Re: [Samba] openldap - samba

2008-04-25 Thread Adam Williams 

paste the output of this command.

ldapsearch -D 'cn=Manager,dc=yourdomain,dc=com' -b 
"uid=test10,ou=People,dc=yourdomain,dc=com" -w x -x


can you su -l test10 ?

i think you just don't have that user included in any groups.  For 
example, here's me, and i'm in group 100.


[EMAIL PROTECTED] scripts]# pdbedit -Lv awilliam
WARNING: The "printer admin" option is deprecated
smbldap_search_domain_info: Searching 
for:[(&(objectClass=sambaDomain)(sambaDomainName=ADMIN))]

smbldap_open_connection: connection opened
smbldap_search_domain_info: Searching 
for:[(&(objectClass=sambaDomain)(sambaDomainName=ADMIN))]

smbldap_open_connection: connection opened
init_sam_from_ldap: Entry found for user: awilliam
Unix username:awilliam
NT username:  awilliam
Account Flags:[U  ]
User SID: S-1-5-21-4231144054-2518398651-1985341777-2022
init_group_from_ldap: Entry found for group: 100
init_group_from_ldap: Entry found for group: 100
Primary Group SID:S-1-5-21-4231144054-2518398651-1985341777-513
Full Name:Adam Williams
Home Directory:   \\roark\awilliam
HomeDir Drive:R:
Logon Script: scripts\awilliam.bat
Profile Path: \\roark\profiles\awilliam
Domain:   ADMIN
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  never
Kickoff time: never
Password last set:Thu, 05 Apr 2007 18:13:29 CDT
Password can change:  Thu, 05 Apr 2007 18:13:29 CDT
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours : FF
[EMAIL PROTECTED] scripts]#

[EMAIL PROTECTED] scripts]# ldapsearch -D 
'cn=Manager,dc=mdah,dc=state,dc=ms,dc=us' -b 
"uid=awilliam,ou=People,dc=mdah,dc=state,dc=ms,dc=us" -w xx -x

# extended LDIF
#
# LDAPv3
# base  with scope 
subtree

# filter: (objectclass=*)
# requesting: ALL
#

# awilliam, People, mdah.state.ms.us
dn: uid=awilliam,ou=People,dc=mdah,dc=state,dc=ms,dc=us
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: hostObject
objectClass: sambaSamAccount
cn: Adam Williams
sn: Williams
givenName: Adam
uid: awilliam
uidNumber: 511
homeDirectory: /home/awilliam
shadowLastChange: 13896
shadowMax: 9
shadowWarning: 7
loginShell: /bin/bash
gecos: Adam Williams
gidNumber: 100
userPassword:: xx
mail: [EMAIL PROTECTED]
host: roark
host: welty
host: manship
host: archives4
host: arrowhead
host: saxon
host: adminsav
host: project
host: wmounds
host: archives3
host: filebox
host: awilliam
sambaSID: S-1-5-21-4231144054-2518398651-1985341777-2022
displayName: Adam Williams
sambaPwdCanChange: 1175814809
sambaLMPassword: 
sambaNTPassword: 
sambaPwdLastSet: 1175814809
sambaAcctFlags: [U  ]
sambaProfilePath: \\roark\profiles\awilliam
sambaHomePath: \\roark\awilliam
sambaHomeDrive: R:
sambaLogonScript: scripts\awilliam.bat

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
[EMAIL PROTECTED] scripts]#


Kyle Corupe wrote:

I am having a problem getting users that were added in smbldap-useradd to be
able to login.

After I add them they are visible, but you can see I get this error -
pdb_get_group_sid:
Failed to find Unix account for test10

I believe that this has something to do with nss_ldap. because doing a
getent passwd, it doesn't display any smb info.

Any debugging info or help would be amazing, I'm beating my head against the
desk because Ive been at this for a few days now.

[EMAIL PROTECTED] smbldap-tools]# pdbedit -Lv test10
map_file: Failed to load /usr/lib/samba/valid.dat - No such file or
directory
creating default valid table
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MSHOME))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MSHOME))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
init_sam_from_ldap: Entry found for user: test10
Unix username:test10
NT username:  test10
Account Flags:[U  ]
User SID: S-1-5-21-3453806834-3164002366-1818093606-3022
pdb_get_group_sid: Failed to find Unix account for test10
Primary Group SID:(NULL SID)
Full Name:test10
Home Directory:   test10
HomeDir Drive:H:
Logon Script: scripts\logon.bat
Profile Path: \\beedril\profiles\test10
Domain:   MSHOME
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  never
Kickoff time: never
Password last set:Fri, 25 Apr 2008 11:45:09 MST
Pas

[Samba] openldap - samba

2008-04-25 Thread Kyle Corupe 
I am having a problem getting users that were added in smbldap-useradd to be
able to login.

After I add them they are visible, but you can see I get this error -
pdb_get_group_sid:
Failed to find Unix account for test10

I believe that this has something to do with nss_ldap. because doing a
getent passwd, it doesn't display any smb info.

Any debugging info or help would be amazing, I'm beating my head against the
desk because Ive been at this for a few days now.

[EMAIL PROTECTED] smbldap-tools]# pdbedit -Lv test10
map_file: Failed to load /usr/lib/samba/valid.dat - No such file or
directory
creating default valid table
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MSHOME))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MSHOME))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
init_sam_from_ldap: Entry found for user: test10
Unix username:test10
NT username:  test10
Account Flags:[U  ]
User SID: S-1-5-21-3453806834-3164002366-1818093606-3022
pdb_get_group_sid: Failed to find Unix account for test10
Primary Group SID:(NULL SID)
Full Name:test10
Home Directory:   test10
HomeDir Drive:H:
Logon Script: scripts\logon.bat
Profile Path: \\beedril\profiles\test10
Domain:   MSHOME
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  never
Kickoff time: never
Password last set:Fri, 25 Apr 2008 11:45:09 MST
Password can change:  Fri, 25 Apr 2008 11:45:09 MST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours : FF
[EMAIL PROTECTED] smbldap-tools]#


-- 
Kyle Corupe

Unix Administrator
Corpedia Corporation
2020 North Central Avenue, Suite 1050
Phoenix, Arizona 85004-4576
Desk:(602)443-2148
Cell: (623)261-2874
[EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread solarflow99 
good answer:)


On Fri, Apr 25, 2008 at 6:43 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote:

> On Fri, Apr 25, 2008 at 05:13:12PM +0100, solarflow99 wrote:
> > ya right, how much did you get from SUSE/Microsoft for this?
>
> Please go away, troll.
>
> Jeremy.
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] select() timeout on winbindd_privileged pipe

2008-04-25 Thread Humrick, Matt 
On 4/24/08 Jerry wrote:
> You are tracing the client.  But the log only shows the
> parent winbindd process.  I would check the child
> processes because I'll bet you have more traffic that
> will illuminate what is going on in those logs.

Thanks for the tip. I took your advice and ran 'strace -ff' on winbind
and found the problem. It was trying to use mDNS to locate the kdc.
However, our domain is unicast and uses the .local extension. I added
the line 'mdns off' to the /etc/host.conf file (apparently it defaults
to on) and it eliminated the 30 second timeout pause :)

Here's the line in the strace output that tipped me off:
17:24:34 sendto(20,
"\241q\1\0\0\1\0\0\0\0\0\0\20_kerberos-master\4_u"..., 54, 0,
{sa_family=AF_INET, sin_port=htons(5353),
sin_addr=inet_addr("224.0.0.251")}, 28) = 54
17:24:34 poll([{fd=20, events=POLLIN}], 1, 5000) = 0

This poll() call is what was actually timing out. The timeout was 5s and
it did this multiple times. Now that mDNS is turned off it makes this
request directly to the kdc rather than trying to search for it.
WoooHooo!

Thanks,
Matt
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] interdomain trust between two samba pdc's

2008-04-25 Thread SoUnD WrEcK 
I have been trying off and on for some time now to get an interdomain trust
relationship going between two samba pdc machines (DomainA=trusted &
DomainB=trusting).  Both pdc's are running on Solaris boxes and NIS is
involved (I doubt there is a NIS complication just because I can use
accounts on DomainA on DomainB's samba, as long as I add them using
smbpasswd manually).

The situation is this.  DomainA hosts most user accounts for my two
networks.  Therefore DomainA should be trusted and DomainB should be
trusting.  The documentation is confusing and does not describe this exact
scenario (talks about samba with microsoft pdc's).  I have tried every
combination I can think of, but things still aren't working as they should.

I have added an account for DomainB on DomainA.  I then type "smbpasswd -a
-i DomainB", still working on DomainA.  This seems to go through okay.
However, when I type "net rpc trustdom list" on DomainA, I get the
following:

Trusted domains list:
none

Trusting domains list:
Unable to find a suitable server
domain controller is not responding
DomainB

I expect what I see for trusted, but for trusting, should I really be seeing
those errors?  What do they mean?  Is the fact that DomainB is listed mean
that it worked and I should ignore the errors?

I guess I'll stop here and make sure there is not a problem with this step
before I post further information about this process.

Thanks.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] XP SP2 not running sambaLogonScript:

2008-04-25 Thread Adam Williams 
yeah, its kind of weird, i couldn't get the XP computer to join the 
domain with the BDC as the WINS server, but it joined the domain fine 
with the PDC set as the WINS server.  and the logon script now loads 
fine off of the BDC like I want, but you'd think it would load off of 
the PDC since its the WINS server and where it's getting its netlogon 
info from, right?


in LDAP:

sambaProfilePath: \\tester\profiles\testersamba
sambaHomePath: \\tester\testersamba
sambaLogonScript: scripts\testersamba.bat
sambaHomeDrive: R:

the PDC is named roark, tester is the BDC.  in PDC's smb.conf:

   logon path = \\%N\profiles\%U
   logon script = scripts\%U.bat
   logon drive = R:
   logon home = \\roark\%U


 


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] XP SP2 not running sambaLogonScript:

2008-04-25 Thread Jonathan Johnson 
You might also disable offline files on the Windows PC. I've seen where 
this will cache a copy of the NETLOGON share, and then run the cached 
copy (if it exists) rather than the recently modified real one. I've 
also seen where it doesn't run the script because the cache copy of 
NETLOGON doesn't contain the file (even though the real NETLOGON does).


Jonathan Johnson
www.backupcheckup.com

Helmut Hullen wrote:

Hallo, Adam,

Du (awilliam) meintest am 25.04.08:
  

I can't get my Windows PCs to run sambaLogonScript: as declared in
openldap 2.3.39 and samba 3.0.28a.  In LDAP for a user I have:

sambaLogonScript: \\tester\netlogon\scripts\testersamba.bat


Script name: without path
The path is defined in [netlogon]

  

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] XP SP2 not running sambaLogonScript:

2008-04-25 Thread Helmut Hullen 
Hallo, Adam,

Du (awilliam) meintest am 25.04.08:

> I can't get my Windows PCs to run sambaLogonScript: as declared in
> openldap 2.3.39 and samba 3.0.28a.  In LDAP for a user I have:

> sambaLogonScript: \\tester\netlogon\scripts\testersamba.bat

Script name: without path
The path is defined in [netlogon]

Viele Gruesse!
Helmut
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba and openldap authentication issues!

2008-04-25 Thread Jeff Davis 
Can you post a sanitized ldif of one of the user's ldap records?  Do 
they have all the samba attributes?


Kyle Corupe wrote:

Alight, I've been working on this for too many hours straight. Any
help would be much appreciated!

(I posted this online to linux questions, it could be easier to read
on there... 
http://www.linuxquestions.org/questions/linux-server-73/samba-and-openldap-authentication-issues-637647/)

 The problem is users created in smbldap-useradd can not login, unless
they also are a local user. for example,

 kylec exists both locally and in smbldap-users, his smb passwd is
differnt from his local passwd.


Code: [EMAIL PROTECTED] samba]# smbldap-userlist
uid |username

 0 |root
 999 |nobody
1000 |kylec
1001 |test
1002 |test1
1003 |test2
1004 |test3
1005 |test4
1006 |test5
1007 |test6
1008 |test7$
1009 |test8$
1010 |test9
 here is log output from samba when kylec connects



Code: [EMAIL PROTECTED]:~$ smbclient //10.0.0.218/clients -U kylec
Password:
Domain=[WINIX] OS=[Unix] Server=[Samba 3.0.25b-1.el5_1.4]
smb: \> quit


[2008/04/24 17:33:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(545)
 init_sam_from_ldap: Entry found for user: kylec

 here is when a bad user trys to connect,



Code: [EMAIL PROTECTED]:~$ smbclient //10.0.0.218/clients -U test3
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

[2008/04/24 17:45:00, 0] auth/auth_sam.c:check_sam_security(352)
 check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
[2008/04/24 17:45:00, 3] auth/auth_winbind.c:check_winbind_security(80)
 check_winbind_security: Not using winbind, requested domain [WINIX]
was for this SAM.
[2008/04/24 17:45:00, 2] auth/auth.c:check_ntlm_password(319)
 check_ntlm_password: Authentication for user [test3] -> [test3]
FAILED with error NT_STATUS_NO_SUCH_USER
[2008/04/24 17:45:00, 3] smbd/error.c:error_packet_set(106)
 error packet at smbd/sesssetup.c(105) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE



 here is output from pbdedit -L



Code: [EMAIL PROTECTED] samba]# pdbedit -L
map_file: Failed to load /usr/lib/samba/valid.dat - No such file or directory
creating default valid table
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=WINIX))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=WINIX))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
ldapsam_setsampwent: 8 entries in the base dc=corpedia, dc=internal
init_sam_from_ldap: Entry found for user: root
root:0:root
init_sam_from_ldap: Entry found for user: nobody
nobody:99:nobody
init_sam_from_ldap: Entry found for user: kylec
kylec:501:kylec
init_sam_from_ldap: Entry found for user: test1
test1:4294967295:test1
init_sam_from_ldap: Entry found for user: test2
test2:4294967295:test2
init_sam_from_ldap: Entry found for user: test3
test3:4294967295:test3
init_sam_from_ldap: Entry found for user: test4
test4:504:test4
init_sam_from_ldap: Entry found for user: test5
test5:4294967295:test5

 I think the problem has something to do with it not verifying that
the UNIX (POSIX) accounts can be resolved via NSS. but I have nss_ldap
working correctly (I believe).

 I can ldapsearch my ldap server, everything on that end seems to be
working its just getting samba to authenticate against it! so again
any help would be MUCH APPRECIATED!!!

 thanks guys!

  
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] controlling concurrent domain logins?

2008-04-25 Thread Jeff Davis 

Hi,

Is there a way to prevent users (or ideally members of certain groups) 
from logging into the samba domain on more than one machine at a time?


I found some examples in the samba guide using preexec parameters but 
this approach appears to only prevent access to the resource, does not 
prevent the user from being able to use the workstation, which is my goal.


I've seen this question asked but never really answered in the archives. 

Is there a pam module that might facilitate this?  radius?  I'm open to 
almost any server-centric approach to this.


Any ideas?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] XP SP2 not running sambaLogonScript:

2008-04-25 Thread Adam Williams 
I can't get my Windows PCs to run sambaLogonScript: as declared in 
openldap 2.3.39 and samba 3.0.28a.  In LDAP for a user I have:


sambaLogonScript: \\tester\netlogon\scripts\testersamba.bat

but when I log in as the user, the script is not ran.  I can run it 
manually by clicking start, run, and pasting 
\\tester\netlogon\scripts\testersamba.bat and it runs fine, but it just 
won't run it during log in.  A log level = 10 and grep \.bat 
/var/log/samba/* reveals nothing.


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread Charles Marcus 

On 4/24/2008 8:22 PM, Jeremy Allison wrote:

Just wanted to let you guys know that I put together a "High Level"
Samba How-to that I believe is very informative for "Samba Beginners".





Wow, this is really nicely done ! Thanks a lot !

This is a very nice complement to the Samba docs
and makes a great HOWTO.


Ditto! Very nice, thanks Mike!

--

Best regards,

Charles
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread Charles Marcus 

On 4/25/2008, solarflow99 ([EMAIL PROTECTED]) wrote:

ya right, how much did you get from SUSE/Microsoft for this?


Please don't feed the trolls...
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread JJB 

Mike Petersen wrote:

Hi all,

Just wanted to let you guys know that I put together a "High Level"
Samba How-to that I believe is very informative for "Samba Beginners". I
wrote it using Novell's Suse Linux Enterprise Server 
Hi Mike, thank you so much for creating this. We tried to do our PDC 
with SLES and OpenSuse 10.2, and ended up using CentOS instead as we 
couldn't get it working properly on SUSE.


-Joel
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] [ANNOUNCE] Samba 3.2.0pre3

2008-04-25 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Greg Freemyer wrote:
> On Fri, Apr 25, 2008 at 10:55 AM, Karolin Seeger <[EMAIL PROTECTED]> wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>>  Hash: SHA1
>>
>>  Release Announcements
>>  =
>>
>>  This is the third preview release of Samba 3.2.0.  This is *not*
>>  intended for production environments and is designed for testing
>>  purposes only.  Please report any defects via the Samba bug reporting
>>  system at https://bugzilla.samba.org/.
>>
> 
> 
>>  Major enhancements in Samba 3.2.0 include:
>>
>>   File Serving:
>>   o Use of IDL generated parsing layer for several DCE/RPC
>> interfaces.
>>   o Removal of the 1024 byte limit on pathnames and 256 byte limit on
>> filename components to honor the MAX_PATH setting from the host OS.
> 
> Can someone explain that some more.  Is that a tightening or loosing
> of the restriction?
> Or point me do a discussion about how it was decided to do this?

It's simply a removal of static path buffers (char[1024])
to dynamically allocated ones.





jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIEhy+IR7qMdg1EfYRArwqAJ9IGsrtc73t/OlO2YkXHlLE+0BfbACeLUHa
hHvAhjyK5Ky942Py1VJMZzo=
=mtLw
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] [ANNOUNCE] Samba 3.2.0pre3

2008-04-25 Thread Jeremy Allison 
On Fri, Apr 25, 2008 at 01:52:05PM -0400, Greg Freemyer wrote:
> On Fri, Apr 25, 2008 at 10:55 AM, Karolin Seeger <[EMAIL PROTECTED]> wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> >  Hash: SHA1
> >
> >  Release Announcements
> >  =
> >
> >  This is the third preview release of Samba 3.2.0.  This is *not*
> >  intended for production environments and is designed for testing
> >  purposes only.  Please report any defects via the Samba bug reporting
> >  system at https://bugzilla.samba.org/.
> >
> 
> 
> >  Major enhancements in Samba 3.2.0 include:
> >
> >   File Serving:
> >   o Use of IDL generated parsing layer for several DCE/RPC
> > interfaces.
> >   o Removal of the 1024 byte limit on pathnames and 256 byte limit on
> > filename components to honor the MAX_PATH setting from the host OS.
> 
> Can someone explain that some more.  Is that a tightening or loosing
> of the restriction?

This is a losening of the restriction. Incoming paths from clients
can now be as long as the PATH_MAX of the system hosting Samba.

> Or point me do a discussion about how it was decided to do this?

Look back in Samba-technical for the comments from Volker and
myself on restructuring to smb_request and removal of pstrings.

> === My concern
> IIRC MAX_PATH is 512 under Windows, but it is a lie that cannot be
> trusted.  It is just the limit for the old API.  The new Unicode APIs
> do not honor that define.  I'm concerned this may be true of other
> filesystems / OSes.
> 
> In particular with Robocopy that comes with Windows 2003 Resource Kit
> you can work with pathnames up to 32K I believe it is.  (See the
> Robocopy release notes for details).  A lot of tools are still
> restricted to 512 chars, but I am fairly confident that 512 is no
> longer a fundamental limitation with newer Windows products.

We should now be able to work with any Windows pathname a client
generates, no more 1024 byte restriction.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] migrating from Samba to Windows

2008-04-25 Thread JJB 

Jon Johnson wrote:
Yup. Been there, done that. Easy is relative. Is it easier than tying 
your shoes? No. Is it easier than having a root canal done? Possibly. 
Please review the following posts:


http://lists.samba.org/archive/samba/2005-April/103743.html
http://lists.samba.org/archive/samba/2005-June/107028.html

The above posts refer to using the Active Directory Migration Tool, 
which attempts to migrate user profiles from the old domain to the new 
one. In some instances, this fails, in which case you need to do it 
manually. The following posts outline that process.


http://lists.samba.org/archive/samba/2005-December/115326.html
http://lists.samba.org/archive/samba/2005-December/115413.html

Note also that newer versions of ADMT can be downloaded from Microsoft 
in addition to the version on the Windows 2003 Server CD.


Jon Johnson
Sutinen Consulting, Inc.
Providers of backup monitoring software for BRU
www.backupcheckup.com

On 4/24/2008 3:01 PM, JJB wrote:

JJB wrote:

Hello,

Is it possible to easily migrate Samba domain users to a Windows PDC?

- Joel

Has anyone moved back to Microsoft from Linux / Samba?
- Joel




Awesome, thanks!

- Joel
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] [ANNOUNCE] Samba 3.2.0pre3

2008-04-25 Thread Greg Freemyer 
On Fri, Apr 25, 2008 at 10:55 AM, Karolin Seeger <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
>  Hash: SHA1
>
>  Release Announcements
>  =
>
>  This is the third preview release of Samba 3.2.0.  This is *not*
>  intended for production environments and is designed for testing
>  purposes only.  Please report any defects via the Samba bug reporting
>  system at https://bugzilla.samba.org/.
>


>  Major enhancements in Samba 3.2.0 include:
>
>   File Serving:
>   o Use of IDL generated parsing layer for several DCE/RPC
> interfaces.
>   o Removal of the 1024 byte limit on pathnames and 256 byte limit on
> filename components to honor the MAX_PATH setting from the host OS.

Can someone explain that some more.  Is that a tightening or loosing
of the restriction?
Or point me do a discussion about how it was decided to do this?

=== My concern
IIRC MAX_PATH is 512 under Windows, but it is a lie that cannot be
trusted.  It is just the limit for the old API.  The new Unicode APIs
do not honor that define.  I'm concerned this may be true of other
filesystems / OSes.

In particular with Robocopy that comes with Windows 2003 Resource Kit
you can work with pathnames up to 32K I believe it is.  (See the
Robocopy release notes for details).  A lot of tools are still
restricted to 512 chars, but I am fairly confident that 512 is no
longer a fundamental limitation with newer Windows products.

Greg
-- 
Greg Freemyer
Litigation Triage Solutions Specialist
http://www.linkedin.com/in/gregfreemyer
First 99 Days Litigation White Paper -
http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf

The Norcross Group
The Intersection of Evidence & Technology
http://www.norcrossgroup.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba and openldap authentication issues!

2008-04-25 Thread Kyle Corupe 
Alight, I've been working on this for too many hours straight. Any
help would be much appreciated!

(I posted this online to linux questions, it could be easier to read
on there... 
http://www.linuxquestions.org/questions/linux-server-73/samba-and-openldap-authentication-issues-637647/)

 The problem is users created in smbldap-useradd can not login, unless
they also are a local user. for example,

 kylec exists both locally and in smbldap-users, his smb passwd is
differnt from his local passwd.


Code: [EMAIL PROTECTED] samba]# smbldap-userlist
uid |username

 0 |root
 999 |nobody
1000 |kylec
1001 |test
1002 |test1
1003 |test2
1004 |test3
1005 |test4
1006 |test5
1007 |test6
1008 |test7$
1009 |test8$
1010 |test9
 here is log output from samba when kylec connects



Code: [EMAIL PROTECTED]:~$ smbclient //10.0.0.218/clients -U kylec
Password:
Domain=[WINIX] OS=[Unix] Server=[Samba 3.0.25b-1.el5_1.4]
smb: \> quit


[2008/04/24 17:33:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(545)
 init_sam_from_ldap: Entry found for user: kylec

 here is when a bad user trys to connect,



Code: [EMAIL PROTECTED]:~$ smbclient //10.0.0.218/clients -U test3
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

[2008/04/24 17:45:00, 0] auth/auth_sam.c:check_sam_security(352)
 check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
[2008/04/24 17:45:00, 3] auth/auth_winbind.c:check_winbind_security(80)
 check_winbind_security: Not using winbind, requested domain [WINIX]
was for this SAM.
[2008/04/24 17:45:00, 2] auth/auth.c:check_ntlm_password(319)
 check_ntlm_password: Authentication for user [test3] -> [test3]
FAILED with error NT_STATUS_NO_SUCH_USER
[2008/04/24 17:45:00, 3] smbd/error.c:error_packet_set(106)
 error packet at smbd/sesssetup.c(105) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE



 here is output from pbdedit -L



Code: [EMAIL PROTECTED] samba]# pdbedit -L
map_file: Failed to load /usr/lib/samba/valid.dat - No such file or directory
creating default valid table
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=WINIX))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=WINIX))]
smbldap_open_connection: connection opened
smbldap_check_root_dse: Expected one rootDSE, got 0
ldap_connect_system: succesful connection to the LDAP server
ldapsam_setsampwent: 8 entries in the base dc=corpedia, dc=internal
init_sam_from_ldap: Entry found for user: root
root:0:root
init_sam_from_ldap: Entry found for user: nobody
nobody:99:nobody
init_sam_from_ldap: Entry found for user: kylec
kylec:501:kylec
init_sam_from_ldap: Entry found for user: test1
test1:4294967295:test1
init_sam_from_ldap: Entry found for user: test2
test2:4294967295:test2
init_sam_from_ldap: Entry found for user: test3
test3:4294967295:test3
init_sam_from_ldap: Entry found for user: test4
test4:504:test4
init_sam_from_ldap: Entry found for user: test5
test5:4294967295:test5

 I think the problem has something to do with it not verifying that
the UNIX (POSIX) accounts can be resolved via NSS. but I have nss_ldap
working correctly (I believe).

 I can ldapsearch my ldap server, everything on that end seems to be
working its just getting samba to authenticate against it! so again
any help would be MUCH APPRECIATED!!!

 thanks guys!

-- 
Kyle Corupe

Unix Administrator
Corpedia Corporation
Desk:(602)443-2148
[EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread Jeremy Allison 
On Fri, Apr 25, 2008 at 05:13:12PM +0100, solarflow99 wrote:
> ya right, how much did you get from SUSE/Microsoft for this?

Please go away, troll.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread Rubin Bennett 
Any why shouldn't it be?  If you want it to be more distro neutral, then
*you* can foot the bill right?

Rubin

On Fri, 2008-04-25 at 17:29 +0100, solarflow99 wrote:
> why just SUSE then?  you're right, its all about the money..
> 
> On 4/25/08, Rubin Bennett <[EMAIL PROTECTED]> wrote: 
> Now, why would that matter, and how exactly would it be
> relevant to the
> fact that Mike (the OP) is putting the document out there for
> all to
> share?
> 
> The attitude that contributing to Free software has to be an
> unpaid
> venture is sophomoric, unrealistic, and  drives me absolutely
> crazy.
> The fact is that we all have to make a living.  Some of us
> choose to do
> what we believe is the right thing, and contribute back to the
> community
> in the forms of code, or documentation, or whatever.  The idea
> that
> someone who writes code or documentation and contributes it
> (or even
> just shares it, retaining copyright as this person appears to
> have done)
> is ridiculous.
> 
> Don't bite the hand that feeds you; anyone who uses free
> software has
> been the beneficiary of some freely available code or
> documentation that
> the developer or author was renumerated for on many occasions.
> 
> Rubin
> 
> On Fri, 2008-04-25 at 17:13 +0100, solarflow99 wrote:
> > ya right, how much did you get from SUSE/Microsoft for this?
> >
> >
> >
> > On 4/25/08, Jeremy Allison <[EMAIL PROTECTED]> wrote:
> > >
> > > On Thu, Apr 24, 2008 at 04:13:13PM -0500, Mike Petersen
> wrote:
> > > > Hi all,
> > > >
> > > > Just wanted to let you guys know that I put together a
> "High Level"
> > > > Samba How-to that I believe is very informative for
> "Samba Beginners". I
> > > > wrote it using Novell's Suse Linux Enterprise Server as
> part of a book I
> > > > promised a few clients that I contract for - although I
> did write it in
> > > > such a way that it can be used for virtually any
> GNU/Linux Distribution.
> > > >
> > > > I wrote this "on my own time" and I am the sole
> copyright holder - if
> > > > the Samba Developers want me to either post it as-is on
> the Samba Wiki
> > > > or edit out the SLES parts and post it on the Samba Wiki
> I would be
> > > > happy to (when I get the time of course :-)
> > > >
> > > > You can access the how-to at:
> > > >
> > > > http://www.pcc-services.com/sles/samba.html
> > > >
> > > >
> > > > Anyway, feedback is always welcome.
> > >
> > > Wow, this is really nicely done ! Thanks a lot !
> > >
> > > This is a very nice complement to the Samba docs
> > > and makes a great HOWTO.
> > >
> > > Jeremy.
> > > --
> > > To unsubscribe from this list go to the following URL and
> read the
> > >
> instructions:  https://lists.samba.org/mailman/listinfo/samba
> > >
> --
> Rubin Bennett
> RB Technologies
> http://thatitguy.com
> [EMAIL PROTECTED]
> (802)223-4448
> 
> "They that can give up essential liberty to obtain a little
> temporary security deserve neither liberty nor safety"
> --Benjamin Franklin, Historical Review of Pennsylvania, 1759
> 
> 
> 
-- 
Rubin Bennett
RB Technologies
http://thatitguy.com
[EMAIL PROTECTED]
(802)223-4448

"They that can give up essential liberty to obtain a little
temporary security deserve neither liberty nor safety"
  --Benjamin Franklin, Historical Review of Pennsylvania, 1759


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread Rubin Bennett 
Now, why would that matter, and how exactly would it be relevant to the
fact that Mike (the OP) is putting the document out there for all to
share?

The attitude that contributing to Free software has to be an unpaid
venture is sophomoric, unrealistic, and  drives me absolutely crazy.
The fact is that we all have to make a living.  Some of us choose to do
what we believe is the right thing, and contribute back to the community
in the forms of code, or documentation, or whatever.  The idea that
someone who writes code or documentation and contributes it (or even
just shares it, retaining copyright as this person appears to have done)
is ridiculous.

Don't bite the hand that feeds you; anyone who uses free software has
been the beneficiary of some freely available code or documentation that
the developer or author was renumerated for on many occasions.

Rubin

On Fri, 2008-04-25 at 17:13 +0100, solarflow99 wrote:
> ya right, how much did you get from SUSE/Microsoft for this?
> 
> 
> 
> On 4/25/08, Jeremy Allison <[EMAIL PROTECTED]> wrote:
> >
> > On Thu, Apr 24, 2008 at 04:13:13PM -0500, Mike Petersen wrote:
> > > Hi all,
> > >
> > > Just wanted to let you guys know that I put together a "High Level"
> > > Samba How-to that I believe is very informative for "Samba Beginners". I
> > > wrote it using Novell's Suse Linux Enterprise Server as part of a book I
> > > promised a few clients that I contract for - although I did write it in
> > > such a way that it can be used for virtually any GNU/Linux Distribution.
> > >
> > > I wrote this "on my own time" and I am the sole copyright holder - if
> > > the Samba Developers want me to either post it as-is on the Samba Wiki
> > > or edit out the SLES parts and post it on the Samba Wiki I would be
> > > happy to (when I get the time of course :-)
> > >
> > > You can access the how-to at:
> > >
> > > http://www.pcc-services.com/sles/samba.html
> > >
> > >
> > > Anyway, feedback is always welcome.
> >
> > Wow, this is really nicely done ! Thanks a lot !
> >
> > This is a very nice complement to the Samba docs
> > and makes a great HOWTO.
> >
> > Jeremy.
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
-- 
Rubin Bennett
RB Technologies
http://thatitguy.com
[EMAIL PROTECTED]
(802)223-4448

"They that can give up essential liberty to obtain a little
temporary security deserve neither liberty nor safety"
  --Benjamin Franklin, Historical Review of Pennsylvania, 1759


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Yet another Samba How-to

2008-04-25 Thread solarflow99 
ya right, how much did you get from SUSE/Microsoft for this?



On 4/25/08, Jeremy Allison <[EMAIL PROTECTED]> wrote:
>
> On Thu, Apr 24, 2008 at 04:13:13PM -0500, Mike Petersen wrote:
> > Hi all,
> >
> > Just wanted to let you guys know that I put together a "High Level"
> > Samba How-to that I believe is very informative for "Samba Beginners". I
> > wrote it using Novell's Suse Linux Enterprise Server as part of a book I
> > promised a few clients that I contract for - although I did write it in
> > such a way that it can be used for virtually any GNU/Linux Distribution.
> >
> > I wrote this "on my own time" and I am the sole copyright holder - if
> > the Samba Developers want me to either post it as-is on the Samba Wiki
> > or edit out the SLES parts and post it on the Samba Wiki I would be
> > happy to (when I get the time of course :-)
> >
> > You can access the how-to at:
> >
> > http://www.pcc-services.com/sles/samba.html
> >
> >
> > Anyway, feedback is always welcome.
>
> Wow, this is really nicely done ! Thanks a lot !
>
> This is a very nice complement to the Samba docs
> and makes a great HOWTO.
>
> Jeremy.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

2008-04-25 Thread Eric Roseme 

Hi Sudheer,

Although your particular case is fixed already, I'll reply here for 
completeness to the list.


HP-UX requires a special tweak to the /etc/krb5.conf file in order to 
create a keytab file - the addition of the "WRFILE" parameter.  This is 
fully explained in the "HP CIFS Server and Kerberos" whitepaper, located 
here:


http://www.docs.hp.com/en/7213/HPCIFSKerberosV103.pdf

Eric Roseme


Radhakrishnan, Sudheer Kumar K. wrote:

Hello Samba,

 


We are using Samba/CIFS hp-ux server connecting to Windows ADS and try
to create keytab file using 

 


net ads create keytab -u Administrator ,but it is unable to create
keytab file in the /etc/directory.

 


Please see the attached output file for your reference.

 


Appreciate your help!!

 


Sudheer Radhakrishnan / Capgemini
North America P&C / East Business Unit
Unix Support / Hosting
Mobile: 508 769 2371  http://www.capgemini.com/
 
Fax: 508.229.2013
45 Bartlett Street /  Marlborough, Ma 01752 
Together: the Collaborative Business Experience


 








This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is 
intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to 
read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message 
in error, please notify the sender immediately and delete all copies of this message.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Maxtor NAS share problem

2008-04-25 Thread Toby Bluhm 

Rick Johnson wrote:

Adam Williams wrote:
what are the settings on the share you're trying to mount?  does it 
have something like valid users = rickj




Well, that is hard to determine. If you're asking whether the drive 
has something like an "smb.conf" file containing share settings the 
answer is no. The only access I have to the Maxtor drive is via a 
browser interface. I have used the menu in that to set all files for 
full public access, but beyond that I have no finer control. (I have 


So in public mode, it's probably going to throw all user info away and 
map everything to a universal id. Have you looked closely at the file 
perm/ownership from the Windows client? Saved files as joe user & then 
jane user - does it keep the distinction? I'll venture no.


If it's possible, have you tried setting up individual users through the 
nas interface?



Could also just work with the fact that no perm/owner info will be kept. 
Collect that info & store it to a file. A recursive getfacl to collect & 
setfacl to restore could do the trick.



found via www.openmss.org that the underlying filesystem of the drive 
is Linux - reiser I think - but beyond that I have no data on the 
filesystem other than what I see when I smbmount the drive.)


Perhaps there's a way to break into the Linux the nas is running & 
change stuff to your suiting.



I've heard many times of people with an appliance trying to do something 
beyond its intended function & hitting a brick wall. Your situation is 
why I never recommend an appliance to anyone other than a pure, 
non-hacker, non-power type Windows user. A NAS type distro or even a 
full distro on a junker PC would be a better solution. More work, but 
better results.


--
Toby Bluhm
Alltech Medical Systems America, Inc.
30825 Aurora Road Suite 100
Solon Ohio 44139
440-424-2240


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: [ANNOUNCE] Samba 3.2.0pre3

2008-04-25 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Karolin Seeger wrote:
> Release Announcements
> =
> 
> This is the third preview release of Samba 3.2.0.  This is *not*
> intended for production environments and is designed for testing
> purposes only.  Please report any defects via the Samba bug reporting
> system at https://bugzilla.samba.org/.

Thanks Karolin.   Great work!






cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIEfKNIR7qMdg1EfYRAmPrAJ9vvpxzJIJS297jsaYKFR/E3OMCrACg6jKZ
dLCP24qmRrj5yNagEx0kNio=
=SYnK
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] [ANNOUNCE] Samba 3.2.0pre3

2008-04-25 Thread Karolin Seeger 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Release Announcements
=

This is the third preview release of Samba 3.2.0.  This is *not*
intended for production environments and is designed for testing
purposes only.  Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.

Please be aware that Samba is now distributed under the version 3
of the new GNU General Public License.  You may refer to the COPYING
file that accompanies these release notes for further licensing details.

Major enhancements in Samba 3.2.0 include:

  File Serving:
  o Use of IDL generated parsing layer for several DCE/RPC
interfaces.
  o Removal of the 1024 byte limit on pathnames and 256 byte limit on
filename components to honor the MAX_PATH setting from the host OS.
  o Introduction of a registry based configuration system.
  o Improved CIFS Unix Extensions support.
  o Experimental support for file serving clusters.
  o Support for IPv6 in the server, and client tools and libraries.
  o Support for storing alternate data streams in xattrs.
  o Encrypted SMB transport in client tools and libraries, and server.
  o Support for Vista clients authenticating via Kerberos.

  Winbind and Active Directory Integration:
  o Full support for Windows 2003 cross-forest, transitive trusts
and one-way domain trusts.
  o Support for userPrincipalName logons via pam_winbind and NSS
lookups.
  o Expansion of nested domain groups via NSS calls.
  o Support for Active Directory LDAP Signing policy.
  o New LGPL Winbind client library (libwbclient.so).

  Joining:
  o New NetApi library for domain join related queries (libnetapi.so)
and example GTK+ Domain join gui.
  o New client and server support for remotely joining and unjoining
Domains.
  o Support for joining into Windows 2008 domains.

  Users & Groups:
  o New ldb backend for local group mapping tables
  o Raised level of security defaults for authentication operations.


  Documentation:
  o Inclusion of an HTML version of the 3rd edition of "Using Samba"
from O'Reilly Publishing.


Now Licensed under the GNU GPLv3


The Samba Team has adopted the Version 3 of the GNU General Public
License for the 3.2 and later releases.   The GPLv3 is the updated
version of the GPLv2 license under which Samba is currently
distributed. It has been updated to improve compatibility with other
licenses and to make it easier to adopt internationally, and is an
improved version of the license to better suit the needs of Free
Software in the 21st Century.

The original announcement is available on-line at

http://news.samba.org/announcements/samba_gplv3/


New Security Defaults for Authentication


Support for LanMan passwords is now disabled in both client and server
applications.  Additionally, clear text authentication requests are
disabled by default in client utilities such as smbclient and all
libsmbclient based applications.  This will affect connection both
to and from hosts running DOS, Windows 9x/ME, and OS/2.  Please refer
to the "Changes" section for details on the exact parameters that were
updated.


Registry Configuration Backend
==

Samba is now able to use a registry based configuration backed to
supplement smb.conf settings.  This feature may be enabled by setting
"config backend = registry" in the [global] section of smb.conf for a
registry only configuration, or by specifying "include = registry" to
include global options from registry for a mixed setup.

The new parameter "registry shares = yes" in the [global] section of
smb.conf can be used to activate share definitions from registry.
These shares are loaded on demand by the server. Registry shares are
automatically activated by the global registry options above.

The configuration stored in registry can be conveniently managed using
the "net conf" command.

More information may be obtained from the smb.conf(5) and net(8) man
pages.


Removed Features


Both the Python bindings and the libmsrpc shared library have been
removed from the tree due to lack of an official maintainer.

As smbfs is no longer supported in current kernel versions, smbmount has
been removed in this Samba version. Please use cifs (mount.cifs) instead.
See examples/scripts/mount/mount.smbfs as an example for a wrapper which
calls mount.cifs instead of smbmount/mount.smbfs.


Modified API for libsmbclient
==

Maintaining ABI compatibility for libsmbclient has become increasingly
difficult to accomplish, while also keeping the code organization such that it
is easily readable.  Towards the goal of maintaining ABI compatibility and
also keeping the code easy to maintain and enhance, the API has been enhanced.
In particular, the fields in the SMBCCTX context structure are no longer
intended to

[Samba] Re: samba Digest, Vol 64, Issue 25

2008-04-25 Thread Dragan Krnic 
> from windows i am trying to access like this
> Go to Start menu -> run and type \\192.168.248.195,
> now it will show the list of the samba folders
> but when i double click on the folder it prompts
> for username and passwd and when i enter
> the samba username and passwd it will popup
> "Cannot be accessed u might now have permissions to access this"

There are usually some registry changes required for an XP
to connect to a Samba server. I use this:

Windows Registry Editor Version 5.00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
requiresignorseal = REG_DWORD 0x
signsecurechannel = REG_DWORD 0x
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Maxtor NAS share problem

2008-04-25 Thread Rick Johnson 

Adam Williams wrote:
what are the settings on the share you're trying to mount?  does it have 
something like valid users = rickj




Well, that is hard to determine. If you're asking whether the drive has 
something like an "smb.conf" file containing share settings the answer 
is no. The only access I have to the Maxtor drive is via a browser 
interface. I have used the menu in that to set all files for full public 
access, but beyond that I have no finer control. (I have found via 
www.openmss.org that the underlying filesystem of the drive is Linux - 
reiser I think - but beyond that I have no data on the filesystem other 
than what I see when I smbmount the drive.)


your user ID's in /etc/passwd on your local computer and the NAS 
appliance may be different which is why the ls -l looks strange.




This is probably true because the drive was set up through the browser 
interface.


(I HAVE wondered whether creating a user on my Linux system with the 
same uid and gid as I see on the mounted share might work.)


FWIW, I find that I CAN (as root) chmod the files on the drive after it 
is mounted (and the privileges are remembered after a umount and 
remount), but the behavior is strange. Some examples follow:


chmod 777 changes -rwxrw-rw to -rwxr--r--

chmod 700 changes -rwxr--r-- to -rwx--

chmod 777 changes -rwx-- to -rwxr--r--

This, unfortunately, leaves me with no way that I know of to change the 
file permissions back to what they were originally. (I've tried 
resetting them via the browser interface AND from a Windows system where 
 I have the Maxtor mapped as a drive with no luck.)


Is there perhaps some sort of bitmask at work behind the scenes here?

Best Regards,

Rick J.



Rick Johnson wrote:

Actually, it WASN'T root that mounted the share. It was my user 
account "rickj".


Re: NFS, to the best of my knowledge the drive doesn't support it.

And I TRIED using -o uid=1000,gid=100 (the respective user and group 
IDs of "rickj") with the smbmount command (AND the mount command) but 
the ownership still shows as it did below in my example.


Note: On my system "mount" doesn't recognize "-t cifs" and the man 
page on smbfs says the following.


"Mount options for smbfs
   Just like nfs,  the  smbfs  implementation  expects  a  binary 
argument  (a  struct smb_mount_data)  to  the  mount  system  call. 
This argument is constructed by smbmount(8) and the current version of 
mount (2.12) does not know anything about smbfs."


Best Regards,

Rick J.

Adam Williams wrote:

root is owing the files because the user root mounted the share.  if 
you want to support unix file ownership in your rsync you should use 
NFS if the unit supports that.  to change the group ownership, pass 
the -o gid=some_group on your mount -t cifs command.  you can also 
use uid= and to use both, -o uid=someone,gid=somegroup


Rick Johnson wrote:

I have a network accessible (192.168.2.97) Maxtor Shared Storage 
drive that I want to use to backup the Linux (Slackware) systems on 
my private LAN. I can "smbmount" the drive okay on my Linux systems, 
but when I try and use rsync to do a backup rsync fails with a 
message about failing to change owner.


Digging a little deeper into the problem I find that the 
directories/files on the share all look something like the following


drwxr-xr-x  1 35000 root   0 2008-02-12 15:21 ArchiveOnLinux
drwxrwxrwx  1 35003 root   0 2008-04-22 01:01 Public
-rwxrw-rw-  1 35000 root 1127239 2008-02-28 11:28 gw_rn_vp_grey.pdf

which ISN'T the user (or group) I would have expected it to be 
mounted as. (I've done a chmod u+s /usr/bin/smbmnt to allow users to 
mount the share and I expected that the share would have the same 
owner as the user that mounted it.)


I've also found that I can't change ALL permissions ALL the time on 
the share's directories and files. I can remove group and world 
privileges from a file (which are remembered after a umount and 
remount) but I cannot restore them (even as root). Only the owner 
privileges are consistently changeable.


Basically, ALL I want to do is to be able to use the drive as a 
backup that will maintain the same permissions, user, group, etc., 
as the original files AND I want the files visible from both my 
Linux AND Windows systems (because I need to use Nero on a Windows 
machine to do the backups). Can someone help me figure out how to do 
this correctly?


Thanks,

Rick Johnson









--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] migrating from Samba to Windows

2008-04-25 Thread Jon Johnson 
Yup. Been there, done that. Easy is relative. Is it easier than tying 
your shoes? No. Is it easier than having a root canal done? Possibly. 
Please review the following posts:


http://lists.samba.org/archive/samba/2005-April/103743.html
http://lists.samba.org/archive/samba/2005-June/107028.html

The above posts refer to using the Active Directory Migration Tool, 
which attempts to migrate user profiles from the old domain to the new 
one. In some instances, this fails, in which case you need to do it 
manually. The following posts outline that process.


http://lists.samba.org/archive/samba/2005-December/115326.html
http://lists.samba.org/archive/samba/2005-December/115413.html

Note also that newer versions of ADMT can be downloaded from Microsoft 
in addition to the version on the Windows 2003 Server CD.


Jon Johnson
Sutinen Consulting, Inc.
Providers of backup monitoring software for BRU
www.backupcheckup.com

On 4/24/2008 3:01 PM, JJB wrote:

JJB wrote:

Hello,

Is it possible to easily migrate Samba domain users to a Windows PDC?

- Joel

Has anyone moved back to Microsoft from Linux / Samba?
- Joel

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba segs when serving files from a windows partition on OpenBSD-4.2

2008-04-25 Thread Edd Barrett 
Hi again,

On Fri, Apr 25, 2008 at 10:34 AM, Volker Lendecke
<[EMAIL PROTECTED]> wrote:
>  Without that debug log it's kindof hard to say.

Here is one :)

[2008/04/25 16:44:09, 8] smbd/dosmode.c:dos_mode(371)
  dos_mode: ./RMshaders
[2008/04/25 16:44:09, 8] smbd/dosmode.c:dos_mode_from_sbuf(188)
  dos_mode_from_sbuf returning d
[2008/04/25 16:44:09, 8] smbd/dosmode.c:dos_mode(409)
  dos_mode returning d
[2008/04/25 16:44:09, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
  get_lanman2_dir_entry found ./RMshaders fname=RMshaders
[2008/04/25 16:44:09, 10] smbd/trans2.c:get_lanman2_dir_entry(1398)
  get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO
[2008/04/25 16:44:09, 10] smbd/mangle_hash2.c:name_map(617)
  name_map: RMshaders -> 0F710AE4 -> R4A8P2~C (cache=1)
[2008/04/25 16:44:09, 8] smbd/trans2.c:get_lanman2_dir_entry(1161)
  get_lanman2_dir_entry:readdir on dirptr 0x85f1d300 now at offset 132
[2008/04/25 16:44:09, 8] smbd/dosmode.c:dos_mode(371)
  dos_mode: ./Games
[2008/04/25 16:44:09, 8] smbd/dosmode.c:dos_mode_from_sbuf(188)
  dos_mode_from_sbuf returning d
[2008/04/25 16:44:09, 8] smbd/dosmode.c:dos_mode(409)
  dos_mode returning d
[2008/04/25 16:44:09, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
  get_lanman2_dir_entry found ./Games fname=Games
[2008/04/25 16:44:09, 10] smbd/trans2.c:get_lanman2_dir_entry(1398)
  get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO
[2008/04/25 16:44:09, 0] lib/fault.c:fault_report(41)
  ===
[2008/04/25 16:44:09, 0] lib/fault.c:fault_report(42)
  INTERNAL ERROR: Signal 6 in pid 3156 (3.0.28a)
  Please read the Trouble-Shooting section of the Samba3-HOWTO
[2008/04/25 16:44:09, 0] lib/fault.c:fault_report(44)

  From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2008/04/25 16:44:09, 0] lib/fault.c:fault_report(45)
  ===
[2008/04/25 16:44:09, 0] lib/util.c:smb_panic(1633)
  PANIC (pid 3156): internal error
[2008/04/25 16:44:09, 0] lib/util.c:log_stack_trace(1787)
  unable to produce a stack trace on this platform
[2008/04/25 16:44:09, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(1000, 1000) : sec_ctx_stack_ndx = 1
[2008/04/25 16:44:09, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(101) : conn_ctx_stack_ndx = 0
[2008/04/25 16:44:09, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2008/04/25 16:44:09, 5] auth/auth_util.c:debug_nt_user_token(448)
  NT user token: (NULL)
[2008/04/25 16:44:09, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2008/04/25 16:44:09, 0] lib/fault.c:dump_core(181)
  dumping core in /opt/var/cores/smbd

I am willing to test patches. I may have a prod about in the source at
some point, but you guys can probably diagnose and fix the fault a
whole load better than I can. I have never looked at the samba source
before.

-- 

Best Regards

Edd

http://students.dec.bournemouth.ac.uk/ebarrett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Maxtor NAS share problem

2008-04-25 Thread Adam Williams 
what are the settings on the share you're trying to mount?  does it have 
something like valid users = rickj


your user ID's in /etc/passwd on your local computer and the NAS 
appliance may be different which is why the ls -l looks strange.


Rick Johnson wrote:
Actually, it WASN'T root that mounted the share. It was my user 
account "rickj".


Re: NFS, to the best of my knowledge the drive doesn't support it.

And I TRIED using -o uid=1000,gid=100 (the respective user and group 
IDs of "rickj") with the smbmount command (AND the mount command) but 
the ownership still shows as it did below in my example.


Note: On my system "mount" doesn't recognize "-t cifs" and the man 
page on smbfs says the following.


"Mount options for smbfs
   Just like nfs,  the  smbfs  implementation  expects  a  binary 
argument  (a  struct smb_mount_data)  to  the  mount  system  call. 
This argument is constructed by smbmount(8) and the current version of 
mount (2.12) does not know anything about smbfs."


Best Regards,

Rick J.

Adam Williams wrote:
root is owing the files because the user root mounted the share.  if 
you want to support unix file ownership in your rsync you should use 
NFS if the unit supports that.  to change the group ownership, pass 
the -o gid=some_group on your mount -t cifs command.  you can also 
use uid= and to use both, -o uid=someone,gid=somegroup


Rick Johnson wrote:

I have a network accessible (192.168.2.97) Maxtor Shared Storage 
drive that I want to use to backup the Linux (Slackware) systems on 
my private LAN. I can "smbmount" the drive okay on my Linux systems, 
but when I try and use rsync to do a backup rsync fails with a 
message about failing to change owner.


Digging a little deeper into the problem I find that the 
directories/files on the share all look something like the following


drwxr-xr-x  1 35000 root   0 2008-02-12 15:21 ArchiveOnLinux
drwxrwxrwx  1 35003 root   0 2008-04-22 01:01 Public
-rwxrw-rw-  1 35000 root 1127239 2008-02-28 11:28 gw_rn_vp_grey.pdf

which ISN'T the user (or group) I would have expected it to be 
mounted as. (I've done a chmod u+s /usr/bin/smbmnt to allow users to 
mount the share and I expected that the share would have the same 
owner as the user that mounted it.)


I've also found that I can't change ALL permissions ALL the time on 
the share's directories and files. I can remove group and world 
privileges from a file (which are remembered after a umount and 
remount) but I cannot restore them (even as root). Only the owner 
privileges are consistently changeable.


Basically, ALL I want to do is to be able to use the drive as a 
backup that will maintain the same permissions, user, group, etc., 
as the original files AND I want the files visible from both my 
Linux AND Windows systems (because I need to use Nero on a Windows 
machine to do the backups). Can someone help me figure out how to do 
this correctly?


Thanks,

Rick Johnson






--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] [3.0.28, 1] getpeername failed. Error was Socket is not connected

2008-04-25 Thread Gilles 
Hello

I see this type of errors in /var/log/samba/log.smbd:

[2008/04/24 13:13:34, 0] lib/util_sock.c:get_peer_addr(1232)
  getpeername failed. Error was Socket is not connected
[2008/04/25 08:30:57, 0] lib/util_sock.c:get_peer_addr(1232)
  getpeername failed. Error was Socket is not connected

This server is running FreeBSD 6.3 and is located on a private LAN.
Any idea what is causing this error, and does it matter?

Thank you.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: [3.0.28,1/smb.conf] Can't hide dot files

2008-04-25 Thread Gilles 
On Mon, 21 Apr 2008 10:06:49 +0200, Sojka Reinhard
<[EMAIL PROTECTED]> wrote:
>AFAIK Samba transfers dot files with a "hidden" attribute. If your users
>can see these "hidden" files or not depends, depends on the setup of the
>Windows client.

Thanks for the tip, I hadn't thought of this. I'll just use this to
have Samba not list hidden Unix files:

veto files = /.??*/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Maxtor NAS share problem

2008-04-25 Thread Rick Johnson 
Actually, it WASN'T root that mounted the share. It was my user account 
"rickj".


Re: NFS, to the best of my knowledge the drive doesn't support it.

And I TRIED using -o uid=1000,gid=100 (the respective user and group IDs 
of "rickj") with the smbmount command (AND the mount command) but the 
ownership still shows as it did below in my example.


Note: On my system "mount" doesn't recognize "-t cifs" and the man page 
on smbfs says the following.


"Mount options for smbfs
   Just like nfs,  the  smbfs  implementation  expects  a  binary 
argument  (a  struct smb_mount_data)  to  the  mount  system  call. 
This argument is constructed by smbmount(8) and the current version of 
mount (2.12) does not know anything about smbfs."


Best Regards,

Rick J.

Adam Williams wrote:
root is owing the files because the user root mounted the share.  if you 
want to support unix file ownership in your rsync you should use NFS if 
the unit supports that.  to change the group ownership, pass the -o 
gid=some_group on your mount -t cifs command.  you can also use uid= and 
to use both, -o uid=someone,gid=somegroup


Rick Johnson wrote:

I have a network accessible (192.168.2.97) Maxtor Shared Storage drive 
that I want to use to backup the Linux (Slackware) systems on my 
private LAN. I can "smbmount" the drive okay on my Linux systems, but 
when I try and use rsync to do a backup rsync fails with a message 
about failing to change owner.


Digging a little deeper into the problem I find that the 
directories/files on the share all look something like the following


drwxr-xr-x  1 35000 root   0 2008-02-12 15:21 ArchiveOnLinux
drwxrwxrwx  1 35003 root   0 2008-04-22 01:01 Public
-rwxrw-rw-  1 35000 root 1127239 2008-02-28 11:28 gw_rn_vp_grey.pdf

which ISN'T the user (or group) I would have expected it to be mounted 
as. (I've done a chmod u+s /usr/bin/smbmnt to allow users to mount the 
share and I expected that the share would have the same owner as the 
user that mounted it.)


I've also found that I can't change ALL permissions ALL the time on 
the share's directories and files. I can remove group and world 
privileges from a file (which are remembered after a umount and 
remount) but I cannot restore them (even as root). Only the owner 
privileges are consistently changeable.


Basically, ALL I want to do is to be able to use the drive as a backup 
that will maintain the same permissions, user, group, etc., as the 
original files AND I want the files visible from both my Linux AND 
Windows systems (because I need to use Nero on a Windows machine to do 
the backups). Can someone help me figure out how to do this correctly?


Thanks,

Rick Johnson






--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Unable to access linux files from windows using samba configured in linux Vmware

2008-04-25 Thread Adam Williams 
take out the space between the , and password=abc and the extra / on 
//home/abc


gforgcc wrote:


Squeezer99 wrote:
  
are you using smbpasswd, tdbsam, or ldapsam for authentication?  in 
linux can you do mount -t cifs "//192.168.248.195/A_Valid_Share" /mnt -o 
username=user,password=passwd


what sort of errors are you getting in /var/log/samba/log.smbd




Thanks for the reply.. :)
ya i am using smbpasswd.. but when i tried to mount as you told it is giving
something like this.. 



[EMAIL PROTECTED] mount -t cifs "//192.168.248.195//home/abc" /mnt -o
username=abc, password=abc
Usage: mount -V : print version
   mount -h : print this help
   mount: list mounted filesystems
   mount -l : idem, including volume labels
So far the informational part. Next the mounting.
The command is `mount [-t fstype] something somewhere'.
Details found in /etc/fstab may be omitted.
   mount -a [-t|-O] ... : mount all stuff from /etc/fstab
   mount device : mount device at the known place
   mount directory  : mount known device here
   mount -t type dev dir: ordinary mount command
Note that one does not really mount a device, one mounts
a filesystem (of the given type) found on the device.
One can also mount an already visible directory tree elsewhere:
   mount --bind olddir newdir
or move a subtree:
   mount --move olddir newdir
A device can be given by name, say /dev/hda1 or /dev/cdrom,
or by label, using  -L label  or by uuid, using  -U uuid .
Other options: [-nfFrsvw] [-o options] [-p passwdfd].
For many more details, say  man 8 mount .


and in the file /var/log/samba/smbd.log... the output is like this...

Copyright Andrew Tridgell and the Samba Team 1992-2006
[2008/04/25 10:30:24, 0] smbd/server.c:main(805)
  smbd version 3.0.21b-2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2006

so what might be the problem ??? :(

  

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] question, pdc bdc on diferent subnet

2008-04-25 Thread Maximo Monsalvo 

Adam Williams wrote:

yes, i have a PDC w/ BDCs on different subnets.  works fine.



ok thanks , you follows some turorial for this ?




Maximo Mosalvo wrote:
Hi, is posible to configure a samba pdc server on a central office 
and 3 bdc on branches office united by vpn one conection with openvpn 
, and in4 different subnet 



saludos
Maximo Monsalvo







--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba segs when serving files from a windows partition on OpenBSD-4.2

2008-04-25 Thread Uwe Laverenz 

Edd schrieb:


Before I file a bug report, I just wanted to check that samba is capable
of serving files from a FAT32 partition. I have here an OpenBSD-4.2


This reminds me of https://bugzilla.samba.org/show_bug.cgi?id=4715

Short description: Samba crashes on any filesystem except UFS.

You could test wether it is the same problem or not by installing Samba 
3.023 or 3.024. If they work with FAT32, it's probably the same Problem 
that bites us on FreeBSD (and keeps us from using Samba+FreeBSD in 
production). :-/


bye,
Uwe

--
Molkerei Ammerland eG
Oldenburger Landstraße 1a
26215 Wiefelstede

Phone   :  +49-04458-9111- 23
Fax :  +49-04458-9111-980
Email   :  [EMAIL PROTECTED]
Web-Site:  http://www.molkerei-ammerland.de

eG mit Sitz in Wiefelstede, Registergericht Oldenburg, GnR 120009

Vorstand:

Gerd Wemken (Vorsitzender), Herbert Heyen (stellv. Vorsitzender),
Hermann Boekhoff, Frank Caspers, Werner Freese, Johann Gieseke,
Heiko Hinrichs, Fritz-Harald Strodthoff-Schneider, Heino Suhr,
Diedrich Wilken

Aufsichtsratsvorsitzender:
Justus Ackermann
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba segs when serving files from a windows partition on OpenBSD-4.2

2008-04-25 Thread Volker Lendecke 
On Fri, Apr 25, 2008 at 10:14:07AM +0100, Edd wrote:
> Before I file a bug report, I just wanted to check that samba is capable
> of serving files from a FAT32 partition. I have here an OpenBSD-4.2
> i386 machine here with a second disk containting files that I will be
> sharing via both NFS and samba. The NFS share work great, but samba seg
> faults upon a windows client connecting. This occurs when using the
> OpenBSD package, and also when built from scratch using the most recent
> version of samba (downloaded yesterday).
> 
> If I change the share path to a directory on a UFS partition, all is
> well.
> 
> I can not get a stack trace, as even with symbols enabled, the log tells
> me that it cannot make a core dump for this architecure.
> 
> I can however get a "log level = 10" paste later today if needed.
> 
> Is this a bug or a limitation in samba?

Without that debug log it's kindof hard to say.

Volker


pgpcOb32a8IBX.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba segs when serving files from a windows partition on OpenBSD-4.2

2008-04-25 Thread Edd 
Hi,

Before I file a bug report, I just wanted to check that samba is capable
of serving files from a FAT32 partition. I have here an OpenBSD-4.2
i386 machine here with a second disk containting files that I will be
sharing via both NFS and samba. The NFS share work great, but samba seg
faults upon a windows client connecting. This occurs when using the
OpenBSD package, and also when built from scratch using the most recent
version of samba (downloaded yesterday).

If I change the share path to a directory on a UFS partition, all is
well.

I can not get a stack trace, as even with symbols enabled, the log tells
me that it cannot make a core dump for this architecure.

I can however get a "log level = 10" paste later today if needed.

Is this a bug or a limitation in samba?

Thanks

-- 

Best Regards
Edd

http://students.dec.bmth.ac.uk/ebarrett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba