Re: [Samba] SAMBA under window?

2007-12-18 Thread hce 
On Dec 19, 2007 3:00 PM, simo <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2007-12-19 at 13:24 +1100, hce wrote:
> > But what about those who can only run
> > window file system, and only simply copy or delete files from the
> > window file systm, who has no idea to intall and run window ssh, scp
> > or ftp? (please don't ask me again why I should support them.)
>
> Jim,
> a small web application will probably be easier than mounting a remote
> file system. There are extremely tiny web servers that easily support
> cgi or embedded trimmed down interpreted languages like perl or python.

> It's easier that way for most things I can think of except, perhaps,
> moving large quantities of files.

Thanks Simo, seems that is the only way to do it.

Thank you.

Kind Regards,

Jim
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA under window?

2007-12-18 Thread simo 

On Wed, 2007-12-19 at 13:24 +1100, hce wrote:
> But what about those who can only run
> window file system, and only simply copy or delete files from the
> window file systm, who has no idea to intall and run window ssh, scp
> or ftp? (please don't ask me again why I should support them.)

Jim,
a small web application will probably be easier than mounting a remote
file system. There are extremely tiny web servers that easily support
cgi or embedded trimmed down interpreted languages like perl or python.

It's easier that way for most things I can think of except, perhaps,
moving large quantities of files.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <[EMAIL PROTECTED]>
Senior Software Engineer at Red Hat Inc. <[EMAIL PROTECTED]>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] mapped drive name question

2007-12-18 Thread John H Terpstra 
On Friday 14 December 2007 02:37, L.P.H. van Belle wrote:
> Look at the values:
>
> server string = Discription of server
> netbios name = servername
>
> Change the discription of the server tot for example the servername

Sorry, that is not the right answer to the question asked.  The "server 
string" parameter will change the name of the string that gets stored in the 
Windows client registry. Once it is in the registry, the only way to change 
it is to edit the registry.

If it is necessary to change this value please launch regedt32.exe, then 
navigate to:

HIVE_KEY_CURRENT_USER\Software\Microsoft\Windows\Explorer\Computer 
Descriptions

Each machine that was found by the Computer Browser service will have an entry 
that you can edit or delete.

Cheers,
John T.

>
> thats it.
>
> Louis
>
> >-Oorspronkelijk bericht-
> >Van: [EMAIL PROTECTED]
> >[mailto:[EMAIL PROTECTED] Namens
> >Daniel Huntley
> >Verzonden: vrijdag 14 december 2007 2:04
> >Aan: samba@lists.samba.org
> >Onderwerp: [Samba] mapped drive name question
> >
> >Hi
> >
> >
> >
> >When mapping a drive to the samba server the share  name that
> >appears in
> >Windows XP for instance is:
> >
> >
> >
> >Shares on 'Samba 3.0.23c-2.el5.2.0.2 (fs1)' (T:)
> >
> >
> >
> >Anyway to remove the 'Samba and version number from the name of the
> >share so it's just plain: Shares on 'fs1 (fs1)' (T:)
> >
> >
> >
> >Thanks
> >
> >
> >D.
> >
> >--
> >To unsubscribe from this list go to the following URL and read the
> >instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA under window?

2007-12-18 Thread Curtis Maloney 

hce wrote:

Yes, you are right, there are many solutions if you are a computer
skilled people or at least can play anothing on the computers. I am a
linux user myself, I can do whatever you want to play from my linux
box, I don't even need windows. But what about those who can only run
window file system, and only simply copy or delete files from the
window file systm, who has no idea to intall and run window ssh, scp
or ftp? (please don't ask me again why I should support them.)


So, instead of developing a point-and-drool remote configuration tool, or a 
simple web configuration interface, you'd rather go the complex path of mounting 
remote file systems?


WHY WHY WHY are you so fixed on mounting file systems, instead of investigating 
other options to allow untrained users to change the configuration?  Hell, 
asking your average Windows user to edit or produce a plain text file can be 
difficult enough.


I give up... you seem hell bent on mounting remote file systems, so I'll leave 
you to figure it out.


--
Curtis Maloney
[EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Why `net join --ipaddress --server' failed to join domain but `net join --workgroup' could?

2007-12-18 Thread Clark J. Wang 
$ cat /my/smb.conf
[global]
netbios name = myname
workgroup = myworkgroup
server string = RIMA running %v
security = domain
wins server = 192.168.3.21

$ net join --configfile=/my/smb.conf --workgroup=myworkgroup
'--user=administrator%passwd'
Joined domain myworkgroup.

$ net join --configfile=/my/smb.conf
--ipaddress=192.168.3.21--server=servername
'--user=administrator%passwd'
[2007/12/18 02:51:38, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
  cli_nt_setup_creds: request challenge failed
[2007/12/18 02:51:39, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
  cli_nt_setup_creds: request challenge failed
[2007/12/18 02:51:39, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319)
  Error domain join verification (reused connection):
NT_STATUS_INVALID_COMPUTER_NAME
Unable to join domain myworkgroup.


What does NT_STATUS_INVALID_COMPUTER_NAME mean? Anything wrong?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA under window?

2007-12-18 Thread hce 
On Dec 19, 2007 12:27 PM, Curtis Maloney <[EMAIL PROTECTED]> wrote:
> hce wrote:
> > It is actually to mount a dumb linux device to a window file system,
> > just like to mount an usb stick to the window file system. Yes, if the
> > linux device (without samba on it) can be mounted by a window file
> > syste, then the window can config the linux device, modify data and
> > transfer data to it.
>
> So, your actual goal is to allow remote configuration of these Linux devices?
>
> Why must it be done via mounting them like a disk?  There are many simpler
> options that would require less code.
>
> > Please let me know if above explanation is still insufficient.
>
> You keep talking about mounting these devices... I don't see why you're so 
> hung
> up on this approach.  Why must they be treated like a disk?  Why can't you, 
> for
> instance, have them accept config updates via a simple web interface?  Or use
> dropbear and scp the files into place?  Or put a FTP server on them?
>
> Why take the very complex route of mounting a remote filesystem?

Yes, you are right, there are many solutions if you are a computer
skilled people or at least can play anothing on the computers. I am a
linux user myself, I can do whatever you want to play from my linux
box, I don't even need windows. But what about those who can only run
window file system, and only simply copy or delete files from the
window file systm, who has no idea to intall and run window ssh, scp
or ftp? (please don't ask me again why I should support them.)

My questions were:
(a) if we have some solution to install Samba to a window system or not;
(b) if there is small size of mini samba I can use to port it to a
small linux device?

Clearly (a) has been answed, (b) is still not sure.

Thank you.

Kind Regards,

Jim
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] mapped drive name question

2007-12-18 Thread Daniel Huntley 
Yes I have both server string and netbios name configured but I still
get the version number in the share name. 

Annoying.

Ta

D.

-Original Message-
From: L.P.H. van Belle [mailto:[EMAIL PROTECTED] 
Sent: Friday, 14 December 2007 7:38 PM
To: Daniel Huntley
Cc: samba@lists.samba.org
Subject: RE: [Samba] mapped drive name question

Look at the values:

server string = Discription of server
netbios name = servername

Change the discription of the server tot for example the servername

thats it.

Louis
 

>-Oorspronkelijk bericht-
>Van: [EMAIL PROTECTED] 
>[mailto:[EMAIL PROTECTED] Namens 
>Daniel Huntley
>Verzonden: vrijdag 14 december 2007 2:04
>Aan: samba@lists.samba.org
>Onderwerp: [Samba] mapped drive name question
>
>Hi
>
> 
>
>When mapping a drive to the samba server the share  name that 
>appears in
>Windows XP for instance is:
>
> 
>
>Shares on 'Samba 3.0.23c-2.el5.2.0.2 (fs1)' (T:)
>
> 
>
>Anyway to remove the 'Samba and version number from the name of the
>share so it's just plain: Shares on 'fs1 (fs1)' (T:)
>
> 
>
>Thanks
>
>
>D.
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/listinfo/samba
>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA under window?

2007-12-18 Thread Curtis Maloney 

hce wrote:

It is actually to mount a dumb linux device to a window file system,
just like to mount an usb stick to the window file system. Yes, if the
linux device (without samba on it) can be mounted by a window file
syste, then the window can config the linux device, modify data and
transfer data to it.


So, your actual goal is to allow remote configuration of these Linux devices?

Why must it be done via mounting them like a disk?  There are many simpler 
options that would require less code.



Please let me know if above explanation is still insufficient.


You keep talking about mounting these devices... I don't see why you're so hung 
up on this approach.  Why must they be treated like a disk?  Why can't you, for 
instance, have them accept config updates via a simple web interface?  Or use 
dropbear and scp the files into place?  Or put a FTP server on them?


Why take the very complex route of mounting a remote filesystem?

--
Curtis Maloney
[EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA under window?

2007-12-18 Thread hce 
On Dec 19, 2007 11:41 AM, Curtis Maloney <[EMAIL PROTECTED]> wrote:
> hce wrote:
> > Let me clarify it again.
> >
> > (a) The key point is that the linux device is too small to install a
> > large size of Samba. No question about it, if the linux device had an
> > samba, the window could mount the linux device.
> >
> > (b) The small linux device is a dumb device, it may be configured by a
> > wifi ip address, but the mount process need be start from window to
> > the linux device, not the vice versa.
> >
> > That was the original question, samba is too large to be installed to
> > a small linux device, I am looking to an alternative solution to have
> > a samba to be installed in a window machine, so the window can mount
> > to the linux device. But clearly, samba cannot be installed in window
> > system. If you have other solution, could you please explain more.
>
> Installing samba on the windows machine to give you access to the files of a
> remote machine just doesn't make sense.  It suggest a fundamental lack of
> understanding of what Samba is, and how the whole process works.
>
> However, your core issue is you want to transfer files between some server
> (which happens to be Windows) and some lightweight clients (which happen to be
> Linux).
>
> Again, without a clearer understanding of your real requirements (the WHAT, 
> not
> the HOW) it's difficult to suggest a solution.
>
> We don't know _why_ you want to mount the file systems on the Linux devices.  
> Is
> it so the server can update their config files?  Is it so they can pass data 
> to
> the server?  Is it for some other reason that would be better handled with a
> simple daemon, instead of a file system mount?

It is actually to mount a dumb linux device to a window file system,
just like to mount an usb stick to the window file system. Yes, if the
linux device (without samba on it) can be mounted by a window file
syste, then the window can config the linux device, modify data and
transfer data to it.

> You have not provided enough information about WHAT you want to do... only 
> asked
> questions about one possibility of HOW to do it.

Please let me know if above explanation is still insufficient.

Thank you.

Kind regards,

Jim
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] problems upgrading from 3.0.10 to 3.0.25b-0.4?

2007-12-18 Thread Jeff Davis 

Hoping this is an error of stupidity or ignorance on my part.

Running Centos 4.6, after the big update from 4.5.

Samba would not communicate with our samba PDC (3.0.10), kept getting  
NT_STATUS_BAD_NETWORK_NAME errors.


I will most likely update all our samba servers, but do not want to do 
it knowing that the two versions may not talk.


Here's my smb.conf, currently functional - does not work once upgraded...

# Samba config file created using SWAT
# from 10.1.1.206 (10.1.1.206)
# Date: 2006/09/08 09:24:26

# Global parameters
[global]
   unix charset = ISO8859-1
   workgroup = STANDARD
   server string = Technology Server
   interfaces = eth0, eth1, localhost
   null passwords = Yes
   password server = staff
   passdb backend = ldapsam:ldap://ldap.example.com
   client NTLMv2 auth = Yes
   client lanman auth = No
   client plaintext auth = No
   log level = 1
   log file = /var/log/samba/%m.log
   max log size = 50
   max open files = 59392
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   add user script = /usr/local/sbin/smbldap-useradd -m %u
   delete user script = /usr/local/sbin/smbldap-userdel %u
   add group script = /usr/local/sbin/smbldap-groupadd -p %g
   delete group script = /usr/local/sbin/smbldap-groupdel %g
   add user to group script = /usr/local/sbin/smbldap-groupmod -m  %u %g
   delete user from group script = /usr/local/sbin/smbldap-groupmod -x  
%u %g

   set primary group script = /usr/local/sbin/smbldap-usermod -g  %g
   add machine script = /usr/local/sbin/smbldap-useradd -w  %u
   logon script = %U.bat
   os level = 180
   lm announce = Yes
   preferred master = No
   domain master = No
   dns proxy = No
   wins server = 10.1.0.22
   ldap admin dn = cn=samba,ou=dsa,dc=example,dc=com
   ldap delete dn = Yes
   ldap group suffix = ou=Groups
   ldap machine suffix = ou=Computers
   ldap passwd sync = Yes
   ldap suffix = dc=example,dc=com
   ldap ssl = no
   ldap user suffix = ou=Users
   idmap backend = ldap:ldap://ldap.example.com
  idmap uid = 16777216-33554431
  idmap gid = 16777216-33554431
   admin users = administrator, root
   write list = administrator, root, @staff
   profile acls = Yes
   veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash 
Folder/TheFindByContentFolder/TheVolumeSettingsFolder

   veto oplock files = /*.mdb/*.ldb/*.mdw/*.dbf/*.dat/*.fpt/*.cdx/*.idx/

  security = user
  template shell = /bin/false
  winbind use default domain = no
   msdfs proxy = no

[homes]
   comment = Home Directories
   valid users = %U
   read only = No
   create mask = 0700
   force create mode = 0700
   security mask = 00
   force security mode = 0700
   directory mask = 0700
   force directory mode = 0700
   directory security mask = 00
   browseable = No

[printers]
   comment = All Printers
   path = /var/spool/samba
   printable = Yes
   use client driver = Yes
   browseable = No

[Profiles]
   path = /home/samba/profiles
   valid users = %U, '@Domain Admins'
   force user = %U
   read only = No
   create mask = 0600
   directory mask = 0700
   guest ok = Yes
   browseable = No

[netlogon]
   path = /home/samba/netlogon/
   guest ok = Yes
   browseable = No
   available = No

[print$]
   path = /home/drivers/
   admin users = administrator, jdavis
   write list = administrator, jdavis
   guest ok = Yes

[install]
   comment = install
   path = /home/unattended/install
   read list = dummy
   read only = No
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   force directory mode = 0777
   delete readonly = Yes

[Software]
   comment = install
   path = /home/software/
   write list = "@Domain Admins"
   read only = No
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   force directory mode = 0777
   delete readonly = Yes

[Browser-Config]
   comment = Browser Config Plugin
   path = /home/browser-config
   read only = No
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   force directory mode = 0777
   delete readonly = Yes

[Packages]
   comment = Browser Config Plugin
   path = /home/packages
   read only = No
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   force directory mode = 0777
   delete readonly = Yes

[pref.js_inbox]
   comment = install
   path = /home/prefs.js_inbox
   read list = @staff
   write list = @staff
   read only = No
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   force directory mode = 0777
   delete readonly = Yes

[pref.js_outbox]
   comment = install
   path = /home/prefs.js_outbox
   read list = @staff
   write list = @staff
   read only = No
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   force directory mode = 0777
   delete readonly = Yes


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/li

Re: [Samba] SAMBA under window?

2007-12-18 Thread Curtis Maloney 

hce wrote:

Let me clarify it again.

(a) The key point is that the linux device is too small to install a
large size of Samba. No question about it, if the linux device had an
samba, the window could mount the linux device.

(b) The small linux device is a dumb device, it may be configured by a
wifi ip address, but the mount process need be start from window to
the linux device, not the vice versa.

That was the original question, samba is too large to be installed to
a small linux device, I am looking to an alternative solution to have
a samba to be installed in a window machine, so the window can mount
to the linux device. But clearly, samba cannot be installed in window
system. If you have other solution, could you please explain more.


Installing samba on the windows machine to give you access to the files of a 
remote machine just doesn't make sense.  It suggest a fundamental lack of 
understanding of what Samba is, and how the whole process works.


However, your core issue is you want to transfer files between some server 
(which happens to be Windows) and some lightweight clients (which happen to be 
Linux).


Again, without a clearer understanding of your real requirements (the WHAT, not 
the HOW) it's difficult to suggest a solution.


We don't know _why_ you want to mount the file systems on the Linux devices.  Is 
it so the server can update their config files?  Is it so they can pass data to 
the server?  Is it for some other reason that would be better handled with a 
simple daemon, instead of a file system mount?


You have not provided enough information about WHAT you want to do... only asked 
questions about one possibility of HOW to do it.


--
Curtis Maloney
[EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA under window?

2007-12-18 Thread hce 
On Dec 18, 2007 2:13 AM, Gianluca Culot <[EMAIL PROTECTED]> wrote:
> With talk you mean
> MOUNT ???
>
> Because letting windows talk to Unix devices is just what samba already
> does...

Let me clarify it again.

(a) The key point is that the linux device is too small to install a
large size of Samba. No question about it, if the linux device had an
samba, the window could mount the linux device.

(b) The small linux device is a dumb device, it may be configured by a
wifi ip address, but the mount process need be start from window to
the linux device, not the vice versa.

That was the original question, samba is too large to be installed to
a small linux device, I am looking to an alternative solution to have
a samba to be installed in a window machine, so the window can mount
to the linux device. But clearly, samba cannot be installed in window
system. If you have other solution, could you please explain more.

Thank you.

Kind Regards,

Jim

> About mounting... That's a completely different business... And as Samba
> doesn't manage phisically the hardware and the filesystem , but symply asks
> the OS to read/write files
> Mouting a unix devices (i.e. filesystems) on windows has nothing to do with
> SAMBA!
>
>
> > -Messaggio originale-
> > Da: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]
> > g] Per conto di hce
> > Inviato: mercoledì 12 dicembre 2007 0.47
> > A: samba@lists.samba.org
> > Oggetto: [Samba] SAMBA under window?
>
> >
> > Hi,
> >
> > I am thinking a network configuration where a SAMBA server is
> > installed in a window machine so that the web server on that
> > window machine can talk to linux devices. Is it possible, or
> > it is a stupid idea?
> >
> > Thank you.
> >
> > Kind Regards,
> >
> > Jim
> > --
>
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
>
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problem with ACL and Samba

2007-12-18 Thread Felipe Tocchetto 
Dear All

I am facing a strange problem that I could not solve, so, maybe you can help
me.

Look at this situation:

I created a new directory with those ACLs (through Samba using Windows XP)

[EMAIL PROTECTED] /home/smb/adm]# getfacl teste
#file:teste
#owner:1002
#group:1006
user::rwx
group::rwx
group:suporte:rwx
group:administ:rwx
mask::rwx
other::---

[EMAIL PROTECTED] /home/smb/adm]# getfacl -d teste
#file:teste
#owner:1002
#group:1006
user::rwx
group::rwx
group:suporte:rwx
group:administ:rwx
mask::rwx
other::---

My ACLs are right, ok, now I will copy a XLS file to that folder:

[EMAIL PROTECTED] /home/smb/adm]# getfacl teste/excel-test.xls
#file:teste/excel-test.xls
#owner:1002
#group:1006
user::rwx
group::rw-
group:suporte:rwx
group:administ:rwx
mask::rwx
other::---

OK, the samba server inhert the permissions and the ACLs, everything is fine
until now.

But when I edit this file with MS Excel, and save it, look what happen to
the ACLs:

[EMAIL PROTECTED] /home/smb/adm]# getfacl teste/excel-test.xls
#file:teste/excel-test.xls
#owner:1002
#group:1006
user::rwx
group::---
group:suporte:rwx
mask::rwx
other::---

The ACL entry "group:administ:rwx" just have gone after I save the file.

It happens with Windows XP, Vista, Office 2003 and 2007. My samba version is
Samba version 3.0.26a, my SO is FreeBSD 6.2. I installed samba through
Ports.

Anybody knows what is wrong?

Thanks a lot!
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Enabling Profiles

2007-12-18 Thread Michael Heydon 

Net Warrior wrote:

HI there guys.
Sorry for disturbing you with a very basic question, log time ago, searching
in the archives I found that profiles can be enabled or disabled for
everyone, and that cannot be enabled for a gorup of users or a specific
user.
  
I believe this is the case using a simple server. If you use ldap then 
each user can have  "Profile Path" attribute. This should allow you to 
control profiles on a per user basis.

I read the how-tos, they explain very well how to manage them, but could not
find that doubt, nor even I could not find that thread
in the arvhives.

Can some tell me if that behavior still applies?

Thanks in advance
  

*Michael Heydon - IT Administrator *
[EMAIL PROTECTED] 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Prevent drag and drop within Samba shares

2007-12-18 Thread Michael Heydon 


Alex de Vaal wrote:

Hello,

Is there a parameter in smb.conf that prevent users to use drag and drop
within Samba shares?
  

Not really.

I know this is a Winedow$ function, but some users (hum, hum) use Explorer
to open their files and accidentally they drag and drop sometimes a
directory in the root of the share to another directory in the root of the
share.

...
If a user is member of dep_rhel4_adm and dep_rhel4_fog he/she is able to
drag and drop the fog directory into the adm directory.

If it is not possible to configure this within smb.conf, can I do something
on the Linux side?
  
In this example, you could remove the users' write access to /data/grp 
which would prevent them from moving fog. Obviously this wouldn't 
protect files further down in the directory tree. If the user has the 
ability to create and delete files, they have the ability to move them.


While it doesn't solve the problem, I have found that having an online 
backup (I use rsync to backup to another server) makes it much easier to 
see what has been moved and put things right as you can quickly compare 
the old directory structure to the current one.

Thanx for any answer.

Alex.
  

*Michael Heydon - IT Administrator *
[EMAIL PROTECTED] 
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba PDC with Terminal services

2007-12-18 Thread Doerr, Kevin R 
Stuart Gall wrote:
> Now if I add a user to the local remote desktop group, enable remote  
> admin, and then logon (from another machine) using the ip address I  
> can get a remote desktop session.

> However the browse for machine facility does not work, it says there  
> is no terminal server in the domain.

This may be relevant...

http://support.microsoft.com/default.aspx?scid=kb;en-us;281307

I am just a Samba noob, and don't have a strong handle on browsing, but
it seems like the first step would be for the XP clients to be
announcing themselves as Terminal Servers. Evidently they don't show up
in the list browse list of the RDP client otherwise.

Regards,
Kevin
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Cannot join domain with error: ads_connect: No logon servers

2007-12-18 Thread Jean-Pierre Gillione 
Thank You for the response Carlos.  I tried specifying the server and
that doesn't help.  So I ran it in debug mode.  Here is what I think
is the relevant output:

[2007/12/18 11:19:12, 5] lib/debug.c:debug_dump_status(391)
  INFO: Current debug levels:
all: True/5
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
[2007/12/18 11:19:12, 3] param/loadparm.c:lp_load(5031)
  lp_load: refreshing parameters
[2007/12/18 11:19:12, 3] param/loadparm.c:init_globals(1430)
  Initialising global parameters
[2007/12/18 11:19:12, 3] param/params.c:pm_process(572)
  params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2007/12/18 11:19:12, 3] param/loadparm.c:do_section(3770)
  Processing section "[global]"
  doing parameter workgroup = s2
  doing parameter realm = LEOPARD.SAFARI.INSIDE
  doing parameter security = ADS
  doing parameter server string = File Server
  doing parameter wins server = 10.0.0.10
  doing parameter password server = 10.0.0.10
  doing parameter preferred master = No
  doing parameter domain master = No
  doing parameter wins proxy = No
  doing parameter dns proxy = No
  doing parameter load printers = No
  doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
[2007/12/18 11:19:12, 5] lib/util.c:init_names(287)
  Netbios name list:-
  my_netbios_names[0]="ELEPHANT"
[2007/12/18 11:19:12, 2] lib/interface.c:add_interface(81)
  added interface ip=10.0.0.4 bcast=10.0.0.255 nmask=255.255.255.0
[2007/12/18 11:19:12, 5] lib/gencache.c:gencache_init(61)
  Opening cache file at /var/cache/samba/gencache.tdb
[2007/12/18 11:19:12, 5] libads/dns.c:sitename_fetch(674)
  sitename_fetch: No stored sitename for LEOPARD.SAFARI.INSIDE
[2007/12/18 11:19:12, 4] libsmb/namequery_dc.c:ads_dc_name(73)
  ads_dc_name: domain=S2
[2007/12/18 11:19:12, 5] libads/dns.c:sitename_fetch(674)
  sitename_fetch: No stored sitename for LEOPARD.SAFARI.INSIDE
[2007/12/18 11:19:12, 5] libsmb/namequery.c:saf_fetch(133)
  saf_fetch: failed to find server for "LEOPARD.SAFARI.INSIDE" domain
[2007/12/18 11:19:12, 3] libsmb/namequery.c:get_dc_list(1489)
  get_dc_list: preferred server list: ", 10.0.0.10"
[2007/12/18 11:19:12, 5] libads/dns.c:sitename_fetch(674)
  sitename_fetch: No stored sitename for LEOPARD.SAFARI.INSIDE
[2007/12/18 11:19:12, 4] libsmb/namequery.c:get_dc_list(1599)
  get_dc_list: returning 1 ip addresses in an ordered list
[2007/12/18 11:19:12, 4] libsmb/namequery.c:get_dc_list(1600)
  get_dc_list: 10.0.0.10:389
[2007/12/18 11:19:12, 5] libads/ldap.c:ads_try_connect(180)
  ads_try_connect: sending CLDAP request to 10.0.0.10 (realm:
LEOPARD.SAFARI.INSIDE)
[2007/12/18 11:19:12, 1] libads/cldap.c:recv_cldap_netlogon(219)
  no reply received to cldap netlogon
[2007/12/18 11:19:12, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 10.0.0.10 failed.
[2007/12/18 11:19:12, 5] libsmb/namequery.c:saf_fetch(133)
  saf_fetch: failed to find server for "S2" domain
[2007/12/18 11:19:12, 3] libsmb/namequery.c:get_dc_list(1489)
  get_dc_list: preferred server list: ", 10.0.0.10"
[2007/12/18 11:19:12, 5] libads/dns.c:sitename_fetch(674)
  sitename_fetch: No stored sitename for LEOPARD.SAFARI.INSIDE
[2007/12/18 11:19:12, 4] libsmb/namequery.c:get_dc_list(1599)
  get_dc_list: returning 1 ip addresses in an ordered list
[2007/12/18 11:19:12, 4] libsmb/namequery.c:get_dc_list(1600)
  get_dc_list: 10.0.0.10:389
[2007/12/18 11:19:12, 5] libsmb/namecache.c:namecache_status_fetch(346)
  namecache_status_fetch: no entry for NBT/S2#1C.20.10.0.0.10 found.
[2007/12/18 11:19:12, 5] libsmb/nmblib.c:send_udp(777)
  Sending a packet of len 50 to (10.0.0.10) on port 137
[2007/12/18 11:19:12, 5] libsmb/nmblib.c:read_packet(755)
  Received a packet of len 265 from (10.0.0.10) port 137
[2007/12/18 11:19:12, 4] libsmb/nmblib.c:debug_nmb_packet(112)
  nmb packet from 10.0.0.10(137) header: id=23715 opcode=Query(0) response=Yes
  header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
  header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
  answers: nmb_name=S2<1c> rr_type=33 rr_class=1 ttl=0
  answers   0 char .LEOPARD   hex 094C454F504152442020202020202020
  answers  10 char .d.LEOPARD hex 0364004C454F50415244202020202020
  answers  20 char   .d.LEOPARD   hex 20200064004C454F5041524420202020
  answers  30 char  d...__MSBRO   hex 2020202020640001025F5F4D5342524F
  answers  40 char WSE__S2hex 5753455F5F0201E40053322020202020
  answers  50 char ...S2  hex 20202020202020201EE4005332202020
  answers  60 char   .d.S2hex 202020202020202020201D6400533220
  answers  70 char ...S

Re: [Samba] Vista Sync (offline file) and Samba Problem

2007-12-18 Thread Jeremy Allison 
On Tue, Dec 18, 2007 at 07:02:33PM +, simo wrote:
> 
> On Tue, 2007-12-18 at 10:03 -0800, Jeremy Allison wrote:
> > On Tue, Dec 18, 2007 at 08:59:47AM +0200, Umut Arus wrote:
> > > Dear All,
> > > 
> > > I use Vista sync tool for synchronization Vista between
> > > samba-3.0.25b-1.el4_6.2 on
> > > RHEL AS4. There is some problem on files to copy samba home sharing. But
> > > if target directory is being Windows sharing does not happen the below
> > > problem.
> > > 
> > > Vista error screen says below messages;
> > > These items are in conflict and did not sync
> > > ~wrd.tmp A file was deleted on this computer and
> > > changed on the server while this computer was offline.
> > > New Text Document A file changed on this computer while offline has
> > > been deleted or renamed on the server.
> > > 
> > > Is there any resolution this problem?
> > 
> > Yes, this was fixed in a later Samba release.
> > 
> > Please upgrade to 3.0.28.
> 
> Jeremy is this the bad problem we had with ACL inheritance and offline
> files that you fixed at SambaXP ?

No, it's not acl inheritance. It's actually the NTcreateX response
fix that I discovered after XP.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Sync (offline file) and Samba Problem

2007-12-18 Thread simo 

On Tue, 2007-12-18 at 10:03 -0800, Jeremy Allison wrote:
> On Tue, Dec 18, 2007 at 08:59:47AM +0200, Umut Arus wrote:
> > Dear All,
> > 
> > I use Vista sync tool for synchronization Vista between
> > samba-3.0.25b-1.el4_6.2 on
> > RHEL AS4. There is some problem on files to copy samba home sharing. But
> > if target directory is being Windows sharing does not happen the below
> > problem.
> > 
> > Vista error screen says below messages;
> > These items are in conflict and did not sync
> > ~wrd.tmp A file was deleted on this computer and
> > changed on the server while this computer was offline.
> > New Text Document A file changed on this computer while offline has
> > been deleted or renamed on the server.
> > 
> > Is there any resolution this problem?
> 
> Yes, this was fixed in a later Samba release.
> 
> Please upgrade to 3.0.28.

Jeremy is this the bad problem we had with ACL inheritance and offline
files that you fixed at SambaXP ?

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <[EMAIL PROTECTED]>
Senior Software Engineer at Red Hat Inc. <[EMAIL PROTECTED]>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] File name symbols

2007-12-18 Thread Vitaly Protsko 
Hi!

I have following situation:
3.0.27a works perfectly, speedy NAS server in AD domain

But we decided to make backup of a whole users file junk
to this speedy NAS. Near all files have names in russian.

What I see: "unix charset = UTF8" makes characters in
file names as ":d0:c1" for one (ok, understandable), but
"unix charset = koi8r" makes only one-byte ":ee".

Filesystem accepts bytes, not chars from some charset in
filenames.

The problem in long file names - 3 chars instead of one!
Many files in our archive have longer than 100-byte names.

Why convert bytes, if they are accepted by filesystem?
Can it be controlled from smb.conf ?

/aTan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Sync (offline file) and Samba Problem

2007-12-18 Thread Jeremy Allison 
On Tue, Dec 18, 2007 at 08:59:47AM +0200, Umut Arus wrote:
> Dear All,
> 
> I use Vista sync tool for synchronization Vista between
> samba-3.0.25b-1.el4_6.2 on
> RHEL AS4. There is some problem on files to copy samba home sharing. But
> if target directory is being Windows sharing does not happen the below
> problem.
> 
> Vista error screen says below messages;
> These items are in conflict and did not sync
> ~wrd.tmp A file was deleted on this computer and
> changed on the server while this computer was offline.
> New Text Document A file changed on this computer while offline has
> been deleted or renamed on the server.
> 
> Is there any resolution this problem?

Yes, this was fixed in a later Samba release.

Please upgrade to 3.0.28.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA ADS integration - windows user account rights

2007-12-18 Thread Aaron J. Zirbes 
You may be running into this issue:

http://support.microsoft.com/kb/251335

--
Aaron


Bert Verhaeghe wrote:
> Hi all,
> 
> first of all is it possible to join a Linux machine to AD using a
> windows user account that is not a member of the group Domain Admins?
> Cause when I do this I get the following error while executing `net ads
> join -d 3 -U syncuser`: 
> 
> 
> #net ads join -d 3 -U  syncuser
> [2007/12/11 13:47:12, 3] param/loadparm.c:lp_load(4953)  lp_load:
> refreshing parameters
> [2007/12/11 13:47:12, 3] param/loadparm.c:init_globals(1418)
> Initialising global parameters 
> [2007/12/11 13:47:12, 3] param/params.c:pm_process(572)
> params.c:pm_process() - Processing configuration file
> "/etc/samba/smb.conf"
> [2007/12/11 13:47:12, 3] param/loadparm.c:do_section(3695) Processing
> section "[global]" 
> [2007/12/11 13:47:12, 2] lib/interface.c:add_interface(81) added
> interface ip=10.0.0.3 bcast=10.0.0.255 nmask=255.255.255.0 
> octopussync's password: 
> [2007/12/11 13:47:17, 3] libsmb/namequery.c:get_dc_list(1426)
> get_dc_list: preferred server list: ", DC"
> [2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_lmhosts(939)
> resolve_lmhosts: Attempting lmhosts lookup for name DC<0x20> 
> [2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_wins(836)
> resolve_wins: Attempting wins lookup for name DC<0x20>
> [2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_wins(839)
> resolve_wins: WINS server resolution selected and no WINS servers
> listed. 
> [2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_hosts(1002)
> resolve_hosts: Attempting host lookup for name DC<0x20>
> [2007/12/11 13:47:17, 3] libads/ldap.c:ads_connect(287) Connected to
> LDAP server 10.0.0.1
> [2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
> ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
> [2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
> ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 
> [2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
> ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
> [2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
> ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 
> [2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(219)
> ads_sasl_spnego_bind: got server principal name [EMAIL PROTECTED]
> [2007/12/11 13:47:17, 3] libsmb/clikrb5.c:ads_krb5_mk_req(552)
> ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache
> found) 
> [2007/12/11 13:47:17, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(488)
> ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
> Tue, 11 Dec 2007 23:47:05 UTC
> [2007/12/11 13:47:17, 3] libsmb/cliconnect.c:cli_start_connection(1426)
> Connecting to host= DC.domain.local
> [2007/12/11 13:47:17, 3] lib/util_sock.c:open_socket_out(874) Connecting
> to 10.0.0.1 at port 445
> [2007/12/11 13:47:17, 3]
> libsmb/cliconnect.c:cli_session_setup_spnego(721) Doing spnego session
> setup (blob length=107) 
> [2007/12/11 13:47:17, 3]
> libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 2 840 48018
> 1 2 2
> [2007/12/11 13:47:17, 3]
> libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 2 840 113554
> 1 2 2
> [2007/12/11 13:47:17, 3]
> libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 2 840 113554
> 1 2 2 3 
> [2007/12/11 13:47:17, 3]
> libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 3 6 1 4 1
> 311 2 2 10
> [2007/12/11 13:47:17, 3]
> libsmb/cliconnect.c:cli_session_setup_spnego(754) got principal=dc
> [EMAIL PROTECTED]
> [2007/12/11 13:47:17, 2]
> libsmb/cliconnect.c:cli_session_setup_kerberos(546) Doing kerberos
> session setup
> [2007/12/11 13:47:17, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(488)
> ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect]
> expiration Tue, 11 Dec 2007 23:47:05 UTC 
> [2007/12/11 13:47:17, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
> rpc_pipe_bind: Remote machine DC.domain.local pipe \lsarpc fnum 0x400c
> bind request returned ok.
> [2007/12/11 13:47:17, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224)
> lsa_io_sec_qos: length c does not match size 8 
> [2007/12/11 13:47:17, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
> rpc_pipe_bind: Remote machine DC.domain.local pipe \samr fnum 0x400a
> bind request returned ok.
> Failed to set password for machine account (NT_STATUS_ACCESS_DENIED) 
> Failed to join domain!
> [2007/12/11 13:47:17, 2] utils/net.c:main(988) return code = -1
> 
> 
> But when the user is added to the Domain Admins group, the join is
> successful.
> 
> And if the latter is possible, which permissions should the windows user
> account have? 
> 
> Thx in advance
> 
> bert
> 
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] SAMBA ADS integration - windows user account rights

2007-12-18 Thread Bert Verhaeghe 
Hi all,

first of all is it possible to join a Linux machine to AD using a
windows user account that is not a member of the group Domain Admins?
Cause when I do this I get the following error while executing `net ads
join -d 3 -U syncuser`: 


#net ads join -d 3 -U  syncuser
[2007/12/11 13:47:12, 3] param/loadparm.c:lp_load(4953)  lp_load:
refreshing parameters
[2007/12/11 13:47:12, 3] param/loadparm.c:init_globals(1418)
Initialising global parameters 
[2007/12/11 13:47:12, 3] param/params.c:pm_process(572)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2007/12/11 13:47:12, 3] param/loadparm.c:do_section(3695) Processing
section "[global]" 
[2007/12/11 13:47:12, 2] lib/interface.c:add_interface(81) added
interface ip=10.0.0.3 bcast=10.0.0.255 nmask=255.255.255.0 
octopussync's password: 
[2007/12/11 13:47:17, 3] libsmb/namequery.c:get_dc_list(1426)
get_dc_list: preferred server list: ", DC"
[2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_lmhosts(939)
resolve_lmhosts: Attempting lmhosts lookup for name DC<0x20> 
[2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_wins(836)
resolve_wins: Attempting wins lookup for name DC<0x20>
[2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_wins(839)
resolve_wins: WINS server resolution selected and no WINS servers
listed. 
[2007/12/11 13:47:17, 3] libsmb/namequery.c:resolve_hosts(1002)
resolve_hosts: Attempting host lookup for name DC<0x20>
[2007/12/11 13:47:17, 3] libads/ldap.c:ads_connect(287) Connected to
LDAP server 10.0.0.1
[2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 
[2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(210)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 
[2007/12/11 13:47:17, 3] libads/sasl.c:ads_sasl_spnego_bind(219)
ads_sasl_spnego_bind: got server principal name [EMAIL PROTECTED]
[2007/12/11 13:47:17, 3] libsmb/clikrb5.c:ads_krb5_mk_req(552)
ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache
found) 
[2007/12/11 13:47:17, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(488)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 11 Dec 2007 23:47:05 UTC
[2007/12/11 13:47:17, 3] libsmb/cliconnect.c:cli_start_connection(1426)
Connecting to host= DC.domain.local
[2007/12/11 13:47:17, 3] lib/util_sock.c:open_socket_out(874) Connecting
to 10.0.0.1 at port 445
[2007/12/11 13:47:17, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(721) Doing spnego session
setup (blob length=107) 
[2007/12/11 13:47:17, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 2 840 48018
1 2 2
[2007/12/11 13:47:17, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 2 840 113554
1 2 2
[2007/12/11 13:47:17, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 2 840 113554
1 2 2 3 
[2007/12/11 13:47:17, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(746) got OID=1 3 6 1 4 1
311 2 2 10
[2007/12/11 13:47:17, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(754) got principal=dc
[EMAIL PROTECTED]
[2007/12/11 13:47:17, 2]
libsmb/cliconnect.c:cli_session_setup_kerberos(546) Doing kerberos
session setup
[2007/12/11 13:47:17, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(488)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect]
expiration Tue, 11 Dec 2007 23:47:05 UTC 
[2007/12/11 13:47:17, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine DC.domain.local pipe \lsarpc fnum 0x400c
bind request returned ok.
[2007/12/11 13:47:17, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224)
lsa_io_sec_qos: length c does not match size 8 
[2007/12/11 13:47:17, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine DC.domain.local pipe \samr fnum 0x400a
bind request returned ok.
Failed to set password for machine account (NT_STATUS_ACCESS_DENIED) 
Failed to join domain!
[2007/12/11 13:47:17, 2] utils/net.c:main(988) return code = -1


But when the user is added to the Domain Admins group, the join is
successful.

And if the latter is possible, which permissions should the windows user
account have? 

Thx in advance

bert


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Cannot join domain with error: ads_connect: No logon servers

2007-12-18 Thread Carlos Ramos 
there is a switch to specify the server name. I was having a similar
problem that was solved specifying it's name.
try:

net -d ads join -s your_server_dns

don't forget to add your_server_dns to /etc/hosts

On Dec 18, 2007 3:20 AM, Jean-Pierre Gillione <[EMAIL PROTECTED]> wrote:
> Hello All,
>
> I am trying to get a Gentoo Linux system to join a domain run by a Mac
> OS X Server.  I have set up kerberos and ldap as per the instructions
> in the Samba documentation and I am able to log in to the system using
> the info (getent finds the users, and kinit successfully connects),
> but I can't get Samba to join the domain and authenticate the users.
> When I run "net ads join" I get:
>
> [2007/12/17 19:16:07, 0] utils/net_ads.c:ads_startup_int(286)
>   ads_connect: No logon servers
> Failed to join domain: No logon servers
>
> I have tried searching google for this, but have found no response.
> Does anybody know what the problem is?
>
> Thanks for any help.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problem joining linux box to active directory domain

2007-12-18 Thread Carlos Ramos 
Solved,

I would like to know what solved my problem... the truth is that I'm
not shure. I left the domain and rejoined a few time in my tests. And
it is finaly working. Just so that i can help someone i will put here
my current configuration:

smb.conf:
[global]
netbios name = YOUR_NETBIOS_NAME
password server = KERBEROS_SERVER_IP_ADDRESS
unix charset = LOCALE
workgroup = YOUR_WORKGROUP
realm = YOUR_KERBEROS_REALM
server string = STRING_DESCRIBING_YOUR_SERVER
security = ADS
username map = /etc/samba/smbusers
local master = no
preferred master = no
encrypt passwords = yes

log level = 2
syslog = 0
log file = /var/log/samba/%m
max log size = 50
printcap name = CUPS
ldap ssl = no
idmap uid = 1-2
idmap gid = 1-2
template shell = /bin/bash
winbind separator = +
#template primary group = "Users"

winbind uid = 1-2
winbind gid = 1-2
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes

/etc/nsswitch.conf:
passwd: compat winbind
shadow: compat
group:  compat winbind
hosts:  files dns
networks:   files dns
services:   db files
protocols:  db files
rpc:db files
ethers: db files
netmasks:   files
netgroup:   files
publickey:  files
bootparams: files
automount:  files
aliases:files

/etc/krb5.conf:
[libdefaults]
default_realm = YOUR_KERBEROS_REALM

[realms]
YOUR_KERBEROS_REALM = {
kdc = YOUR_KERBEROS_SERVER_DNS
}

[domain_realm]
.ipn.pt = YOUR_KERBEROS_REALM
ipn.pt = YOUR_KERBEROS_REALM

/etc/hosts:
(add one line containing)
YOUR_KERBEROS_SERVER_IP_ADDRESS   YOUR_KERBEROS_SERVER_DNS


to join the domain i did a simple:
net -d join ads -UYOUR_ADMIN_USERNAME%YOUR_ADMIN_PASSWORD

thank you all for the help you gave me. It led me to the solution.

thank you.


>Hello, I'm having a hard time joining one linux server to an active
>directory domain. I've searched everywhere for a solution but was
>unsuccessful:
>
>I went to samba.org and followed the examples in
>http://us3.samba.org/samba/docs/man/Samba-Guide/
>The examples are great... My scenario is described  in chapter 7
>(http://us3.samba.org/samba/docs/man/...ts.html#adssdm)
>It explains how to make a Linux box authenticate in a active directory
>scenario. As soon as i get to the point where the box joins the
>domain:
>
>net ads join -UAdministrator%not24get
>
>I get the error "ads_connect: No logon servers".
>
>I searched all the logs, /var/log/messages /var/log/samba/* and found
>nothing usefull.
>
>transcript of a session:
>
>proxy ~ # tail -f /var/log/messages &
>proxy ~ # tail -f /var/log/samba/* &
>proxy ~ # net ads join -Uadminusername%password
>[2007/12/17 16:47:45, 0] utils/net_ads.c:ads_startup_int(286)
> ads_connect: No logon servers
>Failed to join domain: No logon servers
>proxy ~ #
>
>
>this is my smb.conf:
>[global]
>unix charset = LOCALE
>workgroup = DOMAINNAME
>realm = REALMENAME
>server string = servername
>security = ADS
>username map = /etc/samba/smbusers
>log level = 5
>syslog = 0
>log file = /var/log/samba/%m
>max log size = 50
>printcap name = CUPS
>ldap ssl = no
>idmap uid = 1-2
>idmap gid = 1-2
>template shell = /bin/bash
>winbind separator = +
>#template primary group = "Users"
>
>
>Can anyone help? I realy don't see what I'm doing wrong.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Sync (offline file) and Samba Problem

2007-12-18 Thread Sebastian Marten 
simo schrieb:
[...]
> Can you please explain how to exactly reproduce this from scratch ?
> Do you know if it happens with later Samba versions ?
> 
> Simo.
> 

I'm currently not at the System but I'm really sure that this problem
starts with the Update 1 of RHEL 5 (CentOS 5.1 == RHEL 5.1)
Maybe Umut Arus can confirm that.

The Samba version on EL 5.0 is samba-3.0.25b-0.el5.4.
Maybe a broken RH specific security patch?


Regards,
Sebastian



signature.asc
Description: OpenPGP digital signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Enabling Profiles

2007-12-18 Thread Net Warrior 
HI there guys.
Sorry for disturbing you with a very basic question, log time ago, searching
in the archives I found that profiles can be enabled or disabled for
everyone, and that cannot be enabled for a gorup of users or a specific
user.

I read the how-tos, they explain very well how to manage them, but could not
find that doubt, nor even I could not find that thread
in the arvhives.

Can some tell me if that behavior still applies?

Thanks in advance
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Deny a User from a specific Host

2007-12-18 Thread Net Warrior 
Thank you very much for your help.
This seems to be what I'm looking for..

Greets.

>You can set the "sambaUserWorkstations:" parameter in the ldap user leaf.
>Can be done from the NT4 Doman User administration or using LDAP Accou


2007/12/14, Steve Mc Gregor <[EMAIL PROTECTED]>:
>
> You can set the "sambaUserWorkstations:" parameter in the ldap user leaf.
> Can be done from the NT4 Doman User administration or using LDAP Account
> Manager.
>
> On Dec 14, 2007 3:14 PM, Rubin Bennett <[EMAIL PROTECTED]> wrote:
>
> > On Fri, 2007-12-14 at 19:55 +, Net Warrior wrote:
> > > Good, but, how do I tell, this user can log in in this  windows
> machine
> > and
> > > not in this other?  I need a way to check
> > > both, the user who's loggin agains my pdc in and the IP from the
> machine
> > > he's trying to log to the domain. Isn't deny-host a more global way to
> > tell,
> > > this host can access my machine?
> > >
> > Yes.
> >
> > To do what you're after, I think you could do it with a carefully
> > subnetted LAN (i.e. each department has a distinct LAN segment, not
> > necessarily an actual subnet but a block of IPs that are predictably
> > assigned via dhcp pools).
> >
> > Then using dynamically generated login scripts, you could cross
> > reference the users' group membership with the IP pool that they're
> > logging in from, and attempt to write in some nastiness that disables
> > users from one group logging into the IP space of another group.
> >
> > This is actually an interesting idea in a way although if your directory
> > ACLs and permissions are set up correctly and you're using the Samba
> > server for storing everything, why worry if user "A" from accounting
> > logs into user "B"'s pc in marketing?  They won't be able to access
> > anything they couldn't from their own computer, right?
> >
> > Rubin
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
>
>
>
> --
> Steve Mc Gregor
> weblog: http://blog.smcgregor.info/
> email: [EMAIL PROTECTED]
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Sync (offline file) and Samba Problem

2007-12-18 Thread simo 

On Tue, 2007-12-18 at 09:20 +0100, Sebastian Marten wrote:
> Umut Arus schrieb:
> > Dear All,
> > 
> > I use Vista sync tool for synchronization Vista between
> > samba-3.0.25b-1.el4_6.2 on
> > RHEL AS4. There is some problem on files to copy samba home sharing. But
> > if target directory is being Windows sharing does not happen the below
> > problem.
> > 
> > Vista error screen says below messages;
> > These items are in conflict and did not sync
> > ~wrd.tmp A file was deleted on this computer and
> > changed on the server while this computer was offline.
> > New Text Document A file changed on this computer while offline has
> > been deleted or renamed on the server.
> > 
> > Is there any resolution this problem?
> > 
> > Regards,
> > 
> > -- 
> > Umut ARUS
> > System Specialist
> > 
> 
> Hi,
> I don't have a solution, but i have a similar problem on CentOS5 with
> samba-3.0.25b-1.el5_1.4.
> 
> Ok, I use XP SP2 and the XP offline folder tool, but the Problem seem
> the same.

Can you please explain how to exactly reproduce this from scratch ?
Do you know if it happens with later Samba versions ?

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <[EMAIL PROTECTED]>
Senior Software Engineer at Red Hat Inc. <[EMAIL PROTECTED]>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] problem with samba 3.0.28/Solaris 8/smbclient

2007-12-18 Thread Kenneth Marshall 
On Mon, Dec 17, 2007 at 01:26:51PM -0600, Kenneth Marshall wrote:
> Dear Samba users,
> 
> I am trying to update our local samba packages to 3.0.28.
> They are built against heimdal-1.0.1 and openldap-2.3.38.
> The Redhat Enterprise Linux 3 and 4 packages are working
> fine so far in my limited testing. The problem with heimdal
> and "net ads join..." has been fixed on all 3 platforms.
> On the Solaris 8 server, the "net ads join..." works
> correctly and the machine registers with the domain. The
> problem is that the smbclient segfaults on the ls command.
> A put command worked correctly. Here is what a truss
> returned:
> 
> 21056:  ioctl(1, TCGETA, 0xFFBECFA4)= 0
> 21056:  write(1, " s m b :   \ k \ k t m \".., 14)  = 14
> 21056:  read(0, 0xFFBED3E3, 1)  (sleeping...)
> 21056:  signotifywait() (sleeping...)
> 21056:  door_return(0x, 0, 0x, 0) (sleeping...)
> 21056:  lwp_cond_wait(0xFF3834E8, 0xFF3834F8, 0xFF37CD80) (sleeping...)
> 21056:  read(0, " l", 1)= 1
> 21056:  write(1, " l", 1)   = 1
> 21056:  read(0, " s", 1)= 1
> 21056:  write(1, " s", 1)   = 1
> 21056:  read(0, "\r", 1)= 1
> 21056:  write(1, "\n", 1)   = 1
> 21056:  ioctl(0, TCSETSW, 0xFF345C28)   = 0
> 21056:  sigaction(SIGINT, 0xFFBED4C0, 0xFFBED5C0)   = 0
> 21056:  sigaction(SIGTERM, 0xFFBED4C0, 0xFFBED5C0)  = 0
> 21056:  sigaction(SIGQUIT, 0xFFBED4C0, 0xFFBED5C0)  = 0
> 21056:  sigaction(SIGALRM, 0xFFBED4C0, 0xFFBED5C0)  = 0
> 21056:  sigaction(SIGTSTP, 0xFFBED4C0, 0xFFBED5C0)  = 0
> 21056:  sigaction(SIGTTOU, 0xFFBED4C0, 0xFFBED5C0)  = 0
> 21056:  sigaction(SIGTTIN, 0xFFBED4C0, 0xFFBED5C0)  = 0
> 21056:  sigaction(SIGWINCH, 0xFFBED4C0, 0xFFBED5C0) = 0
> 21056:  time()  = 1197919173
> 21056:  write(6, "\0\0\0 bFF S M B 2\0\0\0".., 102) = 102
> 21056:  poll(0xFFBEAF18, 1, 2)  = 1
> 21056:  read(6, "\0\003AC", 4)  = 4
> 21056:  poll(0xFFBEAF88, 1, 2)  = 1
> 21056:  read(6, "FF S M B 2\0\0\0\08801C8".., 940)  = 940
> 21056:  open("/usr/share/lib/zoneinfo/US/Central", O_RDONLY) = 8
> 21056:  read(8, " T Z i f\0\0\0\0\0\0\0\0".., 8192) = 1279
> 21056:  close(8)= 0
> 21056:  stat64("/usr/site/samba-3.0.28/lib/C.msg", 0xFFBEA948) Err#2 ENOENT
> 21056:  Incurred fault #6, FLTBOUNDS  %pc = 0xFE833218
> 21056:siginfo: SIGSEGV SEGV_MAPERR addr=0x40498000
> 21056:  Received signal #11, SIGSEGV [default]
> 21056:siginfo: SIGSEGV SEGV_MAPERR addr=0x40498000
> 21056:  *** process killed ***
> 
> Here is a gdb backtrace:
> 
> (gdb) run -U 'AD\ktm' //storage.rice.edu/home -D k/ktm
> Starting program: /build/samba-3.0.28/sunos5/bin/smbclient -U 'AD\ktm' 
> //storage.rice.edu/home -D k/ktm
> [New LWP 1]
> [New LWP 2]
> [New LWP 3]
> params.c:OpenConfFile() - Unable to open configuration file 
> "/usr/site/samba-3.0.28/lib/smb.conf":
> No such file or directory
> [New LWP 4]
> [New LWP 5]
> /build/samba-3.0.28/sunos5/bin/smbclient: Can't load 
> /usr/site/samba-3.0.28/lib/smb.conf - run testparm to debug it
> Password: 
> Domain=[AD] OS=[BlueArc Titan 4.3.990q] Server=[BlueArc Titan 4.3.990q]
> smb: \k\ktm\> ls
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0xfe833218 in strlen () from /usr/lib/libc.so.1
> (gdb) bt
> #0  0xfe833218 in strlen () from /usr/lib/libc.so.1
> #1  0xfedcadcc in wait_for_process () from 
> /usr/site/samba-3.0.28/ext/libroken.so.18
> #2  0xfedcadcc in wait_for_process () from 
> /usr/site/samba-3.0.28/ext/libroken.so.18
> Previous frame identical to this frame (corrupt stack?)
> (gdb) 
> 
> I am building a debug version of the heimdal 1.0.1 libraries to
> try and get some more information, but I wanted to post a preliminary
> message to see if this is a know issue or not and whether there are
> some other debugging measures that could be tried.
> 
> Cheers,
> Ken
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
> 

Dear Samba users,

As promised here s the backtrace from the debug version of the
Heimdal 1.0.1 libraries:

Starting program: /build/samba-3.0.28/sunos5/bin/smbclient -U 'ADRICE\ktm' 
//storage.rice.edu/home -D k/ktm
[New LWP 1]
[New LWP 2]
[New LWP 3]
params.c:OpenConfFile() - Unable to open configuration file 
"/usr/site/samba-3.0.28/lib/smb.conf":
No such file or directory
[New LWP 4]
[New LWP 5]
/build/samba-3.0.28/sunos5/bin/smbclient: Can't load 
/usr/site/samba-3.0.28/lib/smb.conf - run testparm to debug it
Password: 
Domain=[ADRICE] OS=[BlueArc Titan 4.3.990q] Server=[BlueArc Titan 4.3.990q]
smb: \k\ktm\> ls

Program r

[Samba] kernel log (smbfs): smb_proc_readdir_long: error=-2, breaking

2007-12-18 Thread Simon Jolle 
Hi Samba users

We use RHEL 4.5.
What mean those log entries? How to solve this issue? Such entries
appear in logs after copy jobs.

Dec 16 20:55:43 nahant048 kernel: smb_proc_readdir_long: error=-2, breaking
Dec 16 20:55:45 nahant048 last message repeated 2 times
Dec 16 20:58:02 nahant048 kernel: smb_proc_readdir_long: error=-13, breaking
Dec 16 20:58:02 nahant048 kernel: smb_proc_readdir_long: error=-13, breaking
Dec 17 20:31:54 nahant048 kernel: smb_proc_readdir_long: error=-2, breaking
Dec 17 20:31:55 nahant048 last message repeated 2 times
Dec 17 20:33:04 nahant048 kernel: smb_proc_readdir_long: error=-13, breaking
Dec 17 20:33:05 nahant048 kernel: smb_proc_readdir_long: error=-13, breaking

# modinfo smbfs
filename:   /lib/modules/2.6.9-55.0.9.ELlargesmp/kernel/fs/smbfs/smbfs.ko
license:GPL
depends:
vermagic:   2.6.9-55.0.9.ELlargesmp SMP gcc-3.4

# rpm -q -a | grep samba
samba-common-3.0.25b-1.el4_6.2
samba-client-3.0.25b-1.el4_6.2

mount options:
defaults,uid=512,gid=512,username=domain\user,password=password

filesystem type:
smbfs

cheers
Simon

-- 
XMPP: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Prevent drag and drop within Samba shares

2007-12-18 Thread Alex de Vaal 
Hello,

Is there a parameter in smb.conf that prevent users to use drag and drop
within Samba shares?

I know this is a Winedow$ function, but some users (hum, hum) use Explorer
to open their files and accidentally they drag and drop sometimes a
directory in the root of the share to another directory in the root of the
share.

My samba server is member of a native W2k3 server Active Directory and AD
users are able to access the Samba shares.

The share is configured like this in smb.conf:

[grp]
comment = Group Directory
path = /data/grp
valid users = @NH-HOTELES.COM\DEP_RHEL4_MEMBER
read only = No
inherit permissions = Yes
hide unreadable = Yes

The /data/grp directory looks like this:

drwxrws---  2 root NH-HOTELES\dep_rhel4_adm 4096 Sep 11  2006 adm
drwxrws---  4 root NH-HOTELES\dep_rhel4_fog 4096 Mar  9  2007 fog

If a user is member of dep_rhel4_adm and dep_rhel4_fog he/she is able to
drag and drop the fog directory into the adm directory.

If it is not possible to configure this within smb.conf, can I do something
on the Linux side?

Thanx for any answer.

Alex.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Vista Sync (offline file) and Samba Problem

2007-12-18 Thread Sebastian Marten 
Umut Arus schrieb:
> Dear All,
> 
> I use Vista sync tool for synchronization Vista between
> samba-3.0.25b-1.el4_6.2 on
> RHEL AS4. There is some problem on files to copy samba home sharing. But
> if target directory is being Windows sharing does not happen the below
> problem.
> 
> Vista error screen says below messages;
> These items are in conflict and did not sync
> ~wrd.tmp A file was deleted on this computer and
> changed on the server while this computer was offline.
> New Text Document A file changed on this computer while offline has
> been deleted or renamed on the server.
> 
> Is there any resolution this problem?
> 
> Regards,
> 
> -- 
> Umut ARUS
> System Specialist
> 

Hi,
I don't have a solution, but i have a similar problem on CentOS5 with
samba-3.0.25b-1.el5_1.4.

Ok, I use XP SP2 and the XP offline folder tool, but the Problem seem
the same.

Regards,
Sebastian



signature.asc
Description: OpenPGP digital signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba won't connect to new users ...

2007-12-18 Thread Dr.Peer-Joachim Koch 

Hi,

we have the following problem:
From time to time (1 week -> 6 weeks) new user (computer
just started) are unable to connect to our file server,
BUT old connections are still working without any problems.

The log file is currently not very helpful.
Any idea, where to look ?

Samba running on Novell SLES9 SP3 (AMD64),
   samba3-3.0.25b-33 (Sernet)

A simple "smb restart" is solving the problem, but I would
prefer a stable system 

--
Bye,
Peer
_
Max-Planck-Institut fuer Biogeochemie
Dr. Peer-Joachim Koch
Hans-Knöll Str.10Telefon: ++49 3641 57-6705
D-07745 Jena Telefax: ++49 3641 57-7705



smime.p7s
Description: S/MIME Cryptographic Signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] samba passwords and ldap + telnet.. SOLVED

2007-12-18 Thread L.P.H. van Belle 
Hi,

Thanks voor the answheres.

I solved this problem, i use Delta-syncrepl to replicate my databases.
then i us the readonly database. during the database sync something 
went wrong. I resetted my access log of the master database and this solved
my problemen. The exact problem was, that the password fields and the login
shell
wasn't replicated.


Louis

>-Oorspronkelijk bericht-
>Van: Michael Heydon [mailto:[EMAIL PROTECTED] 
>Verzonden: dinsdag 18 december 2007 0:10
>Aan: L.P.H. van Belle
>CC: samba@lists.samba.org
>Onderwerp: Re: [Samba] samba passwords and ldap + telnet..
>
>
>L.P.H. van Belle wrote:
>> Hi all, 
>>  
>> This is maybe not the play to ask, but i'll just ask.
>> I googled a lot but im stuck.. 
>>   
>It's not really, this is a pam-ldap issue. The fact that one of the 
>other servers connected to ldap runs samba is inconsequential.
>
>> Im having samba 3.0.26a on a debian etch server with ldap.
>> Im using a setup like the idealx setup. ( samba pdc + ldap ) 
>> I have replicated my ldap database to a other server. On 
>this server im
>> having
>> a database application running and my users must login 
>> with telnet on this server.
>>  
>> Now my problem, Everything works perfectly, exept 1 thing.
>> my samba users are unable to login on server 2 with telnet.
>>  
>> I have the pam modules configured, but im still unable to login.
>> I have no errors, execpt 1.
>> this one: 
>> Dec 17 08:52:38 ms249-lin-005 login[1680]: pam_ldap: error 
>trying to bind as
>> user "uid=testuser,ou=Users,dc=locale,dc=domain,dc=internal" (Invalid
>> credentials)
>> Dec 17 08:52:38 ms249-lin-005 login[1680]: (pam_unix) authentication
>> failure; logname= uid=0 euid=0 tty=pts/1 ruser=
>> rhost=PCNAME,locale,domain,internal"  user=testuser
>> Dec 17 08:52:40 ms249-lin-005 login[1680]: FAILED LOGIN (1) 
>on 'pts/1' from
>> PCNAME,locale,domain,internal"' FOR `testuser', 
>Authentication failure
>>
>>   
>It would appear that you are trying to bind to the LDAP server as the 
>authenticating user. Does this work? (Try using an ldap client, 
>something like LdapAdmin under Windows, and ensuring that the user can 
>bind and access the relevent data from the directory).
>
>> i've spent 2 days now and im cant find my problem.
>>  
>> I hope someone on this list know the solution.
>>  
>> I'm using md5 as encryption in pam-ldap. 
>>  
>> I hope someone can help me.
>>  
>> Louis
>>   
>
>*Michael Heydon - IT Administrator *
>[EMAIL PROTECTED] 
>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba