Re: [Samba] allowing users to install printers
Adam Nielsen schrieb: It's not very handy to do so with Samba and 100 clients if you know what I mean... Perhaps some registry entry that can be added in a script? I thought the idea with group policies was that you apply the policy once, and it takes effect on a whole group of machines. If your XP machines are set up properly, you should just be able to apply that policy to all 100 of them in one go. Samba does not support group policies, and that's the problem - you can't just apply it to all 100 clients. All that is possible is to execute some script or program on all clients (with SYSTEM / Administrator permissions) - and hence my question. -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can I have some help please with smb.conf?
Adam Kendall wrote: grep ^[^#] kendall-smbconf | grep ^[^\;] > smb.conf.txt shows what it is that is actually in there or testparm -s | less You know, mv smb.conf master-smb.conf and then testparm -s master-smb.conf > smb.conf would give you something much nicer to send to the list. Anyway, have you done mkdir -p /home/akendall/adam_temp just to make sure? No firewall in the way? Is the machine named nuwvics5 or fedorabox? What is it named in /etc/hosts? Regards Geoff Scott [global] workgroup = myorg.org.au server string = Samba Server hosts allow = 192.168.0. 127. printcap name = /etc/printcap cups options = raw log file = /var/log/samba/%m.log max log size = 50 security = domain socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 password server = sever1 [homes] comment = Home Directories browseable = yes writeable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no printable = yes [ADAM_TEMP] path = /home/akendall/adam_temp/ writeable = yes force user = akendall force group = akendall case sensitive = no msdfs proxy = no hosts allow = mypcxp comment = Temp folder for Adam browseable = yes valid users = akendall [test] path = /home/akendall/test writeable = yes browseable = yes guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP to Samba printer access delay
Sorry for the top post, but, in XP try: (1) regedit, then (2) HKEY_CURRENT_USER\Printers\DevModePerUser (delete all printers of the form \\machine\printer) (3) HKEY_CURRENT_USER\Printers\DevModes2 (delete all printers of the form \\machine\printer) try properties again. -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- - Original Message - From: "Andriy Rysin" <[EMAIL PROTECTED]> To: Sent: Wednesday, January 11, 2006 10:47 PM Subject: [Samba] XP to Samba printer access delay Hi all, I've got a question, may be somebody can help me: 1. I've got a printer (Epson Stylus Photo R220) 2. Attached to Linux box via usb (Mandriva 2006+) 3. Configured with cups (cups-1.2.0-0.4892.1mdk) 4. Shared with samba (samba-server-3.0.21a-1mdk), user - tried guest and real linux user 5.On WinXP native driver install from CD (later updated from Espon site) 6.From WinXP I can see the printer and can print ok, except one thing: 7.Every time when I open properties of the printer, print preview, every page of the print wizard etc... I have a big delay (1st could up to 1min), during which WiFi card is blinking hard but network throughput is far from reaching the limit of 802.11g I tried to turn on debuggin on samba but even at level 3 it gives about 1.5-2 Mb of logs for each such delay, though that log info did not help me to find the source of the problem. Part of the log (the rest of the megabytes are almost the same pattern) and config is listed below. I also tried to turn off "bidirectional" option in the printer properties on XP but that did not help. Thanks in advance, Andriy P.S. .log Transaction 10152 of length 63 switch message SMBreadX (pid 12820) conn 0x803f5088 change_to_user: Skipping user change - already user search for pipe pnum=72d7 readX-IPC pnum=72d7 min=4280 max=4280 nread=4280 Transaction 10153 of length 63 switch message SMBreadX (pid 12820) conn 0x803f5088 change_to_user: Skipping user change - already user search for pipe pnum=72e5 readX-IPC pnum=72e5 min=4280 max=4280 nread=4280 Transaction 10154 of length 63 switch message SMBreadX (pid 12820) conn 0x803f5088 change_to_user: Skipping user change - already user search for pipe pnum=72d7 readX-IPC pnum=72d7 min=4280 max=4280 nread=4280 smb.conf ... printcap name = cups load printers = yes # printcap cache time, so samba will automatically load new cups printers printcap cache time = 60 # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx, cups printing = cups ... security = user ... [printers] comment = All Printers path = /var/spool/samba browseable = yes # to allow user 'guest account' to print. guest ok = yes writable = no printable = yes create mode = 0700 # = # print command: see above for details. # = print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. # print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind without localuser account
Paul Matthews wrote: > i have try is with the ssh pam module as well and it just rejects me > username, would it have something to do with the users not having > home directories and shells? how can i make them automatically be > added when a new user logins in? > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > ]On Behalf Of Paul Matthews > Sent: Thursday, 12 January 2006 1:28 > To: Samba Lists > Subject: RE: [Samba] winbind without localuser account > > > this is the how-to i followed to get to where i am. > > http://www.yourhowto.org/content/view/31/9/ > This howto doesn't mention editing /etc/nsswitch.conf. try editing it like so : passwd: files winbind group: files winbind shadow: files winbind Have a read of the chapters that I mentioned to you before: http://au1.samba.org/samba/docs/man/Samba-Guide/ Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] XP to Samba printer access delay
Hi all, I've got a question, may be somebody can help me: 1. I've got a printer (Epson Stylus Photo R220) 2. Attached to Linux box via usb (Mandriva 2006+) 3. Configured with cups (cups-1.2.0-0.4892.1mdk) 4. Shared with samba (samba-server-3.0.21a-1mdk), user - tried guest and real linux user 5.On WinXP native driver install from CD (later updated from Espon site) 6.From WinXP I can see the printer and can print ok, except one thing: 7.Every time when I open properties of the printer, print preview, every page of the print wizard etc... I have a big delay (1st could up to 1min), during which WiFi card is blinking hard but network throughput is far from reaching the limit of 802.11g I tried to turn on debuggin on samba but even at level 3 it gives about 1.5-2 Mb of logs for each such delay, though that log info did not help me to find the source of the problem. Part of the log (the rest of the megabytes are almost the same pattern) and config is listed below. I also tried to turn off "bidirectional" option in the printer properties on XP but that did not help. Thanks in advance, Andriy P.S. .log Transaction 10152 of length 63 switch message SMBreadX (pid 12820) conn 0x803f5088 change_to_user: Skipping user change - already user search for pipe pnum=72d7 readX-IPC pnum=72d7 min=4280 max=4280 nread=4280 Transaction 10153 of length 63 switch message SMBreadX (pid 12820) conn 0x803f5088 change_to_user: Skipping user change - already user search for pipe pnum=72e5 readX-IPC pnum=72e5 min=4280 max=4280 nread=4280 Transaction 10154 of length 63 switch message SMBreadX (pid 12820) conn 0x803f5088 change_to_user: Skipping user change - already user search for pipe pnum=72d7 readX-IPC pnum=72d7 min=4280 max=4280 nread=4280 smb.conf ... printcap name = cups load printers = yes # printcap cache time, so samba will automatically load new cups printers printcap cache time = 60 # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx, cups printing = cups ... security = user ... [printers] comment = All Printers path = /var/spool/samba browseable = yes # to allow user 'guest account' to print. guest ok = yes writable = no printable = yes create mode = 0700 # = # print command: see above for details. # = print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. # print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2TB Limit for Windows Shares?
[EMAIL PROTECTED] wrote: On Wed, 2006-01-11 at 18:49 -0500, andy liebman wrote: Thanks for the input, please see below. [EMAIL PROTECTED] wrote: hi, i´m sorry, but i cannot ack to this report. we have for example one server with 3,12TB (each share shows this space, no quotas set)and win xp (pro) clients are fine with this (btw: MAC OSX had problems with shares >2TB -> smb.conf has a parameter for virtually limiting the disk size) My Windows XP clients show almost unlimited space as well. BUT, we have found we cannot actually put more than 2TB of data in the space. In a single file? or with multiple files and dirs? What's the error you get back ? Simo. In multiple files and directories. I haven't had this experience myself (because I haven't filled up 2 TB of files in one "share"). But this is what some of my users tell me. I'm not sure there's any specific error. Maybe just "disk full". I plan to test this myself later in the week (just duplicating the same 500 GB of information 5x). I asked on the list because I wasn't sure if this was a known issue. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Translate file permissions from rsync using ssh in cygwin
Helloo all, I thought I might have found an easy way to sync server shares and permissions using rsync -avz --delete [EMAIL PROTECTED] But the uid and gid come up as numeric (in hindsight this should have been obvious) is there some other way of using an rsync to map permissions? I just read that in the bugs the perms are transferred in native numerical mode. I can do a find based on uid and gid, does anyone have some ideas for chowning files by using the same algorithm used to create uid and gid in winbind idmap_rid? what strategies has anyone else employed for syncing 2 servers across vast geographical distances, in preparation for retiring the windows one? Regards Geoff Scott -- IT Systems Administrator Guests Furniture Hire Pty Ltd Tel: 03 9426 9143 Fax: 03 9428 7605 Mob: 0437 037 421 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind without localuser account
i have try is with the ssh pam module as well and it just rejects me username, would it have something to do with the users not having home directories and shells? how can i make them automatically be added when a new user logins in? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ]On Behalf Of Paul Matthews Sent: Thursday, 12 January 2006 1:28 To: Samba Lists Subject: RE: [Samba] winbind without localuser account this is the how-to i followed to get to where i am. http://www.yourhowto.org/content/view/31/9/ this is how simple my pam module is at the moment authrequired pam_winbind.so account sufficient pam_winbind.so using that pam module, i can only sign in if i have a local account and an Active directory account. or it will work with only a lock account. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind without localuser account
this is the how-to i followed to get to where i am. http://www.yourhowto.org/content/view/31/9/ this is how simple my pam module is at the moment authrequired pam_winbind.so account sufficient pam_winbind.so using that pam module, i can only sign in if i have a local account and an Active directory account. or it will work with only a lock account. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind without localuser account
Paul Matthews wrote: > [EMAIL PROTECTED] pam.d]# wbinfo -g > builtin\system operators > builtin\replicators > builtin\guests > builtin\power users > builtin\print operators > builtin\administrators > builtin\account operators > builtin\backup operators > builtin\users > domain guests > domain users > domain computers > etc..., etc... What does the global section look like? > i'm running fedora core 3 Everyone seems to have probs with selinux that's not in core 3 is it? > i've never used 'getent' before what do i do there? getent passwd | less > but i have a local account called 'pma' with the password 'unix' set > locally and the password 'ads' set on active directory, i can set my > pam module so i can login with the username 'pma and password 'ads'. > so i think my winbind is working fine. You should need any local account. Did you read SBE? You should have followed chapter 12.3.1 & 12.3.2 then 7.3.4 I personally use 7.3.4.1 like this though: [global] workgroup = GUESTSHIRE realm = GUESTSFURNITUREHIRE.COM.AU server string = Guests_NSW File & Print server security = ADS allow trusted domains = No syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 printcap name = CUPS panic action = /usr/share/samba/panic-action %d idmap backend = idmap_rid:GUESTSHIRE=5000-100 idmap uid = 5000-100 idmap gid = 5000-100 template homedir = /home/%U template shell = /bin/bash winbind nested groups = Yes printer admin = "@GUESTSHIRE\Domain Admins" printing = cups print command = lpq command = %p lprm command = [homes] comment = Home Directories path = /home/%U valid users = GUESTSHIRE\%S admin users = "@GUESTSHIRE\Domain Admins" read only = No browseable = No > ps: i tried that pam module below, same thing happened i can login > with my ads password, but i need a local account without a local > account it wont let me. > > i'm using squirriel mail and '/etc/pam.d/dovecot' to test it out. > > Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind without localuser account
Paul Matthews wrote: > [EMAIL PROTECTED] pam.d]# wbinfo -g > builtin\system operators > builtin\replicators > builtin\guests > builtin\power users > builtin\print operators > builtin\administrators > builtin\account operators > builtin\backup operators > builtin\users > domain guests > domain users > domain computers > etc..., etc... What does the global section look like? > i'm running fedora core 3 Everyone seems to have probs with selinux that's not in core 3 is it? > i've never used 'getent' before what do i do there? getent passwd | less > but i have a local account called 'pma' with the password 'unix' set > locally and the password 'ads' set on active directory, i can set my > pam module so i can login with the username 'pma and password 'ads'. > so i think my winbind is working fine. You shouldn't need any local account. Did you read SBE? You should have followed chapter 12.3.1 & 12.3.2 then 7.3.4 I personally use 7.3.4.1 like this though, (idmap_rid only allows one AD domain): [global] workgroup = GUESTSHIRE realm = GUESTSFURNITUREHIRE.COM.AU server string = Guests_NSW File & Print server security = ADS allow trusted domains = No syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 printcap name = CUPS panic action = /usr/share/samba/panic-action %d idmap backend = idmap_rid:GUESTSHIRE=5000-100 idmap uid = 5000-100 idmap gid = 5000-100 template homedir = /home/%U template shell = /bin/bash winbind nested groups = Yes printer admin = "@GUESTSHIRE\Domain Admins" printing = cups print command = lpq command = %p lprm command = [homes] comment = Home Directories path = /home/%U valid users = GUESTSHIRE\%S admin users = "@GUESTSHIRE\Domain Admins" read only = No browseable = No > ps: i tried that pam module below, same thing happened i can login > with my ads password, but i need a local account without a local > account it wont let me. > > i'm using squirriel mail and '/etc/pam.d/dovecot' to test it out. So you put those contents in there then? > > Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can I have some help please with smb.conf?
Hi Stuart, I've successfully installed Fedora Core 4 as a server with default settings and running KDE. - fedorabox I've entered it into the DNS. I can ping it by its hostname and by its IP. And I can ping from it to my machine by hostname and IP. I'm trying to set up a share on fedorabox so I can copy files from my pc mypcxp (Windows XP) to fedorabox. We are on a AD domain (pdc in smb.conf is server1). Process smbd has 2 instances on fedorabox I originally set it up through the GUI stuff in KDE - possibly my first wrong step - and followed the instructions in the help files to the letter. The shares I have set up are /home/akendall/adam_temp /home/akendall/test * In KDE, I can browse to /home/akendall/adam_temp - but when I go through the terminal, the directory isn't showing up when I do 'ls -al' * /home/akendall/test shows up in both fine. >From my pc, when I try and connect to \\fedorabox\ADAM_TEMP , \\fedorabox\home\akendall\ADAM_TEMP or \\fedorabox\test , \\fedorabox\home\akendall\test I get the following error "The network path was not found." I then went into smb.conf to have a look. Here are the main changes that have been made: workgroup = myorg.org.au svr string = Samba Server hosts allow = 192.168.0127. security = domain DNS proxy section password server = sever1 [homes] browseable = yes [ADAM_TEMP] path = /home/akendall/adam_temp/ writeable = yes force user = akendall force group = akendall case sensitive = no msdfs proxy = no hosts allow = mypcxp comment = Temp folder for Adam browseable = yes valid users = akendall [test] path = /home/akendall/test writeable = yes browseable = yes guest ok = yes Kind regards, Adam Kendall IT Officer National Union of Workers Phone: 03 9287 1880 Fax: 03 9287 1717 # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = myorg.org.au # server string is the equivalent of the NT Description field server string = Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. hosts allow = 192.168.0. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = cups # This option tells cups that the data has already been rasterized cups options = raw # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # all log information in one file # log file = /var/log/samba/log.smbd # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = domain # Use password server option only with security = server ; password server = # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only
[Samba] winbind without localuser account
hi there, i'm trying to get my winbind working without having a local account on the machine, but it's just not working for me can someone show me an example of a pam module that requires only a Active directory password.(i'm working with /etc/pam.d/dovecot) i can use my AD password as long as i have a local account, but i don't want to have a local account. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can I have some help please with smb.conf?
Hi, I've successfully installed Fedora Core 4 as a server with default settings and running KDE. - fedorabox I've entered it into the DNS. I can ping it by its hostname and by its IP. And I can ping from it to my machine by hostname and IP. I'm trying to set up a share on fedorabox so I can copy files from my pc mypcxp (Windows XP) to fedorabox. We are on a AD domain (pdc in smb.conf is server1). Process smbd has 2 instances on fedorabox I originally set it up through the GUI stuff in KDE - possibly my first wrong step - and followed the instructions in the help files to the letter. The shares I have set up are /home/akendall/adam_temp /home/akendall/test * In KDE, I can browse to /home/akendall/adam_temp - but when I go through the terminal, the directory isn't showing up when I do 'ls -al' * /home/akendall/test shows up in both fine. >From my pc, when I try and connect to \\fedorabox\ADAM_TEMP , \\fedorabox\home\akendall\ADAM_TEMP or \\fedorabox\test , \\fedorabox\home\akendall\test I get the following error "The network path was not found." I then went into smb.conf to have a look. Here are the main changes that have been made: workgroup = myorg.org.au svr string = Samba Server hosts allow = 192.168.0127. security = domain DNS proxy section password server = sever1 [homes] browseable = yes [ADAM_TEMP] path = /home/akendall/adam_temp/ writeable = yes force user = akendall force group = akendall case sensitive = no msdfs proxy = no hosts allow = mypcxp comment = Temp folder for Adam browseable = yes valid users = akendall [test] path = /home/akendall/test writeable = yes browseable = yes guest ok = yes Kind regards, Adam Kendall IT Officer National Union of Workers Phone: 03 9287 1880 Fax: 03 9287 1717 # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = myorg.org.au # server string is the equivalent of the NT Description field server string = Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. hosts allow = 192.168.0. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = cups # This option tells cups that the data has already been rasterized cups options = raw # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # all log information in one file # log file = /var/log/samba/log.smbd # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = domain # Use password server option only with security = server ; password server = # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only #
RE: [Samba] winbind without localuser account
[EMAIL PROTECTED] pam.d]# wbinfo -g builtin\system operators builtin\replicators builtin\guests builtin\power users builtin\print operators builtin\administrators builtin\account operators builtin\backup operators builtin\users domain guests domain users domain computers etc..., etc... i'm running fedora core 3 i've never used 'getent' before what do i do there? but i have a local account called 'pma' with the password 'unix' set locally and the password 'ads' set on active directory, i can set my pam module so i can login with the username 'pma and password 'ads'. so i think my winbind is working fine. ps: i tried that pam module below, same thing happened i can login with my ads password, but i need a local account without a local account it wont let me. i'm using squirriel mail and '/etc/pam.d/dovecot' to test it out. -Original Message- From: Geoffrey Scott [mailto:[EMAIL PROTECTED] Sent: Thursday, 12 January 2006 11:38 To: [EMAIL PROTECTED]; samba@lists.samba.org Subject: RE: [Samba] winbind without localuser account Paul Matthews wrote: > hi there, > > i'm trying to get my winbind working without having a local account > on the machine, but it's just not working for me > > can someone show me an example of a pam module that requires only a > Active directory password.(i'm working with /etc/pam.d/dovecot) > > i can use my AD password as long as i have a local account, but i > don't want to have a local account. For samba on debian this works: authsufficient pam_winbind.so authrequiredpam_unix.so nullok account sufficient pam_winbind.so account requiredpam_unix.so session requiredpam_unix.so passwordrequiredpam_unix.so Also what do the getent & wbinfo tests show? Do they work? Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind without localuser account
Paul Matthews wrote: > hi there, > > i'm trying to get my winbind working without having a local account > on the machine, but it's just not working for me > > can someone show me an example of a pam module that requires only a > Active directory password.(i'm working with /etc/pam.d/dovecot) > > i can use my AD password as long as i have a local account, but i > don't want to have a local account. For samba on debian this works: authsufficient pam_winbind.so authrequiredpam_unix.so nullok account sufficient pam_winbind.so account requiredpam_unix.so session requiredpam_unix.so passwordrequiredpam_unix.so Also what do the getent & wbinfo tests show? Do they work? Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind without localuser account
hi there, i'm trying to get my winbind working without having a local account on the machine, but it's just not working for me can someone show me an example of a pam module that requires only a Active directory password.(i'm working with /etc/pam.d/dovecot) i can use my AD password as long as i have a local account, but i don't want to have a local account. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] allowing users to install printers
> It's not very handy to do so with Samba and 100 clients if you know > what I mean... > > Perhaps some registry entry that can be added in a script? I thought the idea with group policies was that you apply the policy once, and it takes effect on a whole group of machines. If your XP machines are set up properly, you should just be able to apply that policy to all 100 of them in one go. Cheers, Adam. -- I don't recall if the OP said if he had a win PDC or ads or samba pdc. But the full power of group policy is only available to those with a windows domain. JHT mentions this in the happy users chapter of SBE. You can set up a local policy on the machine before deployment as he shows Or there are external packages that can do this for you on a samba controlled domain. Tony Earnshaw used to be *quite vocal* ;-) on this list about one of them (Nitrobit?) from memory. You could search for his name and the words group policy in Google. It may bring you some joy Never used it myself. Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.21a panic - oplock problem?
On Wed, 11 Jan 2006, Jeremy Allison wrote: On Wed, Jan 11, 2006 at 03:56:53PM -0800, Andrew Morgan wrote: I upgraded from Samba 3.0.20 to 3.0.21a last night on my Solaris 10 machine. After the upgrade, everything seemed to work fine, but I see that Samba is panic'ing in the logs. As far as I can tell, the client retries whatever it was doing and succeeds (at least, we've had no reports of problems from our users). I have attached a level 10 debug, backtrace, and my smb.conf. The commented out lines in smb.conf are what I used to generate the level 10 logs and backtrace. I will probably downgrade to 3.0.20 tonight, so please let me know if there is any additional information needed. Please downgrade for now. There's an alignment issue with Solaris that we're working on Thanks for the fast response. I'll downgrade tonight then! :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2TB Limit for Windows Shares?
On Wed, 2006-01-11 at 18:49 -0500, andy liebman wrote: > Thanks for the input, please see below. > > [EMAIL PROTECTED] wrote: > > hi, > > > > i´m sorry, but i cannot ack to this report. > > we have for example one server with 3,12TB (each share shows this space, > > no quotas set)and win xp (pro) clients are fine with this (btw: MAC OSX > > had problems with shares >2TB -> smb.conf has a parameter for virtually > > limiting the disk size) > > My Windows XP clients show almost unlimited space as well. BUT, we have > found we cannot actually put more than 2TB of data in the space. In a single file? or with multiple files and dirs? What's the error you get back ? Simo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.21a panic - oplock problem?
On Wed, Jan 11, 2006 at 03:56:53PM -0800, Andrew Morgan wrote: > I upgraded from Samba 3.0.20 to 3.0.21a last night on my Solaris 10 > machine. After the upgrade, everything seemed to work fine, but I see > that Samba is panic'ing in the logs. As far as I can tell, the client > retries whatever it was doing and succeeds (at least, we've had no reports > of problems from our users). > > I have attached a level 10 debug, backtrace, and my smb.conf. The > commented out lines in smb.conf are what I used to generate the level 10 > logs and backtrace. > > I will probably downgrade to 3.0.20 tonight, so please let me know if > there is any additional information needed. Please downgrade for now. There's an alignment issue with Solaris that we're working on Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] I have a blog :-).
Hi all, Sorry for the ego-boosting post, but an archive of some of the columns I write for the UK magazine LinuxUser and Developer is now online at : http://samba.org/samba/news/#jra_columns_archive In case people are interested. It's sort of a blog that people pay to read :-) :-). Thanks to Deryck who thought this was worth adding to news.samba.org :-). Cheers, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.21a panic - oplock problem?
I upgraded from Samba 3.0.20 to 3.0.21a last night on my Solaris 10 machine. After the upgrade, everything seemed to work fine, but I see that Samba is panic'ing in the logs. As far as I can tell, the client retries whatever it was doing and succeeds (at least, we've had no reports of problems from our users). I have attached a level 10 debug, backtrace, and my smb.conf. The commented out lines in smb.conf are what I used to generate the level 10 logs and backtrace. I will probably downgrade to 3.0.20 tonight, so please let me know if there is any additional information needed. Thanks, Andy[global] netbios name = ONID-FS security = domain password server = * encrypt passwords = true interfaces = ce0 guest account = nobody domain master = no local master = no preferred master = no os level = 0 log level = 1 syslog = 6 syslog only = yes # log level = 10 # log file = /private/samba/var/log1 # debug pid = yes # max log size = 0 # panic action = "/bin/sleep 9" name resolve order = wins host wide links = false wins server = 128.193.4.45 workgroup = ONID server string = ONID File Server allow trusted domains = no printing = bsd printcap name = /dev/null [homes] comment = Home Directories browseable = false read only = no create mode = 0700 hide files = /public_html/ [public_html] comment = Web page read only = no path = %H/public_html create mode = 0755 [EMAIL PROTECTED] lib]# mdb /private/samba/sbin/smbd > ::attach 12930 Loading modules: [ ld.so.1 libc.so.1 libuutil.so.1 ] > ::stack libc.so.1`_waitid+8(3283, ffbff064, 0, 3283, fee52000, 0) libc.so.1`waitpid+0x60(3283, ffbff064, 0, 0, ffbff11c, feba3080) libc.so.1`system+0x2b4(33e468, 0, ffbff11c, 0, ff0e4280, ff0e7f18) smb_panic2+0x80(2b3690, 33e468, ffbfeec8, ffbff2e0, 7c00, 0) smb_panic+8(2b3690, 2b3588, 258308, 28, 0, 2ed000) fault_report+0x1b4(a, 0, 0, 0, 0, 0) sig_fault+4(a, 0, ffbff4d8, 1, 7c00, 2b7008) libc.so.1`__sighndlr+0xc(a, 0, ffbff4d8, 1b59fc, 0, 1) libc.so.1`call_user_handler+0x3b8(a, 200, 4, 0, fee52000, ffbff4d8) process_oplock_break_message+0x564(bbe, 33e430, 3464c4, 3068c8, ffbff888, bbe) message_dispatch+0x184(0, 3e8, ea60, 12b, 0, 2e7400) receive_message_or_smb+0x64(346d88, 20041, ea60, 20441, 0, 4104) smbd_process+0x110(bba, 55534, 2, 265400, 2cc400, 18) main+0x8e4(0, ffbffc2c, ffbffc38, 2fb864, fee50200, fee50240) _start+0x5c(0, 0, 0, 0, 0, 0) > ::quit -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2TB Limit for Windows Shares?
Thanks for the input, please see below. [EMAIL PROTECTED] wrote: hi, i´m sorry, but i cannot ack to this report. we have for example one server with 3,12TB (each share shows this space, no quotas set)and win xp (pro) clients are fine with this (btw: MAC OSX had problems with shares >2TB -> smb.conf has a parameter for virtually limiting the disk size) My Windows XP clients show almost unlimited space as well. BUT, we have found we cannot actually put more than 2TB of data in the space. So, Windows shows the space being available, but stops writing once there are 2TB there. Have you actually put MORE than 2 TBs of data into that space that says there are 3.12 TB? Andy greez andy liebman wrote: I have noticed recently that Windows XP seems to stop writing into Linux/Samba shares once there is 2 TB of data in the share. Windows Explorer is happy to report that a share has 4.8 or 8 or 10 TB of space available, but Windows seems to cease writing into the share once there are 2 TB in it. Is this a known limitation of a) Windows or b) Samba or c) both? It certainly isn't a limitation of the filesystem I'm using. Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Random share disconnects
Hi, We've got a site running a windows domain with a samba PDC and we're seeing a bunch of random disconnects from shares on Windows XP Pro workstations. The server config is: SuSE Enterprise Linux 9 (SLES9) with: samba-3.0.14a-0.4 (using ldap) openldap2-2.2.24-4.5 (using a bdb backend) There's also a heartbeat setup which will shutdown smbd and nmbd on one machine and bring up a backup machine, but that shouldn't affect anything, as logs show it's not doing anything. Client machines are mostly running Windows XP Pro, but there are a handful of Win98 machines around as well. The problem has only been reported by WinXP users and it appears to occur to random users at random times. Users will be working at their PC when all their network mapped drives go offline. If they open up the drive in explorer, they get a blank window. In most cases, they also get a bubble saying "You are now working offline" (they have My Documents on a mapped drive, which automatically seems to enable offline files for that folder). Sometimes the shares come back on their own; sometimes the user has to reboot. Looking at the logs on the server, there doesn't appear to be anything odd. There's a whole bunch of connection reset by peer notices, e.g. [2006/01/11 18:22:11, 0] lib/util_sock.c:write_socket_data(430) [2006/01/11 18:22:11, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. write_socket_data: write failure. Error = Connection reset by peer [2006/01/11 18:22:11, 0] lib/util_sock.c:write_socket(455) [2006/01/11 18:22:11, 2] lib/module.c:do_smb_load_module(66) Module '/usr/lib/samba/vfs/recycle.so' loaded write_socket: Error writing 4 bytes to socket 45: ERRNO = Connection reset by peer [2006/01/11 18:22:11, 0] lib/util_sock.c:send_smb(647) Error writing 4 bytes to client. -1. (Connection reset by peer) [2006/01/11 18:22:11, 2] smbd/server.c:exit_server(609) Closing connections But I don't know if this co-relates to shares going offline, because the users can't give me the times when they saw problems. This doesn't seem to affect every user, it doesn't seem to co-relate to heavy system load or heavy network utilization. The network interface doesn't show any errors and the site where this is most prevalent is a fully switched network with the everyone (including the server) on a single switch stack. We were seeing this problem at their old site, where the network contained a lot of small switches and hubs, but the problem is still present at the new site. Any thoughts on how to troubleshoot or fix the problem would be most appreciated. --Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allowing users to install printers
> It's not very handy to do so with Samba and 100 clients if you know > what I mean... > > Perhaps some registry entry that can be added in a script? I thought the idea with group policies was that you apply the policy once, and it takes effect on a whole group of machines. If your XP machines are set up properly, you should just be able to apply that policy to all 100 of them in one go. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users can't pause or cancel print jobs
> Adam: > What version of Samba are you running? I'm running 3.0.21rc2 - so from what Jerry was saying, it looks like you may need to upgrade for this to work. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Only one Case for file name in samba share
updatemyself . wrote: > Hai All, > > is there any way to make one case for file naming in sama share upper > case or lower case man smb.conf Then press the / key Then enter the word "case" Then press "n" to search through the next instance of the word "case" and "n" for the next instance etc, until you find this: default case = upper/lower controls what the default case is for new filenames (ie. files that don't cur- rently exist in the filesystem). Default lower. IMPORTANT NOTE: This option will be used to modify the case ofall incoming client filenames, not just new file- names if the options case sensitive = yes, preserve case = No,short preserve case = No are set. This change is needed as part of the optimisations for direc- tories containing large numbers of files. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Please help with samba 3.0.21a on AIX 5.3
Found that! It worked. Thanks for the help. Chuck -Original Message- From: William Jojo [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 10, 2006 1:55 PM To: Colht, Charles; samba@lists.samba.org Subject: Re: [Samba] Please help with samba 3.0.21a on AIX 5.3 - Original Message - From: "Colht, Charles" <[EMAIL PROTECTED]> To: Sent: Monday, January 09, 2006 8:37 PM Subject: [Samba] Please help with samba 3.0.21a on AIX 5.3 > I've tried building samba 3.0.20 and 21a without luck. I've tried binaries and they all give this error. I know I am missing something but nothing points to a solution. > In the binaries folder there is a README. There is a solution to the posix_aio0 problem you are experiencing. I need to update that doc with an additional line: chdev -l posix_aio0 -a autoconfig=available -P > ../bin/smbstatus > exec(): 0509-036 Cannot load program ../bin/smbstatus because of the following errors: > 0509-130 Symbol resolution failed for /usr/lib/libc.a(posix_aio.o) because: > 0509-136 Symbol _posix_kaio_rdwr (number 2) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_listio (number 3) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_acancel (number 4) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_iosuspend (number 5) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_aio_nwait (number 6) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_aio_nwait64 (number 7) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_aio_nwait_timeout (number 8) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_aio_nwait_timeout64 (number 9) is not exported from >dependent module /unix. > 0509-136 Symbol _posix_iofsync (number 10) is not exported from >dependent module /unix. > 0509-026 System error: Error 0 > 0509-192 Examine .loader section symbols with the > 'dump -Tv' command. > > > This configure line successfully creates a Makefile: > ./configure --with-ads --with-winbind --with-pam --with-aio-support > > Running make gives this: > > make > Using FLAGS = -O -D_SAMBA_BUILD_ -I./popt -Iinclude -I/home/inst/software/samba/samba-3 .0.21a/source/include -I/home/inst/software/samba/samba-3.0.21a/source/ubiqx -I/home/inst/software/samba/samba-3.0.21a/source/tdb -I. -DLDAP_DEPRECATED -I/home/inst/software/samba/samba-3.0.21a/source -D_SAMBA_BUILD_ > LIBS = > LDSHFLAGS = -Wl,-bexpall,-bM:SRE,-bnoentry,-berok > LDFLAGS = > PIE_CFLAGS = > PIE_LDFLAGS = > Compiling dynconfig.c > In file included from /usr/include/aio.h:31, > from include/includes.h:518, > from /home/inst/software/samba/samba-3.0.21a/source/dynconfig.c:21: > /usr/include/sys/aio.h:91: error: field `aio_sigevent' has incomplete type > /usr/include/sys/aio.h:147: error: field `aio_sigevent' has incomplete type > In file included from /home/inst/software/samba/samba-3.0.21a/source/dynconfig.c:21: > include/includes.h:822: error: redefinition of `struct timespec' > make: 1254-004 The error code from the last command is 1. > Ok, I'll take a look at this. Were there any other errors in the config.log? Also what does "oslevel -r" report? I'll bet it's baseline (5300-00). I think I recall having problems with 5300-01 as well when I started playing with AIO support when Jeremy first released it. 5300-03 (which I'm running) is not reporting this problem for me since the binary has AIO support. But, if after you upgrade, you still have it, file a bug and I'll look into it. Cheers, Bill > > Stop. > Chuck Colht > Sr System Administrator > Alaska Communications Systems, Inc. > 907-269-2673 > [EMAIL PROTECTED] > > > > *** > This transmittal may contain confidential information intended solely for > the addressee. If you are not the intended recipient, you are hereby > notified that you have received this transmittal in error; any review, > dissemination, distribution or copying of this transmittal is strictly > prohibited. If you have received this communication in error, please notify > us immediately by reply or by telephone (collect at 907-564-1000) and ask to > speak with the message sender. In addition, please immediately delete this > message and all attachments. Thank you. ACS > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/
[Samba] passwords expiring
I believe that I have fixed this problem by editing the smbldap_conf.pm file and changing the line:- $_defaultMaxPasswordAge = 9; When I change a user's password the "Password Must Change Date" is now in the year 2279, which should see me out. Tony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allowing users to install printers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: >> There's an XP policy that will allow Users to connect >> to printers and have the driver installed automatically. >> Run gpedit.msc on an XP client and you'll see what I mean. > > > It's not very handy to do so with Samba and 100 > clients if you know what I mean... > > Perhaps some registry entry that can be added in a script? Policies are just regostry entries. I referred you to the gpedit.msc lpugin so you could see for yourself. Teh rest is left as an exercise for the reader :-) cheers, jerry > > - -- = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYz+IR7qMdg1EfYRApciAKCGSN9TpwRJwCSFCrJ3bVo+ZO3l+QCfb5FT YH4AyUsP6U+OuBPC62mCzPM= =5tch -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [repost] Samba - Cups - WinXP SP2 Client
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jürgen Hoffmann wrote: > 1. Although Printing a Test Page with Cups prints from > the right Paper Feed, printing a Test Page from the Windows > Client prints it from the default feeder. My suggestion is not to mix cups and Windows drivers on the same print Q. That's just me. I prefer raw queues for Windows clients. > my question is, is it possible to file access to one > share in favor of other shares, something like QOS? Nope. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYwYIR7qMdg1EfYRAnvAAJ4re8N4suWJdTOu1D3pxnQQ9SsyWwCfR0hZ ZhJ/otlhRt2/28nCSqVO670= =+quS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with printer drivers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Olaf Jörk wrote: > rpcclient $> enumprinters > : > flags:[0x80] > name:[\\pslag\kyo_adv] > description:[\\pslag\kyo_adv,Kyocera Mita FS-3820N > KX,Kyocera-Testdrucker] > comment:[Kyocera-Testdrucker] > : > > So I think, the printer kyo_adv has its driver ready. Under > W32X86/2 are a lot of dependend driver files. > > When I want to open the printers properties on my XP-box, I still get > the message, that the driver ist not installed. It could be that XP is set to deny version 2 (kernel mode) print drivers. I would really recommend an upgrade to at least 3.0.20b though. Samba 2.2.x is unmaintained at this point. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYuYIR7qMdg1EfYRAkNuAJsH1hsCBtQ+1wUGCFRTZkgtWEgcYgCg2rEF k+wCMRiVNhHfZHfIdYWzOVY= =57Gl -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem after upgrade from 3.0.14a to 3.0.21a
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Remy Zandwijk wrote: > Before upgrading to Samba 3.0.21a, we were running Samba > 3.0.14a. On the Domain Member Server, when selecting > the security-tab of a file or folder, the users were > listed as users of the domain. Settings ACL's worked > very well. > > After the upgrade to Samba 3.0.21a, suddenly the users > listed in the security-tab are users of the local machine > and not the domain. Settings ACL's fails without an > error message. This happens with Samba 3.0.20b as well. > > Apparently, something is changed between 3.0.14a and > 3.0.20b. However I do not have a clue... The configuration > of all servers did not change. Installing 3.0.14a again > and it all works again. > > Does anybody have a clue what is going on here? Are you running winbindd on the member server? I would recommend it but since the posixAccount information is being shared via LDAP, make sure to set 'winbind trusted domains only = yes' cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYrHIR7qMdg1EfYRArINAKCLw5k7OifoRxGGSViRWTyouby9PgCghSMt djQ+yNoqRqYNQPTysyxEisE= =GlBP -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] swat help files broken...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Samba User wrote: > Does anyone know when the brocken helpfiles are going to be fixed? > Or maybe where I can copy them to make them work? > I am running 3.0.21a and the Changelog states that it should be fixed, > however I don't see it that way... What is the problem. I checked them before release. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYSXIR7qMdg1EfYRAnQOAJ4iWP7AwArwI3UXdeUrQOU1/3w5nQCfUzad +eDzDBdAr+IzCRJWBGWsQu8= =Ybhq -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] "valid users" + ldap on Solaris 10 problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Miki Monguilod wrote: > Hi! > > Yesterday we finally get the stack trace of Samba. Here you have: > Program received signal SIGSEGV, Segmentation fault. > 0xfefd4f6c in _free_unlocked () from /lib//libc.so.1 > (gdb) bt > #0 0xfefd4f6c in _free_unlocked () from /lib//libc.so.1 > #1 0xfefd4f14 in free () from /lib//libc.so.1 > #2 0xfed9fad0 in ldap_set_lderrno () from /usr/lib//libldap.so.5 > #3 0xfedbc084 in ldap_create_virtuallist_control () > from /usr/lib//libldap.so.5 > #4 0xfee0a8fc in setup_vlv_params () from /usr/lib//libsldap.so.1 > #5 0xfee0b46c in search_state_machine () from /usr/lib//libsldap.so.1 > #6 0xfee0c1fc in __ns_ldap_firstEntry () from /usr/lib//libsldap.so.1 > #7 0xfee4ba3c in _nss_ldap_getent () from /usr/lib//nss_ldap.so.1 > #8 0xfefdc0d8 in nss_getent_u () from /lib//libc.so.1 > #9 0xfefdbc70 in nss_getent () from /lib//libc.so.1 > #10 0xfefc7074 in getgrent_r () from /lib//libc.so.1 > #11 0x002ef230 in get_users_in_group (gname=0x56bfa1 "referencial") >at lib/util_getent.c:282 > #12 0x002ed724 in user_in_unix_group_list (user=0xffbfc048 "csi", >gname=0x56bfa1 "referencial") at lib/username.c:519 > #13 0x002eda2c in user_in_group_list (user=0xffbfc048 "csi", >gname=0x56bfa1 "referencial", groups=0x0, n_groups=) >at lib/username.c:566 > #14 0x002edd50 in user_in_list (user=0xffbfc048 "csi", list=0x508220, >groups=0x0, n_groups=) at lib/username.c:607 > #15 0x000675cc in user_ok (user=0xffbfc048 "csi", snum=128, groups=0x0, >n_groups=) at smbd/password.c:397 > ---Type to continue, or q to quit--- > #16 0x00067d8c in authorise_login (snum=128, user=0xffbfdf10 "", password= > {data = 0x510238 "Q» §E©wdª\232\215\222xB5\220\221\200ÂÒ¯·Âv", > length = , free = 0x3029b0 }, guest=0xffbfe0b0) >at smbd/password.c:547 > #17 0x001076a8 in make_connection_snum (snum=128, vuser=0x0, password= > {data = 0x510238 "Q» §E©wdª\232\215\222xB5\220\221\200ÂÒ¯·Âv", > length = , free = 0x3029b0 }, > pdev=0xffbfe258 "", Looks like an issue in the nss_ldap library from Sun. Is your Solaris box fully patched? Or perhaps has Samba linked against OpenLDAP client libs and nss_ldap is getting confused? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYPjIR7qMdg1EfYRAg8VAKDpzTG+Y85Tn3b3gYVwDlxVMwzd+ACg8ZrO g29nz5upBI9vU5phUtvKTPo= =R5Jn -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allowing users to install printers
Gerald (Jerry) Carter schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: What is the easiest way to allow normal users to install printers (which are available through a Samba server)? There's an XP policy that will allow Users to connect to printers and have the driver installed automatically. Run gpedit.msc on an XP client and you'll see what I mean. It's not very handy to do so with Samba and 100 clients if you know what I mean... Perhaps some registry entry that can be added in a script? -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble Symbolic Linking
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Davidson wrote: > I would really like to avoid jumping to acls right > now. Is there not another way? They are *reallY* useful though. And designed for this exact problem :-) You could of course, have two shares pointing at the same directory and enforce access control in smb.conf with a 'valid users' line I suppose. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYnbIR7qMdg1EfYRAhbBAJ9qokyeOpxA2LSJfhkz7cWS5E+V7gCfRvg9 mF7BT1f4E9JIfzTx29M7CYw= =uiYD -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] $nice $* Error when start samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Luu Minh Khoa wrote: > Hi !! > I have an error in "functions" file. When I start SAMBA, it showed an > error below > > Starting SMB services: /etc/init.d/functions: line 83: 3379 > Aborted $nice $* > [FAILED] > Starting NMB services: [ OK ] > > I opened functions file, and reach the line 83, but I still don't know > what wrong. Please help me correct this file, and start SAMBA > successfully ! Thanks a million !! There's really not enough information to answer properly. Where did you get the Samba rpm, what server os, and what Samba version? try running 'set -x /etc/init.d/smb start' and see if that gives you any clue. jerry - -- = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYl4IR7qMdg1EfYRAnskAJ9oNDjsg19qRO5XHnPFBxrQy6C96QCg0qx5 pc6aR908iTy6WA2lrQPeWfc= =ZldF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble Symbolic Linking
I would really like to avoid jumping to acls right now. Is there not another way? Dan On Wed, 2006-01-11 at 16:30 -0600, Gerald (Jerry) Carter wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Daniel Davidson wrote: > > I am running Samba on a FC2 X86_64 machine and I have one directory that > > needs to be accessible by two different groups (each group has its own > > folder) of people. > > My recommendation is to use posix acls. > > > > > > cheers. jerry > = > Alleviating the pain of Windows(tm) --- http://www.samba.org > Centeris --- http://www.centeris.com > "There's an anonymous coward in all of us." --anonymous > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFDxYcaIR7qMdg1EfYRApmLAJ48LlXezy/nDG5NcxvncJwcXxPuwQCfcbrF > 4118NDfZR6Wg+zmMmK/aNqA= > =Lzez > -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allowing users to install printers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: > What is the easiest way to allow normal users to install > printers (which are available through a Samba server)? There's an XP policy that will allow Users to connect to printers and have the driver installed automatically. Run gpedit.msc on an XP client and you'll see what I mean. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYeEIR7qMdg1EfYRAh+RAJ9s5TkRxUQL95Y40aEMY16xqKerFwCeM2Cv Ayse4t3KL/FVVznI4ytx96c= =FsSI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble Symbolic Linking
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Davidson wrote: > I am running Samba on a FC2 X86_64 machine and I have one directory that > needs to be accessible by two different groups (each group has its own > folder) of people. My recommendation is to use posix acls. cheers. jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYcaIR7qMdg1EfYRApmLAJ48LlXezy/nDG5NcxvncJwcXxPuwQCfcbrF 4118NDfZR6Wg+zmMmK/aNqA= =Lzez -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.14a-2 auth against a very Large AD domain
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Norris, Brent wrote: > The first problem is the really major one: I have two Fedora Core 4 > machines with all updates connected to the Windows AD. They seem to be > working fine when people try to get access to the shares that they have. I > was told by the domain admins that they are logging tons of Event ID 675 on > the DC and tons of Event ID 672 on the GC from my two SAMBA machines. > Looking these up they reference a Pre-Authentication issue with Kerberos. > The bad part is that these are coming from the actual machines and not users > accounts, so there is no way that I can turn off Pre-Authentication. I need > to know what I can do to stop this error, because this is an unacceptable > situation from their point of view. Please try setting this in in /etc/krb5.conf. [libdefaults] default_tgs_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC default_tkt_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC preferred_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC > The second problem, I think, stems from the fact that we are such an odd > configuration inside our forest. When I try to run wbinfo -g or wbinfo -p > it just hangs and locks up winbind. I think it is because it is attempting > to go out to the other domains and poll their accounts too. If I pass the > option to wbinfo to limit it to just our domain, it returns in a timely > manner. Unfortunately there doesn't seem to be a way to limit getent passwd > to just my domain and there doesn't seem to be a way to just tell winbind to > limit itself to my domain specifically. I don't need to reference anything > from the other districts domains, I only want to use objects from mine. > Does anyone know of a way to make this happen? This should work. winbind enum users = no winbind enum groups = no cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYY9IR7qMdg1EfYRAuIbAJ0Xge4+jAb31Ig8B79wLCbhnZ5HbwCg2H8E tP6UwOcdAaWrgdd1ovHb51g= =Cmaj -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to delete a printer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 taso wrote: > > What Samba files (other than smb.conf) do I need to edit/delete to > remove all > trace of a printer? I'm trying to get a handle on why smbd (3.0.21a) is > SIGSEGV-ing > and I want to start with a clean sheet. remove all driver files in [print$] and rm $(lockdir)/nt*tdb cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYVkIR7qMdg1EfYRAm5AAKCcoEqFDyXJHqndtacSJPESHzRLWQCcD9a+ AH7aeJkccP38fwIAKzfAq2Q= =CnOV -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbclient
Yup. it is xxx.psu.edu. It works shen accessing a windows domain becaue the domain is XXX.PSU.EDU but our MIT K5 realm is xxx.psu.edu. Mark Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Campbell wrote: When trying to use the smbclient with kerberos the smbclient asks for cifs/[EMAIL PROTECTED] when it should be asking for cifs/[EMAIL PROTECTED] Is there a way I can fix that? Mark, Is the true realm name really lower cased? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYNkIR7qMdg1EfYRAiyHAKDQux6fhCICVo85GcgtvvzwwosOmACguhgW 3WhqpXZS6jJGc4/Rogglvfk= =vtEf -END PGP SIGNATURE- -- Mark Campbell Systems Analyst, Advanced Information Technologies Information Technology Services The Pennsylvania State University [EMAIL PROTECTED], 814-865-4774 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbclient
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Campbell wrote: > When trying to use the smbclient with kerberos the smbclient asks for > cifs/[EMAIL PROTECTED] when it should be asking for > cifs/[EMAIL PROTECTED] Is there a way I can fix that? Mark, Is the true realm name really lower cased? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org Centeris --- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYNkIR7qMdg1EfYRAiyHAKDQux6fhCICVo85GcgtvvzwwosOmACguhgW 3WhqpXZS6jJGc4/Rogglvfk= =vtEf -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users can't pause or cancel print jobs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles McLaughlin wrote: > I have the same problem and would really like to here from > anyone with a fix. There were some fixes post 3.0.9. Do you still have this bug in 3.0.20 or later? Works fine for me. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxYKJIR7qMdg1EfYRAuHiAKDrz70CuDyEa/YOGof5e3XrgX/k5QCfbOVO FavHdUVWumHANH3nquexTVE= =3QbN -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Trouble Symbolic Linking
I am running Samba on a FC2 X86_64 machine and I have one directory that needs to be accessible by two different groups (each group has its own folder) of people. Instead of creating another share and subscribing all of each group into another group, I would rather just create the folder in one directory and soft (symbolic) link it to the directory. The directory structure works as desired in the shell. However, when I try to do that in samba, the folder where the soft link should be does not show the soft link. These link points to a file under another mount on another share on the system. I have set follow symlinks and follow wide to yes. Samba version is samba-3.0.10-1.fc2. Anyone have any ideas? Dan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem with administrator accounts
I have a small domain with a Samba PDB and two Windows clients. My goal is to have all accounts held centrally on the Linux box, but the administrator login doesn't work as an administrator. That is, I can login just fine as 'administrator' (or as any of the other accounts in the Samba password db), but I don't get administrative privileges in Windows. In smb.conf, I have: admin users = root username map = /etc/samba/smbusers In smbusers, I have: root = administrator The username mapping appears to occur, but 'administrator' (now 'root') does not receive admin privileges in Windows. (This leads to quite a bind, because I can't login as administrator to take the computer out of the domain and add a local administrator account.) Any ideas? Thanks! Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] authenticating PDC against itself
simo ha scritto: On Wed, 2006-01-11 at 20:31 +0100, alphac wrote: I need to let squid authenticate against the domain controller but both samba and squid are running on the same machine, but I cannot get to use ntlm. Is it possible do join to the PDC the same machine running the PDC with: net join -S DOMAIN -U Administrator ?. yes, you need to do that otherwise you will not be able to make ntlm_auth work. pay attention to the permissions on the winbindd privileged socket you must have the correct permission to make things work. Yes privileges are ok, but I can't use ntlm nor wbinfo, and I can't understand why, from another linux box with debian I can use wbinfo and net join without hassels. See: http://www.squid-cache.org/Doc/FAQ/FAQ-23.html section 23.5 should be enough thanks, I'm reading that but the problem is not squid, it is winbind and samba authenticating vs itself on localhost. thanks -- Guglielmo Dapavo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Forced group inherit with object move
> if you want to inherit groups you should start using sgid bit on directories > I do, and it works fine when creating a new file, or copying an old one. But not when *moving* an old file into a new directory... Yes, I know this is how filesystem works. But a workstation user doesn't need to understand that... -- TiN -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question about Logon hours....auto logoff feature?
Can this at least be scripted somehow? You should be able to shut down PCs remotely by using the 'net rpc shutdown' command (see man net and search for 'shutdown' for more info.) You'd need a script to check which users were on which PC and if they're outside their allowed hours though. or kill the corresponding smbd (from linux side) (by cronjob, etc.) the user cannot access share resources then anymore (but still logged on) if you kick users by shutdown they may loose files, they work on greez Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2TB Limit for Windows Shares?
hi, i´m sorry, but i cannot ack to this report. we have for example one server with 3,12TB (each share shows this space, no quotas set)and win xp (pro) clients are fine with this (btw: MAC OSX had problems with shares >2TB -> smb.conf has a parameter for virtually limiting the disk size) greez andy liebman wrote: I have noticed recently that Windows XP seems to stop writing into Linux/Samba shares once there is 2 TB of data in the share. Windows Explorer is happy to report that a share has 4.8 or 8 or 10 TB of space available, but Windows seems to cease writing into the share once there are 2 TB in it. Is this a known limitation of a) Windows or b) Samba or c) both? It certainly isn't a limitation of the filesystem I'm using. Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Changing file permissions in Windows XP with a samba PDC
On 1/11/06, Jason Balicki <[EMAIL PROTECTED]> wrote: > James Lamanna wrote: > > Hrm. > > The domain part of the SIDs definitely match. > > What's interesting is that it doesn't even get the default-ish groups > > right (like Domain Users for example, it just shows [domain sid]-513) > > > > Any other ideas? > > Just to be clear, did you map the domain users to a group > using net groupmap? I don't know that that's contributing > to your problem though. > > What's the output of "net groupmap list" on the server? Domain Admins (S-1-5-21-3203556629-3307610231-1688239997-512) -> Domain Admins Domain Users (S-1-5-21-3203556629-3307610231-1688239997-513) -> Domain Users Domain Guests (S-1-5-21-3203556629-3307610231-1688239997-514) -> Domain Guests Domain Computers (S-1-5-21-3203556629-3307610231-1688239997-515) -> Domain Computers Administrators (S-1-5-32-544) -> Administrators Account Operators (S-1-5-32-548) -> Account Operators Print Operators (S-1-5-32-550) -> Print Operators Backup Operators (S-1-5-32-551) -> Backup Operators Replicators (S-1-5-32-552) -> Replicators svnusers (S-1-5-21-3203556629-3307610231-1688239997-3003) -> svnusers I think it may just be this machine. I looked at another machine and it seems to be behaving ok. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Forced group inherit with object move
if you want to inherit groups you should start using sgid bit on directories greez Timo Neuvonen wrote: Hello, This matter seems to be asked every now and then, but I couldn't find if there is a solution today: I had a need (due to compatibily reasons with old Netware server) provide a way to get access rights and _group_ownership_ for a file / directory / whole directory tree, based on the group ownership of the parent directory where the object is *moved* to. By default, the group ownership doesn't change during move to another directory, it does happen if the object is copied. Same problem which is described here: http://tinyurl.com/cpqf5 http://groups.google.com/group/linux.samba/browse_frm/thread/42f455b30df62243 Is there any way to overcome this? Kind of "forced group inherit = yes" setting? Regards, Timo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users can't pause or cancel print jobs
On 01/11/2006 07:16 AM, Joris De Pooter wrote: Adam Nielsen a écrit : I have looked everywhere. I can find anything on permissions with regards to Printing to a samba server. From what I ve read Googling around. This appears to be a current problem. I have the same problem and would really like to here from anyone with a fix. What happens if (through Windows) you run \\Samba, open "Printers and Faxes" then view the properties of the affected printer. On the security tab, make sure "Manage Printers" and "Manage Documents" are both ticked for all users in the list (especially "Everyone".) Does that make a difference? You will probably need admin access to Samba to be able to do this. Cheers, Adam. Hi there, i also have this issue since the begining. I tried to tick "Manage Printers" and "Manage Documents" but when I click "Apply" they automaticcaly get unticked. I was able to change the setting on 3 out of 4 of my printers. I experienced the same problem on the 4th - the check box unchecked it self. However, I logged out and log in again and can see that the setting was saved. Thanks for your help. Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] authenticating PDC against itself
On Wed, 2006-01-11 at 20:31 +0100, alphac wrote: > I need to let squid authenticate against the domain controller but both > samba and squid are running on the same machine, but I cannot get to use > ntlm. > > Is it possible do join to the PDC the same machine running the PDC with: > net join -S DOMAIN -U Administrator ?. yes, you need to do that otherwise you will not be able to make ntlm_auth work. pay attention to the permissions on the winbindd privileged socket you must have the correct permission to make things work. See: http://www.squid-cache.org/Doc/FAQ/FAQ-23.html section 23.5 should be enough Simo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Machine names
I searched the list archives and could not locate an answer. I apologize if this is a repeat question. I am manually creating machine accounts on our Suse 10.0 Linux running Samba 3.0.20. I need to do this as the vampire process is not working so I am hoping it would work after I manually create all groups, users and machine accounts. I already mapped groups with "net groupmap" and will map users with smbusers. The problem is that there are long machine names and machine names with spaces and the machine names are all uppercase. Do I use "smbusers" to do the mapping for machine names as well. The docs indicate that the name in /etc/passwd must be the exact machine name in the domain with a $ attached. What to do about spaces and long machine names if mapping via smbusers is the wrong way? Thanks, Guru -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] authenticating PDC against itself
I need to let squid authenticate against the domain controller but both samba and squid are running on the same machine, but I cannot get to use ntlm. Is it possible do join to the PDC the same machine running the PDC with: net join -S DOMAIN -U Administrator ?. wbinfo -p : Ping to winbindd succeeded on fd 4 wbinfo -g --domain=DOMAIN : Error looking up domain groups wbinfo -a alphac%alphac --domain=DOMAIN : (doesn't give back the prompt, I have to break with ctrl+c ) >From samba logs the last thing I see is that a the user is autenticating against samba no errors or anything else. Thanks -- Guglielmo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Changing file permissions in Windows XP with a samba PDC
On 1/11/06, Jason Balicki <[EMAIL PROTECTED]> wrote: > James Lamanna wrote: > > Question about changing file permissions in Windows XP when running > > samba as a PDC. > > If you hit Properties and go to the security tab, instead of listing > > the proper group/user names it lists the full SID. > > Is there a way to get Windows XP to map these to the proper > > user/group names? I am using LDAP as a backend with Samba. > > You have something wrong. You should see the proper > DOMAIN\username display and not the sid. > > I suspect a domain sid mismatch between the XP client and > samba server. > > There is a utility at sysinternals.com called "psgetsid" > that will show the SID of the logged in user on the > XP machine. Use that utility to compare with > "net getlocalsid" on the samba PDC and make sure that > the domain part matches. The local part will differ > (the last bit). > > If there is a mismatch, you'll need to rejoin the XP > box to the domain. If there's not, then I don't > know what's wrong. :) > > Be aware: rejoining to the domain will cause the profiles > on the box to get messed up, but you can reassign the > profiles by changing the registry and setting permissions. Hrm. The domain part of the SIDs definitely match. What's interesting is that it doesn't even get the default-ish groups right (like Domain Users for example, it just shows [domain sid]-513) Any other ideas? > > HTH, > > --J(K) > > -- James -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Changing file permissions in Windows XP with a samba PDC
Question about changing file permissions in Windows XP when running samba as a PDC. If you hit Properties and go to the security tab, instead of listing the proper group/user names it lists the full SID. Is there a way to get Windows XP to map these to the proper user/group names? I am using LDAP as a backend with Samba. Thanks. -- James -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Only one Case for file name in samba share
Hai All, is there any way to make one case for file naming in sama share upper case or lower case but we need to set only ONE case for our volume.. also how i can restrict users from using space in file name If any way please guide; THANK YOU IN ADVANCE Jerrynikky. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users can't pause or cancel print jobs
Adam Nielsen a écrit : I have looked everywhere. I can find anything on permissions with regards to Printing to a samba server. From what I ve read Googling around. This appears to be a current problem. I have the same problem and would really like to here from anyone with a fix. What happens if (through Windows) you run \\Samba, open "Printers and Faxes" then view the properties of the affected printer. On the security tab, make sure "Manage Printers" and "Manage Documents" are both ticked for all users in the list (especially "Everyone".) Does that make a difference? You will probably need admin access to Samba to be able to do this. Cheers, Adam. Hi there, i also have this issue since the begining. I tried to tick "Manage Printers" and "Manage Documents" but when I click "Apply" they automaticcaly get unticked. -- Joris De Pooter Tél.: +33(0)164868319 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] secrets failed
Nope, sorry we had a vacantion last few weeks, so i didn't follow the pdb threads.. sorry.. (did i missed something (-; ) Grz. Collen. Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Collen Blijenberg wrote: Ok found the problem, Seems that the Mysql_passwd backend is still not working.! (did worked in prev. versions!!) the thing that went wrong is that, pdb_sql wrote a machine name in ALL the fields of nt_fullname. (and screwed up some other fields) so all machine account became the same (and user too). I'll gonna try to setup a test environment to test and make the mysql back work again, if i have some time left!! do i need to make a bug report ?? Collen, Have you followed the pdb threads from last week or so? If not, please file a bug and assign it to pdb_sql. That will notify the [EMAIL PROTECTED] maintainers. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxRxNIR7qMdg1EfYRAq7kAJ4oYI7CBVvR8Ixpy9gA039OWx2b9gCeIHb7 Y0uRl6ueXfXPQOlHRsfpo5c= =1DB5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] secrets failed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Collen Blijenberg wrote: > Ok found the problem, > > Seems that the Mysql_passwd backend is still not working.! (did worked > in prev. versions!!) > the thing that went wrong is that, pdb_sql wrote a machine name in ALL > the fields of nt_fullname. (and screwed up some other fields) > so all machine account became the same (and user too). > > I'll gonna try to setup a test environment to test and make the mysql > back work again, if i have some time left!! > > do i need to make a bug report ?? Collen, Have you followed the pdb threads from last week or so? If not, please file a bug and assign it to pdb_sql. That will notify the [EMAIL PROTECTED] maintainers. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDxRxNIR7qMdg1EfYRAq7kAJ4oYI7CBVvR8Ixpy9gA039OWx2b9gCeIHb7 Y0uRl6ueXfXPQOlHRsfpo5c= =1DB5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] wbinfo -u gives an error
Hi All, when I run wbinfo -u I get an error, wbinfo -g showst me the Groups just fine although it shows BUILTIN/ and my Domain is MYDOMAIN is this correct? kind regards Juergen Hoffmann signature.asc Description: Dies ist ein digital signierter Nachrichtenteil -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba-3.0.14a-2 auth against a very Large AD domain
I have setup SAMBA to authenticate to a 2003 (probably SP1) domain and I am having two very distinct problems. I have searched the archives, but each time I see this question is ask I never see any answers and I need an answer or I am going to have to shut this off. I work in the Kentucky school systems and we have one AD forest containing one domain for each county in the state. That totals up to 180 domains inside one forest. I don't have any access to the Domain Controller or the Global Catalog server in our network. That is managed by a state agency. The first problem is the really major one: I have two Fedora Core 4 machines with all updates connected to the Windows AD. They seem to be working fine when people try to get access to the shares that they have. I was told by the domain admins that they are logging tons of Event ID 675 on the DC and tons of Event ID 672 on the GC from my two SAMBA machines. Looking these up they reference a Pre-Authentication issue with Kerberos. The bad part is that these are coming from the actual machines and not users accounts, so there is no way that I can turn off Pre-Authentication. I need to know what I can do to stop this error, because this is an unacceptable situation from their point of view. The second problem, I think, stems from the fact that we are such an odd configuration inside our forest. When I try to run wbinfo -g or wbinfo -p it just hangs and locks up winbind. I think it is because it is attempting to go out to the other domains and poll their accounts too. If I pass the option to wbinfo to limit it to just our domain, it returns in a timely manner. Unfortunately there doesn't seem to be a way to limit getent passwd to just my domain and there doesn't seem to be a way to just tell winbind to limit itself to my domain specifically. I don't need to reference anything from the other districts domains, I only want to use objects from mine. Does anyone know of a way to make this happen? Thanks for any help you can give me, this is a pressing matter for me. Brent Norris Network Administrator, Edmonson County Schools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to delete a printer
What Samba files (other than smb.conf) do I need to edit/delete to remove all trace of a printer? I'm trying to get a handle on why smbd (3.0.21a) is SIGSEGV-ing and I want to start with a clean sheet. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba3 + policy (XP)
Listas schrieb: Hi I'm trying to aply policy to my domain users, but isn't working. I'm created a NTConfig.pol with poledit.exe (from WinNT service pack 4 (adminpak.msi)) and save on netlogon share. When client logon, nothing hapen. How can i check if policy is downloaded from server? What this could be? :( Samba: 3.0.20b-Debian Linux: Debian Client: Windows XP and SP2 ps: i couldn't find anything on samba log. Did you check Windows Event Log as well? -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3 + policy (XP)
Hi I'm trying to aply policy to my domain users, but isn't working. I'm created a NTConfig.pol with poledit.exe (from WinNT service pack 4 (adminpak.msi)) and save on netlogon share. When client logon, nothing hapen. How can i check if policy is downloaded from server? What this could be? :( Samba: 3.0.20b-Debian Linux: Debian Client: Windows XP and SP2 ps: i couldn't find anything on samba log. VHCS Webmail -- Esta mensagem foi verificada pelo sistema de antivírus e acredita-se estar livre de perigo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] small files poor performance
Hello, I've read a lot of information and forums concerning the samba performance question, but nothing was helpful. I'm desperate of the situation so I'm writing here hoping somebody could help me. When copying cca 330MB file from server - I can reach rate about 8-11MB/s depending on some mysticals factors, which I can't identify. To eliminate possible network problems, I've tried ftp for the same file - I've got little bit over 11.5MB/s but the transfer rate was rock solid (understand only plus minus few kB/s) all the time. I would accept the performance, but the problem came with many small files. When trying to copy directory with 5500 files and a size of 330MB, the speed was about 5-5.5MB/s. With ftp, the result was even worse, but the protocol itself is not suited for such type of transfers. I'd like to know if it is even possible to reach at least the speed of 10MB/s with those small files. To eliminate server load issues, almost all services on the server were down, no firewall was active and I was testing on network with only one client connected to server. The CPU load remained under 5%. The amount of free RAM was over 700MB. Server is attached to network through 1Gbit LAN connection. It's running debian sarge 3.1 with samba 3.0.14a-Debian installed from distribution package with kernel 2.6.14-5 (no patches applied). You can think this could be HDD performance limit, but it is not: I have 3 SATA HDDs in RAID5 array, which gave me 100MB/s when I was copying the big file locally to /dev/null. And I've got 25MB/s when copying the directory with small files from one partition to another (so I expect over 50MB/s when only reading this data). As you can see, the HDD subsystem is not the bottleneck for sure. Just for info, the XFS filesystem is used. In samba configuration, I was playing with socket options, (un)setting TCP_NODELAY, IPTOS_LOWDELAY and trying to set SO_RCVBUF and SO_SNDBUF parameters to different values starting from 8192 to 65535 in steps of 16k. These changes had almost no influence on the performance. As a last step I've also tried using the case sensitivity option for the concrete share (the 4 commented lines in the "mks" share in smb.conf file attached). This also didn't help. I don't know whether the problem lies in server or client station. I'm using WinXP Home SP2 on my clients. If you have any idea how to make samba go faster I'd be very grateful. thanks Here's part of my samba configuration file: [global] workgroup = weldex server string = Aquarius server dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 log level = 2 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam guest obey pam restrictions = yes invalid users = root passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew \sUNIX\spassword:* %n\n . preserve case = yes short preserve case = yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 SO_SNDBUF=16384 [homes] comment = Home Directories browseable = no writable = yes create mask = 0700 directory mask = 0700 [mks] comment = MK-Soft (win+dos) path = /home/mks browseable = yes writable = yes create mode = 0660 directory mode = 0770 force user = samba force group = samba ;case sensitive = true ;default case = upper ;preserve case = no ;short preserve case = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net vampire problems
hi! i would like to migrate users and groups from an nt pdc to my samba pdc and i have still problems! net rpc vampire -S PDC still gives the error message core dump! i'm using samba 3.0.21a! i changed the samba pdc to bdc and i added the samba host to the old domain. the sid is included in the smbldap tools config file! i hope somebody can help me! greetz andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users can't pause or cancel print jobs
Adam: What version of Samba are you running? On 1/10/06, Adam Nielsen <[EMAIL PROTECTED]> wrote: > > > > I have looked everywhere. I can find anything on permissions with > > > regards to Printing to a samba server. From what I ve read > > > Googling around. This appears to be a current problem. > > I have the same problem and would really like to here from anyone > > with a fix. > > What happens if (through Windows) you run \\Samba, open "Printers and > Faxes" then view the properties of the affected printer. On the > security tab, make sure "Manage Printers" and "Manage Documents" are > both ticked for all users in the list (especially "Everyone".) Does > that make a difference? You will probably need admin access to Samba > to be able to do this. > > Cheers, > Adam. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista/longhorn and samba PDC
Mogens Kjaer wrote: ... It didn't work yesterday, today it does... This turned out to be a misconfigured DHCP server (serving the wrong WINS server IP number) on my testnet. Sorry for the noise - now it works! Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows 2003 not playing the game by the rules?
1. Samba 3.0.21a is PDC 2. Windows 2003 Server as a domain member 3. Shared a directory on the Windows 2003 Server. 4. Gave the share name full control to Everyone. 5. Set specific permissions on the shared directory. 6. Windows 2003 Server gives any workstation logged on to the domain full access to the shared directory, ie directory permissions are ignored. 7. Set more restrictive permissions on the share and Windows 2003 Server behaves better. Conclusion: Seems that Windows 2003 Server is ignoring directory permissions and only using permissions on the share. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] could not fetch account password for domain
Hi all I have samba 3.0.21 with LDAP, using as PDC, and another Linux system which is domain member server for the PDC but suddenly Member server is not accessible from member server, i can ping the PDC , in messages logs " could not fetch trust account password for domain " msdpl.com" i am not sure , what caused the problem, i changed the root password on PDC with smbldap-passwd root, can it be a problem the nsswitch.conf and ldap.conf also is also intact, pointing correct dc, Regards Niranjan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Account Unknown for users with Samba 3.0.11/14
Quoting William Jojo <[EMAIL PROTECTED]>: Well, since this system doesn't have local files can you use secldapclntd? This will solve your local user problem (which is what I was driving at :-) ) by pointing to LDAP and making the users appear local. There's also the possbility of WINBIND depending on how you want to approach the users. secldapclntd can be implemented in a few minutes. As long as your smb.conf points to the same containers, you should see that you're looking for. I've spent far too long on this tearing my hair out. Ultimately, I've done what I probably should have done in the first place - set up a Samba domain and got the offending server onto that. Seems to work now (touch wood). It'll give me a number of other benefits over and above solving the initial problem, and it was something I was planning on doing anyway. Many thanks, James Cort. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] how to force Samba respects file locking?
Greetings, I'm trying to lock files using a Debian GNU Linux (unstable) and Perl, but looks like the smbpasswd command from Samba is not respecting the lock. Perl has "advisory" file locking using C flock() or lockf() or fcntl(), depending which one is first available on the system. While this is not a Perl mailing list, I need to know which scheme Samba uses for file locking to decide if I can implement such scheme using Perl. I would be very glad if someone could give me some hints about that since searching thru the Internet didn't bring me any help at all. In my test, the Perl script would hold the file smbpasswd (the password backend) for 30 seconds. After that I started the program smbpasswd to change the user passwords and for my surprise the file was changed without mercy. :-) I wrote the code below to implement this test: -- code -- #!/usr/bin/perl use strict; use warnings; use Fcntl qw(:DEFAULT :flock); my $sec = 30; print 'Please type the file that I should lock for $sec: '; my $file = ; chomp $file; sysopen( FH, $file, O_RDWR ) or die "Cannot edit $file: $!\n"; flock( FH, LOCK_EX ) or die "Cannot lock $file: $!\n"; print 'Ok, holding the file for $sec seconds. I will not change anythingin the file', "\n"; sleep $sec; close(FH); print "Finished\n"; -- code -- Thanks in advance. Regards, Alceu Rodrigues de Freitas Junior -- [EMAIL PROTECTED] http://www.imortais.cjb.net --- A well-used door needs no oil on its hinges. A swift-flowing stream does not grow stagnant. Neither sound nor thoughts can travel through a vacuum. Software rots if not used. These are great mysteries -- The Tao Of Programming, 5.1 Alceu Rodrigues de Freitas Junior -- [EMAIL PROTECTED] http://www.imortais.cjb.net --- A well-used door needs no oil on its hinges. A swift-flowing stream does not grow stagnant. Neither sound nor thoughts can travel through a vacuum. Software rots if not used. These are great mysteries -- The Tao Of Programming, 5.1 ___ Yahoo! doce lar. Faça do Yahoo! sua homepage. http://br.yahoo.com/homepageset.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] secrets failed
Ok found the problem, Seems that the Mysql_passwd backend is still not working.! (did worked in prev. versions!!) the thing that went wrong is that, pdb_sql wrote a machine name in ALL the fields of nt_fullname. (and screwed up some other fields) so all machine account became the same (and user too). I'll gonna try to setup a test environment to test and make the mysql back work again, if i have some time left!! do i need to make a bug report ?? Greetz, Collen Collen Blijenberg wrote: Well, i have a serious problem, all of an sudden samba rejects all my workstations and servers! my samba PDC reports back to me, secrets_fetch failed! nothing has changed, or altered.. it comes out of the blue! i did upgrade samba from 3.0.11 to 3.0.21, but that was 2 weeks ago, and the upgrade worked. (until now that is) going back to 3.0.11 didn't work, I'm kinda lost here.. suggestions might really help... thx Collen. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba as domain controller
Hi, > -Original Message- > From: Andreas Fladischer [mailto:[EMAIL PROTECTED] > Sent: quarta-feira, 11 de Janeiro de 2006 9:42 > To: Bruno Guerreiro > Subject: Re: [Samba] Samba as domain controller > > Thanks for your fast answer! > > do you mean that i have to do > > net rpc rights grant username SeMachineAccountPrivilege > > for all users?i have 30 users and all are administrators- so > i have to do this command 30 times? Do you really want your 30 users to be domain administrators? Or just add the machines? If it is the first situation it's easier to add them to a group "Domain Admins" or something and then give that group admin rights in your smb.conf If the second, not really sure if you can give rights to a group. Anyone ? If it's not possible to give permissions to a group, than the solution would be to grant rights one, by one. Best regards, Bruno Guerreiro > greetz > > Andreas > > > Bruno Guerreiro wrote: > > >Hi, > > > > > > > >>-Original Message- > >>From: Andreas Fladischer [mailto:[EMAIL PROTECTED] > >>Sent: quarta-feira, 11 de Janeiro de 2006 9:26 > >>To: samba@lists.samba.org > >>Subject: [Samba] Samba as domain controller > >> > >>[EMAIL PROTECTED] > >> > >>i set up a system where samba is a primary and a secondary domain > >>controller; the authentication is over ldap and everything > works fine > >>but > >> > >>i would like to test what happen when the pdc is down and so i > >>shutdown the smb service on the pdc. the logins from all clients > >>worked well on the bdc but when i try to join a new machine to the > >>domain, it can't contact the domain controller (ok because > the pdc is > >>down). my question is, wheather it is possible to configure the bdc > >>so, that i can join to the domain when the pdc is down? > >> > >> > > > >That's the normal behaviour on an NT Domain. When the PDC is > no users can be > >modified or machines added. The Domain enters a reand-only > state. The only > >way would be to "promote" the BDC to PDC. > > > > > > > >>my second question is wheather it is possible, that all > >>administrative users can join a new machine to the domain and > >>not only the root user? > >> > >> > > > >Yes, if using privileges you must set the SeMachineAccountPrivilege. > >Something like > >net rpc rights grant username SeMachineAccountPrivilege > > > > > >Hope this helps, > >Bruno Guerreiro > > > > > > > >>with best regards > >> > >>Andreas > >>-- > >>To unsubscribe from this list go to the following URL and read the > >>instructions: https://lists.samba.org/mailman/listinfo/samba > >> > >> > >> > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as domain controller
Hi! On Wednesday 11 January 2006 10:25, Andreas Fladischer wrote: > my second question is wheather it is possible, that all administrative > users can join a new machine to the domain and not only the root user? You have to grant to administrative group SeMachineAccountPrivilege. Example: # net rpc -U admin%passwd rights grant "user group" SeMachineAccountPrivilege Fabio -- Dott. Fabio Marcone 2T srl Telefono+39 - 0871- 540154 Fax +39 - 0871- 571594 Email [EMAIL PROTECTED] Indirizzo Viale B. Croce 573, 66013 Chieti Scalo (CH) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba as domain controller
Hi, > -Original Message- > From: Andreas Fladischer [mailto:[EMAIL PROTECTED] > Sent: quarta-feira, 11 de Janeiro de 2006 9:26 > To: samba@lists.samba.org > Subject: [Samba] Samba as domain controller > > [EMAIL PROTECTED] > > i set up a system where samba is a primary and a secondary > domain controller; the authentication is over ldap and > everything works fine but > > i would like to test what happen when the pdc is down and so > i shutdown the smb service on the pdc. the logins from all > clients worked well on the bdc but when i try to join a new > machine to the domain, it can't contact the domain controller > (ok because the pdc is down). my question is, wheather it is > possible to configure the bdc so, that i can join to the > domain when the pdc is down? That's the normal behaviour on an NT Domain. When the PDC is no users can be modified or machines added. The Domain enters a reand-only state. The only way would be to "promote" the BDC to PDC. > my second question is wheather it is possible, that all > administrative users can join a new machine to the domain and > not only the root user? Yes, if using privileges you must set the SeMachineAccountPrivilege. Something like net rpc rights grant username SeMachineAccountPrivilege Hope this helps, Bruno Guerreiro > > with best regards > > Andreas > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connecting from XP to samba shares
--- Adam Nielsen wrote: > Aha, so the password being entered doesn't match the password for > 'someuser' - did you remember to 'smbpasswd -a someuser' to give > 'someuser' a Samba password? You have to do that because Samba can't > actually compare a Windows password to the UNIX one (it can't convert > from the Windows hash to the UNIX hash.) But I have done that, several times! And it works fine when connecting from another linux, does samba use the unix hash then? OK, I tried it again and it didn't work. Then I tried "smbpasswd -x someuser" first... and now the second time I entered the passwod in XP it worked (the first one didn't leave any trace in the log). But something like this happened once before: after many unsuccessful tries, I could enter the shared resource once, and never again. So I'll wait some time before declaring this solved. Thanks Ignacio ___ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as domain controller
[EMAIL PROTECTED] i set up a system where samba is a primary and a secondary domain controller; the authentication is over ldap and everything works fine but i would like to test what happen when the pdc is down and so i shutdown the smb service on the pdc. the logins from all clients worked well on the bdc but when i try to join a new machine to the domain, it can't contact the domain controller (ok because the pdc is down). my question is, wheather it is possible to configure the bdc so, that i can join to the domain when the pdc is down? my second question is wheather it is possible, that all administrative users can join a new machine to the domain and not only the root user? with best regards Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] About smbfs: smb_get_length error
Hi All: When I use samfs, sometimes I got the following messages, Mr. Google says this is because the windows client use the share, and the connection is "reconnected"! Does it right? How to ward off the error? Is there any potential problem if I ignore it? My actions are smbmount and smbumount some shares. Sometimes some shares are smbumount before they mounted (thus cause a smbumount fail). smb_get_length: recv error = 5 smb_request: result -5, setting invalid smb_retry: successful, new pid=1172, generation=2 smb_get_length: recv error = 5 smb_request: result -5, setting invalid smb_retry: successful, new pid=1195, generation=2 Thanks for your help. Latrell. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista/longhorn and samba PDC
Andrew Bartlett wrote: On Tue, 2006-01-10 at 17:33 +0100, Mogens Kjaer wrote: Has anyone succeeded in getting a Vista beta-2 to do domain logon to a samba PDC? I strongly suspect there will be work to do there. I need to test it out with Samba4 as well. Do you have any particular diagnostics? You will need a current Samba (say 3.0.20 or later) for it to work at all. (We fixed some basic login issues with vista 1) It didn't work yesterday, today it does... I have a test setup with a self-compiled 3.0.21a samba acting as a PDC on a separate network. I can get a w2k machine to join the domain, by running the Network ID wizard. When I did the same with the Vista machine, Windows just told me that it couldn't find an Active Directory Domain Controller. As Samba can't be an AD DC, I feared that it wouldn't be possible. All I got in the logfile on the samba server was several messages like: [2006/01/10 16:36:36, 2] smbd/sesssetup.c:setup_new_vc_session(772) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. This morning, however, the Wizard ran without problems. I will reinstall Vista ß2 (1 hours work, 7.3 Gbytes gets installed) and see if I can get it to join the domain again. Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba