[Samba] samba+linux server+windows share can't find a file
Hi, The environment: The linux server install the Mandriva. And this is a samba server for sharing documents. All the clients are windows XP. There was a strange thing. There was a file which I can find in the windows client. But I can't find this file in the linux even if I use the command "#ls -a" At the same time, this file was not read and hided. You couldn't open and delete it. As this file exist some document can't be found but it is exist. When I deleted some files in this folder, some files appeared. I also tried to use the root to delete the folder and recreate a new folder, I copied these files to the folder and the same status happened again. I don't know why? If you have some advice, please tell me. Thanks. -- - NETK5 in all south-east asiawww.netk5.com IT Service, Software Development, Web - Chen Lianlu Engineer Tel:+86(21) 3318 3209 Fax:+86(21) 6312 5755 [EMAIL PROTECTED] - CONFIDENTIALITY. Any data and information contained in this electronic mail is personal, confidential and secret. Any total or partial publication, use or distribution must be authorized. If you are not the named recipient, please do not disclose the contents to another person, use this email for any purpose or store or copy the information in any medium. Instead, please notify the sender by return email and delete this email (including any attachments) from your system. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux disk quota support
Ryan Novosielski wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 emre wrote: Dear Listmembers, I installed samba-3.0.28 and configured --with-quotas, but I don't seem to be getting quota support. Is there a description on how to do quotas with samba? Is there something I should know about besides the configuration option --with-quotas? Thank you, Emre Brookes example- Last login: Fri Jan 11 16:44:19 2008 from localhost Linux 2.4.33.3. [EMAIL PROTECTED]:~$ cp termcap termcap2 [EMAIL PROTECTED]:~$ cp termcap termcap3 sd(8,17): warning, user block quota exceeded. [EMAIL PROTECTED]:~$ rm termcap3 [EMAIL PROTECTED]:~$ smbclient //localhost/homes Password: Domain=[SAMBA2] OS=[Unix] Server=[Samba 3.0.28] smb: \> put termcap termcap3 putting file termcap as \termcap3 (8757.9 kb/s) (average 8758.8 kb/s) smb: \> put termcap termcap4 putting file termcap as \termcap4 (8757.9 kb/s) (average 8758.8 kb/s) smb: \> put termcap termcap5 putting file termcap as \termcap5 (8969.0 kb/s) (average 13138.2 kb/s) smb: \> exit [EMAIL PROTECTED]:~$ ls abcd termcap termcap2 termcap3* termcap4* termcap5* [EMAIL PROTECTED]:~$ Something is amiss here. No quota support, to me, means that it won't realize it's out of quota, yes. However, seems to me that the OS should be enforcing this quota regardless of that fact (meaning that Samba would not show an out of quota message, but something less intelligent, like permission denied). Anyone else? I figured it out. I had the soft disk quota limit set less than the hard limit. It appears samba does not recognize the soft disk quota limit, but when I proceeded to try to exceed the hard limit with samba, it did correctly give me an error. It would be nice to use the soft limits to warn users their limit is approaching, but having a hard limit will have to suffice. - example smb: \> put termcap termcap11 Error writing file: NT_STATUS_DISK_FULL putting file termcap as \termcap11 (0.0 kb/s) (average 4379.4 kb/s) smb: \> put termcap termcap12 Error writing file: NT_STATUS_DISK_FULL putting file termcap as \termcap12 (0.0 kb/s) (average 2919.6 kb/s) smb: \> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba4 Debian etch
On Thu, 2008-01-10 at 15:18 +, Chris Robinson wrote: > Hi > > Using samba 3 I added users with smbpasswd. > > On Samba 4 this does not exist. We have a simple ejs script in setup/newuser for the timebeing. > How do I add users, and what username / password do I use to log into SWAT? System root, select 'system user' and have the PAM files setup in /etc/pam.d/samba Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux disk quota support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 emre wrote: > Dear Listmembers, > > I installed samba-3.0.28 and configured --with-quotas, but I don't seem > to be getting quota support. Is there a description on how to do quotas > with samba? Is there something I should know about besides the > configuration > option --with-quotas? > > Thank you, > Emre Brookes > > example- > > Last login: Fri Jan 11 16:44:19 2008 from localhost > Linux 2.4.33.3. > [EMAIL PROTECTED]:~$ cp termcap termcap2 > [EMAIL PROTECTED]:~$ cp termcap termcap3 > sd(8,17): warning, user block quota exceeded. > [EMAIL PROTECTED]:~$ rm termcap3 > [EMAIL PROTECTED]:~$ smbclient //localhost/homes > Password: > Domain=[SAMBA2] OS=[Unix] Server=[Samba 3.0.28] > smb: \> put termcap termcap3 > putting file termcap as \termcap3 (8757.9 kb/s) (average 8758.8 kb/s) > smb: \> put termcap termcap4 > putting file termcap as \termcap4 (8757.9 kb/s) (average 8758.8 kb/s) > smb: \> put termcap termcap5 > putting file termcap as \termcap5 (8969.0 kb/s) (average 13138.2 kb/s) > smb: \> exit > [EMAIL PROTECTED]:~$ ls > abcd termcap termcap2 termcap3* termcap4* termcap5* > [EMAIL PROTECTED]:~$ Something is amiss here. No quota support, to me, means that it won't realize it's out of quota, yes. However, seems to me that the OS should be enforcing this quota regardless of that fact (meaning that Samba would not show an out of quota message, but something less intelligent, like permission denied). Anyone else? > --- additional configuration data > > Linux 2.4.33.3 SMP i686 GNU/Linux > FS is ext3 > > > The configuration seemed to support this (from config.log) > > configure:57624: checking whether to try disk-quotas support > configure:57631: result: yes > configure:57667: checking whether to try the new lib/sysquotas.c interface > configure:57699: result: auto > configure:57706: checking whether to try the lib/sysquotas.c interface > on linux-gnu > configure:57710: result: yes > configure:57737: checking whether to use the lib/sysquotas_linux.c > builtin support > configure:57739: result: yes > configure:57748: checking whether to use the lib/sysquotas_xfs.c builtin > support > configure:57750: result: yes > > ... > > configure:57919: checking sys/fs/vx_quota.h usability > configure:57936: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE > -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED con\ftest.c >&5 > conftest.c:523:29: sys/fs/vx_quota.h: No such file or directory > > ... > configure:59087: checking whether the sys_quota interface works > configure:59123: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE > -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED -Ii\nclude > -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include > -I./libaddns -I./librpc -I./popt conftest.c >&5 > In file included from conftest.c:501: > ./lib/sysquotas.c: In function `command_get_quota': > ./lib/sysquotas.c:189: warning: assignment makes pointer from integer > without a cast > ./lib/sysquotas.c:216: warning: assignment makes pointer from integer > without a cast > In file included from conftest.c:501: > ./lib/sysquotas.c: In function `command_set_quota': > ./lib/sysquotas.c:341: warning: assignment makes pointer from integer > without a cast > ./lib/sysquotas.c:384: warning: assignment makes pointer from integer > without a cast > configure:59129: $? = 0 > configure:59146: result: yes > configure:59149: checking whether to use the new lib/sysquotas.c interface > configure:59163: result: yes > configure:59173: checking whether the sys_quota interface works with XFS > configure:59209: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE > -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED -Ii\nclude > -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include > -I./libaddns -I./librpc -I./popt conftest.c >&5 > configure:59215: $? = 0 > configure:59232: result: yes > configure:59245: checking whether the old quota support works > configure:59279: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE > -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED -Ii\nclude > -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include > -I./libaddns -I./librpc -I./popt conftest.c >&5 > configure:59285: $? = 0 > configure:59302: result: yes > configure:59305: checking whether to use the old quota support > configure:59321: result: no > > > ac_cv_header_sys_fs_vx_quota_h=n > > ac_cv_header_sys_quota_h=yes > > - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhqlDmb+gadEcsb4RAkrxAJ9HUg3jcCvHKYSwavloJ+cObmQFSwCfYBCR w7wxmfi/h53nZl9d+u/SHig= =v7ud -EN
[Samba] Linux disk quota support
Dear Listmembers, I installed samba-3.0.28 and configured --with-quotas, but I don't seem to be getting quota support. Is there a description on how to do quotas with samba? Is there something I should know about besides the configuration option --with-quotas? Thank you, Emre Brookes example- Last login: Fri Jan 11 16:44:19 2008 from localhost Linux 2.4.33.3. [EMAIL PROTECTED]:~$ cp termcap termcap2 [EMAIL PROTECTED]:~$ cp termcap termcap3 sd(8,17): warning, user block quota exceeded. [EMAIL PROTECTED]:~$ rm termcap3 [EMAIL PROTECTED]:~$ smbclient //localhost/homes Password: Domain=[SAMBA2] OS=[Unix] Server=[Samba 3.0.28] smb: \> put termcap termcap3 putting file termcap as \termcap3 (8757.9 kb/s) (average 8758.8 kb/s) smb: \> put termcap termcap4 putting file termcap as \termcap4 (8757.9 kb/s) (average 8758.8 kb/s) smb: \> put termcap termcap5 putting file termcap as \termcap5 (8969.0 kb/s) (average 13138.2 kb/s) smb: \> exit [EMAIL PROTECTED]:~$ ls abcd termcap termcap2 termcap3* termcap4* termcap5* [EMAIL PROTECTED]:~$ --- additional configuration data Linux 2.4.33.3 SMP i686 GNU/Linux FS is ext3 The configuration seemed to support this (from config.log) configure:57624: checking whether to try disk-quotas support configure:57631: result: yes configure:57667: checking whether to try the new lib/sysquotas.c interface configure:57699: result: auto configure:57706: checking whether to try the lib/sysquotas.c interface on linux-gnu configure:57710: result: yes configure:57737: checking whether to use the lib/sysquotas_linux.c builtin support configure:57739: result: yes configure:57748: checking whether to use the lib/sysquotas_xfs.c builtin support configure:57750: result: yes ... configure:57919: checking sys/fs/vx_quota.h usability configure:57936: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED con\ftest.c >&5 conftest.c:523:29: sys/fs/vx_quota.h: No such file or directory ... configure:59087: checking whether the sys_quota interface works configure:59123: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED -Ii\nclude -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include -I./libaddns -I./librpc -I./popt conftest.c >&5 In file included from conftest.c:501: ./lib/sysquotas.c: In function `command_get_quota': ./lib/sysquotas.c:189: warning: assignment makes pointer from integer without a cast ./lib/sysquotas.c:216: warning: assignment makes pointer from integer without a cast In file included from conftest.c:501: ./lib/sysquotas.c: In function `command_set_quota': ./lib/sysquotas.c:341: warning: assignment makes pointer from integer without a cast ./lib/sysquotas.c:384: warning: assignment makes pointer from integer without a cast configure:59129: $? = 0 configure:59146: result: yes configure:59149: checking whether to use the new lib/sysquotas.c interface configure:59163: result: yes configure:59173: checking whether the sys_quota interface works with XFS configure:59209: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED -Ii\nclude -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include -I./libaddns -I./librpc -I./popt conftest.c >&5 configure:59215: $? = 0 configure:59232: result: yes configure:59245: checking whether the old quota support works configure:59279: gcc -c -O -D_SAMBA_BUILD_=3 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLDAP_DEPRECATED -Ii\nclude -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include -I./libaddns -I./librpc -I./popt conftest.c >&5 configure:59285: $? = 0 configure:59302: result: yes configure:59305: checking whether to use the old quota support configure:59321: result: no ac_cv_header_sys_fs_vx_quota_h=n ac_cv_header_sys_quota_h=yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd locks gencache.tdb
Hi, I have some troubles with 3.0.14a on FreeBSD 4.10. I see a lot of process trying to lock gencache.tdb and the only solution is restart services. When I restart the service, it works fine for a while but suddendly the process are blocked again with the same file. I can't discover what process is holding the lock and the only weird thing that I see in the logs are some network errors like 'ECONNABORTED' on accept(). I try to set the permissions to 777 but It doesn't help and I don't know anything else to see. regards, Diego -- --- Diego Woitasen --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] looking for a pam_smbpass user to answer passwd sync issues
Deas, Jim escreveu: Ryan, Wish I could say yes but no, not clear. My existing users are all Mac OSX clients using the netatalk package. I never used a Mac or Netatalk, but ... Netatalk uses the PAM system to authenticate. I have the ldap modules in pam.d setup to use the LDAP posix structure for netatalk authentication. The issue is how to create and sync a smbpassword to the the exisiting LDAP/POSIX structure. I am half way there by adding the new sambaSam.schema to the LDAP system. I can now create a user with the standard smbpasswd program and authenticate them into a smb share. I don't mind telling the users that they need to change their password to gain access to the new smb services so a migration script is not needed. From what I understand there is no way to take the MD5 unix password and convert it to smb anyhow. Well, you probably will want to change the accounts adding the samba attributes first. (Sure, if you make that, you will have a nonworking password). Then make the clients change the passwords and sync. Best Option, find a way to make Fedora DS run a script that updates the users smb data including syncing the password when changes to the posix structure happen. I think I saw something like that as a patch to LDAP, but I dont remember even the name. I saw it and I didn't like it. Second Option, find a way to make pam.d execute both the passwd and smbpasswd processes for password changes. This is second choice as some of the Fedora DS tools would not be usefull. Here we have a contradiction, smbpasswd uses samba to do its job it doesn't do it directly, if you have that option (ask samba to do it) read below. You can make pam execute pam_winbind.so after pam_ldap.so and it will try to find a remote Winbind daemon, and ask it to change the samba password (and this Winbind will be using the LDAP password database). Maybe you dont like it, but its the only solution that I know that works using pam (the client can then use "passwd" and pam will sync both passwords). And NO, pam_smbpass.so that anyone tries to use don't do that, you really need winbind. I do not need to sync the other way around (smb->(md5)posix). Ok. Lets say that the other way around is the configuration made inside samba, so samba will sync the unix password inside LDAP by its own. Then it will be used by the samba tools, pdbedit, net, smbpasswd, etc. I will not authenticate WinX workstations with this system. Only smb disk share authentication via smbd. So in a sense, the PDC is only used by the several samba instances to authenticate disk shares. The last option is to make a custom script by your own. The smbldap-passwd script from smbldap-tools is made in Perl and makes almost that, accessing LDAP directly. I don't know if it will be the best option, as to bind to the base you need a password. So to change your password you need your password first, annoying. Web applications are an option too, but I never liked to do that this way. (...) Regards. Edmundo Valle Neto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA under window?
On Thu, Dec 20, 2007 at 01:32:42PM +1100, hce wrote: > Hi Yan, > > On Dec 20, 2007 1:10 PM, Yan Seiner <[EMAIL PROTECTED]> wrote: > > hce wrote: > > > On Dec 20, 2007 9:14 AM, Hugo Monteiro <[EMAIL PROTECTED]> wrote: > > > > > >> I happen to know there was a port of an early version of samba (version > > >> 2.0.10 stripped down) to a system that operates on embedded devices, > > >> such as a large set of wireless access points/routers using a certain > > >> broadcom board. Google for samba + openwrt. I'm not sure your "small" > > >> linux systems use the same architecture, but it's at least a good > > >> starting point IMHO. > > >> > > > > > > Thanks Hugo, it is good to know and I'll try this. Also thanks for all > > > other responses, your professional comments are greate approciated. > > > > > > > I have a port of samba 3.0.25b for embedded devices running openwrt. It > > takes anywhere from 500K to about 4 MB depending on what you need and > > the architecture you built it for. > > > > I'll be out of touch for about a week; if you still need it let me know > > around New Years. > > Thanks Yan, yes, I need it. If you could, please send source and > instructions to me ([EMAIL PROTECTED]) any time when you are > available. I've posted my build package for OpenWrt at http://www.seiner.com/samba3.tar.gz More at http://forum.openwrt.org/viewtopic.php?id=14071 --Yan > > Thank you and a happy new year. > > Kind Regards, > > Jim > > !DSPAM:4769d53c59151410093335! > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] looking for a pam_smbpass user to answer passwd sync issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Deas, Jim wrote: > Ryan, > Wish I could say yes but no, not clear. My existing users are all Mac > OSX clients using the netatalk package. Netatalk uses the PAM system to > authenticate. I have the ldap modules in pam.d setup to use the LDAP > posix structure for netatalk authentication. > The issue is how to create and sync a smbpassword to the the exisiting > LDAP/POSIX structure. I am half way there by adding the new > sambaSam.schema to the LDAP system. I can now create a user with the > standard smbpasswd program and authenticate them into a smb share. > > I don't mind telling the users that they need to change their password > to gain access to the new smb services so a migration script is not > needed. If you don't mind telling them that, fine. In that case, pam_smbpass is not necessary, and you can use LDAP tools to keep passwords in sync. There are many documents on the web about how to do this. > From what I understand there is no way to take the MD5 unix > password and convert it to smb anyhow. That is true, but not entirely. The way that pam_smbpasswd "converted" the file is that it would be present in the "auth" part of the PAM stack. You would authenticate the user however they are authenticating at present. Basically: 1) User enters PW upon a login to any PAM-enabled auth service. 2) PAM receives password, and accepts the user/auth's them. 3) PAM hands the password that was just entered to pam_smbpasswd. 4) pam_smbpasswd takes that user input (thereby not needing the hash) and hashes it in SMB and writes it to smbpasswd. As you can see, there is no password change here, just normal auth. That is what I was talking about. There is no conversion of MD5 to SMB, just conversion of user input of their password during their normal duties into the SMB file. > Best Option, find a way to make Fedora DS run a script that updates the > users smb data including syncing the password when changes to the posix > structure happen. > > Second Option, find a way to make pam.d execute both the passwd and > smbpasswd processes for password changes. This is second choice as some > of the Fedora DS tools would not be usefull. > > I do not need to sync the other way around (smb->(md5)posix). I will not > authenticate WinX workstations with this system. Only smb disk share > authentication via smbd. So in a sense, the PDC is only used by the > several samba instances to authenticate disk shares. > > JD > > > -Original Message- > From: Ryan Novosielski [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 10, 2008 10:28 AM > To: Deas, Jim > Cc: samba@lists.samba.org > Subject: Re: [Samba] looking for a pam_smbpass user to answer passwd > sync issues > > Jim, > > The only advantage that pam_smbpass gives you over the built-in LDAP > methods is that it allows the passwords to be migrated WITHOUT a > password change (successful auth is enough to trigger the migration in a > properly configured PAM setup). > > If you are planning to force every user to change their password in > order to be migrated, there is no need to use pam_smbpass are there are > better LDAP built-in tools to accomplish the same thing (that will not > require you to jump through the additional hurdle of importing the > newly-created smbpasswd file to LDAP). > > In my case, it was unacceptable to make 10,000 students change their > passwords to get them into the smbpasswd file. What we did (note, we > were actually using smbpasswd at that time, so it was the obvious > choice) is to use the migrate argument (or whatever it is called -- the > docs mention it) in order to migrate them into smbpasswd when they > logged into our lab next. After a few months we were confident everyone > made it in, and we pulled the trigger on using that passdb instead of > the unencrypted use of /etc/passwd. > > Is this clearer now? > > Deas, Jim wrote: >> I need to let my users change their password using PAM to preserve the >> existing ldap authentication system. How can I force pam to sync the > smb >> password to the unix one. > >> I am running Fedora 7 package on an x86-64 system. I have smb working >> via ldap and sambasam.schema (v3.0.24) I have unix password sync = yes >> but it should not come into play as I never plan to reset passwords > via >> smbd. > > > >> In '/etc/pam.d/system-auth' I was trying to use pam_smbpass.so > >> The original pam script for password had > > > >> password sufficient pam_ldap.so use_authtok > > > >> I changed it to: > > > >> password requisitepam_ldap.so use_authtok > >> password requiredpam_smbpass.so use_authtok >> try_first_pass > > > > > >> The problem is I get a token manipulation error. Am I using it wrong? > > > >> What would be even better is if someone knows how to do this directly > in >> Fedora DS so all avenues of changing the password would change both. >> Apparen
RE: [Samba] looking for a pam_smbpass user to answer passwd sync issues
Ryan, Wish I could say yes but no, not clear. My existing users are all Mac OSX clients using the netatalk package. Netatalk uses the PAM system to authenticate. I have the ldap modules in pam.d setup to use the LDAP posix structure for netatalk authentication. The issue is how to create and sync a smbpassword to the the exisiting LDAP/POSIX structure. I am half way there by adding the new sambaSam.schema to the LDAP system. I can now create a user with the standard smbpasswd program and authenticate them into a smb share. I don't mind telling the users that they need to change their password to gain access to the new smb services so a migration script is not needed. From what I understand there is no way to take the MD5 unix password and convert it to smb anyhow. Best Option, find a way to make Fedora DS run a script that updates the users smb data including syncing the password when changes to the posix structure happen. Second Option, find a way to make pam.d execute both the passwd and smbpasswd processes for password changes. This is second choice as some of the Fedora DS tools would not be usefull. I do not need to sync the other way around (smb->(md5)posix). I will not authenticate WinX workstations with this system. Only smb disk share authentication via smbd. So in a sense, the PDC is only used by the several samba instances to authenticate disk shares. JD -Original Message- From: Ryan Novosielski [mailto:[EMAIL PROTECTED] Sent: Thursday, January 10, 2008 10:28 AM To: Deas, Jim Cc: samba@lists.samba.org Subject: Re: [Samba] looking for a pam_smbpass user to answer passwd sync issues -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jim, The only advantage that pam_smbpass gives you over the built-in LDAP methods is that it allows the passwords to be migrated WITHOUT a password change (successful auth is enough to trigger the migration in a properly configured PAM setup). If you are planning to force every user to change their password in order to be migrated, there is no need to use pam_smbpass are there are better LDAP built-in tools to accomplish the same thing (that will not require you to jump through the additional hurdle of importing the newly-created smbpasswd file to LDAP). In my case, it was unacceptable to make 10,000 students change their passwords to get them into the smbpasswd file. What we did (note, we were actually using smbpasswd at that time, so it was the obvious choice) is to use the migrate argument (or whatever it is called -- the docs mention it) in order to migrate them into smbpasswd when they logged into our lab next. After a few months we were confident everyone made it in, and we pulled the trigger on using that passdb instead of the unencrypted use of /etc/passwd. Is this clearer now? Deas, Jim wrote: > I need to let my users change their password using PAM to preserve the > existing ldap authentication system. How can I force pam to sync the smb > password to the unix one. > > I am running Fedora 7 package on an x86-64 system. I have smb working > via ldap and sambasam.schema (v3.0.24) I have unix password sync = yes > but it should not come into play as I never plan to reset passwords via > smbd. > > > > In '/etc/pam.d/system-auth' I was trying to use pam_smbpass.so > > The original pam script for password had > > > > password sufficient pam_ldap.so use_authtok > > > > I changed it to: > > > > password requisitepam_ldap.so use_authtok > > password requiredpam_smbpass.so use_authtok > try_first_pass > > > > > > The problem is I get a token manipulation error. Am I using it wrong? > > > > What would be even better is if someone knows how to do this directly in > Fedora DS so all avenues of changing the password would change both. > Apparently smbpasswd depends on smbd running so that is not an option. I > don't know if pdbedit could do it or be launched as a script directly > from the directory server. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhmOqmb+gadEcsb4RArjdAKCmAEQwCbLSA05PZdIOaTu7wFYoxwCgszTk XCSfXIx6FZP52HVIhcCTZic= =0Taj -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help with backslash issue on smbfs
* Michael Grice <[EMAIL PROTECTED]> [080109 17:42] wrote: > I am in the middle of migrating a number of applications from one server > to another and I am running into an issue with backslashes on a smbfs > mount. Basically, the backslash can be used in a file path on the old > server and not on the new. This turns out to be important because of the > samba share is used to store data for a large number of FTP clients, who > use an old automated script which chokes on the backslash. The script > unfortunately would be very difficult to replace. [...] No replies. I was afraid I might be out of luck from the samba end. For anyone looking through the archives or googling this later, however, I wound up working around it at the application level. One of my colleagues pointed out that proftpd has its own mod_rewrite, and it appears I'll be able to get that to work. --Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] DFS
On Thu, Jan 10, 2008 at 07:41:23PM +0100, Remy Zandwijk wrote: > Hi, > >> I see this on a windows map driver (I haven't tried it with linux): >> W:\Install\Windows\Windows\bla\salala >> So the first directory on the share get doubled, the real path should be >> (and was before) W:\Install\Windows\bla\salala . >> The mpost interesting thing is that it doesn't happen always. This is, how >> I made the DFS links: >> msdfs:192.168.0.100\Install -> install (before the reinstall it was >> msdfs:\\192.168.0.100\Install -> Install, and worked, but now does not >> matter). > > We've seen this as well; in our case the share isn't mapped to a drive > letter. > > In stead of seeing \\server\Install\Windows\bla\salala we see > \\server\Install\Windows\Windows\bla\salala > > > Does your Windows Explorer crash as well after a short while, while > accessing the 'doubled' share? No, everything works fine, except the doubled thing. Now I reinstalled with CentOS 4.4 and still looks fine (I really hope). Bye, tompos -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] DFS
Hi, I see this on a windows map driver (I haven't tried it with linux): W:\Install\Windows\Windows\bla\salala So the first directory on the share get doubled, the real path should be (and was before) W:\Install\Windows\bla\salala . The mpost interesting thing is that it doesn't happen always. This is, how I made the DFS links: msdfs:192.168.0.100\Install -> install (before the reinstall it was msdfs:\\192.168.0.100\Install -> Install, and worked, but now does not matter). We've seen this as well; in our case the share isn't mapped to a drive letter. In stead of seeing \\server\Install\Windows\bla\salala we see \\server\Install\Windows\Windows\bla\salala Does your Windows Explorer crash as well after a short while, while accessing the 'doubled' share? -Remy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printers stop working (SOLVED, well kinda)
On Thursday 10 January 2008 16:31, Ryan Novosielski wrote: > In cases like this, you really need to leave the original thread in the > message. you're right; so to make it easier for others here's the whole thing: > > we seem to have a weird problem with our samba server and i hope somebody > > can point me in the right direction to find the cause of this problem > > > > > > setup: > > smbAT02:~# uname -a > > Linux smbAT02 2.6.18-5-amd64 #1 SMP Sat Dec 22 20:43:59 UTC 2007 x86_64 > > GNU/Linux > > .) the OS is debian stable (etch) > > .) samba version is 3.0.24-6etch9 > > .) the server has 8GB of RAM, 2 quad core intel cpus, about 1.5 TB of > > user data and between 40 and 100 concurrent users. > > > > we use CUPS as printing backend and in general everything is working just > > fine but since we initially installed the server about 1 month ago we had > > 3 incidents where printing on one of the configured network printers > > (configured as RAW printers in cups) just stopped working. the windows > > clients just displayed an 'access denied' message. printing directly via > > CUPS worked so we figured the problem must be samba. > > > > please take a look at this (HPCLJ4600 was working, HPCLJ4700 was not): > > > > # smbclient smbat02\\HPCLJ4600 -U username > > Password: > > Domain=[FOCUS-AT-01] OS=[Unix] Server=[Samba 3.0.24] > > smb: \> print /exports/samba/home/username/test.txt > > putting file /exports/samba/home/username/test.txt as test.txt-9135 (2.7 > > kb/s) (average 2.7 kb/s) > > smb: \> exit > > > > # smbclient smbat02\\HPCLJ4700 -U username > > Password: > > Domain=[FOCUS-AT-01] OS=[Unix] Server=[Samba 3.0.24] > > smb: \> print /exports/samba/home/username/test.txt > > NT_STATUS_DISK_FULL opening remote file test.txt-9160 > > > > the [printers] section from smb.conf looks like this: > > > > [printers] > > comment = Printers > > path = /tmp > > browseable = No > > printable = Yes > > guest ok = Yes > > > > during all this there was plenty of space left on /tmp and also > > on /var/cache/samba/printing where the tdb files reside so i really don't > > get the DISK_FULL error message. > > > > the problem turned out to be solvable by removing or renaming the > > corresponding printer's tdb file. the funny thing is, that the tdb files > > seem completely ok: > > > > (HPCLJ4700.tdb.bak is the one with which printing did not work) > > > > # tdbbackup -v HPCLJ4700.tdb.bak > > HPCLJ4700.tdb.bak : 1007 records > > > > # tdbbackup -v HPCLJ4700.tdb > > HPCLJ4700.tdb : 634 records > > > > the same with a different printer: > > # tdbbackup -v HPLJ9050.tdb.bak > > HPLJ9050.tdb.bak : 1009 records > > > > # tdbbackup -v HPLJ9050.tdb > > HPLJ9050.tdb : 54 records > > > > we are using mostly windows 2000 and some windows XP client machines. > > big thanks in advance for any ideas that could help me resolve that...3 > > broken printers in about a month is really not too good. > > > > are there any limits on filesizes or maximum records that can be in a > > printer's tdb file? any other ideas what could have caused this? > > there is a parameter called "max print jobs" which is 1000 by default so as > soon as the number of print jobs exceeds 1000 samba won't let users print > anymore. > > we have so far not definitely found the reason why the number of jobs in > the tdb file keeps rising but we believe it might be some sort of locking > problem so that when clients (such as badly programmed *&%*$ access > programs) send a large number of print jobs very rapidly the smbd cannot > remove finished print jobs from the tdb file (fast enough? or because it is > locked and the remove-requests time out?) causing it to fill up over time. > > so far we decided to set "max print jobs" to something reasonable large and > use a weekly or monthly cronjob to remove /var/cache/samba/printing/*.tdb > and reload smbd. -- best rgds, armin walland focus market research IT :: development, administration http://www.focusmr.com maculangasse 8 1220 wien please try not to send me HTML emails! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP always see folder with read-only attribute set
Dear all, I've got a linux server running samba-3.0.10 with some windows xp and windows 2k clients. My config is something like: [global] server string = aroprod workgroup = WORKGROUP hosts allow = 192.168.0. 127. security = share load printers = yes printing = cups printcap name = cups prefered master = yes os level = 65 read only = no [publica] path = /sis/publica/ read only = No guest ok = Yes nt acl support = No force user = sis force group = sis When accessing any folder within this "publica" share from a windows xp the folder's attribute "read-only" is set. Any file within this folder has got sis:sis ownership and u+rws,g+rws permissions; besides, even if windows says that is "read-only" I can browse inside it and create or delete any folder or file inside it, which is right as it is not a read-only share. Does anyone has an idea what could be happening and how to avoid windows showing it as "read-only"??? Many thanks in advance. Best regards -- Héctor Sánchez Sanmartín PlanaTec Software S.L. ** Castellón (Spain) tlf: +34 964340560 ** fax: +34 964340562 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] looking for a pam_smbpass user to answer passwd sync issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jim, The only advantage that pam_smbpass gives you over the built-in LDAP methods is that it allows the passwords to be migrated WITHOUT a password change (successful auth is enough to trigger the migration in a properly configured PAM setup). If you are planning to force every user to change their password in order to be migrated, there is no need to use pam_smbpass are there are better LDAP built-in tools to accomplish the same thing (that will not require you to jump through the additional hurdle of importing the newly-created smbpasswd file to LDAP). In my case, it was unacceptable to make 10,000 students change their passwords to get them into the smbpasswd file. What we did (note, we were actually using smbpasswd at that time, so it was the obvious choice) is to use the migrate argument (or whatever it is called -- the docs mention it) in order to migrate them into smbpasswd when they logged into our lab next. After a few months we were confident everyone made it in, and we pulled the trigger on using that passdb instead of the unencrypted use of /etc/passwd. Is this clearer now? Deas, Jim wrote: > I need to let my users change their password using PAM to preserve the > existing ldap authentication system. How can I force pam to sync the smb > password to the unix one. > > I am running Fedora 7 package on an x86-64 system. I have smb working > via ldap and sambasam.schema (v3.0.24) I have unix password sync = yes > but it should not come into play as I never plan to reset passwords via > smbd. > > > > In '/etc/pam.d/system-auth' I was trying to use pam_smbpass.so > > The original pam script for password had > > > > password sufficient pam_ldap.so use_authtok > > > > I changed it to: > > > > password requisitepam_ldap.so use_authtok > > password requiredpam_smbpass.so use_authtok > try_first_pass > > > > > > The problem is I get a token manipulation error. Am I using it wrong? > > > > What would be even better is if someone knows how to do this directly in > Fedora DS so all avenues of changing the password would change both. > Apparently smbpasswd depends on smbd running so that is not an option. I > don't know if pdbedit could do it or be launched as a script directly > from the directory server. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhmOqmb+gadEcsb4RArjdAKCmAEQwCbLSA05PZdIOaTu7wFYoxwCgszTk XCSfXIx6FZP52HVIhcCTZic= =0Taj -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] looking for a pam_smbpass user to answer passwd sync issues
I need to let my users change their password using PAM to preserve the existing ldap authentication system. How can I force pam to sync the smb password to the unix one. I am running Fedora 7 package on an x86-64 system. I have smb working via ldap and sambasam.schema (v3.0.24) I have unix password sync = yes but it should not come into play as I never plan to reset passwords via smbd. In '/etc/pam.d/system-auth' I was trying to use pam_smbpass.so The original pam script for password had password sufficient pam_ldap.so use_authtok I changed it to: password requisitepam_ldap.so use_authtok password requiredpam_smbpass.so use_authtok try_first_pass The problem is I get a token manipulation error. Am I using it wrong? What would be even better is if someone knows how to do this directly in Fedora DS so all avenues of changing the password would change both. Apparently smbpasswd depends on smbd running so that is not an option. I don't know if pdbedit could do it or be launched as a script directly from the directory server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] password sync "Failed to open/create TDB passwd"
I am trying to enable unix password sync. PDC is solaris 3.026a on Solaris 9. my smb.conf file includes: [global] workgroup = MYDOMAIN server string = myserver passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat=*New\sPassword:\s%n\nRe-enter\snew\sPassword:\s%n\npasswd:\s password\ssuccessfully\schanged*\n unix password sync = Yes passwd chat debug = yes passwd chat timeout = 10 dos charset = UTF8 unix charset = UTF8 display charset = UTF8 Samba was compiled to /usr/local/samba-3.0.26a # ls -l /usr/local/samba-3.0.26a/private/passdb.tdb -rw--- 1 root sysadmin 49152 Jan 10 08:05 /usr/local/samba-3.0.26a/private/passdb.tdb Assuming password sync is disabled, password or account changes with smbpasswd, pdbedit, User Manager for Domains work fine. If I enable password sync, I can't change passwords as a user at a PC, or as an administrator with User Manager for Domains. (I also can't use User Manager for Domains to change things like "password never expires." The samba log file of the Windows server with UsrMgr shows the following: [2008/01/10 10:50:14, 5] lib/username.c:Get_Pwnam_internals(108) Get_Pwnam_internals did find user [jsmith] ... [2008/01/10 10:50:14, 2] lib/util_tdb.c:tdb_log(662) tdb(unnamed): tdb_open_ex: could not open file /usr/local/samba-3.0.26a/privat e/passdb.tdb: Permission denied [2008/01/10 10:50:14, 0] passdb/pdb_tdb.c:tdbsam_open(829) tdbsam_open: Failed to open/create TDB passwd [/usr/local/samba-3.0.26a/privat e/passdb.tdb] The passdb file does exist- and samba is running as root. I have a separate unix/windows account for the Domain Admin. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] Windows doesn't show Samba group names, only SIDs
Forwarding this to the list: >> I've had that problem before and it was always due to winbindd not >> running >> or not running properly. >> >> If you have swat loaded you should be able check the status tab as well >> as >> restart winbindd. >> > With ldap (no ads) you supposedly do not need winbind but I can admit > I have seen this behavior so I am not sure. > > John > I'm running samba as a domain controller in two locations, both with OpenLDAP and yes, winbindd is installed and running. You don't actually "need" winbind, but you won't get your group and user name mapping without it. You may also want to post a copy of your smb.conf on the list and drop a copy to me. You have the following config option in the smb.conf for windbind and LDAP working together. In this case, the idmap backend option is assuming that the samba domain controller and the LDAP server are the same box. It's been working great for me for about three years now. idmap backend = ldap:ldap://127.0.0.1/ idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 Also, I'm not sure about Suse, but with RedHat, I had to install and enable winbindd. It wasn't installed with samba. Jim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Idmapping problem on member server
Dear Samba Users, I've got a problem with the ID-Mapping at a Samba (3.0.22 / Ubuntu Dapper) Setup with an LDAP Backend. I do the following: 1. Access a samba share at a Samba member server from a windows client 2. Set an acl entry for a group of the domain. The group exists an the LDAP backend as a samba group. But the member server will create an idmap-Entry for this group. The acl entry at the underlying filesystem will be created with the new created idmap gid. If I do the same with a file on a share of the domain controller, everything works as expected. On the filesystem, the ACL entry will be created with the correct group id. I look at the ldap logfile and see the following: The domain controller searches for the goup entry at the LDAP backend. It will be found. But the member server searches only for Idmap entries at ldap. As it found no entry for the group, it will create an entry. Where is my configuration-mistake? * global section of smb.conf on DC [global] workgroup = LWLAB domain logons = yes domain master = yes preferred master = yes security = user passdb backend = ldapsam:ldap://127.0.0.1 ldap suffix = dc=lwlab,dc=de ldap admin dn = cn=sambaadmin,dc=lwlab,dc=de ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap #ldap idmap suffix = ou=Users ldap passwd sync = yes ldap delete dn = Yes obey pam restrictions = no idmap backend = ldap:ldap://192.168.5.11 idmap uid = 15000-2 idmap gid = 15000-2 passwd program = /usr/sbin/smbldap-passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" wins support = yes * global section of smb.conf on member server [global] workgroup = LWLAB netbios name = fileserv security = domain wins server = 192.168.5.11 password server = 192.168.5.11 ldap suffix = dc=lwlab,dc=de ldap admin dn = cn=sambaadmin,dc=lwlab,dc=de ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers idmap backend = ldap:ldap://192.168.5.11 ldap idmap suffix = ou=Idmap idmap uid = 15000-2 idmap gid = 15000-2 Best regards, Martin Werthmoeller -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printers stop working (SOLVED, well kinda)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 armin walland wrote: > for the search engines; we have found what the problem was. > > there is a parameter called "max print jobs" which is 1000 by default so as > soon as the number of print jobs exceeds 1000 samba won't let users print > anymore. > > we have so far not definitely found the reason why the number of jobs in the > tdb file keeps rising but we believe it might be some sort of locking problem > so that when clients (such as badly programmed *&%*$ access programs) send a > large number of print jobs very rapidly the smbd cannot remove finished print > jobs from the tdb file (fast enough? or because it is locked and the > remove-requests time out?) causing it to fill up over time. > > so far we decided to set "max print jobs" to something reasonable large and > use a weekly or monthly cronjob to remove /var/cache/samba/printing/*.tdb and > reload smbd. > > cheers! :) > In cases like this, you really need to leave the original thread in the message. I can tell you there was a bug in earlier versions of Samba (early 3.0.x series) that would not die. I believe these days it was resolved, but it had a very similar impact. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhjpKmb+gadEcsb4RApSdAJ99eGSS4nxgya91ngYgMirGbDsuMwCgwv+Z 21HB2BQcZyp75PCa1f4p38U= =yTMZ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba4 Debian etch
Hi Using samba 3 I added users with smbpasswd. On Samba 4 this does not exist. How do I add users, and what username / password do I use to log into SWAT? -- Regards Chris Robinson W: www.krc.org.uk/chris E: [EMAIL PROTECTED] T: 01708 757516/874112 F: 020 7099 6814 M: 07887 98 33 55 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printers stop working (SOLVED, well kinda)
for the search engines; we have found what the problem was. there is a parameter called "max print jobs" which is 1000 by default so as soon as the number of print jobs exceeds 1000 samba won't let users print anymore. we have so far not definitely found the reason why the number of jobs in the tdb file keeps rising but we believe it might be some sort of locking problem so that when clients (such as badly programmed *&%*$ access programs) send a large number of print jobs very rapidly the smbd cannot remove finished print jobs from the tdb file (fast enough? or because it is locked and the remove-requests time out?) causing it to fill up over time. so far we decided to set "max print jobs" to something reasonable large and use a weekly or monthly cronjob to remove /var/cache/samba/printing/*.tdb and reload smbd. cheers! :) -- best rgds, armin walland focus market research IT :: development, administration http://www.focusmr.com maculangasse 8 1220 wien +43 (0)1-258 97 01 291 please try not to send me HTML emails! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba problem connecting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carter, David SIS SB56 ITMOXF POWERGEN wrote: > > > > Installed Samba 3.0.10 via 'pkgadd' on Solaris 2.6 - previously running > Samba 2.2.8. > > It starts up and SWAT confirms that it is running and I am using the > same smb.conf but I am unable > to connect to a share via PC. > Message "\\s080 is not accessible. You might not have permission to use > this network resource. > Contact the administrator of this server to find out if you have access > permissions. > The account is not authorized to log in from this station" > > Restarting old Samba 2.2.8 version allows me connect to a share via PC. > What do I need to do to get the newer version to work. As yet I have not > been able to find any helpful information on this message/condition. > > > Dave Carter Turn up logging with log level/debug level (synonyms for each other). - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhiW/mb+gadEcsb4RAoPtAJkBEN/KZH+9/O2uP2YWuhyZFz/qwACeJzHA QYdNwjThyLdV8nngEg8oGZU= =c88t -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RE: Sync passwords unix/smb with FDS backend?
On Wed, 2008-01-09 at 21:31 -0500, Adam Tauno Williams wrote: > > Sorry about the acro, I am working with Fedora Directory Server (ldap). > > Currently user passwords stored in FDS can be changed from netatalk > > (apple protocol), FDS web interface, or unix/passwd via the PAM > > interface. To hit all three of these areas I would think that the > > password sync would need to somehow be down in FDS. > > Looking forward I would like to find an ldap solution. Anything else > > will cause additional steps when I add new users to the network. > > I will read through pbedit but unless I can trigger it through ldap I > > don't know what good it will do. > > See if FDS has an overlay/plugin/yadayada like OpenLDAP's smbk5pwd (sp?) > that lets the client perform an change-password exop and have all the > passwords managed by the server (DSA). Samba supports this mode, don't > know about netatalk. I have written a slapi plugin specific to the FreeIPA project, but you can easily extract what you need probably, see the ipa-pwd-extop plugin here: http://hg.fedorahosted.org/hg/freeipa/file/ef7de25000ff/ipa-server/ipa-slapi-plugins/ Simo. -- Simo Sorce Samba Team GPL Compliance Officer <[EMAIL PROTECTED]> Senior Software Engineer at Red Hat Inc. <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Special Permissions
Hi everyone: I use samba and the clients to access a samba is Windows. I want to share a folder and users to be able to create and share subfolders into this folder by properties/security of Windows. But when I create a subfolder and view the security tab I see "special permissions" instead of normal ones and I need to press "Advanced" button in order to get permissions list. Since there are not special permissions how could I see "normal permissions" in security tab? Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with samba and VISTA SP1 and samba Version 3.0.23d
Yesterday i installed then new SP1 RC for Microsoft Vista Enterprise, Since then I cant connect to our samba server any more. Samba is configured as ad member, with winbind and idmap backend = rid. Has anyone the same Problem ? Mit freundlichen Grüßen Michael Mössler uhb consulting AG Chiemseering 1 84427 St. Wolfgang Tel.:08085/939-131 Fax.: 08085/939-222 Web: www.uhb-consulting.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba problem connecting
Installed Samba 3.0.10 via 'pkgadd' on Solaris 2.6 - previously running Samba 2.2.8. It starts up and SWAT confirms that it is running and I am using the same smb.conf but I am unable to connect to a share via PC. Message "\\s080 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The account is not authorized to log in from this station" Restarting old Samba 2.2.8 version allows me connect to a share via PC. What do I need to do to get the newer version to work. As yet I have not been able to find any helpful information on this message/condition. Dave Carter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba