Re: [Samba] Samba file share slowdown
On Tue, Mar 08, 2011 at 10:41:19AM -0800, James Hurlburt wrote: > Jeremy: > Looks like I may have made a mistake attaching the file. > Here is my smb.conf in the email. > > If both trys actually worked, please ignore one. The only strange thing I can see is: fstype = FAT in your share definitions. Why are you setting that ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Default Keyboard Layout changed to english.
Hello,
i wanted to let you know, that i got it fixed... so thanks to everyone
who responded. The problem was (as you said) in SID. Unfortunately i
didn't know anything about SID-s so i had to do a bit research about it.
I decided to write what i did to fix it (in case someone else has the
same problem).
1. i checked the current sid ("net getlocalsid" and "net getdomainsid")
2. since i didn't have a clue what my previous sid was, i did a bit of
research. Finally, what i came up with was this.. on xp i used
regedit.exe and went HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList there was list of all users who had logged
onto this machine... there i noticed that if i remove last (4 i think)
numbers I'd get the domain sid. From there i just found a user who
hadn't logged in a long time and got the old sid.
3. changed the sid on PDC with "net setlocalsid sidgoeshere" and "net
setdomainsid sidgoeshere" ("net setlocalsid
S-1-5-21-1724097787-4134227269-272652245" for example)
4. Then i restarted samba and at first it seemed like it didn't work (so
i tried to delete local copies of profiles and all kinds of things), but
as it turns out it worked out fine. (i deleted NTUSER* files from a
single profile and it seemed to work after that, but i don't think it
was necessary, because i didn't do that /or anything else/ to other
profiles/computer and they worked just fine on their own).
PS: Keyboard layout, images from desktop not opening, media player and
adobe premiere not working all of that was solved with that as well.
@naxto: no need to get so offended. I did say i was a noob when it comes
to Linux... so obviously i haven't even heard of virtualization
techniques etc. (my idea of testing was to upgrade my laptop which had
similar setup... and check /var/log for any errors but since i
didn't have any client pc-s to test roaming profiles in my home... i
failed). I wasn't trying to say, that samba screwed up my system... i
know it was my fault... i just said, that it was related to samba (witch
it was). Since I've accustomed to windows, i just installed updates
without reading anything (didn't even know about changelogs), because
like some ppl say... windows is for dumb-users :) so it usually warns
during installation if updates contain some radical changes (again my
fault for not knowing). I'm still learning to use Linux correctly, so if
i gave you an impression, that i was dissing Samba or Linux (or their
respective developers), then i'm sorry.
Now if u excuse me i'm gonna continue bouncing around the room with
happiness, cuz my PDC works as it should again.
With gratitude,
Kalev
10.03.2011 17:50, Jean-Jacques Moulis kirjutas:
On Thu, 10 Mar 2011 13:45:17 +0200 Kalev Riivik wrote:
KR> >> i upgraded debian from lenny to squeeze and i managed to mess up
KR> >> config file or update (cuz i'm quite noob when it comes to linux).
KR> >> I'm gonna try to explain best to my abillity, how i got where i am
KR> >> right now (bear in mind that this is my first time in this list).
KR> >> Since smbpasswd and pdbedit had mysteriously vanished after upgrade,
KR> >> i did reinstall to samba (3.5.6 PDC with roaming profiles). Since i
KR> >> did backup of entire /etc folder i put the old smb.conf back, but
KR> >> what happened was that nobody was able to log in (from xp). So what i
KR> >> had to do, was leave and rejoin the domain with all of the computers.
KR> >> After that it appeared that i had to input everyone's password again.
KR> >> Then some people were able to log in and others were not after a
KR> >> bit of research i found out that those people that couldn't log in
KR> >> had "special" (estonian) characters in their name (like äöüõ or šž
KR> >> etc), so i added "unix charset = UTF8" to the smb.conf and it seemed
KR> >> to work (later replaced UTF8 with ISO-8859-15 and it still worked).
KR> >>
KR> >> The problem i'm having, is that when I (or anybody else) logs into xp
KR> >> machine with roaming profile, the default keyboard layout is set to
KR> >> US and they can't change it (but that might be because of gpedit
KR> >> policies i set up in xp machines). When i log in with local user (to
KR> >> xp) then keyboard is fine. I did try to find solution on the
KR> >> internet, but the posts i found about this problem were without
KR> >> answers. Any kind of help is appriciated
KR> >>
to fix the keyboard issue (this as nothing to do with the upgrade of the server
but with the installation of the client and probably users didn't had the
password they
thought they had)
run the following command on every client
reg.exe ADD "HKU\.DEFAULT\Keyboard Layout\Preload" /v 1 /t REG_SZ /d 041d /f
--^
replace 041d (swedish) with the code for estonian. I leave that to you and
google.
Your other problem is that you probably didn't preserv
[Samba] winbind use default domain = Yes -> doesn't work since upgrade
Hi List, I Upgraded my samba Installation from 3.3.8 (centos packages) to 3.5.8 (sernet packages). Now logging in does not work without providing the domain any more - before the upgrade it worked. Does someone knows what has changed in 3.5.8? Regards Markus -- Schon gehört? GMX hat einen genialen Phishing-Filter in die Toolbar eingebaut! http://www.gmx.net/de/go/toolbar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind use default domain = Yes -> doesn't work since upgrade
2011/3/11 markus hansen : > I Upgraded my samba Installation from 3.3.8 (centos packages) to 3.5.8 > (sernet packages). > Now logging in does not work without providing the domain any more - before > the upgrade > it worked. Does someone knows what has changed in 3.5.8? What do you get in the log if you up the debug level to 3 and try logging in with and without specifying the domain? Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help with ADS authentication and Samba
Hi there, just recently joined this list as I seem to be having a little trouble that I am hoping someone can help with. I recently installed a RHEL5.5 server and updated samba to samba3-3.4.11-42.el5.x86_64.rpm. I had never set up samba to authenticate with ADS so I read a little bit and dove right in. The server now works fine, so when I browse to \\machinename no login box pops up, and I see the shares, and every user in the domain can write to them. So far so good. I then try to replicate this on another server and then the problems started. Here is the procedure I followed: I copied smb.conf, krb5.conf over to the new server from the working copy. Edited nsswitch.conf to add winbind to the end of passwd, group and shadow. I then ran "kinit admin". This worked. I than ran kdestroy to destroy the token. [root@rhel5u5live ~]# net ads join -U ictadmin Enter ictadmin's password: Using short domain name -- XXX Joined 'RHEL5U5LIVE' to realm 'xxx.com' [root@rhel5u5live ~]# net ads testjoin Join is OK [root@rhel5u5live ~]# wbinfo -u | grep brian.om XXX/brian.omahony So it seems to be able to look up users etc on the Domain controller. How ever when I browse to \\machinename a login box pops up. I *know* I must have forgotten something, but cant figure out what. Could someone please help? Thanx b The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
2011/3/11 Brian O'Mahony : > Hi there, just recently joined this list as I seem to be having a little > trouble that I am hoping someone can help with. > > I recently installed a RHEL5.5 server and updated samba to > samba3-3.4.11-42.el5.x86_64.rpm. I had never set up samba to authenticate > with ADS so I read a little bit and dove right in. The server now works fine, > so when I browse to \\machinename no login box pops > up, and I see the shares, and every user in the domain can write to them. > > So far so good. I then try to replicate this on another server and then the > problems started. Here is the procedure I followed: > > I copied smb.conf, krb5.conf over to the new server from the working copy. > Edited nsswitch.conf to add winbind to the end of passwd, group and shadow. > > I then ran "kinit admin". This worked. I than ran kdestroy to destroy the > token. > > [root@rhel5u5live ~]# net ads join -U ictadmin > Enter ictadmin's password: > Using short domain name -- XXX > Joined 'RHEL5U5LIVE' to realm 'xxx.com' > [root@rhel5u5live ~]# net ads testjoin > Join is OK > [root@rhel5u5live ~]# wbinfo -u | grep brian.om > XXX/brian.omahony > > > So it seems to be able to look up users etc on the Domain controller. How > ever when I browse to \\machinename a login box pops > up. I *know* I must have forgotten something, but cant figure out what. Welcome to my world. I have exactly the same issue - one server works fine, the other doesn't, even though all the wb tests seem to be fine. Is it an XP client, by any chance? I've narrowed it down to a kerberos issue, I believe. If you run net use \\servername\share /user:XXX/brian.omahony does it work correctly without asking for a password? This seems to be NTLM vs Kerberos auth, but I can't get any further than that. One thing to check, make sure that you have FQDN entries in the server's /etc/hosts (or as reverse entries in DNS) for your dc and the server itself. ie when you do dig -x 192.168.6.10 (the ip address of the server, obviously) from the server, do you get the full domain name or just the hostname? Various pages suggest that might be the cause of the problem, although it doesn't help me. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't find migrate tool.. [s4]
On 9 March 2011 13:25, Collen Blijenberg wrote: > Hi all, i was looking for a tool/file > called myldap-pub.py > > i looked in the git, but it's not there ?! > (http://lists.samba.org/archive/samba/2011-February/160887.html) Try asking about this on samba-technical. There's been no mention of it there recently, so I don't think it's been renamed and/or imported into the Samba repository yet. -- Michael Wood -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
It is XP. When I ran net use \\rhel5u5\tmp /USER:DOMAIN\brian.omahony I get: The password or user name is invalid for \\rhel5u5live\tmp. Enter the password for 'ITDESIGN2\brian.omahony' to connect to 'rhel5u5live': System error 1326 has occurred. Logon failure: unknown user name or bad password. Obviously I entered my windows password when I was prompted. The working server does NOT have entries in the hosts file, and this server DOES. However both can dig the DC successfully. Here is the machine log: [root@rhel5u5live samba]# cat log.soundwave [2011/03/11 13:25:31, 6] param/loadparm.c:7028(lp_file_list_changed) lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Mar 11 13:21:32 2011 [2011/03/11 13:25:31, 5] smbd/reply.c:503(reply_special) init msg_type=0x81 msg_flags=0x0 [2011/03/11 13:25:31, 5] lib/util_sock.c:528(read_fd_with_timeout) read_fd_with_timeout: blocking read. EOF from client. [2011/03/11 13:25:31, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/03/11 13:25:31, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2011/03/11 13:25:31, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2011/03/11 13:25:31, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2011/03/11 13:25:31, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2011/03/11 13:25:31, 3] smbd/connection.c:42(yield_connection) deleting connection record returned NT_STATUS_NOT_FOUND [2011/03/11 13:25:31, 3] smbd/server.c:845(exit_server_common) Server exit (failed to receive smb request) -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 11:49 AM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba 2011/3/11 Brian O'Mahony : > Hi there, just recently joined this list as I seem to be having a little > trouble that I am hoping someone can help with. > > I recently installed a RHEL5.5 server and updated samba to > samba3-3.4.11-42.el5.x86_64.rpm. I had never set up samba to authenticate > with ADS so I read a little bit and dove right in. The server now works fine, > so when I browse to \\machinename no login box pops > up, and I see the shares, and every user in the domain can write to them. > > So far so good. I then try to replicate this on another server and then the > problems started. Here is the procedure I followed: > > I copied smb.conf, krb5.conf over to the new server from the working copy. > Edited nsswitch.conf to add winbind to the end of passwd, group and shadow. > > I then ran "kinit admin". This worked. I than ran kdestroy to destroy the > token. > > [root@rhel5u5live ~]# net ads join -U ictadmin Enter ictadmin's > password: > Using short domain name -- XXX > Joined 'RHEL5U5LIVE' to realm 'xxx.com' > [root@rhel5u5live ~]# net ads testjoin Join is OK [root@rhel5u5live > ~]# wbinfo -u | grep brian.om XXX/brian.omahony > > > So it seems to be able to look up users etc on the Domain controller. How > ever when I browse to \\machinename a login box pops > up. I *know* I must have forgotten something, but cant figure out what. Welcome to my world. I have exactly the same issue - one server works fine, the other doesn't, even though all the wb tests seem to be fine. Is it an XP client, by any chance? I've narrowed it down to a kerberos issue, I believe. If you run net use \\servername\share /user:XXX/brian.omahony does it work correctly without asking for a password? This seems to be NTLM vs Kerberos auth, but I can't get any further than that. One thing to check, make sure that you have FQDN entries in the server's /etc/hosts (or as reverse entries in DNS) for your dc and the server itself. ie when you do dig -x 192.168.6.10 (the ip address of the server, obviously) from the server, do you get the full domain name or just the hostname? Various pages suggest that might be the cause of the problem, although it doesn't help me. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind use default domain = Yes -> doesn't work since upgrade
Hi, loglevel 3 output is here: http://pastebin.com/4GjJUuLa a similar problem is reported here: http://us.generation-nt.com/answer/bug-617449-does-not-honor-winbind-use-default-domain-yes-help-202465862.html but the proposed fix does not do it in my case. Markus Original-Nachricht > Datum: Fri, 11 Mar 2011 11:33:13 + > Von: Geoff Winkless > An: samba > Betreff: Re: [Samba] winbind use default domain = Yes -> doesn\'t work since > upgrade > 2011/3/11 markus hansen : > > I Upgraded my samba Installation from 3.3.8 (centos packages) to 3.5.8 > (sernet packages). > > Now logging in does not work without providing the domain any more - > before the upgrade > > it worked. Does someone knows what has changed in 3.5.8? > > What do you get in the log if you up the debug level to 3 and try > logging in with and without specifying the domain? > > Geoff > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- Schon gehört? GMX hat einen genialen Phishing-Filter in die Toolbar eingebaut! http://www.gmx.net/de/go/toolbar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
On 11 March 2011 13:27, Brian O'Mahony wrote: > When I ran net use \\rhel5u5\tmp /USER:DOMAIN\brian.omahony I get: > The password or user name is invalid for \\rhel5u5live\tmp. Not the same problem I have then. Shame. I can force the domain and it works. > The working server does NOT have entries in the hosts file, and this server > DOES. However both can dig the DC successfully. Apologies, I meant dig -x rhel5u5's IP, not that of the DC. dig should return the FQDN, not just rhel5u5. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] alpha 15 ?
I've seen people mention an Samba4 Alpha 15, though I can't seem to find it on the samba ftp. Where can I get the source for this if it is available? Thanks Aaron -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
When I dig the RHEL server, it actually returns the DC: 160.16.172.in-addr.arpa. 3600 IN SOA animal.XXX.com. hostmaster.XXX.com. 77337 900 600 86400 3600 The system that is working returns its correct name (ccdubrep.XXX.com) I added the server to the windows DNS table, and the dig now shows correctly. However it is still popping up a login box. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 3:34 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba On 11 March 2011 13:27, Brian O'Mahony wrote: > When I ran net use \\rhel5u5\tmp /USER:DOMAIN\brian.omahony I get: > The password or user name is invalid for \\rhel5u5live\tmp. Not the same problem I have then. Shame. I can force the domain and it works. > The working server does NOT have entries in the hosts file, and this server > DOES. However both can dig the DC successfully. Apologies, I meant dig -x rhel5u5's IP, not that of the DC. dig should return the FQDN, not just rhel5u5. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
Turns out something else has gone wrong on me. The system that previously worked without a login box, now requires it. I didn't notice this as my machine obviously is cahed. If I put my credentials in (DOMAIN\user and password), it logs in. Still need to fix that The system that has the same confirguration, pops the login box, but I cannot log in using the same credentials. This is starting to boggle me. I don't know why all of a sudden, the first machine is throwing up a login box, and secondly why the second one wont authenticate. B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Brian O'Mahony Sent: Friday, March 11, 2011 4:02 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba When I dig the RHEL server, it actually returns the DC: 160.16.172.in-addr.arpa. 3600 IN SOA animal.XXX.com. hostmaster.XXX.com. 77337 900 600 86400 3600 The system that is working returns its correct name (ccdubrep.XXX.com) I added the server to the windows DNS table, and the dig now shows correctly. However it is still popping up a login box. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 3:34 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba On 11 March 2011 13:27, Brian O'Mahony wrote: > When I ran net use \\rhel5u5\tmp /USER:DOMAIN\brian.omahony I get: > The password or user name is invalid for \\rhel5u5live\tmp. Not the same problem I have then. Shame. I can force the domain and it works. > The working server does NOT have entries in the hosts file, and this server > DOES. However both can dig the DC successfully. Apologies, I meant dig -x rhel5u5's IP, not that of the DC. dig should return the FQDN, not just rhel5u5. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
On 11 March 2011 16:02, Brian O'Mahony wrote: > When I dig the RHEL server, it actually returns the DC: > > 160.16.172.in-addr.arpa. 3600 IN SOA animal.XXX.com. > hostmaster.XXX.com. 77337 900 600 86400 3600 > > The system that is working returns its correct name (ccdubrep.XXX.com) > > I added the server to the windows DNS table, and the dig now shows correctly. > > However it is still popping up a login box. Even after restarting both smb and winbind? Then I dunno. I'm beginning to feel like the ADS stuff is a bit like a black art - did you remember to sacrifice a goat and turn three times widdershins before you started? Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
Restarted services. Restarted servers. Recopied smb and krb5 conf files to the server that is not working. I have increased log level to 9 to see what is going on. Black are is right. The fact that one system was working without the login prompt and now doesn't is starting to fry my brains. Especially on a Friday B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 4:22 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba On 11 March 2011 16:02, Brian O'Mahony wrote: > When I dig the RHEL server, it actually returns the DC: > > 160.16.172.in-addr.arpa. 3600 IN SOA animal.XXX.com. > hostmaster.XXX.com. 77337 900 600 86400 3600 > > The system that is working returns its correct name (ccdubrep.XXX.com) > > I added the server to the windows DNS table, and the dig now shows correctly. > > However it is still popping up a login box. Even after restarting both smb and winbind? Then I dunno. I'm beginning to feel like the ADS stuff is a bit like a black art - did you remember to sacrifice a goat and turn three times widdershins before you started? Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
On 11 March 2011 16:06, Brian O'Mahony wrote: > Turns out something else has gone wrong on me. > > The system that previously worked without a login box, now requires it. I > didn't notice this as my machine obviously is cahed. If I put my credentials > in (DOMAIN\user and password), it logs in. Still need to fix that That sounds more like my problem. If you do the net use command specifying the domain\user does it still ask for password or does it go with it from there? > The system that has the same confirguration, pops the login box, but I cannot > log in using the same credentials. Are they running the same samba version? Have you run a diff on the output from testparm -v on both boxes? What does wbinfo -k DOMAIN\\brian.omahoney return? (or DOMAIN+brian.omahoney if you're using + as a winbind separator) G -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
Yep that works. Looks like I have the same issue as you on one server, and the other is just hosed. Did yours ever work? Mine worked on Wednesday before I tried to figure out why the second one didn't work, and broke the original in the process. Arg. B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 4:28 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba On 11 March 2011 16:06, Brian O'Mahony wrote: > Turns out something else has gone wrong on me. > > The system that previously worked without a login box, now requires > it. I didn't notice this as my machine obviously is cahed. If I put my > credentials in (DOMAIN\user and password), it logs in. Still need to > fix that That sounds more like my problem. If you do the net use command specifying the domain\user does it still ask for password or does it go with it from there? > The system that has the same confirguration, pops the login box, but I cannot > log in using the same credentials. Are they running the same samba version? Have you run a diff on the output from testparm -v on both boxes? What does wbinfo -k DOMAIN\\brian.omahoney return? (or DOMAIN+brian.omahoney if you're using + as a winbind separator) G -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
On 11 March 2011 16:33, Brian O'Mahony wrote: > Yep that works. Looks like I have the same issue as you on one server, and > the other is just hosed. > > Did yours ever work? Mine worked on Wednesday before I tried to figure out > why the second one didn't work, and broke the original in the process. Mine used to work with identical config before I upgraded it from Redhat 9. I have a feeling it's related to that - perhaps there's a cache of some sort somewhere that remembers the IP/domain name and doesn't like the fact that something about the server (the SID?) has changed. I reset the netbios cache on the XP client but it made no difference. I might try changing the server name and see if it helps. I have no idea where to start looking, unfortunately, so it makes it a bit like looking for a needle in a haystack at midnight. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
I only installed this server with Base RHEL5.5 last week, got samba working on Monday with ADS. By today (probably yesterday or wed) it was now popping up the login box. When you change the name, what is entailed? Change the name in RHEL. Change the name in DNS (windows server) Rejoin the ads network using net ads join -U Anything else? Thanks for the help so far. B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 4:40 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba On 11 March 2011 16:33, Brian O'Mahony wrote: > Yep that works. Looks like I have the same issue as you on one server, and > the other is just hosed. > > Did yours ever work? Mine worked on Wednesday before I tried to figure out > why the second one didn't work, and broke the original in the process. Mine used to work with identical config before I upgraded it from Redhat 9. I have a feeling it's related to that - perhaps there's a cache of some sort somewhere that remembers the IP/domain name and doesn't like the fact that something about the server (the SID?) has changed. I reset the netbios cache on the XP client but it made no difference. I might try changing the server name and see if it helps. I have no idea where to start looking, unfortunately, so it makes it a bit like looking for a needle in a haystack at midnight. Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
Well I changed the server name and it resolved my problem, so I'm guessing something was left over from the old install. No idea where though, anyone any clue? On 11 March 2011 16:47, Brian O'Mahony wrote: > I only installed this server with Base RHEL5.5 last week, got samba working > on Monday with ADS. > By today (probably yesterday or wed) it was now popping up the login box. > > When you change the name, what is entailed? > Change the name in RHEL. > Change the name in DNS (windows server) > Rejoin the ads network using net ads join -U Sounds about it. I ran net ads leave first, then changed samba and /etc/hosts and reran kinit too before rejoining, I dunno if that's required. > Thanks for the help so far. Not sure how much help I'm being, it's nice to know I'm not the only one. Did you try the testparm thing? Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
Geoff, did you do the steps below? Was there anything else required? B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 4:59 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba Well I changed the server name and it resolved my problem, so I'm guessing something was left over from the old install. No idea where though, anyone any clue? On 11 March 2011 16:47, Brian O'Mahony wrote: > I only installed this server with Base RHEL5.5 last week, got samba working > on Monday with ADS. > By today (probably yesterday or wed) it was now popping up the login box. > > When you change the name, what is entailed? > Change the name in RHEL. > Change the name in DNS (windows server) Rejoin the ads network using > net ads join -U Sounds about it. I ran net ads leave first, then changed samba and /etc/hosts and reran kinit too before rejoining, I dunno if that's required. > Thanks for the help so far. Not sure how much help I'm being, it's nice to know I'm not the only one. Did you try the testparm thing? Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with ADS authentication and Samba
After a bit more investigation it seems my issue on the working server is a bit more complex. If I use any of the three usernames that had previously worked, they work in the login prompt. However if I use any other user, it fails to log in. There is obviously a cache of users somewhere, but I cannot find it. Has anyone an idea where this cache is? Regards B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Brian O'Mahony Sent: Friday, March 11, 2011 5:05 PM To: 'Geoff Winkless'; samba Subject: Re: [Samba] Help with ADS authentication and Samba Geoff, did you do the steps below? Was there anything else required? B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Geoff Winkless Sent: Friday, March 11, 2011 4:59 PM To: samba Subject: Re: [Samba] Help with ADS authentication and Samba Well I changed the server name and it resolved my problem, so I'm guessing something was left over from the old install. No idea where though, anyone any clue? On 11 March 2011 16:47, Brian O'Mahony wrote: > I only installed this server with Base RHEL5.5 last week, got samba working > on Monday with ADS. > By today (probably yesterday or wed) it was now popping up the login box. > > When you change the name, what is entailed? > Change the name in RHEL. > Change the name in DNS (windows server) Rejoin the ads network using > net ads join -U Sounds about it. I ran net ads leave first, then changed samba and /etc/hosts and reran kinit too before rejoining, I dunno if that's required. > Thanks for the help so far. Not sure how much help I'm being, it's nice to know I'm not the only one. Did you try the testparm thing? Geoff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
Quoting Chris Smith : On Thu, Mar 10, 2011 at 5:44 PM, Mike Brady wrote: Sorry, I do have wins support = yes on the PDC. Faulty memory on my part. Do you also have a "wins server = a.b.c.d" entry on the PDC? If so remove it and restart Samba. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba No. PDC has wins support = Yes BDC has wins server = 172.17.1.50 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
On Fri, Mar 11, 2011 at 12:58 PM, Mike Brady wrote: > No. Is nmbd running on the PDC? Do you have a wins.dat file (possible location of /var/lib/samba/wins.dat - depends on configure)? Maybe post the global section (minus comments) of your smb.conf. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
Quoting Chris Smith : On Fri, Mar 11, 2011 at 12:58 PM, Mike Brady wrote: No. Is nmbd running on the PDC? Do you have a wins.dat file (possible location of /var/lib/samba/wins.dat - depends on configure)? Maybe post the global section (minus comments) of your smb.conf. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Yes nmbd is running. # ll /var/lib/samba/wins* -rw-r--r-- 1 root root 4225 Mar 12 07:52 /var/lib/samba/wins.dat -rw--- 1 root root 24576 Mar 12 07:52 /var/lib/samba/wins.tdb # cat /etc/samba/smb.conf [global] unix charset = LOCALE workgroup = example netbios name = vm10 netbios aliases = filesshares passdb backend = ldapsam:"ldap://vm10.example.co.nz"; username map = /etc/samba/smbusers guest account = nobody browseable = yes log level = 2 syslog = 1 log file = /var/log/samba/%m max log size = 0 obey pam restrictions = yes name resolve order = wins bcast hosts time server = Yes shutdown script = /sbin/shutdown -h abort shutdown script = /sbin/shutdown -c logon script = logon.bat logon path = logon home = domain master = Yes local master = yes preferred master = yes os level = 65 domain logons = Yes wins support = Yes ldapsam:trusted = yes ldapsam:editposix = yes ldap ssl = off ldap suffix = dc=example,dc=co,dc=nz ldap machine suffix = ou=Computers,ou=Users ldap user suffix = ou=People,ou=Users ldap group suffix = ou=Groups ldap admin dn = cn=sambaadmin,dc=example,dc=co,dc=nz idmap backend = ldap:ldap://127.0.0.1 ldap idmap suffix = ou=Idmap idmap uid = 1-2 idmap gid = 1-2 load printers = no printing = bsd printcap name = /dev/null show add printer wizard = no disable spoolss = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] PDC and BDC... what about de shared folders??
Hi, i am new in the mailing list. I am trying to figure out my configuration. I have a Samba server authenticating with /etc/passwd. We are planing to move to LDAP and install a BDC server. The information I found googleing is always related to BDC as a backup for authentication but, I am not clear about the files stored in shared folders. I am reading (everybody recomend it) this book and the number 5 specific chapter http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-bdc.html As said, I am not sure how to give access to the shared folders (stored in PDC) when it fails, because I suppose that users will authenticate with the BDC server, and What about the shared folders?? Do I have to sync this folders and add in the configuration of BDC the shared folders?? Thanks for your help. Bayardo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC and BDC... what about de shared folders??
On Fri, Mar 11, 2011 at 2:08 PM, Bayardo Rivas - Open Soluciones wrote: > Hi, > > i am new in the mailing list. I am trying to figure out my configuration. I > have a Samba server authenticating with /etc/passwd. We are planing to move > to LDAP and install a BDC server. The information I > found googleing is always related to BDC as a backup for authentication but, > I am not clear about the files stored in shared folders. > > I am reading (everybody recomend it) this book and the number 5 specific > chapter > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-bdc.html > > As said, I am not sure how to give access to the shared folders (stored in > PDC) when it fails, because I suppose that users will authenticate with the > BDC server, and What about the shared folders?? Do I have to > sync this folders and add in the configuration of BDC the shared folders?? > On my work network. I put no shares on the PDC or BDC but on other member servers. My PDC and BDC actually are very small and I have migrated them both to virtual machines as guests. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Sloe reponse using net use command
We are using Fedora: 14 Samba: 3.5.6-71.fc14 To connect our Windows XP workstations to the Linux box and Samba shares, we use net use run three times to connect to the three shares on the Linux box. This works but there is a considerable delay when the net use command executes. Eventuatually (after about 5 seconds) we get the response "the command completed successfully" after which we can see the shares in Windows Explorer and happily read and write to them. We are concerned that: 1. there is a 5 second delay which we do not get on a similar set up using Fedora 7 with Samba on another Linux box. The two Linux boxes have identical smb config files; 2. there may be something more sinister going on which will give trouble in the future. Has anyone experienced this problem and been able to solve it. Thanks Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC and BDC... what about de shared folders??
Quoting Bayardo Rivas - Open Soluciones : Hi, i am new in the mailing list. I am trying to figure out my configuration. I have a Samba server authenticating with /etc/passwd. We are planing to move to LDAP and install a BDC server. The information I found googleing is always related to BDC as a backup for authentication but, I am not clear about the files stored in shared folders. I am reading (everybody recomend it) this book and the number 5 specific chapter http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-bdc.html As said, I am not sure how to give access to the shared folders (stored in PDC) when it fails, because I suppose that users will authenticate with the BDC server, and What about the shared folders?? Do I have to sync this folders and add in the configuration of BDC the shared folders?? Thanks for your help. Bayardo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Yes you will have to sync the folders and add them to the BDC configuration when they are needed. I also suggest having a look at using a netbios alias and/or DFS to make the failover easer on your users. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind use default domain = Yes -> doesn't work since upgrade
Quoting markus hansen (hansenmar...@gmx.de): > Hi List, > > I Upgraded my samba Installation from 3.3.8 (centos packages) to 3.5.8 > (sernet packages). Now logging in does not work without providing the domain > any more - before the upgrade it worked. Does someone knows what has changed > in 3.5.8? See bug #7999. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba file share slowdown
The thought was that the dos workstations would be unhappy with ntfs. I may well have been wrong there. I found the key bit. For a share with multiple stations sharing dbf files using CA clipper 5.2 as the program language, optlocks need to be off. The part about clipper and dbf files may not be a specific part of my problem, multiple stations attempting to share read/write acess certainly is. We have half a dozen or so dbf files that are heavily shared between perhaps 30 workstations. Setting oplocks off made a huge difference. The online help seems to suggest the opposite-- that oplocks would be a positive influence on multiple access useage, the chapter in the docs that I finally found that explains it wasn't easy to find. I didn't find it till someone else suggested this fix. When I searched with that question in mind I found it. Thanks for your help, overall samba is a very good thing. Jim Hurlburt Yakima, WA On 3/11/11, Jeremy Allison wrote: > On Tue, Mar 08, 2011 at 10:41:19AM -0800, James Hurlburt wrote: >> Jeremy: >> Looks like I may have made a mistake attaching the file. >> Here is my smb.conf in the email. >> >> If both trys actually worked, please ignore one. > > The only strange thing I can see is: > > fstype = FAT > > in your share definitions. Why are you setting that ? > > Jeremy. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Restrict file types to be saved in a samba server
Hi, I have a Samba server, it's main goal is to store documents of all users of the network. Certain users abuses and save mp3, mov, jpg, gif and other files that must be saved in other file server, so I need to restrict the those type files and allow my users save only office files like .doc, .docx, .xls, .ppt, .pdf thanks for your help. Bayardo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
