Re: [Samba] FreeBSD: Changing UNIX passwords from Windows

[Michael Heydon]

Ken Gunderson wrote:

On Mon, 11 Feb 2008 02:06:51 +0100
"Jon Theil Nielsen" <[EMAIL PROTECTED]> wrote:

  

Hello
 
We have a FreeBSD server (7.0 BETA3) running as PDC (Samba 3.0.28) passwords

stored in tdbsam. Theres are no problems for users and machines to log on to
the network as long as they use the passwords I have made by smbpasswd -a
username. But I cannot make a working configuration which allows users to
change their own passwords on the server. They are told something like "You
do not have permission to change your password". I guess the problem is the
communication between Samba and the server, the passwd chat, but I'm not
sure. I have the following lines in smb.conf
 
passwd program = /usr/bin/passwd %u

unix password sync = Yes
passwd chat = *New*password* %n\n *Retype*new*passwordn* %n\n



Might want to try: 


passwd chat = *Old*Password* %n\n *New*Password* %n\n
*Retype*New*Password* %n\n

  
The password command is called as root, I believe that one of the 
requirements is that it does not prompt for the old password since samba 
will have no idea what the old password was.


If you enable passwd chat debugging (and maybe up the log level) you 
should be able to see exactly what is sent and recieved by samba/passwd.



--hth

  


*Michael Heydon - IT Administrator *
[EMAIL PROTECTED] 
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] FreeBSD: Changing UNIX passwords from Windows

[Ken Gunderson]

On Mon, 11 Feb 2008 02:06:51 +0100
"Jon Theil Nielsen" <[EMAIL PROTECTED]> wrote:

> Hello
>  
> We have a FreeBSD server (7.0 BETA3) running as PDC (Samba 3.0.28) passwords
> stored in tdbsam. Theres are no problems for users and machines to log on to
> the network as long as they use the passwords I have made by smbpasswd -a
> username. But I cannot make a working configuration which allows users to
> change their own passwords on the server. They are told something like "You
> do not have permission to change your password". I guess the problem is the
> communication between Samba and the server, the passwd chat, but I'm not
> sure. I have the following lines in smb.conf
>  
> passwd program = /usr/bin/passwd %u
> unix password sync = Yes
> passwd chat = *New*password* %n\n *Retype*new*passwordn* %n\n

Might want to try: 

passwd chat = *Old*Password* %n\n *New*Password* %n\n
*Retype*New*Password* %n\n

--hth

-- 
Best regards,

Ken Gunderson

Q: Because it reverses the logical flow of conversation.
A: Why is putting a reply at the top of the message frowned upon?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] FreeBSD: Changing UNIX passwords from Windows

[Jon Theil Nielsen]

Hello
 
We have a FreeBSD server (7.0 BETA3) running as PDC (Samba 3.0.28) passwords
stored in tdbsam. Theres are no problems for users and machines to log on to
the network as long as they use the passwords I have made by smbpasswd -a
username. But I cannot make a working configuration which allows users to
change their own passwords on the server. They are told something like "You
do not have permission to change your password". I guess the problem is the
communication between Samba and the server, the passwd chat, but I'm not
sure. I have the following lines in smb.conf
 
passwd program = /usr/bin/passwd %u
unix password sync = Yes
passwd chat = *New*password* %n\n *Retype*new*passwordn* %n\n
 
I'm not sure the chat is correct and would like to hear about what migth be
more correct for this version of FreeBSD. I have tried to set passwd chat
debug = Yes, but that did not provide any useful (to me, at least)
information on the nature of the problem.
I haven't tried with PAM, since that is not something I like to play with i
FreeBSD.
I haven't been able to find much information on this issue between FreeBSD
and Samba, bur I'm sure there must be a solution. I don't know if the
solution is to use another password database (e.g. LDAP), but this seems to
be a rather complicated issue too.
 
Regards,
Jon Theil Nielsen

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba never dereference alias object

[CheeYang Chau]

Hi,

I use alias object in my DIT tree.  However, I notice SAMBA server configure
to work with LDAP never dereference the object in the ldap.log file:

Feb 10 23:25:59 deer slapd[7289]: conn=122 op=171 SRCH
base="ou=samba,dc=estream,dc=com,dc=my" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=500))"

The deref is always = 0.  I have set the "DEREF always" in ldap.conf but I
don't think it is related.  The deref should be samba's request.  I didn't
find any related setting in smb.conf.

Any ideas? Please advice. Thank you.

-- 
Best regards,
Chau Chee Yang

E Stream Software Sdn Bhd
URL: www.sql.com.my
SQL Financial Accounting
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] root preexec problem

[Guido Lorenzutti]

Same here. I change the root preexec = script.sh
And in the script.sh I put everything that you do...
I don't know why this stop working when I upgrade too.

Robert wrote:
> Hi,
>
> I'm doing an upgrade to the latest samba 3.0.28, and something's bugging me: 
> on the old server I had this working OK:
>
> root preexec = /usr/local/bin/ntlogon.py --user=%U --os=%m 
> --dir=/home/samba/netlogon/ && /usr/local/bin/pdc-log.sh %U %m %a %d
>
> On 3.0.28, I can only get the first script to run, everything after && is 
> ignored. I have tried to put just the second script in the parameter, and it 
> works. I have checked all the changelogs since my current version, and 
> nothing seems to be changed for this parameter - what I'm I doing wrong?
>
> Thanx,
> Robert
>
>
>
>
>
>   
> 
> Be a better friend, newshound, and 
> know-it-all with Yahoo! Mobile.  Try it now.  
> http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 
>
>   

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] locking and gfs

[Volker Lendecke]

On Sun, Feb 10, 2008 at 10:56:30AM -0500, Ross S. W. Walker wrote:
> > You can perfectly fine use samba on top of gfs, as long as
> > you only share your data from a single node or (more
> > precisely) make sure that every directory is only shared via
> > a single node. Different directories can be shared via
> > different nodes.
> 
> If samba+gfs is really only feasible for single node access then
> why even use GFS? Why not just use ext3 and CLVM and have the
> logical volumes fail-over from node-to-node? It definitely
> would be a whole lot simpler to deploy.

Two points:

ctdb is made to work around this limitation. So a
cluster-enabled Samba can share the same file space via
different nodes.

Having the storage online on multiple nodes should give you
much quicker failover times. No fsck.

Volker


pgp3oGqca3gkm.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] locking and gfs

[Ross S. W. Walker]

Volker Lendecke wrote:
> On Sun, Feb 10, 2008 at 12:51:24AM +0100, Markus Neis wrote:
> > Ok I understand. People that earn more money than me made
> > this decision ;-) But I wonder why Redhat offers the
> > possibility in their cluster suite to setup samba services
> > on top of gfs. This should be a known problem then.
> > However, as I understand you its not a good idea to use
> > samba with gfs unless we would use ctdb?
> 
> You can perfectly fine use samba on top of gfs, as long as
> you only share your data from a single node or (more
> precisely) make sure that every directory is only shared via
> a single node. Different directories can be shared via
> different nodes.

If samba+gfs is really only feasible for single node access then
why even use GFS? Why not just use ext3 and CLVM and have the
logical volumes fail-over from node-to-node? It definitely
would be a whole lot simpler to deploy.

-Ross

__
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] vscan module: looking for a quick virus scanner?

[Marcus Sobchak <[EMAIL PROTECTED]>]

Hi,

which virus scanner is a good choice to use with VFS vcan module on a
samba 3.0.24 with 350 users? I played with clamd. It's working, but the
scanning seems to be quite slow. :-( I searched the web, but couldn't
find any good performance tests for linux antivirus scanners. The
scanner should run as daemon, not just as command line scanner. Any
ideas?

Thanks,
Marcus
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] locking and gfs

[Markus Neis]

That's true, but I still wonder why there are no performance problems when I 
set locking = no ! 
_
Unbegrenzter Speicherplatz für Ihr E-Mail Postfach? Jetzt aktivieren!
http://www.digitaledienste.web.de/freemail/club/lp/?lp=7

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] locking and gfs

[Volker Lendecke]

On Sun, Feb 10, 2008 at 01:20:20AM +0100, Markus Neis wrote:
> here's my smb.conf if you would be so nice ... ;-)

No. Analyzing performance problems can't be done by looking
at config files only. You have to sit at the console of that
box and see the dynamic behaviour :-)

Volker


pgpYJV2o8dqz0.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba