible? My
understanding of "AD in mixed mode" has been that it's NT4-compatible to
some degree and I doubt that the typical user (e.g. myself) has enough
knowledge of the AD internals to know that this compatibility applies to
users and groups but not to maschine accounts.
If you migrate the domain membership trust account for an NT4 Workstation or
Server from ADS to Samba-3 the client does not need to be re-joined to the
domain. It will work just fine because the client (NT4) is capable only of
using an NT4-style domain interaction.
Windows 2000/2003/XP Pro client domain members of an ADS domain store
credentials that are membership credentials that are specific to ADS. When
the ADS domain accounts are migrated to a Samba-3 domain, the client tries to
log onto the Samba-3 domain using ADS credentials - and logically, that
fails. This has nothing to do with ADS-mixed mode, it is the result of the
client having used the more advanced AD protocols when it was joined to the
domain.
Thanks for the clarification! Question: if a Win2k/XP workstation has
joined a NT4 domain and this domain is upgraded later on to AD, does the
maschine account of the workstation remain NT4-Style - and therefore
migratable by "vampire" - or is it upgraded to AD-Style?
But I think that the answer to the question "can net rpc vampire migrate
maschine accounts from an AD server" has to be "it depends" anyway,
because it works at least for NT4 maschines.
Another point: The fact that "net rpc vampire" offers no option for a
"user/group accounts only" migration suggests that migrating maschine
accounts is generally sensefull, but what are maschine accounts worth, when
maschines cannot login to them afterwards and which have to be recreated
anyway by rejoining the domain?
The documentation does not address migration of ADS to Samab-3. Sorry. Maybe
someone should contribute a chapter on that subject. :-)
For migration of ADS/mixed mode to samba-3 it would be sufficient to
reference the NT4PDC to samba-3 chapter and add a sentence which
explains, that migration of Win2k/XP client maschine accounts will not
work (if they joined the domain when the Server was already AD - I'm not
sure about this - see above.)
I read the migration chapters of your books carefully and found no
reference to a "net rpc vampire" migration from a mixed mode AD. I searched
Correct. I do believe that the documentation is quite specific. We do support
migration of NT4 domains to Samba-3. It is possible to migrate ADS domain
accounts to Samba-3, but Samba-3 can not be an ADS server. I believe that is
also very clearly documented, but I am willing to be proven wrong.
It *is* clearly documented that Samba-3 cannot be an ADS server, but for
a user with limited knowledge of ADS (like me ;) this does not imply
that migration of the maschine accounts is not possible. ("When user and
group accounts can be migrated from ADS without problem, why shouldn't
this work with maschine accounts too?" This applies even more when ADS
is running in mixed mode, which is known to be "NT4-compatible"). This
difference between users/groups and maschines in respect to migration
should be explained explicitly in the documentation.
- "net rpc vampire" should offer an "skip maschine accounts" option for
those users who want to migrate from mixed mode AD.
Please file a bug report on https://bugzilla.samba.org/ so this comes to the
attention of the developers and does not get lost in the woodwork.
OK, I will do so.
The mailing list is a subscriber supported facility. If anyone has an
urgent need for answers they should obtain paid support. Please refer to
the Samba web site for information regarding paid support sources.
I didn't mention this to claim that it's your duty to answer every question
in a newsgroup (of course it's not!), but to point out that this question
may be worth answering in general, esspecially because you can run into
this problem though you have read the docs carefully, as I've tried to
explain above.
I understand your point. I apologise for not stating more clearly what are the
consequences of Samba not being able to be an ADS server.
John, you don't have to apologise for something. Your documentation is
great, probably the best I have ever seen for a complex thing like
samba-3. I'm sorry if my postings - written under the impression of
frustation with this "cannot login any longer" problem after migration -
sound a little bit... impolite. This wasn't my intention.
I will be happy if my experience with "net rpc vampire" leads to a
documentation update which will protect other users to encounter the
same problem.
PS: Is it known what's the cause for this maschi
Re: [Samba] Windows client and kerberos without ADS
On Mon, 2005-11-14 at 11:20 +0100, Skander wrote: > Are you connecting from the client as FQDN, or the netbios > name. > windows clients are very painful in that they will not use the > FQDN, nor > even alter the case of their requests. > > I have used the command ksetup /domain > Now at least it contacts the KDC otherwise it only tries NTLM. > But as you said, it tries to obtain a ticket for > cifs/name_entered_in_browser. No matter if the name is netbios or IP > address. > And my problem now is that it doesnt try to do a dns resolution before > the netbios resolution. So, I can't use the FQDN in the Windows brower > and obtain the correct service ticket. > > How can I activate dns resolution for smb protocol on my Windows > client ? (DNS works for the other protocols). You cannot. Windows clients do not support it. You must enter every combination of case and name that a windows client may use into your KDC, and issue the keys back to keytab on the samba server. Yes, it sucks. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can Windows 2003 server be configured as a samba client ?
Hi list, Just in order to avoid loosing my time, I would be happy to know any success stories about configuring a Win2k3 as a Samba 3 client, just as any others MS client ( WinNT pro, Win2k pro, WinXP pro ). If so, is there any tuning on the Win2k3 client and the server ( Samba 3 PDC + ldapsam, but no kerb ) ? I'm expecting mistakes with users sharing their roaming profiles between Win2k and Win2k3. Thanks, -- Pierre-François LAURAND -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux Primary Domain Controller Authentication
On 11/11/05, Gerald (Jerry) Carter <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Craig White wrote: > > > this was one of the primary reasons that I proposed having a > > samba wiki to dispel some of these legendary misinformations. > > > > another thought was where to deflect people who ask about > > 'the endpoint has disconnected' messages in logs. > > > > one other thought was a samba troubleshooting checklist... > > So do you have a favorite wiki? We've looked at twiki > (written in python) before. Do you have a recommendation? > How about http://pimki.rubyforge.org/ kind regards Siju -- Siju Oommen George, Network Consultant. HiFX IT & MEDIA SERVICES PVT. LTD. http://www.hifx.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
