Re: [Samba] missing packaging/Fedora/makerpms.sh
Mark Nienberg wrote: I downloaded the tar.gz file for 3.0.27a and I noticed there is not a Fedora directory inside the packaging directory. I'm fairly certain there used to be one in older versions. I'm groping now to figure out how to build rpms for Fedora 4, which I know is a little old but I don't have resources to upgrade the OS now. Was it intentionally removed? Mark For my Fedora 3 and 4 machines out in the wild, I simply removed the rpms altogether and installed from source. It was a painless procedure, even including the vscan vfs objects. Symlink the config files to the /usr/local/samba/lib directory and it should work just fine. Sure makes upgrading to later versions easier. :) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to get the users ang groups on the WINDOWS 2003 ADS
Hi,As we all know that using "wbinfo -u "or "wbinfo -g " we can get users or groups of A windows 200x ADS. And How can we write a c program to get a list of users and groups and keep them in a array ? Trendy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] missing packaging/Fedora/makerpms.sh
I downloaded the tar.gz file for 3.0.27a and I noticed there is not a Fedora directory inside the packaging directory. I'm fairly certain there used to be one in older versions. I'm groping now to figure out how to build rpms for Fedora 4, which I know is a little old but I don't have resources to upgrade the OS now. Was it intentionally removed? Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shaun Marolf Sent: Wednesday, December 05, 2007 4:23 PM To: samba@lists.samba.org Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues On Wednesday 05 December 2007 05:55:25 pm Guillermo Gutierrez wrote: > Well, I tried it but no luck. Getent still won't display the AD users. > > Guillermo Gutierrez > _ > (818) 575-2017 > (818) 324-0871 > [EMAIL PROTECTED] > > > -Original Message- > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 05, 2007 3:51 PM > To: Guillermo Gutierrez > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > Have winbindd, smbd, nmbd all been restarted? > ... just a guess since winbindd is saying it's getting requests of a > different size than expected, and I've seen that when I've restarted one > daemon, but not the other. > > You could also try clearing out your tdb cache files I know I run the > following command on FreeBSD. I'm not exactly sure what it would be on > ubuntu though > > /usr/local/samba/bin/tdbbackup -v /usr/local/samba/var/locks/*.tdb > > perhapse? >tdbbackup -v var/samba/locks/*.tdb > > > -- > Aaron > > Guillermo Gutierrez wrote: > > I don't have nscd installed > > > > Guillermo Gutierrez > > _ > > (818) 575-2017 > > (818) 324-0871 > > [EMAIL PROTECTED] > > > > > > -Original Message- > > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, December 05, 2007 3:37 PM > > To: Guillermo Gutierrez > > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > > > Did you restart nscd? > > > > Guillermo Gutierrez wrote: > >> I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the > >> getent command wont display the active directory users, but wbinfo > > > > will. > > > >> It worked fine with 3.0.26a and I have not changed my configuration. > >> > >> > >> > >> I do however have this in my winbind log: > >> > >> > >> > >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:42, 0]
RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues
Net ads testjoin reports that the join is ok. Wbinfo -u shows all of the AD users. Wbinfo -g shows all of the AD groups. Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Max León [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 4:39 PM To: Guillermo Gutierrez Cc: Aaron J. Zirbes; samba@lists.samba.org Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues What does the: net ads testjoin command outputs? Does the wbinfo -u and wbinfo -g give you any output? Guillermo Gutierrez wrote: > Well, I tried it but no luck. Getent still won't display the AD users. > > Guillermo Gutierrez > _ > (818) 575-2017 > (818) 324-0871 > [EMAIL PROTECTED] > > > -Original Message- > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 05, 2007 3:51 PM > To: Guillermo Gutierrez > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > Have winbindd, smbd, nmbd all been restarted? > ... just a guess since winbindd is saying it's getting requests of a > different size than expected, > and I've seen that when I've restarted one daemon, but not the other. > > You could also try clearing out your tdb cache files I know I run the > following command on FreeBSD. > I'm not exactly sure what it would be on ubuntu though > > /usr/local/samba/bin/tdbbackup -v /usr/local/samba/var/locks/*.tdb > > perhapse? >tdbbackup -v var/samba/locks/*.tdb > > > -- > Aaron > > Guillermo Gutierrez wrote: > >> I don't have nscd installed >> >> Guillermo Gutierrez >> _ >> (818) 575-2017 >> (818) 324-0871 >> [EMAIL PROTECTED] >> >> >> -Original Message- >> From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, December 05, 2007 3:37 PM >> To: Guillermo Gutierrez >> Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues >> >> Did you restart nscd? >> >> Guillermo Gutierrez wrote: >> >>> I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the >>> getent command wont display the active directory users, but wbinfo >>> >> will. >> >>> It worked fine with 3.0.26a and I have not changed my configuration. >>> >>> >>> >>> I do however have this in my winbind log: >>> >>> >>> >>> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >>> >>> request_len_recv: Invalid request size received: 2084 (expected >>> >> 2088) >> >>> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>> Not a user account? atype=0x3000 >>> >>> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >>> >>>
Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues
What does the: net ads testjoin command outputs? Does the wbinfo -u and wbinfo -g give you any output? Guillermo Gutierrez wrote: Well, I tried it but no luck. Getent still won't display the AD users. Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 3:51 PM To: Guillermo Gutierrez Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues Have winbindd, smbd, nmbd all been restarted? ... just a guess since winbindd is saying it's getting requests of a different size than expected, and I've seen that when I've restarted one daemon, but not the other. You could also try clearing out your tdb cache files I know I run the following command on FreeBSD. I'm not exactly sure what it would be on ubuntu though /usr/local/samba/bin/tdbbackup -v /usr/local/samba/var/locks/*.tdb perhapse? tdbbackup -v var/samba/locks/*.tdb -- Aaron Guillermo Gutierrez wrote: I don't have nscd installed Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 3:37 PM To: Guillermo Gutierrez Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues Did you restart nscd? Guillermo Gutierrez wrote: I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the getent command wont display the active directory users, but wbinfo will. It worked fine with 3.0.26a and I have not changed my configuration. I do however have this in my winbind log: [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:50:17, 1] nsswitch/winbindd.c:main(990) winbindd version 3.0.27a started. Copyright Andrew Tridgell and the Samba Team 1992-2007 [2007/12/04 13:50:17, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache() initialize_winbindd_cache: clearing cache and re-creating with version number 1 a
Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues
On Wednesday 05 December 2007 05:55:25 pm Guillermo Gutierrez wrote: > Well, I tried it but no luck. Getent still won't display the AD users. > > Guillermo Gutierrez > _ > (818) 575-2017 > (818) 324-0871 > [EMAIL PROTECTED] > > > -Original Message- > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 05, 2007 3:51 PM > To: Guillermo Gutierrez > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > Have winbindd, smbd, nmbd all been restarted? > ... just a guess since winbindd is saying it's getting requests of a > different size than expected, and I've seen that when I've restarted one > daemon, but not the other. > > You could also try clearing out your tdb cache files I know I run the > following command on FreeBSD. I'm not exactly sure what it would be on > ubuntu though > > /usr/local/samba/bin/tdbbackup -v /usr/local/samba/var/locks/*.tdb > > perhapse? >tdbbackup -v var/samba/locks/*.tdb > > > -- > Aaron > > Guillermo Gutierrez wrote: > > I don't have nscd installed > > > > Guillermo Gutierrez > > _ > > (818) 575-2017 > > (818) 324-0871 > > [EMAIL PROTECTED] > > > > > > -Original Message- > > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, December 05, 2007 3:37 PM > > To: Guillermo Gutierrez > > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > > > Did you restart nscd? > > > > Guillermo Gutierrez wrote: > >> I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the > >> getent command wont display the active directory users, but wbinfo > > > > will. > > > >> It worked fine with 3.0.26a and I have not changed my configuration. > >> > >> > >> > >> I do however have this in my winbind log: > >> > >> > >> > >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > >> > >> Not a user account? atype=0x3000 > >> > >> [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_recv: Invalid request size received: 2084 (expected > > > > 2088) > > > >> [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) > >> > >> request_len_r
RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues
Well, I tried it but no luck. Getent still won't display the AD users. Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 3:51 PM To: Guillermo Gutierrez Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues Have winbindd, smbd, nmbd all been restarted? ... just a guess since winbindd is saying it's getting requests of a different size than expected, and I've seen that when I've restarted one daemon, but not the other. You could also try clearing out your tdb cache files I know I run the following command on FreeBSD. I'm not exactly sure what it would be on ubuntu though /usr/local/samba/bin/tdbbackup -v /usr/local/samba/var/locks/*.tdb perhapse? tdbbackup -v var/samba/locks/*.tdb -- Aaron Guillermo Gutierrez wrote: > I don't have nscd installed > > Guillermo Gutierrez > _ > (818) 575-2017 > (818) 324-0871 > [EMAIL PROTECTED] > > > -Original Message- > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 05, 2007 3:37 PM > To: Guillermo Gutierrez > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > Did you restart nscd? > > Guillermo Gutierrez wrote: >> I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the >> getent command wont display the active directory users, but wbinfo > will. >> It worked fine with 3.0.26a and I have not changed my configuration. >> >> >> >> I do however have this in my winbind log: >> >> >> >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:50:17, 1] nsswitch/winbindd.c:main(990) >> >> winbindd version 3.0.27a started. >> >> Copyright Andrew Tridgell and the Samba Team 1992-2007 >> >> [2007/12/04 13:50:17, 0] >> nsswitch/winbindd_cache.c:initialize_winbindd_cache() >> >> initialize_winbindd_cache: clearing cache and re-creating with > version >> number 1 >> >> >> >> any ideas? >> >> >
RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues
I have restarted all three daemons without luck, but I will try clearing out the tdb cache as you mentioned. Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 3:51 PM To: Guillermo Gutierrez Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues Have winbindd, smbd, nmbd all been restarted? ... just a guess since winbindd is saying it's getting requests of a different size than expected, and I've seen that when I've restarted one daemon, but not the other. You could also try clearing out your tdb cache files I know I run the following command on FreeBSD. I'm not exactly sure what it would be on ubuntu though /usr/local/samba/bin/tdbbackup -v /usr/local/samba/var/locks/*.tdb perhapse? tdbbackup -v var/samba/locks/*.tdb -- Aaron Guillermo Gutierrez wrote: > I don't have nscd installed > > Guillermo Gutierrez > _ > (818) 575-2017 > (818) 324-0871 > [EMAIL PROTECTED] > > > -Original Message- > From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 05, 2007 3:37 PM > To: Guillermo Gutierrez > Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > Did you restart nscd? > > Guillermo Gutierrez wrote: >> I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the >> getent command wont display the active directory users, but wbinfo > will. >> It worked fine with 3.0.26a and I have not changed my configuration. >> >> >> >> I do however have this in my winbind log: >> >> >> >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) >> >> Not a user account? atype=0x3000 >> >> [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) >> >> request_len_recv: Invalid request size received: 2084 (expected > 2088) >> [2007/12/04 13:50:17, 1] nsswitch/winbindd.c:main(990) >> >> winbindd version 3.0.27a started. >> >> Copyright Andrew Tridgell and the Samba Team 1992-2007 >> >> [2007/12/04 13:50:17, 0] >> nsswitch/winbindd_cache.c:initialize_winbindd_cache() >> >> initialize_winbindd_cache: clearing cache and re-creating with > version >> numb
FW: [Samba] 3.0.27a, ubuntu server7.10 auth issues
Whoops, forgot to copy to the list Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Guillermo Gutierrez Sent: Wednesday, December 05, 2007 3:24 PM To: 'Max León' Subject: RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues Interesting...i didn't have the idmap setting in there previously and it still didn't work. I will try using the idmap backend. Does using winbind the way that I have it setup still work in this version? Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Max León [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 3:14 PM To: Guillermo Gutierrez Cc: samba@lists.samba.org Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues Well none of the options on your conf file seem to be wrong, however some of them might been stepping over each other toes. For instance, in my experience: You either use de the idmap backend or the idmap gid and uid and the winbind enum groups and users, due the fact that you are running the latest version of samba I recommend to use the idmap backend one. That might be what is causing the conflict. Regards, Max. Guillermo Gutierrez wrote: > I don't mean to sound whiny, but I really would like to get some help > figuring this thing out. > I am including my smb.conf as well: > > #=== Global Settings === > > [global] > ## Browsing/Identification ### >netbios name = Maximus >workgroup = MARKETSCAN >realm = MARKETSCAN.COM >server string = %h server (Samba %v, Ubuntu) >dns proxy = no >name resolve order = lmhosts host wins bcast > > Networking >interfaces = 127.0.0.0/8 eth0 >bind interfaces only = true > > Debugging/Accounting >log file = /var/log/samba/log.%m >max log size = 1000 >syslog = 0 >panic action = /usr/share/samba/panic-action %d > > ### Authentication ### >security = ADS >encrypt passwords = true >password server = * > >passdb backend = tdbsam >obey pam restrictions = yes >invalid users = root > >passwd program = /usr/bin/passwd %u >passwd chat = *Enter\snew\sUNIX\spassword:* %n\n > *Retype\snew\sUNIX\spassword:* %n\n > *passwd:*password\supdated\ssuccessfully* . > > Misc >socket options = TCP_NODELAY >domain master = no > >idmap uid = 1-2 >idmap gid = 1-2 >idmap backend = idmap_rid:MARKETSCAN=1-2 >template shell = /bin/bash >template home dir = /home/MARKETSCAN/%U >winbind enum groups = yes >winbind enum users = yes >winbind use default domain = yes > > #=== Share Definitions === > [homes] >comment = Home Directories >browseable = no >vfs object = readahead >inherit permissions = yes >nt acl support = yes >valid users = %D/%U >writable = yes >create mask = 0700 >directory mask = 0700 > > [printers] >comment = All Printers >browseable = no >path = /var/spool/samba >printable = yes >public = no >writable = no >create mode = 0700 > > [print$] >comment = Printer Drivers >path = /var/lib/samba/printers >browseable = yes >read only = yes >guest ok = no > > [public] > comment = Public Share on %h > path = /home/samba/public > writeable = yes > inherit permissions = yes > nt acl support = yes > create mask = 0775 > directory mask = 0775 > vfs object = readahead > > Guillermo Gutierrez > _ > (818) 575-2017 > (818) 324-0871 > [EMAIL PROTECTED] > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Guillermo Gutierrez > Sent: Tuesday, December 04, 2007 5:09 PM > To: samba@lists.samba.org > Subject: [Samba] 3.0.27a, ubuntu server7.10 auth issues > > I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the > getent command wont display the active directory users, but wbinfo will. > > It worked fine with 3.0.26a and I have not changed my configuration. > > > > I do however have this in my winbind log: > > > > [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_
Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues
Well none of the options on your conf file seem to be wrong, however some of them might been stepping over each other toes. For instance, in my experience: You either use de the idmap backend or the idmap gid and uid and the winbind enum groups and users, due the fact that you are running the latest version of samba I recommend to use the idmap backend one. That might be what is causing the conflict. Regards, Max. Guillermo Gutierrez wrote: I don't mean to sound whiny, but I really would like to get some help figuring this thing out. I am including my smb.conf as well: #=== Global Settings === [global] ## Browsing/Identification ### netbios name = Maximus workgroup = MARKETSCAN realm = MARKETSCAN.COM server string = %h server (Samba %v, Ubuntu) dns proxy = no name resolve order = lmhosts host wins bcast Networking interfaces = 127.0.0.0/8 eth0 bind interfaces only = true Debugging/Accounting log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d ### Authentication ### security = ADS encrypt passwords = true password server = * passdb backend = tdbsam obey pam restrictions = yes invalid users = root passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *passwd:*password\supdated\ssuccessfully* . Misc socket options = TCP_NODELAY domain master = no idmap uid = 1-2 idmap gid = 1-2 idmap backend = idmap_rid:MARKETSCAN=1-2 template shell = /bin/bash template home dir = /home/MARKETSCAN/%U winbind enum groups = yes winbind enum users = yes winbind use default domain = yes #=== Share Definitions === [homes] comment = Home Directories browseable = no vfs object = readahead inherit permissions = yes nt acl support = yes valid users = %D/%U writable = yes create mask = 0700 directory mask = 0700 [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes public = no writable = no create mode = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [public] comment = Public Share on %h path = /home/samba/public writeable = yes inherit permissions = yes nt acl support = yes create mask = 0775 directory mask = 0775 vfs object = readahead Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Guillermo Gutierrez Sent: Tuesday, December 04, 2007 5:09 PM To: samba@lists.samba.org Subject: [Samba] 3.0.27a, ubuntu server7.10 auth issues I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the getent command wont display the active directory users, but wbinfo will. It worked fine with 3.0.26a and I have not changed my configuration. I do however have this in my winbind log: [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd
RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues
I don't have nscd installed Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: Aaron J. Zirbes [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 05, 2007 3:37 PM To: Guillermo Gutierrez Subject: Re: [Samba] 3.0.27a, ubuntu server7.10 auth issues Did you restart nscd? Guillermo Gutierrez wrote: > I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the > getent command wont display the active directory users, but wbinfo will. > > It worked fine with 3.0.26a and I have not changed my configuration. > > > > I do however have this in my winbind log: > > > > [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) > > Not a user account? atype=0x3000 > > [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:49:42, 0] nsswitch/winbindd.c:request_len_recv(544) > > request_len_recv: Invalid request size received: 2084 (expected 2088) > > [2007/12/04 13:50:17, 1] nsswitch/winbindd.c:main(990) > > winbindd version 3.0.27a started. > > Copyright Andrew Tridgell and the Samba Team 1992-2007 > > [2007/12/04 13:50:17, 0] > nsswitch/winbindd_cache.c:initialize_winbindd_cache() > > initialize_winbindd_cache: clearing cache and re-creating with version > number 1 > > > > any ideas? > > > > Guillermo Gutierrez > > Network Administrator > > Market Scan Information Systems, Inc. > > ___ > > (818) 575-2017 > > (818) 324-0871 > > [EMAIL PROTECTED] > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Is Samba PDC + NT4 DOM Trust using NTLMv2 possible?
My Question: Is it possible to get 2-way Interdomain Trust relationships working between a Samba domain and an NT4 SP6a domain, while restricting all password hashes to NTLMv2 only? Everything works except the inter-domain trust I'm able to get the NT4 domain to trust the Samba domain, but not the other way around. My System: -- I have a perfectly running Samba domain w/ ~60 client WinXP workstations, and Win 2003 member servers. All machines are set to use NTLMv2 only. My Config: -- I'm running Samba Version 3.0.27a, compiled with --with-ldap --with-winbind --with-utmp --with-acl-support LDAP backend with the new: ldapsam:trusted=yes ldapsam:editposix=yes Key NTLMv2 security settings are: ntlm auth = no lanman auth = no client plaintext auth = no client lanman auth = no client ntlmv2 auth = yes client schannel = yes server schannel = yes client signing = auto server signing = auto I added an idmap config section for the trusted domain I created the "Machine" account entry in LDAP for the trusted domain. I setup the domain trust using the net command, I added access to one of my shares by adding TESTDOM\azirbes to the "valid users" parameter as I usually do, but the trusted domain still prompts for a user name and password, and the samba log dumps the following: [2007/11/09 12:55:09, 2] smbd/sesssetup.c:setup_new_vc_session(1200) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info_map(161) make_user_info_map: Mapping user [TESTDOM]\[azirbes] from workstation [nt4test] [2007/11/09 12:55:09, 5] auth/auth_util.c:is_trusted_domain(2198) is_trusted_domain: Checking for domain trust with [TESTDOM] [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info(75) attempting to make a user_info for azirbes (azirbes) [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info(85) making strings for azirbes's user_info struct [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info(117) making blobs for azirbes's user_info struct [2007/11/09 12:55:09, 3] auth/auth.c:check_ntlm_password(221) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2007/11/09 12:55:09, 3] auth/auth.c:check_ntlm_password(224) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2007/11/09 12:55:09, 6] auth/auth_sam.c:check_samstrict_security(421) check_samstrict_security: TESTDOM is not one of my local names or domain name (DC) [2007/11/09 12:55:09, 5] auth/auth.c:check_ntlm_password(273) check_ntlm_password: winbind authentication for user [azirbes] FAILED with error NT_STATUS_ACCESS_DENIED [2007/11/09 12:55:09, 2] auth/auth.c:check_ntlm_password(319) check_ntlm_password: Authentication for user [azirbes] -> [azirbes] FAILED with error NT_STATUS_ACCESS_DENIED [2007/11/09 12:55:09, 5] auth/auth_util.c:free_user_info(2045) attempting to free (and zero) a user_info structure -- Aaron -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 3.0.27a, ubuntu server7.10 auth issues
I don't mean to sound whiny, but I really would like to get some help figuring this thing out. I am including my smb.conf as well: #=== Global Settings === [global] ## Browsing/Identification ### netbios name = Maximus workgroup = MARKETSCAN realm = MARKETSCAN.COM server string = %h server (Samba %v, Ubuntu) dns proxy = no name resolve order = lmhosts host wins bcast Networking interfaces = 127.0.0.0/8 eth0 bind interfaces only = true Debugging/Accounting log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d ### Authentication ### security = ADS encrypt passwords = true password server = * passdb backend = tdbsam obey pam restrictions = yes invalid users = root passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *passwd:*password\supdated\ssuccessfully* . Misc socket options = TCP_NODELAY domain master = no idmap uid = 1-2 idmap gid = 1-2 idmap backend = idmap_rid:MARKETSCAN=1-2 template shell = /bin/bash template home dir = /home/MARKETSCAN/%U winbind enum groups = yes winbind enum users = yes winbind use default domain = yes #=== Share Definitions === [homes] comment = Home Directories browseable = no vfs object = readahead inherit permissions = yes nt acl support = yes valid users = %D/%U writable = yes create mask = 0700 directory mask = 0700 [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes public = no writable = no create mode = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [public] comment = Public Share on %h path = /home/samba/public writeable = yes inherit permissions = yes nt acl support = yes create mask = 0775 directory mask = 0775 vfs object = readahead Guillermo Gutierrez _ (818) 575-2017 (818) 324-0871 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Guillermo Gutierrez Sent: Tuesday, December 04, 2007 5:09 PM To: samba@lists.samba.org Subject: [Samba] 3.0.27a, ubuntu server7.10 auth issues I have upgraded to version 3.0.27a on ubuntu 7.10 server and now the getent command wont display the active directory users, but wbinfo will. It worked fine with 3.0.26a and I have not changed my configuration. I do however have this in my winbind log: [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:39:01, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:09, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:44:18, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:34, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:45:54, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:46:19, 0] nsswitch/winbindd.c:request_len_recv(544) request_len_recv: Invalid request size received: 2084 (expected 2088) [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x3000 [2007/12/04 13:49:35, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x30
Re: [Samba] print server and logs
Jerome Alet a écrit : On Wed, Dec 05, 2007 at 09:09:29PM +0100, Philippe Rousselot wrote: printcap name = CUPS printing = cups Keep the lines above in smb.conf but remove the following lines : print command = lpq command = %p lprm command = Then the username and hostname will be set correctly. bye Jerome Alet Hi thanks for the answer but it does not help ... Philippe -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] print server and logs
On Wed, Dec 05, 2007 at 09:09:29PM +0100, Philippe Rousselot wrote: > > printcap name = CUPS >printing = cups Keep the lines above in smb.conf but remove the following lines : > print command = > lpq command = %p > lprm command = Then the username and hostname will be set correctly. bye Jerome Alet -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] configuration variables not parsed %L %U %m
I am doing the initial setup of a samba/ldap PDC with roaming profiles. After many "Windows cannot locate the server copy of your roaming profile ...path not found " errors, I changed //%L/profiles/%U/%m to //server/profiles/%U/%m and discovered that I now have a new directory on my server with exactly the following name: /home/nt-profiles/%U/%m/ The variables %U and %m aren't being substituted out. Presumably the reason I was getting the "path not found" errors was that %L also wasn't being parsed. I am using smbd 3.0.23c Thanks for any suggestions Boldra -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] print server and logs
Hi, I have a print server on ubuntu gutsy using samba and cups. all users are able to print from the server and their name appear into the logs (i am using phpprintanalyzer) if I try to print from another pc, it prints fine but then the name of the user is nobody instead how to make sure that the name of the user will be inscribed into the log when the user is on a remote machine. thanks in advance Philippe smb.conf : [global] workgroup = ATC netbios name = SERVATC passwd chat = *New*Password* %n\n*Re-enter*new*password* %n\n *Password*changed* username map = /etc/samba/smbusers syslog = 0 name resolve order = wins bcast hosts printcap name = CUPS show add printer wizard = No add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = %a.bat logon path = domain logons = Yes os level = 75 preferred master = Yes wins support = no load printers = yes printing = cups printcap name = cups printer admin = root print command = lpq command = %p lprm command = security = user [homes] comment = Dossiers personnels valid users = %S read only = No browseable = No [printers] browseable = No printable = Yes path = /var/spool/samba comment = système d'impression public = yes printer admin = root use client driver = Yes [netlogon] comment = serveur de scripts path = /home/samba/netlogon/%U valid users = %S read only = No [print$] browseable = yes comment = drivers pour imprimantes public = yes write list = root path = /etc/samba/printers [public] comment = Acces libre path = /media/archives create mask = 0777 directory mask = 0777 read only = No guest ok = Yes [profile] comment = User profiles path = /home/samba/profiles valid users = %U create mode = 0600 directory mode = 0700 writable = yes browsable = no guest ok = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Does anyone know why sometimes a PDC appears in the Network neigborhood, and sometimes it doesn't?
The subject says it all, I think. At home I have a PDC (Linux with Samba), and I have Win98 and Win 95(!) clients. And sometimes the domain name (workgroup name) is visble in the Network neigborhood, and sometimes it is not. I also got the impression that placing a link in the file NETHOOD makes a difference, but I am not sure yet. The PDC is visible, that is, it can be PINGed, I can connect to the shares, I can even login to it, but nothing shows up in the Network Neighborhood, and if I click on the Whole network icon, I get an empty network displayed. -- J.J. Gerritse Mühlenstraße 11 D-47546 Kalkar-Wissel Duitsland +49-2824-971487 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind users not getting groups. idmap backend problem?
> [global] > workgroup = OURWORKGROUP > netbios name = hostname > server string = Linux workstation 1 > security = ADS > log file = /var/log/samba/samba.%m > max log size = 50 > local master = no > preferred master = no > idmap uid = 1-2 > idmap gid = 1-2 > winbind enum users = yes > winbind enum groups = yes > winbind use default domain = yes > template homedir = /home/%U > template shell = /bin/bash > encrypt passwords = yes > dns proxy = no > realm = REALM.COMPANY.COM > password server = servername.company.com > wins proxy = no > allow trusted domains = no > > > > i vaguely suspect that i need something like this: > > idmap backend = idmap_rid:REALM.COMPANY.COM=1-2 > > ...but if i put that in, winbind completely stops working and i can't > do anything. thoughts? Here is my Global section of our smb conf. This is running in the same envirment as yours. Our host OS is FC7 and our samba version is Version 3.0.26a-6.fc7 security = ads netbios name = hostname realm = ADDOMAIN.domain password server = ADDOMAIN.domain workgroup = ADDOMAIN idmap uid = 500-1000 idmap gid = 500-1000 winbind separator = + winbind enum users = yes winbind enum groups = yes winbind use default domain = yes preserve case=yes short preserve case=yes case sensitive=no template homedir = /home/shares/%D/%U template shell = /bin/bash client use spnego = yes domain master = no encrypt passwords = yes I'm not setting the idmap backend option and have no problems. I've also read a couple of places that the server string option needs to be set to your FQDN, mine is not though and it's still working. Also make sure you are syncing your time between your AD and your samba box. You will see a time drift issue if you aren't running vmtools and syncing to your esx server or some form of ntp. Your kerberos tickets will start expiring. -- Chris Jeter Senior IT Technician The World Company 785.312.6911 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD returns only one group for all users
> Sorry to bother you about another topic, but I've been trying to set up > Winbindd on a Solaris workstation, and the issue for me is getting > logins to work via PAM. Do you have a working pam.conf for Solaris that > includes winbindd? For all of my web searching, I could never find one > that worked right for me. It's okay to bother, but I doubt that I can be much help. Since I don't want AD users to have shell accounts on the box, I intentionally left pam.conf well alone. I do, however, have a pam.conf-winbind that, I think, came with the SFW samba. I've included it in-line, after my sig. Cheers, Nathan VanHoudnos # #ident "@(#)pam.conf-winbind 1.1 07/05/15 SMI" # # Copyright 2007 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # PAM configuration # # Unless explicitly defined, all services use the modules # defined in the "other" section. # # Modules are defined with relative pathnames, i.e., they are # relative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_cred.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient pam_rhosts_auth.so.1 rlogin auth requisite pam_authtok_get.so.1 rlogin auth required pam_dhkeys.so.1 rlogin auth required pam_unix_cred.so.1 rlogin auth required pam_unix_auth.so.1 # # Kerberized rlogin service # krlogin auth required pam_unix_cred.so.1 krlogin auth bindingpam_krb5.so.1 krlogin auth required pam_unix_auth.so.1 # # rsh service (explicit because of pam_rhost_auth, # and pam_unix_auth for meaningful pam_setcred) # rsh auth sufficient pam_rhosts_auth.so.1 rsh auth required pam_unix_cred.so.1 # # Kerberized rsh service # krshauth required pam_unix_cred.so.1 krshauth bindingpam_krb5.so.1 krshauth required pam_unix_auth.so.1 # # Kerberized telnet service # ktelnet auth required pam_unix_cred.so.1 ktelnet auth bindingpam_krb5.so.1 ktelnet auth required pam_unix_auth.so.1 # # PPP service (explicit because of pam_dial_auth) # ppp auth requisite pam_authtok_get.so.1 ppp auth required pam_dhkeys.so.1 ppp auth required pam_unix_cred.so.1 ppp auth required pam_unix_auth.so.1 ppp auth required pam_dial_auth.so.1 # # Default definitions for Authentication management # Used when service name is not explicitly mentioned for authentication # other auth requisite pam_authtok_get.so.1 other auth required pam_dhkeys.so.1 other auth required pam_unix_cred.so.1 other auth required pam_unix_auth.so.1 # # passwd command (explicit because of a different authentication module) # passwd auth required pam_passwd_auth.so.1 # # cron service (explicit because of non-usage of pam_roles.so.1) # cronaccount requiredpam_unix_account.so.1 # # Default definition for Account management # Used when service name is not explicitly mentioned for account management # other account requisite pam_roles.so.1 other account sufficient pam_unix_account.so.1 other account requiredpam_winbind.so # # Default definition for Session management # Used when service name is not explicitly mentioned for session management # other session requiredpam_unix_session.so.1 # # Default definition for Password management # Used when service name is not explicitly mentioned for password management # other password required pam_dhkeys.so.1 other password requisite pam_authtok_get.so.1 other password requisite pam_authtok_check.so.1 other password required pam_winbind.so other password required pam_authtok_store.so.1 # # Support for Kerberos V5 authentication and example configurations can # be found in the pam_krb5(5) man page under the "EXAMPLES" section. # -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot access share]
Actually what I've discovered is that the user is able to access the share and access the shared folders where its a member of it's respective group. However, I have a weird problem where 1. user logon.bat does not map shared drive to S: and 2. under the domain name/server in My Network Places there are the folders in the share as well as a subfolder called "shared". It seems somewhere ldap and samba are not syncing. Original Message Subject:Cannot access share Date: Wed, 05 Dec 2007 12:30:28 + From: Chris Boyd <[EMAIL PROTECTED]> To: samba@lists.samba.org Running openldap/samba/smbldap-tools/debian etch: The users can access their home drives and logon.bat maps but not the share. I can see the share in explorer but prompts for a password when try to access it. I had them working fine a while back. The only user that can access the share is admin. The only thing that's happened that I can think of is that a script changed the whole directory tree on the server as owned by root. I think the ownership on the share is correct though. Here's the setup: - smb.conf [netlogon] comment = Network Logon Service path = /data/samba/netlogon guest ok = yes writable = no share modes = no write list = "@MYDOMAIN\admins" [profiles] comment = Users profiles path = /home/%U/profiles ; path = / ; path = %H guest ok = no browseable = no writeable = yes ; store dos attributes = Yes create mask = 0600 directory mask = 0700 hide files = /desktop.ini/outlook*.lnk/*Briefcase*/ [shared] comment = Shared folder path = /data/Shared force group = domusers read only = no browseable = yes create mask = 0770 directory mask = 0770 valid users = @MYDOMAIN\admins,@MYDOMAIN\domusers getent passwd admin:*:0:2:Administrator:/home/admin:/bin/bash bob.newhart:x:30302:20001:Bob Newhart:/home/bob.newhart:/bin/bash -- getent group admins:*:2: domusers:*:20001: --- net groupmap list -l Domain Admins SID : S-1-5-21-1953726507-754737620-746616776-512 Unix gid : 2 Unix group: admins Group type: Domain Group Comment : Domain Guests SID : S-1-5-21-1953726507-754737620-746616776-514 Unix gid : 20002 Unix group: guests Group type: Domain Group Comment : Domain Users SID : S-1-5-21-1953726507-754737620-746616776-513 Unix gid : 20001 Unix group: domusers Group type: Domain Group Comment : it SID : S-1-5-21-1953726507-754737620-746616776-41007 Unix gid : 20003 Unix group: it Group type: Domain Group Comment : accounts SID : S-1-5-21-1953726507-754737620-746616776-41009 Unix gid : 20004 Unix group: accounts Group type: Domain Group Comment : marketing SID : S-1-5-21-1953726507-754737620-746616776-41011 Unix gid : 20005 Unix group: marketing Group type: Domain Group Comment : incprogs SID : S-1-5-21-1953726507-754737620-746616776-41013 Unix gid : 20006 Unix group: incprogs Group type: Domain Group Comment : products SID : S-1-5-21-1953726507-754737620-746616776-41015 Unix gid : 20007 Unix group: products Group type: Domain Group Comment : retail SID : S-1-5-21-1953726507-754737620-746616776-41019 Unix gid : 20009 Unix group: retail Group type: Domain Group Comment : training SID : S-1-5-21-1953726507-754737620-746616776-41021 Unix gid : 20010 Unix group: training Group type: Domain Group Comment : uas SID : S-1-5-21-1953726507-754737620-746616776-41023 Unix gid : 20011 Unix group: uas Group type: Domain Group Comment : services SID : S-1-5-21-1953726507-754737620-746616776-41025 Unix gid : 20012 Unix group: services Group type: Domain Group Comment : programmes SID : S-1-5-21-1953726507-754737620-746616776-41019 Unix gid : 20008 Unix group: programmes Group type: Domain Group Comment : ls -la /data/Shared/ total 80 drwxrwxr-x 15 root domusers4096 2007-11-29 13:44 . drwx-- 5 root domusers4096 2007-07-09 16:33 .. drwxrwx--- 51 root accounts4096 2007-06-07 13:17 accounts drwxrwx--- 5 root domusers4096 2007-06-08 11:52 email drwxrwx--- 2 root domusers4096 2007-07-16 15:56 everyone drwxrwx--- 43 root incprogs4096 2007-06-07 14:26 incprogs drwxrwx--- 33 root it 4096 2007-07-25 13:24 it drwxrwx--- 97 root marketing 12288 2007-06-07 17:36 marketing drwxrwx--- 7 root domusers4096 2007-06-07 17:39 misc drwxrwx--- 33 root products 12288 2007-06-07 17:47 products drwxrwx--- 22 root
[Samba] AD returns only one group for all users
Dear list, I'm trying to get a Thumper (Sun Fire X4500) to play nice with AD so that we can offer a nearline storage service. Since many of our users will have multiple group memberships, it's imperative that samba be able to recurse through the groups that a user is a member of to determine if they have access to a resource. What happens instead is that every user who authenticates is assigned only one group, the "UIUC+domain users" group. Example: # ls -l /export total 72 d---rwx--- 2 root UIUC+domain users 8 Dec 4 14:12 arrakis d---rwx---+ 3 UIUC+vanhoudn UIUC+wsg staff 3 Dec 3 16:49 wsg # getent group UIUC+wsg\ staff UIUC+wsg staff:x:10031:UIUC+cyliang,UIUC+vanhoudn,UIUC+cgoldsmi,UIUC+hougland,UIUC+johnshea,UIUC+jbooth,UIUC+mchesnut,UIUC+dbweber #groups UIUC+vanhoudn UIUC+domain users # getent passwd UIUC+vanhoudn UIUC+vanhoudn:*:1:10004:vanhoudn:/home/samba/UIUC/vanhoudn:/usr/bin/false So, even though UIUC+vanhoudn is listed as a member of "UIUC+wsg staff", the groups command only sees that he is a member of "UIUC+domain users". I figured that maybe this had something to do with nested groups, so I sat down with the docs. On page 256 of the Samba 3 howto, there is mention of setting this up using # net rpc group add ... However, on my setup, it returns: Could not connect to server 127.0.0.1 The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE I'm assuming that this is because I'm using AD, instead of RPC. For example: # net rpc testjoin Unable to find a suitable server Join to domain 'UIUC' is not valid # net ads testjoin Join is OK Which demonstrates that, AD is okay, and rpc is not. Perhaps I'm barking up the wrong tree about nested groups. Any pointers to documentation (or just out-and-out fixes!) would be appreciative. Version information and my smb.conf file follows after my sig, in case it is useful to you. Also, I mostly followed the howto here: http://blogs.sun.com/jurasek/entry/ads_domain_member_server1 to initially set it up. (Just in case that helps.) Cheers, Nathan VanHoudnos Kernel version: # uname -a SunOS shai-hulud.cites.uiuc.edu 5.10 Generic_127112-02 i86pc i386 i86pc Samba version: # /usr/sfw/smbd -V Version 3.0.25c /etc/sfw/smb.conf [global] realm = AD.UIUC.EDU workgroup = UIUC security = ADS use kerberos keytab = true encrypt passwords = yes server string = Samba 3.0.x ADS #Winbind configuration: winbind separator = + template homedir = /home/samba/%D/%U # Make their shell fail, just in case template shell = /usr/bin/false idmap domains = UIUC idmap config UIUC:default = yes idmap config UIUC:backend = tdb idmap config UIUC:range = 1000-20 idmap alloc backend = tdb idmap alloc config:range = 1000-20 # Stuff to get all the users via winbind winbind enum users = Yes winbind enum groups = Yes winbind nested groups = Yes idmap uid = 1000-20 idmap gid = 1000-20 # Logging log level = 5 debug level = 3 log file = /var/log/syslog/samba.log.%m [arrakis] path = "/export/arrakis" comment = "Arraken Test share" writeable = yes user = @"UIUC+domain users" vfs objects = zfsacl nfs4: mode = special [wsg] path = "/export/wsg" comment = "Only WSG should be able to access" writeable = yes valid users = @"UIUC+wsg staff" vfs objects = zfsacl nfs4: mode = special -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbtorture w/ samba 3.0.27a
Hi All, Now per my reading's to run the smbtorture test tool required in the dbench config.txt file. Is this still ture? I am using distribution samba-3.0.27a. Results from initial run: host=10.60.100.131 share=moab2 user=engsmoke/admin1 myname=rh-scale-144 Did not find a test named 1 Running NBENCH 1 clients started ERROR: You are using a dbench 1 load file Throughput 0 MB/sec NBENCH took 0.043605 secs Are these smb operation code still valid? Deltree "\clients\client1" NT_STATUS_OK Mkdir "\clients" NT_STATUS_OK NTCreateX "\clients\client1" 0x1 0x2 16385 NT_STATUS_OK Close 16385 NT_STATUS_OK NTCreateX "\clients\client1\mixfile" 0x40 0x1 9935 NT_STATUS_OBJECT_NAME_NOT_FOUND QUERY_PATH_INFORMATION "\clients\client1\~dmtmp" 1004 NT_STATUS_OBJECT_NAME_NOT_FOUND FIND_FIRST "\clients\client1\FILLER.*" 260 1366 0 NT_STATUS_NO_SUCH_FILE NTCreateX "\clients\client1\~dmtmp" 0x1 0x2 9937 NT_STATUS_OK Close 9937 NT_STATUS_OK NTCreateX "\clients\client1\filler.000" 0x40 0x2 9938 NT_STATUS_OK QUERY_FS_INFORMATION 1 NT_STATUS_OK WriteX 9938 65534 1 1 NT_STATUS_OK QUERY_FILE_INFORMATION 9938 258 NT_STATUS_OK WriteX 9938 0 65536 65536 NT_STATUS_OK WriteX 9938 65536 65536 65536 NT_STATUS_OK WriteX 9938 131072 65536 65536 NT_STATUS_OK WriteX 9938 196608 65536 65536 NT_STATUS_OK WriteX 9938 262144 65536 65536 NT_STATUS_OK WriteX 9938 327680 65536 65536 NT_STATUS_OK Or shall I rewite to try: http://timothydevans.me.uk/nbf2cifs/smb-smbcommandcode.html Thanks in advance, Carl Dubois -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot access share
Running openldap/samba/smbldap-tools/debian etch: The users can access their home drives and logon.bat maps but not the share. I can see the share in explorer but prompts for a password when try to access it. I had them working fine a while back. The only user that can access the share is admin. The only thing that's happened that I can think of is that a script changed the whole directory tree on the server as owned by root. I think the ownership on the share is correct though. Here's the setup: - smb.conf [netlogon] comment = Network Logon Service path = /data/samba/netlogon guest ok = yes writable = no share modes = no write list = "@MYDOMAIN\admins" [profiles] comment = Users profiles path = /home/%U/profiles ; path = / ; path = %H guest ok = no browseable = no writeable = yes ; store dos attributes = Yes create mask = 0600 directory mask = 0700 hide files = /desktop.ini/outlook*.lnk/*Briefcase*/ [shared] comment = Shared folder path = /data/Shared force group = domusers read only = no browseable = yes create mask = 0770 directory mask = 0770 valid users = @MYDOMAIN\admins,@MYDOMAIN\domusers getent passwd admin:*:0:2:Administrator:/home/admin:/bin/bash bob.newhart:x:30302:20001:Bob Newhart:/home/bob.newhart:/bin/bash -- getent group admins:*:2: domusers:*:20001: --- net groupmap list -l Domain Admins SID : S-1-5-21-1953726507-754737620-746616776-512 Unix gid : 2 Unix group: admins Group type: Domain Group Comment : Domain Guests SID : S-1-5-21-1953726507-754737620-746616776-514 Unix gid : 20002 Unix group: guests Group type: Domain Group Comment : Domain Users SID : S-1-5-21-1953726507-754737620-746616776-513 Unix gid : 20001 Unix group: domusers Group type: Domain Group Comment : it SID : S-1-5-21-1953726507-754737620-746616776-41007 Unix gid : 20003 Unix group: it Group type: Domain Group Comment : accounts SID : S-1-5-21-1953726507-754737620-746616776-41009 Unix gid : 20004 Unix group: accounts Group type: Domain Group Comment : marketing SID : S-1-5-21-1953726507-754737620-746616776-41011 Unix gid : 20005 Unix group: marketing Group type: Domain Group Comment : incprogs SID : S-1-5-21-1953726507-754737620-746616776-41013 Unix gid : 20006 Unix group: incprogs Group type: Domain Group Comment : products SID : S-1-5-21-1953726507-754737620-746616776-41015 Unix gid : 20007 Unix group: products Group type: Domain Group Comment : retail SID : S-1-5-21-1953726507-754737620-746616776-41019 Unix gid : 20009 Unix group: retail Group type: Domain Group Comment : training SID : S-1-5-21-1953726507-754737620-746616776-41021 Unix gid : 20010 Unix group: training Group type: Domain Group Comment : uas SID : S-1-5-21-1953726507-754737620-746616776-41023 Unix gid : 20011 Unix group: uas Group type: Domain Group Comment : services SID : S-1-5-21-1953726507-754737620-746616776-41025 Unix gid : 20012 Unix group: services Group type: Domain Group Comment : programmes SID : S-1-5-21-1953726507-754737620-746616776-41019 Unix gid : 20008 Unix group: programmes Group type: Domain Group Comment : ls -la /data/Shared/ total 80 drwxrwxr-x 15 root domusers4096 2007-11-29 13:44 . drwx-- 5 root domusers4096 2007-07-09 16:33 .. drwxrwx--- 51 root accounts4096 2007-06-07 13:17 accounts drwxrwx--- 5 root domusers4096 2007-06-08 11:52 email drwxrwx--- 2 root domusers4096 2007-07-16 15:56 everyone drwxrwx--- 43 root incprogs4096 2007-06-07 14:26 incprogs drwxrwx--- 33 root it 4096 2007-07-25 13:24 it drwxrwx--- 97 root marketing 12288 2007-06-07 17:36 marketing drwxrwx--- 7 root domusers4096 2007-06-07 17:39 misc drwxrwx--- 33 root products 12288 2007-06-07 17:47 products drwxrwx--- 22 root programmes 4096 2007-06-08 09:48 programmes drwxrwx--- 3 root retail 4096 2007-06-08 10:24 retail drwxrwx--- 3 root services4096 2007-06-08 11:38 services drwxrwx--- 14 root training4096 2007-06-08 11:41 training drwxrwx--- 63 root uas 4096 2007-06-08 11:50 uas --- # Features to permit #allow bind_v2 # Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schem
[Samba] About Samba-Vscan error messages
Hello everybody, I create samba with vscan RPM by adding vscan sources to samba sRPM and some parameters to spec file. Everything works fine. I deny access on files with errors, so users cannot upload or download virus included files. Although I have checked in the "send messages via windows messenger service" users did not recieve and error message, and as I know, this service is disabled and does not functioning. Is there any other ways&services that can send a warning message to users? Thanks for your help.. Best Wishes, Okan Bostan Istanbul Technical University System Administrator -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
