[Samba] Domain and Unix permissions
Hi all, I have a question about setting permissions on files and folders in Samba versions that differentiate between the two. Groups are mapped via net groupmap indicating that setting the UNIX group permissions on a directory will be mapped across to the relevant NT Group but how are UNIX users mapped. I ask because on my LDAP backended Samba 3.0.23c server I can access folders when the Windows XP properties box says their owned by unix user fred (Unix User/fred) when logged in to an XP box as (NTDOMAIN/fred). Are the two automatically mapped to each other via Samba/LDAP or do I have to set ACLs up using smbcacls? I've read the relevant sections in the By Example and Howto guides but would like clarification before continuing. Cheers, jools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] detailed information about Security Mask $directory security mask
Hi Friends, This is Ravikumar Newly Joined to this Group I Want the detailed information Regarding Security mask & directory Security mask With Examples I Hope one of u send the reply As early As opssible Thank & REgards, K Ravikumar. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
re : [Samba] Migrating from NT4 PDC to Windows 2003 ADS; Samba as member server
I want to do something simmlar but I don't know how - we have a Win NT 4.0 PDC and a Win NT 4.0 BDC. We got a server - I can not get Linux / Samba to work, and we may use windoze 2k3, but anyway, we have an old domain NT 4.0. Call it OLDDOMAIN . I want to start a new Domain, either Windoze 2K3 or Linux / Samba and slowly move people over. I think my problems stem from not joining the new Linux / Samba Domain properly. I want to start a new Domain on the nework, call it CORPORATE. I want to move the users over to the new domain and of course the data to that server. When I get everyone moved over, I want to shut off the OLDDOMAIN PDC. Is this a viable plan or am I barking up the wrong tree ??? We have a simple environment - under 100 PC's and we never did anyting with Active Directory. All our users are screwed up on the NT machine - when people would leave the company they would just disable the account, so we don't want to bring over these dead accounts -we want to create the good ones on the new machine.In NT if you retire a use you could never use it again, so when John Jones left the company and we retired the account, when we hired Tom Jones, we could not create another user named jones. All screwed up but I want to fix it. Jonathan Johnson wrote: Here's the situation. We've got an old NT4 domain (not a Samba domain in NT 4 mode) which we'll call CRUSTY. There is of course an NT4 PDC and several NT4 BDCs. We have some Linux/Samba file servers (Samba 3.0.1) that are member servers (security = domain) of the NT4 domain. We also have several NT4 BDCs and about 200 workstations of varying vintage (2000, XP) in several facilities around the world on a WAN. We are *migrating* to a new Active Directory 2003 domain called SHINY (I am assuming this will imply security = ADS). We don't wish to *upgrade* the NT4 domain. We would like to do the migration a little at a time rather than all at once in order to preserve our sanity. How can we establish a domain trust so that a Samba server that is joined to the CRUSTY domain will allow access for users that are authenticated against the SHINY domain? Is there a better way? (I can RTFM, but I need to know where to look.) -Jonathan Johnson Sutinen Consulting, Inc. www.sutinen.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Correct method to Join Domain ????
I am testing w/ a PC loaded w/ Centos 5 and Samba (whatever version it came with) I have not had any luck with connecting WinXP clients to it (or anything for that matter) I think my problems stem from not joining the domain correctly. What is the proper method for Win XP or WIn 2K . When I get a chance I am gonna connect a PC to my test network. To join a domain, you would need (at least for NT) Name of Domain Admin account Password for admin account A unique Network Name for the PC. And you typically (at least thru XP) right click on the Computer Icon, > Properties > Network and Join the domain or change machine name to get on. What do you do for Limux / Samba ??? You need, root account, ??? root password ??? Uniique machine name ??? Do you try to join domain is same manner or is there a config file you got to edit ??? Any help or advice is welcome. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Migrating from NT4 PDC to Windows 2003 ADS; Samba as member server
Here's the situation. We've got an old NT4 domain (not a Samba domain in NT 4 mode) which we'll call CRUSTY. There is of course an NT4 PDC and several NT4 BDCs. We have some Linux/Samba file servers (Samba 3.0.1) that are member servers (security = domain) of the NT4 domain. We also have several NT4 BDCs and about 200 workstations of varying vintage (2000, XP) in several facilities around the world on a WAN. We are *migrating* to a new Active Directory 2003 domain called SHINY (I am assuming this will imply security = ADS). We don't wish to *upgrade* the NT4 domain. We would like to do the migration a little at a time rather than all at once in order to preserve our sanity. How can we establish a domain trust so that a Samba server that is joined to the CRUSTY domain will allow access for users that are authenticated against the SHINY domain? Is there a better way? (I can RTFM, but I need to know where to look.) -Jonathan Johnson Sutinen Consulting, Inc. www.sutinen.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LAN and public IP
Hi, I am running Debian (Sid) and Samba 3. My computer which intends to be only a SMB client is on a LAN (192.168.2.0/24) We have a gateway to internet and it's public IP address is 81.56.120.7. When I launch smbtree in order to "scan" existing SMB shares over the _LAN_ : [EMAIL PROTECTED]:~$ smbtree Password: MAINET \\SOPHIE SOPHIE timeout connecting to 81.56.120.7:445 timeout connecting to 81.56.120.7:139 Error connecting to 81.56.120.7 (Operation already in progress) cli_start_connection: failed to connect to SOPHIE<20> (81.56.120.7) \\PROPRI-EF83076E timeout connecting to 81.56.120.7:445 timeout connecting to 81.56.120.7:139 Error connecting to 81.56.120.7 (Operation already in progress) cli_start_connection: failed to connect to PROPRI-EF83076E<20> (81.56.120.7) \\PROMETHEE timeout connecting to 81.56.120.7:445 timeout connecting to 81.56.120.7:139 Error connecting to 81.56.120.7 (Operation already in progress) cli_start_connection: failed to connect to PROMETHEE<20> (81.56.120.7) Yep, my computer, on the LAN goes out and then tries to connect to the piblic IP of our gateway! When I FTP or SSH any LAN computer, there's no outgoing route. A traceroute to a LAN IP address directly brings to the target computer. my routing tables "route" shows 192.168.2.x are not routed to the gateway. What couls be the problem? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Join Linux client to Samba PDC domain
> Now I want the same thing in a different environment > CentOS Samba PDC in domain mode and LDAP > Windows XP and Vista clients joined to the Samba domain > Linux File Server (which I don't know how to configure) > So I want all the Windows clients to be able to access the shares on > my LInux File Server but I want my CentOS Samba PDC to handle the > authentication with Singel-Sign-On style. > > How would I configure my Linux Files server? security = domain, > server, or? > > Thanks, > Henrik Hi Henrik, I just did a similar thing setting up an AIX file server with a Linux-based Samba PDC. I'm pretty sure you want to set the Linux file server up as a domain member server: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html You're right on with security=domain. Then you just have to add the LDAP admin stuff to the samba config and secrets database (i.e. smbpasswd -w [LDAP admin passwd goes here], net rpc getsid [domain name here], net rpc join -Uroot%[password goes here]) and a few other config steps outlined in the link I put above... Hopefully that gets you started int he right direction. -Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Performance tweaking for lots of files
On Thu, Jun 07, 2007 at 11:41:07AM +0200, Jeroen Akershoek wrote: > > First, this assumes all the same case (upper or lower), which isn't, > well, the case. So that's what you've got to fix to make it go fast. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] urgent: winbind doesn't see groups from samba pdc+ldap
Hallo! after migrating the pdc from nt to samba+ldap my member fileserver doesn't see the groups anymore. I set it up with nss as shown in: http://samba.org/samba/docs/man/Samba-Guide/unixclients.html#ch9-sdmnss getent passwd + group show all user and groups correctly wbinfo -u shows all users correctly, but wbinfo -g show only 2 builtin accounts. I tried without nss only with winbind before in the hope I had not to reset all permissions but it was exacty the same. Machine is debian/etch samba 3.0.24 Please let me know if I should send more infos. I'm very greateful for any hints. thanks angela here my smb.conf [global] # Server Definition server string = %h (%v) domain logons = no domain master = no local master = no preferred master = no timeserver = no # Domaenen Zugehoerigkeit workgroup = AAG security = domain password server = 192.168.100.72 # Namensaufloesung name resolve order = host wins bcast # Erlaubte Authentifizierungsprotokolle map archive = yes map hidden = no map readonly = yes map system = no map to guest = never delete readonly = yes preserve case = yes # Nach 15 Min. Inaktivität trennenlog file = /var/log/samba/%m.log log level = 10 syslog = 1 panic action = /usr/share/samba/panic-action %d # Wann werden DAten auf die Platten geschrieben? strict sync = yes sync always = yes use sendfile = yes # Auf mdbs keine Oplocks setzen veto oplock files = /*.mdb/ # OpenOffice hat Problem beim Speichern, es liegt aber nicht an den Oplocks! oplocks = yes level2 oplocks = yes # Winbind - fÃr Authentifizierung Ãber einen anderen Server #winbind cache time = 300 #winbind enum groups = yes #winbind enum users = yes #winbind uid = 1-2 #winbind gid = 1-2 ldap admin dn = cn=admin,dc=aag ldap suffix = dc=aag ldap group suffix = ou=groups ldap user suffix = ou=users ldap machine suffix = ou=computers ldap idmap suffix = ou=idmap idmap backend = ldap:ldap://erde.aag idmap uid = 1-2 idmap gid = 1-2 winbind trusted domains only = yes deadtime = 15 keepalive = 0 ... shares /etc/ldap/ldap.conf BASEdc=aag URI ldap://erde.aag:389 ldap://mond.aag:389 nss_base_passwd ou=users,dc=aag?one nss_base_passwd ou=computers,dc=aag?one nss_base_shadow ou=users,dc=aag?one nss_base_group ou=groups,dc=aag?one TLS_CACERT /etc/ldap/certs/cacert.pem TLS_CERT/etc/ldap/certs/memberserver_cert.pem TLS_KEY /etc/ldap/certs/memberserver_key.pem TLS_CHECKPEER yes SSL start_tls TLS_REQCERT allow It make no difference if I activate TLS or not. ** /etc/nsswitch.conf ** passwd: files ldap winbind group: files ldap winbind shadow: files ldap winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] installp errors
I am trying to install Samba 3-0.1.0 on an AIX 5.2 box. I am getting the errors The name freeware is not a know user for file xx and A value must be specified for owner for entry x. This is occurring on all files that are trying to load. Any ideas? Thanks, H. Wayne Efurd Unix System Administrator Gregg County, Texas 101 E. Methvin Suite 101 Longview, Texas 75601 Phone: 903-236-8436 Fax: 903-758-1148 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] _net_auth2: creds_server_check failed
Hi, I am using samba-3.0.24,1 on FreeBSD 5.2.1-RELEASE-p5. After sudden crash of the server, I get the following error after reboot: [2007/06/04 06:00:19, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(478) _net_auth2: creds_server_check failed. Rejecting auth request from client IMPORT-PC machine account IMPORT-PC$ [2007/06/04 06:00:19, 2] passdb/pdb_ldap.c:init_sam_from_ldap(541) init_sam_from_ldap: Entry found for user: import-pc$ The only solution I found out is to remove the account from the LDAP database and add it again. For cca 100 clients it is tiresome and long-lasting solution. Is there another possibility to recover from the crash? (I didn't find any solution on the net.) Any advice appreciated. Thanks in advance. Regards, lk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Why can not backup in Samba3.0.25?
Dear all: How do you do?I am now using the Samba3.0.25 as the file server.When I backup files from the Vista and Win2003 to the Samba Server.(Notice:I use the backup function of the Windows itself,not just copy files commonly.)It can not proceed!But it is sucessful when in WinXP. Why ?Please help me. Many thanks to you. yours Jian Liang -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba4Wins
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > Hello, >I have two servers with SAMBA 3.0.24-30 (PDC and BDC) and OpenLdap > (MASTER and SLAVE) and now I want to remove the wins servers (in Windows NT) > and put samba4wins in the PDC and other samba4wins in the BDC replicating, > but I dont know how to do a correct configuration for samba4wins, and i > Don't find a good howto or tutorial or documentation to do that. > >Somebody has a working configuration or procedure for samba4wins > replicating between two or but servants??. This is very imporant for me > because this are the las servers with Windows and I want to clear of my > network ;-). Hi Maximiliano, take a look at http://ftp.sernet.de/pub/samba4wins/ and read http://ftp.sernet.de/pub/samba4wins/samba4wins-1.0.6-HOWTO.txt If you still have problems then just ask and cc: [EMAIL PROTECTED] metze -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGZnjpm70gjA5TCD8RAnggAJ9/v9Fo7DLDMDu25tNZLpsY4vv1xACgoCQl wHVW4dOL7y6sPu6VyD+QAqc= =UutS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] AD Integrated authentication
Hi all, thanks for your responses. It's now over a week later and i've re-installed to make sure it's not a RedHat magical if-you-don't-install-it-at-install-time-you-don't-get-the-right-config-files-setup issue. It's still not working, but i've found a new wall to bang my head against and its name is Kerberos. i may be back :) m. -Original Message- From: mikee [mailto:[EMAIL PROTECTED] Sent: Wednesday, 6 June 2007 4:13 AM To: Michael Cleghorn Subject: Re: [Samba] AD Integrated authentication On Mon, 28 May 2007, Michael Cleghorn might have said: > > Hello list, > > i'm going to try very hard not to rant here, but i've been trying to get > Samba working for 3 days, and it's just not happening. Let me start from the > beginning. i'm just a lowly Windows admin but i've been doing this for 10 > years, so i'm pretty sure i know what i'm doing (present situation excepted, > clearly). i've got RedHat AS4 and a primarily Windows 2000 domain. i want > to be able to transparently browse to the shares on the RH server from a > Windows client without having to authenticate again, which is exactly what > the AD integrated authentication is for, right? > > If i do "wbinfo -u" i get a list of AD objects, but without the AD domain > name prepended which is my first clue that something isn't right. If i do > "wbinfo -a username%password" both plaintext and challenge response > authentication work. If i do "getent passwd" i get only local usernames. > Same for "getent group" except i get local groups, obviously. From > everything i've read in the man pages and god only know how many online > troubleshooting and/or help docs, this just doesn't happen. Everything that > mentions using wbinfo and getent for testing just says "and you can try this > and oh, look it works". i'm paraphrasing slightly. > > i have joined the RH server to the domain. i can get a Kerberos ticket > issued if i want one. i have been through smb.conf, nsswitch.conf and > /etc/pam.d so often, i no longer remember what my originals looked like. i'm > happy to post excerpts from any or all of these of they will help (i'm not > going to do it now in case 1 - it's an easy fix, in which case i'm not sure > if i'll laugh or cry and 2 - to keep things relatively short). The logs have > been less than ideally helpful since i already know that authentication isn't > working... somewhere. > > Can someone help? Please? I authenticate my users with OpenLDAP on my Fedora Core box. The FC box uses samba and samba does authenticate the remote share access. Below is a snippet of my current configuration. Mike [global] security = USER client plaintext auth = Yes client lanman auth = Yes encrypt passwords = Yes lanman auth = No ntlm auth = Yes password level = 0 guest account = nobody admin users = hosts allow = .pointwise.com, 10.1.2., 10.1.3., 192.168.100. cups options = raw wins support = yes name resolve order = wins lmhosts host bcast dns proxy = no usershare allow guests = yes time server = yes workgroup = netbios aliases = loghost, mailhost, backuphost, ldaphost server string = Samba Server (%h) logon drive = L: logon home = \\%N\%U logon path = \\%N\%U\profile logon script = /etc/samba/login.bat ldap delete dn = Yes ldap suffix = dc=pointwise,dc=com ldap admin dn = cn=manager,dc=pointwise,dc=com ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=machines ldap ssl = off ldapsam:trusted = Yes ldap timeout = 15 utmp directory = /var/run wtmp directory = /var/log utmp = Yes password server = ldaphost.pointwise.com passdb backend = ldapsam:ldap://ldaphost.pointwise.com ldap passwd sync = Yes #unix password sync = Yes #passwd program = /usr/sbin/smbldap-passwd %u #passwd chat = "Changing * password*for*\nNew password*" %n\n "*Retype new password*" %n\n" #passwd chat debug = Yes os level = 66 preferred master = Yes local master = Yes domain master = Yes domain logons = Yes allow trusted domains = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: What makes excel file opening so slow??
First of all, sorry for my english... What type of VPN are you using? Your VPN have a compress option? In Openvpn you can enable the LZO compression if your VPN Gateways have a decent processor, it could help. About changing the path of the temporary files, that's impossible, its harcoded in the application (confirmed from microsoft) On 6/7/07, Chan Jason <[EMAIL PROTECTED]> wrote: Hi Adam, Actually we are really having 4M/4M, because other traffic gets very well. I tried with download file via HTTP and it did gave us such a result. (Or I download files from that network, the performance is also satisfying.) I think the main problem is the way that Excel file being opened, not Samba. If this is a Samba problem, I'm sure that I will encouter this problem in my local LAN too! But if anyone knows the ways to improve the situation, I will be glad to hear. =) Currently everyone agree the problem is latency, as another user in the list suggest that we should have temp. file on local, not on the share, but I cannot figure out the way to do that! Thanks for your help! Yours sincerely, Jason Chan >From: Adam Tauno Williams <[EMAIL PROTECTED]> >To: samba@lists.samba.org >Date: Wed, 06 Jun 2007 13:09:27 -0400 >Subject: Re: [Samba] Re: What makes excel file opening so slow?? >> When I tried to do a throughput monitor, hey, it seems only used up >> some hundred Kbit/second of the bandwidth, however we have around >> 4Mbps for the internet access in both sides (Hong Kong and China). >> However I do agree that the latency causes so much problem. > >If you have Internet connections on both ends and are using a VPN then >you are probably screwed. If your 4Mbps is a point-to-point link there >is more you can do. But you still might be able to gain something by >adjusting the MRU/MTU/Window/etc... of your VPN connection. But the >latency on Internet links is usually pretty bad. > >And is your connection really 4Mbps both up and down stream? > >Anyway, I don't think this is a Samba issue but a basic networking >issue. > >-- >Adam Tauno Williams, Network & Systems Administrator >Consultant - http://www.whitemiceconsulting.com >Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with MacOSX and SAMBA
On 07/06/07, Dr.Peer-Joachim Koch <[EMAIL PROTECTED]> wrote: Hi, our Mac users have sometimes trouble with samba shares. Those users are not able for a certain time ( 0.5 -20 sec) to read or write to files. Some reported error messages like "read only file" or file not found. Windows users (XP) have some also slow access, but no further problems. Our file system is also used from or linux cluster (192CPU), but we are using a GFS to share the load. I'm not sure if the gfs or ldap or something else causes the delay in the file i/o. Error messages did not appear in the samba (normal) log. Any idea ? Not really. Do these problems reproduce with a local filesystem (eg. EXT3 or XFS)? If you could provide a packet trace of the OS X clients that might be helpful (maybe). -- James Peach | [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.25a closing network drive connections?
Since upgrading from 3.0.24 to 3.0.25a this past weekend, network drive connections are randomly being closed and immediately reopened. This creates "Delayed write failed" errors for Firefox and Thunderbird, various errors for Outlook with its PST files on network drives, and errors from programs like InDesign that "The network connection was lost for the file, or the file was modified by another process." I have a level 9 debug log from my computer when this happened. (I tried level 10 logs, but they ate up too much disk and rotated too fast.) Here are the relevant lines, from what I can tell: [2007/06/07 10:54:46, 3] smbd/error.c:error_packet_set(106) error packet at smbd/notify.c(115) cmd=160 (SMBnttrans) NT_STATUS_OK [2007/06/07 10:54:46, 5] lib/util.c:show_msg(484) [2007/06/07 10:54:46, 5] lib/util.c:show_msg(494) size=71 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=7 smb_pid=3292 smb_uid=101 smb_mid=62151 smt_wct=18 smb_vwv[ 0]=0 (0x0) smb_vwv[ 1]=0 (0x0) smb_vwv[ 2]=0 (0x0) smb_vwv[ 3]=0 (0x0) smb_vwv[ 4]=0 (0x0) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]=0 (0x0) smb_vwv[ 7]=0 (0x0) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]=0 (0x0) smb_vwv[10]=0 (0x0) smb_vwv[11]=0 (0x0) smb_vwv[12]=0 (0x0) smb_vwv[13]=0 (0x0) smb_vwv[14]=0 (0x0) smb_vwv[15]=0 (0x0) smb_vwv[16]=0 (0x0) smb_vwv[17]=0 (0x0) smb_bcc=0 [2007/06/07 10:54:46, 3] smbd/process.c:timeout_processing(1328) timeout_processing: End of file from client (client has disconnected). [2007/06/07 10:54:46, 5] lib/gencache.c:gencache_shutdown(94) Closing cache file [2007/06/07 10:54:46, 5] libsmb/namecache.c:namecache_shutdown(79) namecache_shutdown: netbios namecache closed successfully. [2007/06/07 10:54:46, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2007/06/07 10:54:46, 5] auth/auth_util.c:debug_nt_user_token(448) NT user token: (NULL) [2007/06/07 10:54:46, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2007/06/07 10:54:46, 5] smbd/uid.c:change_to_root_user(288) change_to_root_user: now uid=(0,0) gid=(0,0) [2007/06/07 10:54:46, 2] smbd/close.c:close_normal_file(399) josh closed file Downloads/SysInternals/psexec.exe (numopen=2) NT_STATUS_OK [2007/06/07 10:54:46, 5] smbd/files.c:file_free(451) freed files structure 11353 (2 used) [2007/06/07 10:54:46, 5] smbd/files.c:file_free(451) freed files structure 11191 (1 used) [2007/06/07 10:54:46, 5] smbd/files.c:file_free(451) freed files structure 11076 (0 used) [2007/06/07 10:54:46, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2007/06/07 10:54:46, 5] auth/auth_util.c:debug_nt_user_token(448) NT user token: (NULL) [2007/06/07 10:54:46, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2007/06/07 10:54:46, 5] smbd/uid.c:change_to_root_user(288) change_to_root_user: now uid=(0,0) gid=(0,0) [2007/06/07 10:54:46, 1] smbd/service.c:close_cnum(1230) pccomp8 (192.168.155.253) closed connection to service software At the same time when we upgraded Samba, we rearranged some servers and added a network switch. So it's possible that this problem is network related, but I don't think that it is; none of our switches are reporting any packet errors, for example. Any ideas or advice? Thanks. Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: What makes excel file opening so slow??
Hi Adam, Actually we are really having 4M/4M, because other traffic gets very well. I tried with download file via HTTP and it did gave us such a result. (Or I download files from that network, the performance is also satisfying.) I think the main problem is the way that Excel file being opened, not Samba. If this is a Samba problem, I'm sure that I will encouter this problem in my local LAN too! But if anyone knows the ways to improve the situation, I will be glad to hear. =) Currently everyone agree the problem is latency, as another user in the list suggest that we should have temp. file on local, not on the share, but I cannot figure out the way to do that! Thanks for your help! Yours sincerely, Jason Chan From: Adam Tauno Williams <[EMAIL PROTECTED]> To: samba@lists.samba.org Date: Wed, 06 Jun 2007 13:09:27 -0400 Subject: Re: [Samba] Re: What makes excel file opening so slow?? When I tried to do a throughput monitor, hey, it seems only used up some hundred Kbit/second of the bandwidth, however we have around 4Mbps for the internet access in both sides (Hong Kong and China). However I do agree that the latency causes so much problem. If you have Internet connections on both ends and are using a VPN then you are probably screwed. If your 4Mbps is a point-to-point link there is more you can do. But you still might be able to gain something by adjusting the MRU/MTU/Window/etc... of your VPN connection. But the latency on Internet links is usually pretty bad. And is your connection really 4Mbps both up and down stream? Anyway, I don't think this is a Samba issue but a basic networking issue. -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0 - slow logoff
contact_mahajan wrote: [snip] > I verifies va/log/messages on the server and every thing seems to be normal. > Please suggest me that where else I should look in order to troublehoot this > issue? What could be the other reasons for this sudden slowness. First step in network delays is to check DNS (primary is working, firewall rules haven't changed). Graham -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with MacOSX and SAMBA
Hi, our Mac users have sometimes trouble with samba shares. Those users are not able for a certain time ( 0.5 -20 sec) to read or write to files. Some reported error messages like "read only file" or file not found. Windows users (XP) have some also slow access, but no further problems. Our file system is also used from or linux cluster (192CPU), but we are using a GFS to share the load. I'm not sure if the gfs or ldap or something else causes the delay in the file i/o. Error messages did not appear in the samba (normal) log. Any idea ? File services: SLES 9 SP3; X4100 (AMD64) samba-3.0.20b-3.4 (has to be updated - i know :) Running on a GFS (Quantum Stornext) Clients : XP SP2 and all patches (few problems, slow response) Mac OSX 10.3 / 10.4 (sometimes major problems) -- Mit freundlichem Gruss Peer-Joachim Koch _ Max-Planck-Institut fuer Biogeochemie Dr. Peer-Joachim Koch Hans-Knöll Str.10Telefon: ++49 3641 57-6705 D-07745 Jena Telefax: ++49 3641 57-7705 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 - slow logoff
Hello Friends, We are using Samba 3.0 for our domain. Staff login with their roaming profiles and the profiles are not that big. Something happened yesterday and now all the clients are taking more time than normal while loggin off. I have tried rebooting the Samba server and checked all the services and also rebooted the different switches, but problem still exist. Login is fine but loggin off is slow. I verifies va/log/messages on the server and every thing seems to be normal. Please suggest me that where else I should look in order to troublehoot this issue? What could be the other reasons for this sudden slowness. Thanks in advance. Gigs -- View this message in context: http://www.nabble.com/Samba-3.0---slow-logoff-tf3883834.html#a11007858 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] root
-- View this message in context: http://www.nabble.com/root-tf3883774.html#a11007657 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Guest account access with User mode security?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mansell, Gary wrote: > If a user (who does not have a login account on the > Samba server) tries to map a guest share, the user gets > presented with a login dialog asking for a password > for the Guest account - how can I just allow access > without the user being asked for a password? Gary, Please send me a level 10 debug log from smbd with the failed login and failed guest access. Thanks. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGZ/jlIR7qMdg1EfYRAulhAJ40LsFB8YRKrTtAUtpQEa/Td1xnDACfToPB HGWbpxOjOrgJ9NhST8C9bkg= =1Waw -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows user authentication to Samba server?
Hi, My users login to their PC's with the windows domain and username and their windows login is authenticated by the Windows AD servers. They then try and map a drive from my Samba server which authenticates against it's /etc/passwd file (non encrypted passwords). Hence the users are logged into Windows as shoreham\grma when they try and map a drive on the Samba server - what username is sent for authentication - is it shoreham\grma or just grma? The reason that I ask this is that the user on the Samba server has the username grma in the password file and I am wondering if this is causing me problems. I guess in summary I am asking whether Samba tries to authenticate the username or domain\username when the Samba server uses local password files. Regards Gary Mansell - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system.Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient).Only Directors are authorised to enter into legally binding obligations on behalf of Ricardo. Ricardo may monitor outgoing and incoming e-mails and other telecommunications systems. By replying to this e-mail you give consent to such monitoring.The recipient should check e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. "Ricardo" means Ricardo plc and its subsidiary companies. Ricardo plc is a public limited company registered in England with registered number 00222915. The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Join Linux client to Samba PDC domain
Hi list, I know this is maybe an awkward question but I wonder if tis possible to join linux clients to a samba domain and if so how would I set up their smb.conf? I want to accomplish the same thing in a Samba PDC domain as in an Windows ADS domain. Today I have in one environment Windows 2003 PDC Windows XP clients Linux File Server which is joined to the domain, utilizing winbind, kerberos etc. So all clients can connect to the shares in my Linux File Server and all authentication is handled my winbind -> Windows PDC Singel-Sign- On style. Now I want the same thing in a different environment CentOS Samba PDC in domain mode and LDAP Windows XP and Vista clients joined to the Samba domain Linux File Server (which I don't know how to configure) So I want all the Windows clients to be able to access the shares on my LInux File Server but I want my CentOS Samba PDC to handle the authentication with Singel-Sign-On style. How would I configure my Linux Files server? security = domain, server, or? Thanks, Henrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Guest account access with User mode security?
I'm getting that same problem since upgrading my Debian server from Sarge to Etch. I've got the "map to guest = bad user" thing in my config, but it's like it doesn't work now. In the end, since 99.9% of the access I needed was as guest anyway, I switched those shares over to share security. Of course that breaks having the ability to have separate RO/RW access for different people. Unfortunately no one on the list could help with the actual problem, and I haven't had much time to really try and fix it. I hope you can get a solution, because I really want to know too :-) TB Mansell, Gary wrote: Hi, I have a Samba server that I have just transitioned from Samba v2 to v3 and at the same time I have changed from share mode security to user mode security. I having problems allowing guest access to some of my shares on the server. I have some shares (such as apps and cdrom etc) that I would like to allow anyone to access - even if they do not have an login account on the Samba server. This worked fine in share mode security but does not seem to work in user mode security. If a user (who does not have a login account on the Samba server) tries to map a guest share, the user gets presented with a login dialog asking for a password for the Guest account - how can I just allow access without the user being asked for a password? Here is my smb.conf including a guest only share for the cdrom. Any help gratefully received Regards Gary [global] workgroup = DFGSRV server string = dfgsrv Samba Server %v printcap name = /etc/printcap load printers = yes printing = cups cups options = raw log file = /var/log/samba/%m.log max log size = 200 security = user password level = 8 username level = 8 socket options = SO_KEEPALIVE SO_BROADCAST TCP_NODELAY IPTOS_THROUGHPUT dns proxy = no log level = 9 deadtime = 30 oplocks = false level2 oplocks = false encrypt passwords = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no map to guest = Bad User [homes] comment = Home Directories browseable = yes writable = yes create mode = 0664 directory mode = 0775 [cdrom] path = /media/cdrom writeable = no browseable = yes guest ok = yes comment = dfgsrv CDROM Drive - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system.Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient).Only Directors are authorised to enter into legally binding obligations on behalf of Ricardo. Ricardo may monitor outgoing and incoming e-mails and other telecommunications systems. By replying to this e-mail you give consent to such monitoring.The recipient should check e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. "Ricardo" means Ricardo plc and its subsidiary companies. Ricardo plc is a public limited company registered in England with registered number 00222915. The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Performance tweaking for lots of files
Jeremy Allison wrote: You're running into the classic "too many files per directory" problem with emulating case insensitivity on a POSIX filesystem. See this post for details on fixing it : http://lists.samba.org/archive/samba-technical/2005-February/039408.html It's in the main codebase now, so should apply to your situation. Hmm, not exactly I'm afraid. Should've clarified a bit more I suppose First, this assumes all the same case (upper or lower), which isn't, well, the case. Second, we've got a whole dir-structure with just a few hundred files per directory. The dir structure looks a bit like this projectname/tape###/shot###/frame###.dpx with the # being a digit 0-9, zero-padded. The files are about 8 - 12MB in size and usually between 100 and 1000 files per shot, but go up to, and sometimes beyond, 10 files in total for a copy-job to firewire disks Kind regards, Jeroen -- Jeroen Akershoek - Systems Engineer Filmmore - Entrepotdok 66, 1018AD Amsterdam tel: +31 20 5309696 fax: +31 20 5309697 Join the dark side... we have cookies! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Guest account access with User mode security?
Hi, I have a Samba server that I have just transitioned from Samba v2 to v3 and at the same time I have changed from share mode security to user mode security. I having problems allowing guest access to some of my shares on the server. I have some shares (such as apps and cdrom etc) that I would like to allow anyone to access - even if they do not have an login account on the Samba server. This worked fine in share mode security but does not seem to work in user mode security. If a user (who does not have a login account on the Samba server) tries to map a guest share, the user gets presented with a login dialog asking for a password for the Guest account - how can I just allow access without the user being asked for a password? Here is my smb.conf including a guest only share for the cdrom. Any help gratefully received Regards Gary [global] workgroup = DFGSRV server string = dfgsrv Samba Server %v printcap name = /etc/printcap load printers = yes printing = cups cups options = raw log file = /var/log/samba/%m.log max log size = 200 security = user password level = 8 username level = 8 socket options = SO_KEEPALIVE SO_BROADCAST TCP_NODELAY IPTOS_THROUGHPUT dns proxy = no log level = 9 deadtime = 30 oplocks = false level2 oplocks = false encrypt passwords = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no map to guest = Bad User [homes] comment = Home Directories browseable = yes writable = yes create mode = 0664 directory mode = 0775 [cdrom] path = /media/cdrom writeable = no browseable = yes guest ok = yes comment = dfgsrv CDROM Drive - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system.Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient).Only Directors are authorised to enter into legally binding obligations on behalf of Ricardo. Ricardo may monitor outgoing and incoming e-mails and other telecommunications systems. By replying to this e-mail you give consent to such monitoring.The recipient should check e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. "Ricardo" means Ricardo plc and its subsidiary companies. Ricardo plc is a public limited company registered in England with registered number 00222915. The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] linux to windows 2003 connectivity
Dear Sir/Madem problem in RedHat EL4 linux to windows 2003 connectivity. the error message(Error returning browse list: NT_STATUS_ACCESS_DENIED). but linux to windows xp working proper. please help me Ravi Kumar Sudal Did you know? You can CHAT without downloading messenger. Click here http://in.messenger.yahoo.com/webmessengerpromo.php -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] windows 2003 sp1 clients, security = server and use spnego
On Thu, Jun 07, 2007 at 07:27:59PM +1200, Paul Collins wrote: > > Don't use security=server, join the domain and use > > security=ads or security=domain as a fallback. > > I was afraid that might be the answer. Why? Can't you join the domain? Volker pgpYQrJNS4YYe.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] windows 2003 sp1 clients, security = server and use spnego
Volker Lendecke <[EMAIL PROTECTED]> writes: > On Thu, Jun 07, 2007 at 01:12:27PM +1200, Paul Collins wrote: >> switching to a "security = server" setup, it would not work until I >> added "use spnego = no" to smb.conf. Tests with smbclient and Windows >> XP worked regardless. I can also reproduce the problem on Solaris 10 >> with Samba 3.0.24 and Samba 3.0.21b. > > Don't use security=server, join the domain and use > security=ads or security=domain as a fallback. I was afraid that might be the answer. Thanks. -- Paul Collins Wellington, New Zealand Dag vijandelijk luchtschip de huismeester is dood -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba