[Samba] ldapsam:trusted = yes : trouble getting it to work
I have been trying for a while now to enable set the parameter
‘ldapsam:trusted’ to ‘yes’ in smb.conf but as soon as I enable it, users cannot
access shares anymore. I am trying to enable this because the users are member
of a lot of groups and I want to take the stress off the ldap server. I have
searched the lists for previous posts with the same problem and I tried to
figure out if it has been answered already. It seems that people had similar
problems but even with that information I don’t seem to get a hold of it.
The shares are set up as this example:
[EMAIL PROTECTED] shares]# pwd
/home/samba/shares
[EMAIL PROTECTED] shares]# ls -la
...
drwxrwx--- 2 nobody consultanta 4096 May 20 04:55 consultanta
...
So a user has to be in ‘consultanta’ group to access the share.
In smb.conf I have:
ldap admin dn = "cn=DomainAdmin,dc=kapitalgrup,dc=ro"
ldap ssl = off
passdb backend = ldapsam:ldap://127.0.0.1
ldap delete dn = no
ldap suffix = dc=kapitalgrup,dc=ro
ldap user suffix = ou=people
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap passwd sync = Yes
ldapsam:trusted = yes
ldap ssl = No
...
[consultanta]
comment = Echipa de Consultanta
path = /home/samba/shares/consultanta
writeable = Yes
valid users = +consultanta
force user = nobody
force group = consultanta
create mask = 0771
directory mask = 0770
default case = lower
preserve case = No
short preserve case = No
map archive = Yes
map hidden = Yes
map system = Yes
In ldap the entries are as this example:
dn: uid=andrei.iordache,ou=people,dc=kapitalgrup,dc=ro
accountStatus: active
cn: Andrei Iordache
gidNumber: 100
givenName: Andrei
loginShell: /bin/bash
mail: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: qmailUser
objectClass: sambaSamAccount
qmailGID: 100
qmailUID: 1005
sambaAcctFlags: [U ]
sambaLMPassword: AC3B233F668007D8AAD3B435B51404EE
sambaNTPassword: 64E9DFEC4AEB99D85474C4CC4D1BA326
sambaPasswordHistory: 00
00
sambaPrimaryGroupSID: S-1-5-21-1777914830-570136335-1763571043-513
sambaPwdMustChange: 2147483647
sambaSID: S-1-5-21-1777914830-570136335-1763571043-3010
shadowExpire: -1
shadowFlag: 0
shadowInactive: -1
shadowMax: 99
shadowMin: -1
shadowWarning: 7
sn: Iordache
uidNumber: 1005
sambaPwdCanChange: 1147436629
sambaPwdLastSet: 1147436629
userPassword: {crypt}$1$E5cL0mtc$pCQcAFjCRamoomGB20C2R/
shadowLastChange: 13280
displayName: Andrei Iordache
homeDirectory: /home/andrei.iordache
mailMessageStore: /home/andrei.iordache/Maildir/
uid: andrei.iordache
dn: cn=users,ou=groups,dc=kapitalgrup,dc=ro
cn: users
description: Local Unix group
displayName: Domain Users
gidNumber: 100
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
sambaGroupType: 2
sambaSID: S-1-5-21-1777914830-570136335-1763571043-513
dn: cn=consultanta,ou=groups,dc=kapitalgrup,dc=ro
objectClass: top
objectClass: posixGroup
cn: consultanta
gidNumber: 1007
memberUid: andrei.iordache
memberUid: other.members
...
I can list the shares on the server after I type in the correct user name and
password. But I cannot access this one. I can access the home dir and the
public shares. I see this at some point in the smbd.log (log level = 10)
[2006/05/20 05:06:05, 5] smbd/service.c:make_connection(807)
making a connection to 'normal' service consultanta
[2006/05/20 05:06:05, 3] lib/access.c:check_access(313)
check_access: no hostnames in host allow/deny list.
[2006/05/20 05:06:05, 2] lib/access.c:check_access(324)
Allowed connection from (192.168.1.33)
[2006/05/20 05:06:05, 10] lib/username.c:user_in_list(529)
user_in_list: checking user andrei.iordache in list
[2006/05/20 05:06:05, 10] lib/username.c:user_in_list(533)
user_in_list: checking user |andrei.iordache| against |+consultanta|
[2006/05/20 05:06:05, 2] smbd/service.c:make_connection_snum(321)
user 'andrei.iordache' (from session setup) not permitted to access this
share (consultanta)
[2006/05/20 05:06:05, 3] smbd/error.c:error_packet(129)
error packet at smbd/reply.c(415) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED
In the ldap logs I see this when I try to access the share:
May 20 05:17:27 fc4 slapd[1524]: conn=90 op=8 SRCH base="dc=kapitalgrup,dc=ro"
scope=2 deref=0 filter="(&(objectClass=posixGroup)(cn=consultanta))"
May 20 05:17:27 fc4 slapd[1524]: conn=90 op=8 SRCH attr=cn userPassword
memberUid uniqueMember gidNumber
May 20 05:17:27 fc4 slapd[1524]: conn=90 op=8 ENTRY
dn="cn=consultanta,ou=groups,dc=kapitalgrup,dc=ro"
May 20 05:17:27 fc4 slapd[1524]: conn=90 op=8 SEARCH RESULT tag=101 err=0
nentries=1 text=
If I run a manual searc
Re: [Samba] samba 4 & openldap?
On Sat, 2006-05-20 at 19:59 +0200, Mark Hannessen wrote: > Hi guys, > > does anyone have any info about openldap and samba4? > whether it can be done? are there schema changes?, etc > > reason I ask is, I'd like to give samba 4 a try. (not for production, just to > see who it's working, for later adoption) but I would also like to keep using > my openldap server. I gave a talk at SambaXP on the topic, and the challenges of using an external LDAP server (rather than our internal database) for the primary data store. Currently, it just isn't an option to use OpenLDAP. What we need to work out is how much we need to change both OpenLDAP (in loading schema, matching rules, overlays etc) as well as Samba, to allow such arrangements. I'm hoping to do some further research work in this area soon. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba share question
On May 20, 2006, at 6:33 PM, Wesley Hobbie wrote: I have the following Samba share: [Programs] writable = yes path = /home/wes/Download I want myself to have write access, and everyone else to have read- only access. The write access works fine when I authenticate, but anyone that does not authenticate gets the you do not have permission error. The /home/wes/Download folder ACL has read access to group and others. What do I need to do to fix that? You want people who don't authenticate to be able to read the share? Enable guest account in samba. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba share question
I have the following Samba share: [Programs] writable = yes path = /home/wes/Download I want myself to have write access, and everyone else to have read-only access. The write access works fine when I authenticate, but anyone that does not authenticate gets the you do not have permission error. The /home/wes/Download folder ACL has read access to group and others. What do I need to do to fix that? Wes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd not starting
I've never used webmin, but SWAT will construct a syntactically correct smb.conf. Of course, that just means that samba won't crash when you start it; it does not guarantee that what you've configured correctly from a syntax perspective actually will accomplish anything. You can check the config file, also, with testparm, which will check that the sections are built correctly, and then let you see them explicitly. Eric Hines Adam Williams wrote: I *believe* that swat and/or webmin has smb.conf checking utility to make sure there are no errors in it. You may want to look into starting those and having it check smb.conf for errors. Burton B Williams wrote: Hey all, I recently installed fedora core 5 and then installed samba. I however encountered a problem. The smbd thread would not start. Can anytone shead some light on why this might have happened. In the original installation of the OS I installed samba. However I encountered that same problem. The smbd would not start. I then tried installing samba from the source and still the same problem. I check the path of the smbd and it gave me the OS default path. I tried forcing the installation path but still the same problem. Any thoughts on the matter would be appreciated Thank you. -B -- Those who are afraid to take the next step will have wasted their entire previous journey. --Baron Manfred von Richthofen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd not starting
I *believe* that swat and/or webmin has smb.conf checking utility to make sure there are no errors in it. You may want to look into starting those and having it check smb.conf for errors. Burton B Williams wrote: Hey all, I recently installed fedora core 5 and then installed samba. I however encountered a problem. The smbd thread would not start. Can anytone shead some light on why this might have happened. In the original installation of the OS I installed samba. However I encountered that same problem. The smbd would not start. I then tried installing samba from the source and still the same problem. I check the path of the smbd and it gave me the OS default path. I tried forcing the installation path but still the same problem. Any thoughts on the matter would be appreciated Thank you. -B -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd not starting
Burton B Williams wrote: Hey all, I recently installed fedora core 5 and then installed samba. I however encountered a problem. The smbd thread would not start. Can anytone shead some light on why this might have happened. In the original installation of the OS I installed samba. However I encountered that same problem. The smbd would not start. I then tried installing samba from the source and still the same problem. I check the path of the smbd and it gave me the OS default path. I tried forcing the installation path but still the same problem. Any thoughts on the matter would be appreciated Thank you. -B Sorry for the direct post You might try (check the man page for the exact syntax) to check the status of your smb. Then try (again, checking the man page; I'm writing these commands from hazy memory). Chkconfig is a useful utility for managing a number of services. Eventually, you might find it useful for nmbd and winbindd, also. Eric Hines -- Those who are afraid to take the next step will have wasted their entire previous journey. --Baron Manfred von Richthofen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File size limit of 2Gb ish ?
On Saturday 20 May 2006 23:49, Hans du Plooy wrote:
> On Sat, 2006-05-20 at 23:32 +0100, Dave S wrote:
> > I am using 2.6.12 kernel, fat 32 on windows but not on my other ubuntu
> > machine :)
>
> If memory serves me right, fat32 doesn't support larger than 2GB. Also,
> as far as I remember, if you mount with smbfs, there was an option
> ("lfs" maybe) that supports files of 2GB+ on the client side.
>
> Hans
Thanks
Dave :)
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File size limit of 2Gb ish ?
On Sat, 2006-05-20 at 23:32 +0100, Dave S wrote:
> I am using 2.6.12 kernel, fat 32 on windows but not on my other ubuntu
> machine :)
If memory serves me right, fat32 doesn't support larger than 2GB. Also,
as far as I remember, if you mount with smbfs, there was an option
("lfs" maybe) that supports files of 2GB+ on the client side.
Hans
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File size limit of 2Gb ish ?
On Saturday 20 May 2006 16:34, Dave S wrote: > Hi all, > > I am running samba 3.0.14 on ubuntu breezy badger networked with another > ubuntu machine and my XP laptop. > > File sharing is great except when a file exceeds 1.5 - 2 GB. The file > transfer fails after 1.5 - 2 GB with a file to large error. This seems to > be a limit for linux - windows and linux - linux which is a pain when > trying to move large DVD iso's. > > Does anyone know a workaround ? or come to that why is there such a low > limit ? > > Cheers > > Dave Hi all, I am using 2.6.12 kernel, fat 32 on windows but not on my other ubuntu machine :) Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd not starting
Hey all, I recently installed fedora core 5 and then installed samba. I however encountered a problem. The smbd thread would not start. Can anytone shead some light on why this might have happened. In the original installation of the OS I installed samba. However I encountered that same problem. The smbd would not start. I then tried installing samba from the source and still the same problem. I check the path of the smbd and it gave me the OS default path. I tried forcing the installation path but still the same problem. Any thoughts on the matter would be appreciated Thank you. -B -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 4 & openldap?
Hi guys, does anyone have any info about openldap and samba4? whether it can be done? are there schema changes?, etc reason I ask is, I'd like to give samba 4 a try. (not for production, just to see who it's working, for later adoption) but I would also like to keep using my openldap server. thanks! Mark Hannessen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Quotas For XP Client (Homes Shared)
[EMAIL PROTECTED] wrote: Hiya! I'm using samba as PDC for validating windows xp clients. I have quotas activated for the /home on my linux but the shared unit on windows xp is giving me the full partition size. What i've to do to make it show just the user quota size??? I think i've compiled samba --with-quotas option. Thanks guys! What version of Samba are you using? And what type of filesystem do you have -- ext3, xfs, reiser, etc? With XFS, at least Group Quotas seem to be broken in Samba 3.0.22. I have reported this as a bug and here on the list. Haven't gotten a reply from anybody. Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File size limit of 2Gb ish ?
Dave S wrote: Hi all, I am running samba 3.0.14 on ubuntu breezy badger networked with another ubuntu machine and my XP laptop. File sharing is great except when a file exceeds 1.5 - 2 GB. The file transfer fails after 1.5 - 2 GB with a file to large error. This seems to be a limit for linux - windows and linux - linux which is a pain when trying to move large DVD iso's. Does anyone know a workaround ? or come to that why is there such a low limit ? Cheers Dave Also, you could try using CIFS to mount your shares in Linux, rather than SMBFS. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File size limit of 2Gb ish ?
Dave S wrote: Hi all, I am running samba 3.0.14 on ubuntu breezy badger networked with another ubuntu machine and my XP laptop. File sharing is great except when a file exceeds 1.5 - 2 GB. The file transfer fails after 1.5 - 2 GB with a file to large error. This seems to be a limit for linux - windows and linux - linux which is a pain when trying to move large DVD iso's. Does anyone know a workaround ? or come to that why is there such a low limit ? Cheers Dave Are you using Fat32 on your Windows machine? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Quotas For XP Client (Homes Shared)
Hiya! I'm using samba as PDC for validating windows xp clients. I have quotas activated for the /home on my linux but the shared unit on windows xp is giving me the full partition size. What i've to do to make it show just the user quota size??? I think i've compiled samba --with-quotas option. Thanks guys! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File size limit of 2Gb ish ?
are you running kernel 2.4 or 2.6? Dave S wrote: Hi all, I am running samba 3.0.14 on ubuntu breezy badger networked with another ubuntu machine and my XP laptop. File sharing is great except when a file exceeds 1.5 - 2 GB. The file transfer fails after 1.5 - 2 GB with a file to large error. This seems to be a limit for linux - windows and linux - linux which is a pain when trying to move large DVD iso's. Does anyone know a workaround ? or come to that why is there such a low limit ? Cheers Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows 98 connection problems on MacOSX
I'm having problems connecting to a Samba server from my Windows 98 machine. Ultimately, I would like printing to work. But, I'm just trying to get the "homes" part to work first. Samba 3.x is running on a Mac OSX 10.4. I can connect using smbclient on both the Mac itself and on my Linux machine. For example, $ smbclient //mini/noelle works. It asks for a password, I type it in and I'm in. But, when I try \\MINI\noelle from my Windows 98 machine, it always fails. It asks for a password, I type it in, and it says "The password is incorrect. Try again". Also, it says "Resource \\MINI\IPC$". I had had "encrypt passwords = no" and smbclient wouldn't work. But, after I changed it to "encrypt passwords = yes", it started working. I tried adding the "log level = 5" hoping that I would get more diagnostics about what is happening, but it produces no more diagnostics. At least, not on this Mac. I included my smb.conf below. Any help in trying to figure out what's happening, I'd appreciate it. --- [global] log level = 5 guest account = unknown valid users = robertsmb noelle robert encrypt passwords = yes auth methods = guest opendirectory passdb backend = opendirectorysam guest printer admin = @admin, @staff server string = mini unix charset = UTF-8-MAC display charset = UTF-8-MAC dos charset = 437 use spnego = yes os level = 8 defer sharing violations = no vfs objects = darwin_acls brlm = yes [homes] comment = User Home Directories browseable = yes read only = no ;[public] ; path = /tmp ; public = yes ; only guest = yes ; writable = yes ; printable = no [printers] path = /tmp printable = yes guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] File size limit of 2Gb ish ?
Hi all, I am running samba 3.0.14 on ubuntu breezy badger networked with another ubuntu machine and my XP laptop. File sharing is great except when a file exceeds 1.5 - 2 GB. The file transfer fails after 1.5 - 2 GB with a file to large error. This seems to be a limit for linux - windows and linux - linux which is a pain when trying to move large DVD iso's. Does anyone know a workaround ? or come to that why is there such a low limit ? Cheers Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
