RE: [Samba] samba and failover (drbd + heartbeat)
1. Use LDAP Backend 2. Follow this Guide http://wiki.samba.org/index.php/Replicated_Failover_Domain_Controller_and_file_server_using_LDAP The link may be broken, you may have to copy and paste. :) Adrian Sender. - From: Ralf Gross <[EMAIL PROTECTED]> To: samba@lists.samba.org Subject: [Samba] samba and failover (drbd + heartbeat) Sent: Tuesday, 15 May 2007 10:20:50 PM Hi, I've setup two server A + B (debian etch) with drbd + heartbeat in active/passive mode. If the primary server A fails, the shared storage is mounted on B, the virtual ip A-vip moves to the new primary B and samba is started by heartbeat. This works well, but I'm not sure which samba files should be identical on both server. Both have a dedicated machine account at the moment. primary: A, 192.168.0.50 (active) secondary: B, 192.168.0.60 (passive) cluster/failover: A-vip, 192.168.0.70 (dns name and ip that the client use to access the shares) Should I just kick all samba files on B and sync them with the files of the primary server A (maybe rsync or inotify, I don't use drbdlinks)? I *think* this would be the necessary directories: /etc/samba /var/cache/samba /var/lib/samba /var/log/samba /var/run/samba /var/spool/samba I've not set any host specific paramters in smb.conf, I use the dns alias A-vip and the virtal-ip for the netbios alias and interface settings. BTW: the machine account was created for the hostname of the primary server A, not the DNS alias A-vip, will this lead to a problem? Ralf _ Advertisement: Meet Sexy Singles today at Lavalife - Click here http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Flavalife9%2Eninemsn%2Ecom%2Eau%2Fclickthru%2Fclickthru%2Eact%3Fid%3Dninemsn%26context%3Dan99%26locale%3Den%5FAU%26a%3D27783&_t=762255081&_r=lavalife_may07_meetsexysingles&_m=EXT -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA 4 AND LDAP, Where can we get the information??
SAMBA 4 AND LDAP, Where can we get the information?? We are trying to get samba 4 working together with ldap, but there's no information anywhere. We'll be pleased if someone can tell us how to get this working. Thanks, and one more question... Why we can get the SAMBA4_TP4 and there is no man pages or any information about the implementations of this?? Thanks you so much and sorry for my poor english. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba3 FreeBSD pdc
Hi, Thanks for your reply. I won't use an ldap settup for this, but tdbsam my requirements aren't that large yet. I also won't use a bdc, this pdc will work fine. I will have it set up as a time server and windows clients should use it to get time. It will pull time from my networks ntp server. Additionally i'd like to implement roaming profiles, network scripts and policies, and like i said single sign on password changing. Any suggestions or sites appreciated. Thanks. Dave. - Original Message - From: "mitrohin a.s." <[EMAIL PROTECTED]> To: Sent: Wednesday, May 16, 2007 7:26 AM Subject: Re: [Samba] samba3 FreeBSD pdc On Tue, May 15, 2007 at 09:54:51AM -0400, Dave wrote: Hello, Most of the docs i've seen for implementing samba3 as a pdc are for Linux. And for a most part they work with FreeBSD. I've not got the box production yet, i have several questions and was wondering if anyone used samba3 on fbsd as a pdc? If so i'd appreciate hearing from you. I want to set up single sign-on authentication, and password changing with the fbsd system. So that a user can ssh in to the box change the password it's reflected everywhere or the user does it from windows. I am not getting the passwd chat string right. And some of the scripts add machine to group, scripts i haven't been able to get them working with fbsd, this is version 6.2 btw, i don't think i'm going to have the issue of not being able to add a $ in the username. we use samba3 + openldap as pdc + bdc on freebsd 6.2 succesfully. smbpasswd change unix and windows password simultaneously. /swp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba breaks after upgrading to 3.0.24
Hi all, I upgraded my samba as part of my Ubuntu Edgy to Feisty upgrade. But ever since this upgrade, my samba, which used to work smoothly in Edgy, no longer works. I've posted the details at http://kubuntuforums.net/forums/index.php?topic=3083275.0 But just in case, I'm repeating some of the findings here: When I run "smbclient //myhost/myshare -U myid", it shows this: Password: Domain=[MYHOST] OS=[Unix] Server=[Samba 3.0.24] Connection to ���▒v�� failed (The garbled error message shows up as slightly different mixture of unreadable characters on each run of samba. But the message is not readable at all times.) log.myhost shows this: [2007/05/16 22:30:59, 0] auth/auth_util.c:create_builtin_administrators(785) create_builtin_administrators: Failed to create Administrators [2007/05/16 22:30:59, 0] auth/auth_util.c:create_builtin_users(751) create_builtin_users: Failed to create Users Any clue? Thanks, Freddie signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA: Share specific log files
No. They dont seem to work for being used in log file. Apparently
these can not be used for log file names in the configuration file but
for other execution scripts (preexec and postexec).
Srini
On 5/16/07, Cleber P. de Souza <[EMAIL PROTECTED]> wrote:
The share variables %P and %S don't help you?
Like this:
log file = /var/log/samba/%S.log
On 5/16/07, Srini <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> We are trying to print the log messages pertaining to each share in a
> different log file for auditing purposes.
>
> We are using Samba v3.0.20b.
>
> We are trying to modify the file
> smbd/service.c::make_connection_snum() function by changing the log
> file full path. The code changes that is done are as follows:
>
>char logfilefullpath[70];
>char sharename[256];
>
>safe_strcpy_fn (__FILE__, __LINE__ ,logfilefullpath,
> "/log/sharenet/", sizeof ("/log/sharenet/"));
>safe_strcat_fn
> (__FILE__,__LINE__,logfilefullpath,lp_servicename(snum),
> sizeof("/log/sharenet/")+sizeof(lp_servicename(snum)));
>safe_strcat_fn (__FILE__,__LINE__,logfilefullpath,".log",
> sizeof("/log/sharenet/")+sizeof(lp_servicename(snum))+sizeof(".log"));
>
>safe_strcpy_fn
> (__FILE__,__LINE__,sharename,lp_servicename(snum),
> sizeof("/log/sharenet/")+sizeof(lp_servicename(snum)));
>lp_set_logfile(logfilefullpath);
>safe_strcpy_fn
> (__FILE__,__LINE__,debugf,logfilefullpath,sizeof(logfilefullpath));
>
>if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
>dbgtext( "%s (%s) ", get_remote_machine_name(),
> conn->client_address );
>dbgtext( "%s", srv_is_signing_active() ? "signed " : "");
>dbgtext( "connect to service %s ", lp_servicename(snum) );
>dbgtext( "initially as user %s ", user );
>dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
>dbgtext( "(pid %d)\n", (int)sys_getpid() );
>}
>
> We have done a similar code snipped in the relevant portion of the
> code in open_file part of Samba as well. However we find that the log
> file randomly gets written to the default log file (log file= variable
> in smb.conf) or sometimes to the share specific log file (that we have
> attempted above). It looks like that this was a buffering problem and
> so we tried to put in dbgflush() routine as well after calling
> dbgtext() macro. Still with no success...
>
> Has anyone tried to modify the source code to generate share specific
> log trails - either by modifying the source code or without? If so,
> can the experts guide us on this?
>
> Thanks in advance for all your inputs and help,
>
> Srini
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
--
***
Cleber P. de Souza
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune Tønnesen Venlig Hilsen/Best Regards > > I only have limited Samba experience, and expect this is a silly mistake, but > have been unable to find a solution > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > (SPARKSTONELX), aiming to unify logins with other windows machines accessing > the PDC, again samba/Debian, with tdbsam password backend. All is well, > joining the domain, and getting account details using wbinfo -u, but getent > passwd only gives the local account details. > > The log file on the PDC (FILESTONE) reports > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > get_md4pw: Workstation SPARKSTONELX$: no account in domain > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > _net_auth2: failed to get machine password for account SPARKSTONELX$: > NT_STATUS_ACCESS_DENIED > > [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) > group sparkstonelx$ in domain STONES does not exist > > and on the Linux desktop > > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR > received from remo > te machine FILESTONE pipe \lsarpc fnum 0x767a! > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native: No > Primary : Yes > Sequence : 1179266454 > FILESTONE pipe \samr > fnum 0x767b! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > FILESTONE pipe \lsar > pc fnum 0x767e! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > > but > > sparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native: No > Primary : Yes > Sequence : 1179266454 > > Any ideas? > > My network is about 6 machines in a Christian community, some being XP home, > which limits my possible security settings! > -- > David Lee > > Living Stones, Flore, UK > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.25: non-Kerberos authentication fails when security=ads?
On 2007-05-15 at 13:43-04 James Ralston wrote: > I have several servers running Samba, all using security = ads mode. > After updating one of the servers to 3.0.25, non-Kerberos login > attempts now fail, although Kerberos logins work just fine. >From digging through other issues on Bugzilla, I discovered that if I run winbind, the problems with non-Kerberos authentication failing go away. I tested winbind in several different configurations (e.g., local mapping versus the rid backend), and the non-Kerberos authentication worked regardless of winbind's specific configuration. Is it the case that now one *must* run winbind in security=ads mode? It certainly seems that way, but I didn't see any note to the effect in the docs or the HOWTO... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RPC Error with PC Netlink
I have setup a Samba 3.024 server on Solaris. I have successfully enabled two-way trusts between my samba domain and my legacy PC Netlink domain. (PC Netlink is the solaris port of NT4 aka Advanced Server for Unix.) My Samba domain includes 2 Windows 2003 Servers (One is Windows 2003 SP1, the other is Windows 2003 R2 SP2.) The PCNL server supports Windows 2000 Servers and XP Pro clients. Last week, at least with the first server (Windows 2003 SP1) , it seemed everything was working. Users in one domain could log into servers in the other domain. I Not sure what has changed- maybe a windows update, maybe rebooting the Solaris server, maybe changing something in smb.conf and forgetting to record it.The trusts still seem valid (in fact I recreated them.) If I try to add users from the PCNL domain to the local users on a Windows 2003 Server in the samba domain, I am prompted for a password in the legacy domain (which I don't think I should be) then I get the following error: _ Select Users, Computers, or Groups : the following error occured while using the user name and password you entered. The remote procedure call failed and did not execute. _ The event log on the PCNL server shows: _ No domain controller is available for domain E2K for the following reason: There are currently no logon servers available to service the logon request. _ The log file on the samba server shows: _ # tail log.wb-PCNL_DOMAIN [2007/05/16 13:24:32, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_UNK_IF received from remote machine PCNL_PDC pipe \lsarpc fnum 0x2! [2007/05/16 13:24:32, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine PCNL_PDC pipe \samr fnum 0x4! [2007/05/16 13:24:32, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel_with_key(2524) cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ACCESS_DENIED [2007/05/16 13:24:32, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine PCNL_PDC pipe \lsarpc fnum 0x6! [2007/05/16 13:24:32, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel_with_key(2524) cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ACCESS_DENIED _ I have tried the following options in my smb.conf file, in various combinations. enable asu support = yes netbios name = THEMACHINENAME smb ports = 139 client schannel = no Winbind is configured idmap uid = 1 - 2 idmap gid = 1 - 2 winbind enum users = yes winbind enum groups = ye I also have the following set smb ports = 139 This reduced a lot of errors about "transport endpoint is not connected." As far as I can tell, PCNL only used NBT (netbios over tcp/ip) and netbios-free CIFS-over-tcp/ip. The samba machines and all windows machines are configured to use the PCNL servers for WINS servers. The wins server have dymanic entries for the Samba domain and PDC. I have also forced a replication between the WINS servers to make sure they are consistent. Any advice? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can't login to domain from Windows 2K clients
List, I'm running Samba 3.01012 on Fedora Core 2. A consultant setup the linux servers, including the one running samba. The problem is that recently some w2k users, but not all, can no longer login to our domain. They were able to login just fine before, but now can't. Yes, they were already joined to the domain. No changes were made to their user accounts. The error message that comes from the Windows login screen is "The system is unable to login you in because the domain "joeblow" is not available". One of the reasons that this is a major problem is because our user use roaming profiles. What I've done as a work around is to create a local windows account for the users. I then run "\\servername\share" from run and they're able to mount the folders they need from the server running samba. So yes, the shares are still working. We also are running ldap servers. It appears as though one of the ldap servers is the pdc? An additional problem is that when I goto My Network Places -> Entire Network -> double click on Microsoft Windows Network, I can see the domain name for the workgroup. But when I double click on it I receive the error message "YouthUpRising is not accessible. The network path was not found." Also there are some w2k computers that are still a part of the "workgroup" workgroup. I used to be able to see both the youthuprising domain and the "workgroup" workgroup when I went into my network places. But now I can no longer see the "workgroup" workgroup. I hope that my explanation is clear, at least clear than mud. I need help on this asap. The problem doesn't seem to be growing, but I need it resolved quickly. Thanks Here's a copy of a port of smb.conf. # Global parameters [global] workgroup = YOUTHUPRISING server string = Youth Uprising %h passdb backend = ldapsam:ldap://auth1.inside.youthuprising.org username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 50 smb ports = 139 445 name resolve order = wins bcast hosts printcap name = CUPS show add printer wizard = No logon script = scripts\logon.bat logon path = \\file\profiles\%U logon drive = X: domain logons = No domain master = No #wins server = xx.xx.xx.xx ldap suffix = dc=inside,dc=youthuprising,dc=org ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=inside,dc=youthuprising,dc=org # ldap port = 389 # ldap server = auth0.youthuprising.org utmp = Yes idmap backend = ldap:ldap://auth1.inside.youthuprising.org idmap uid = 1-2 idmap gid = 1-2 printing = cups printer admin = Administrator, root security = user -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as a AD domain member server with idmap backend = ldap
Hi Folks, Hopefully an easy question. I've scoured FAQs, books and documentation and managed to get the above configuration working, but only by straying from the documentation in Chapter 14, example 14.4 of the Samba HOWTO: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id369912 Can someone confirm for me that when Samba is only an Active Directory domain MEMBER server with an LDAP idmap backend, the "nsswitch.conf" must still be set with: passwd: files winbind shadow: files winbind group: files winbind as opposed to: passwd: files ldap shadow: files ldap group: files ldap since the People and Groups, structures will not actually exist in LDAP unless you are setting up for a full PDC? Thanks! -Zach. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA: Share specific log files
The share variables %P and %S don't help you?
Like this:
log file = /var/log/samba/%S.log
On 5/16/07, Srini <[EMAIL PROTECTED]> wrote:
Hi all,
We are trying to print the log messages pertaining to each share in a
different log file for auditing purposes.
We are using Samba v3.0.20b.
We are trying to modify the file
smbd/service.c::make_connection_snum() function by changing the log
file full path. The code changes that is done are as follows:
char logfilefullpath[70];
char sharename[256];
safe_strcpy_fn (__FILE__, __LINE__ ,logfilefullpath,
"/log/sharenet/", sizeof ("/log/sharenet/"));
safe_strcat_fn
(__FILE__,__LINE__,logfilefullpath,lp_servicename(snum),
sizeof("/log/sharenet/")+sizeof(lp_servicename(snum)));
safe_strcat_fn (__FILE__,__LINE__,logfilefullpath,".log",
sizeof("/log/sharenet/")+sizeof(lp_servicename(snum))+sizeof(".log"));
safe_strcpy_fn
(__FILE__,__LINE__,sharename,lp_servicename(snum),
sizeof("/log/sharenet/")+sizeof(lp_servicename(snum)));
lp_set_logfile(logfilefullpath);
safe_strcpy_fn
(__FILE__,__LINE__,debugf,logfilefullpath,sizeof(logfilefullpath));
if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
dbgtext( "%s (%s) ", get_remote_machine_name(),
conn->client_address );
dbgtext( "%s", srv_is_signing_active() ? "signed " : "");
dbgtext( "connect to service %s ", lp_servicename(snum) );
dbgtext( "initially as user %s ", user );
dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
dbgtext( "(pid %d)\n", (int)sys_getpid() );
}
We have done a similar code snipped in the relevant portion of the
code in open_file part of Samba as well. However we find that the log
file randomly gets written to the default log file (log file= variable
in smb.conf) or sometimes to the share specific log file (that we have
attempted above). It looks like that this was a buffering problem and
so we tried to put in dbgflush() routine as well after calling
dbgtext() macro. Still with no success...
Has anyone tried to modify the source code to generate share specific
log trails - either by modifying the source code or without? If so,
can the experts guide us on this?
Thanks in advance for all your inputs and help,
Srini
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
***
Cleber P. de Souza
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] vampire, cannot create workstation account
hi, im trying to migrate from a w 2003 to samba 3, the ones comes with debian etch. im following the info from the samba.org, i set the smb.conf as ROLE BDC setting: security = user domain logon =yes preferred master=no like is described in the documentation. i can do, #net rpc join -W domain -U Administrator but when trying: net rpc vampire -S W2k3server -W domain -U Administrator this error show: cannot create workstation account. im forgetting to make some change?? PLEASE HELP Danilo Moretto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot join Win XP SP2 client to domain
Are you really using that LDAP servers? The error is mostly related to LDAP
more than Samba... perhaps ACL problems.
Yes I am. I have an LDAP server on the PDC (which is localhost) and a
slave on the BDC (which is "myserver"). It all works fine.
As far as the issue I was having regarding adding a machine to the
domain, I have solved it. Here's what I did:
I create an LDIF file with the following content:
dn: cn=NextFreeUnixId,dc=mydomain,dc=com
objectClass: inetOrgPerson
objectClass: sambaUnixIdPool
uidNumber: 1160 #(/set these numbers above your highest user and
group ID's/)
gidNumber: 1160
cn: NextFreeUnixId
sn: NextFreeUnixId
Now run:
/ldapadd -x -D "cn=Manager,dc=mydomain,dc=com" -w -f
filename.ldif/
Then go into smbldap-tools/smbldap.conf and add the following:
/sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"/
After that I am able to add a machine to the domain from within the
windows client. See
http://sourceforge.net/docman/display_doc.php?docid=33543&group_id=166108
for more information on using and configuring the IdealX scripts.
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.
www.glastender.com
-BEGIN GEEK CODE BLOCK-
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
r+++ y+++
--END GEEK CODE BLOCK--
Asier Baranguán wrote:
El Martes, 15 de Mayo de 2007 21:42, Jason Baker escribió:
[global]
unix charset = LOCALE
workgroup = mydomain
netbios name = myserver
server string = Domain Controller running %v
interfaces = eth1, lo
bind interfaces only = yes
os level = 255
preferred master = yes
local master = yes
domain master = yes
security = user
time server = yes
username map = /etc/samba/smbusers
wins support = yes
encrypt passwords = yes
pam password change = yes
name resolve order = wins bcast hosts
winbind nested groups = no
passdb backend = ldapsam:"ldap://127.0.0.1 ldap://myserver";
Are you really using that LDAP servers? The error is mostly related to LDAP
more than Samba... perhaps ACL problems.
add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
It's not related to this error, but if your users are going to be Windows
users you shuld add an '-a' here
add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
And perhaps here, to make the group mappings automatically
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba3 FreeBSD pdc
On Tue, May 15, 2007 at 09:54:51AM -0400, Dave wrote: > Hello, >Most of the docs i've seen for implementing samba3 as a pdc are for > Linux. And for a most part they work with FreeBSD. I've not got the box > production yet, i have several questions and was wondering if anyone used > samba3 on fbsd as a pdc? If so i'd appreciate hearing from you. I want to > set up single sign-on authentication, and password changing with the fbsd > system. So that a user can ssh in to the box change the password it's > reflected everywhere or the user does it from windows. I am not getting the > passwd chat string right. And some of the scripts add machine to group, > scripts i haven't been able to get them working with fbsd, this is version > 6.2 btw, i don't think i'm going to have the issue of not being able to add > a $ in the username. we use samba3 + openldap as pdc + bdc on freebsd 6.2 succesfully. smbpasswd change unix and windows password simultaneously. /swp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba and failover (drbd + heartbeat)
Ralf Gross schrieb: > > I've setup two server A + B (debian etch) with drbd + heartbeat in > active/passive mode. If the primary server A fails, the shared > storage is mounted on B, the virtual ip A-vip moves to the new primary > B and samba is started by heartbeat. This works well, but I'm not sure > which samba files should be identical on both server. Both have a > dedicated machine account at the moment. > > primary: A, 192.168.0.50 (active) > secondary: B, 192.168.0.60 (passive) > cluster/failover: A-vip, 192.168.0.70 (dns name and ip that the > client use to access the > shares) > > Should I just kick all samba files on B and sync them with the files > of the primary server A (maybe rsync or inotify, I don't use > drbdlinks)? > > I *think* this would be the necessary directories: > > /etc/samba > /var/cache/samba > /var/lib/samba > /var/log/samba > /var/run/samba > /var/spool/samba Ok, nobody is complaining, so guess it's the right way ;) Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Vista Sync and Samba Problem
Dear All, I use Vista sync tool for synchronization Vista between samba-3.0.10 on RHEL AS4. There is some problem on files to copy samba home sharing. But if target directory is being Windows sharing does not happen the below problem. Vista error screen says below messages; These items are in conflict and did not sync ~wrd.tmp A file was deleted on this computer and changed on the server while this computer was offline. New Text Document A file changed on this computer while offline has been deleted or renamed on the server. Is there any resolution this problem? Regards, -- Umut ARUS System Specialist -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Hidden folder when using Windows client
No I don't have any hidden file options set. Just the defaults. (Only set options, then all options from testparm) [EMAIL PROTECTED] echo | testparm 2> /dev/null | grep -i hide [EMAIL PROTECTED] echo | testparm -v 2> /dev/null | grep -i hide hide dot files = Yes hide special files = No hide unreadable = No hide unwriteable files = No hide files = Thanks, Mike On Wed, 16 May 2007, Jens Schmidt wrote: Hello Mike, are you sure, that you didnt set "hide unreadable = yes"? I think i have the same problem, if youre using this option. Jens Mike Fleetwood wrote: Hi, We have folder PDL012 which behaves as though it is hidden for Windows clients only, not Linux clients, in 1 folder on 1 samba server only. Tried increasing the debugging level but didn't quite understand the ouput. The folder PDL012 does not appear in the logging when connecting from Windows client. Nothing related to hiding files is set in smb.conf, therefore defaults to off. Samba version - 3.0.20 Platform - AIX 5.2 Can anybody offer any suggestions as to why, and how to resolve? Thanks, Mike -- __ __ _ _ ___ ____ ___ _ ___ ____ | \/ (_| | _ / _ \ | ___| | / _ \/ _ \| |_ _ _ _/ \/ \ _| | | |\/| | | |/ | ___| | _| | |_| __| ___| __| \/ \/| O | O / _ | |_| |_|_|_|\_\\___| |_| |\___|\___||\_/^\_/\___/\___/\___| -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can new ACL entries be inherited to existing subdirectories.
Andrew Watkins schrieb: > > But, adding a new permission on the security tab to a folder does not > alter the EXISTING files/sub-folders like it does on a real windows > network drive. > > I am running Samba 3.0.24/25 on Solaris 10/9 machines and here are my > current settings: > > acl compatibility = auto > acl check permissions = Yes > acl group control = No > acl map full control = Yes > force unknown acl user = No > inherit permissions = No > inherit acls = No > inherit owner = No > nt acl support = Yes > profile acls = No > map acl inherit = No With 'inherit permissions = yes' it's working for me on linux. dos filemode = yes inherit permissions = yes store dos attributes = yes map archive = no map hidden = no map system = no map readonly = no ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Hidden folder when using Windows client
Hi, We have folder PDL012 which behaves as though it is hidden for Windows clients only, not Linux clients, in 1 folder on 1 samba server only. Tried increasing the debugging level but didn't quite understand the ouput. The folder PDL012 does not appear in the logging when connecting from Windows client. Nothing related to hiding files is set in smb.conf, therefore defaults to off. Samba version - 3.0.20 Platform - AIX 5.2 Can anybody offer any suggestions as to why, and how to resolve? Thanks, Mike -- __ __ _ _ ___ ____ ___ _ ___ ____ | \/ (_| | _ / _ \ | ___| | / _ \/ _ \| |_ _ _ _/ \/ \ _| | | |\/| | | |/ | ___| | _| | |_| __| ___| __| \/ \/| O | O / _ | |_| |_|_|_|\_\\___| |_| |\___|\___||\_/^\_/\___/\___/\___| -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can new ACL entries be inherited to existing subdirectories.
Hello, My samba drive works well on my XP machines and ACLs work fine as well. XP users can add new user permissions to files and folders and they are inherited for all NEW files and folders created in the future. But, adding a new permission on the security tab to a folder does not alter the EXISTING files/sub-folders like it does on a real windows network drive. I am running Samba 3.0.24/25 on Solaris 10/9 machines and here are my current settings: acl compatibility = auto acl check permissions = Yes acl group control = No acl map full control = Yes force unknown acl user = No inherit permissions = No inherit acls = No inherit owner = No nt acl support = Yes profile acls = No map acl inherit = No Thanks Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] strange winbind connection
Hello, One of our admins called me some time ago and told me, that my samba server (server-A) is connecting his server (server-B), although it shouldn't. Authentication of my samba shares is working via winbind, configured to use "server-DC1" : winbind separator = / winbind uid = 1-2 winbind gid = 1-2 winbind enum users = yes winbind enum groups = yes winbind use default domain = Yes security = domain password server = server-dc1 netstat -tpa displayed this: tcp 0 0 server-A:44539 server-B.:microsoft-ds VERBUNDEN 27631/winbindd After a restart of winbindd and samba, the connectin was gone but appeared again shortly after the restart. Now I would really like to know, why this connection is made if I explicitly tell winbind to use only server-DC1 ??? Unfortunately I am not experienced with samba and authentification in a windows domain, so I would need your help... Many thanks, Markus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] printing from dos works...not from smbclient
Hi We have a newly started server(Sun-Fire-T200) running samba. From one day to another samba printing just stopped working. We have found out following: When forwarding printing to another server through printers.conf it works. When printing from dos through the command: echo ^MHello^L > \\servername\printer it also works. When right clicking on the printer choosing "Print test print" it does not work. When using smbclient to print from the server it also works. Whenever we create a printer with the original name it just dosn't work. Any idears? Jorgen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Centos4 x86_64 upgrade from samba sernet 3.0.24 to sernet 3.0.25
Hi. I have problems, when upgraded from samba sernet 3.0.24 to 3.0.25 (too early ?): 1) always must change password, when log in to windows XP professonall - samba 3.0.25 PDC - password expired 2) I can't browse widnows network on client machine - network broswer in WinXP don't respond - just hangs 3) I cann't priny any more to printers attached to another widnows machines connected to samba 3.0.25 PDC What is going on ? it's production system, probably i will switch to 3.0.24 again. Bye Irens -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Chinese lanuage problem
DR. Lee - NS1 wrote: (a) export LANG=zh_CN.GB2312 ... (b) export LANG=zh_TW.BIG5 or LANG=en_GB.ISO-8859.1 Are there any Chinese locales that use UTF-8 (i.e. Unicode mapped to 8-bit characters) instead of these special encodings? To be compatible with the Windows world, samba speaks Unicode "on the wire". For a lossless mapping of Windows filenames (just throw in some Cyrillic or some Western European characters...) UTF-8 is pretty much the only option. Regards -- Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem accessing SWAT with Firefox
Hi Wolfgang, Firefox and IE both have exactly the same proxy configuration. Regards Mike - Original Message - From: Wolfgang Ratzka <[EMAIL PROTECTED]> To: Mike Stewart <[EMAIL PROTECTED]> Cc: samba@lists.samba.org Sent: 16 May 2007 09:01:34 o'clock GMT Europe/London Subject: Re: [Samba] Problem accessing SWAT with Firefox Mike Stewart wrote: > Thing is that nothing had been altered on the Samba servers, just my > PC, so I can't understand why I can't connect now when it all worked > OK before :-( It does work OK with Internet Explorer so I don't see > that I need to change my hosts files. Are you sure that your Firefox does not have a proxy configured that your IE hasn't (or vice versa)? Regards -- Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem accessing SWAT with Firefox
Mike Stewart wrote: Thing is that nothing had been altered on the Samba servers, just my PC, so I can't understand why I can't connect now when it all worked OK before :-( It does work OK with Internet Explorer so I don't see that I need to change my hosts files. Are you sure that your Firefox does not have a proxy configured that your IE hasn't (or vice versa)? Regards -- Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem accessing SWAT with Firefox
Thanks Andras, Thing is that nothing had been altered on the Samba servers, just my PC, so I can't understand why I can't connect now when it all worked OK before :-( It does work OK with Internet Explorer so I don't see that I need to change my hosts files. Mike - Original Message - From: Andras S. Haramasz <[EMAIL PROTECTED]> To: Mike Stewart <[EMAIL PROTECTED]> Sent: 15 May 2007 17:23:42 o'clock GMT Europe/London Subject: RE: [Samba] Problem accessing SWAT with Firefox You are running TCP wrapper (samba was compiled with TCP wrapper). It is a daemon to monitor requests and allow/deny services based upon configuration. Files are /etc/hosts.allow, /etc/hosts.deny. You might want to put a line like swap: ALL, or swap: 192.168.1.0/255.255.255.0 provided that you local network is 192.168.1.0. Also, you can allow all services from local network, that is ALL: 192.168.1.0/255.255.255.0. Learn more: man hosts.allow, man tcpd, etc. Hope this helps. Regards -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mike Stewart Sent: Tuesday, May 15, 2007 11:29 AM To: samba@lists.samba.org Subject: [Samba] Problem accessing SWAT with Firefox Hi, not sure if I'm posting in the right place but couldn't find a SWAT forum. I've just changed my PC but the new one has exactly the same settings (IP, computername, login, password) as the old one, however I am getting an error when I try to access any of my Samba servers from Firefox (2.0.0.3) :- " 400 Server ErrorSamba is configured to deny access from this client Check your "hosts allow" and "hosts deny" options in smb.conf" Not sure what's gone wrong, it worked perfectly OK on the old PC, I'm using bookmarks imported to FF from the old PC. I _can_ access all the servers using IE6 ! Any ideas ? TIA Mike - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
