[Samba] trouble accessing file of unknown size
I'll describe the setup, then the issue. We are working on building a dynamic file system that will generate reports on an as-needed basis. To do this, we have: a) A java service that accesses a database to see what reports are available, generates reports when asked, and keeps a cache of reports. The first time a report is requested, it is created and then cached. b) A FUSE file system that talks to the java service. Data for files is streamed back to it and on to the user. This part works fine. For reports that have not been cached, we are using a filesize of 0 to indicate unknown size. In FUSE, we can set a flag for direct I/O that signals us to just get all the bytes, don't worry about the size, and this works OK. c) When we add SAMBA to the mix, the filesize is problematic. For files we know the size of (those that have been cached), it works fine. However, for files of unknown size, SAMBA doesn't seem to have a direct option, and it just returns a file with 0 bytes. Idea 1: In following the FUSE logs, for a 0-sized file, SAMBA is attempting to open the file, but never reads it. It just flushes and releases it. Is there a setting for direct I/O in SAMBA to try simply get all the bytes (it would be like reading a pipe)? Idea 2: I tried lying about the size and setting it to 1GB when the file size is unknown. This works, sort of, but SAMBA keeps making requests to get 1GB of bytes - even though it is also asking for file attributes before each read. It takes way to long, and the service is returning the file for every request. This is not ideal. Any ideas on how to shortcut SAMBA after the first read, so it knows the filesize has been updated? Idea 3: Does anyone have any? I'm open to suggestions. I can send a log - what would be a useful log level? Thanks. -Casey This message is intended for the addressee only and may contain privileged or confidential information. Unless you are the intended recipient, you may not use, copy or disclose to anyone any information contained in this message. If you have received this message in error, please notify the author by replying to this message and then kindly delete the message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Does SAMBA4 Support AppLocker in Group Policies?
Hello! AppLocker is a newer technique which allows users to control access to certain programs and it was introduced in Windows 2008 Server and Windows 7 (clients). I wonder does SAMBA 4 support it? Thank you! -- View this message in context: http://samba.2283325.n4.nabble.com/Does-SAMBA4-Support-AppLocker-in-Group-Policies-tp4206013p4206013.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] All read and write
There is no user other? From kukks suggestion, still getting DENY_NONE RDONLY. I search that error and read a comment that samba locks directories when opened in windows client. How can you disable that? This might be my issue because the windows program I am using needs the directories not to be lock, and gives me the error the the directories are lock for write. Any ideas?? Thanks, Jess On Thu, Dec 15, 2011 at 11:55 PM, Daniel Müller wrote: > What are your rights from prompt: > > Ls -la yourshare > > Does other have drwxr-xr-x < > If your path is within another directory, other must have the x options > even > in the directory above. > This solved a nearly the same problem for me in CENTOS. > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] "getpeername failed" error when signed communicationspolicy enabled
Jeremy Allison wrote: On Wed, Dec 07, 2011 at 11:01:50AM +, Hilton, David wrote: Hi, I'm looking for help with an issue that we are seeing with the following configuration: We are using Samba (3.5.12-72.fc15) to share out CUPS printers from a Fedora 15 machine. However, a requirement of the system is that these printers are not directly visible from client systems (Windows 7 SP1 32-bit), so instead we are sharing them out from a Windows print server (Windows 2008 R2 SP1). So the clients connect to print queues on the Windows print server, which in turn forwards the print jobs on to CUPS. The issue we are seeing occurs when a policy change is made on the Windows 2008 R2 print server. If the "Microsoft network client: Digitally sign communications (always)" policy setting is enabled, we see the following behaviour: - Applications running on the print server can print normally. - Applications running on client machines fail to print. When a print job fails we see the following in the samba log for the client machine: [2011/12/07 10:43:23.381798, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [XXX] -> [XXX] -> [XXX] succeeded [2011/12/07 10:43:39.760399, 0] lib/util_sock.c:474(read_fd_with_timeout) [2011/12/07 10:43:39.760476, 0] lib/util_sock.c:1441(get_peer_addr_internal) getpeername failed. Error was Transport endpoint is not connected read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer. The smb.conf file that we are using is as follows: [global] #--authconfig--start-line-- # Generated by authconfig on 2011/12/05 17:22:13 # DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--) # Any modification may be deleted or altered by authconfig in future workgroup = LOW password server = LOWDC security = user idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = false winbind offline logon = false server signing = auto log level = 2 log file = /var/log/samba.log.%m max log size = 50 debug timestamp = yes #--authconfig--end-line-- load printers = yes printing = cups printcap name = cups [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes printer admin = root, @ntadmins, @smbprintadm use client driver = yes If the "Microsoft network client: Digitally sign communications (always)" setting is disabled it all works OK, but disabling this policy setting is not an allowed option at present. That sounds like a signing error - do you see such in the Samba logs ? Jeremy. I have the same message in samba log file, even though I set up "log level = 0". My Samba 3.4.5 PDC is listening on both ports 139 and 445 under CentOS 5.6 32bits. Here is the message: [2011/10/26 16:02:05, 0] lib/util_sock.c:539(read_fd_with_timeout) [2011/10/26 16:02:05, 0] lib/util_sock.c:1491(get_peer_addr_internal) getpeername failed. Error was Transport endpoint is not connected read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer. [2011/10/26 16:02:05, 0] lib/util_sock.c:1491(get_peer_addr_internal) getpeername failed. Error was Transport endpoint is not connected [2011/10/26 16:02:05, 0] lib/util_sock.c:1491(get_peer_addr_internal) getpeername failed. Error was Transport endpoint is not connected Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] join Samba 4 domain using likewise
Hi I successfully joined a win 7 vm to a Samba 4 domain. I can log fine. I'm now trying to add the server itself to the domain using likewise. It does not let me. The errors are: Error code: ERROR_GEN_FAILURE (0x001f) Backtrace: /builder/src-buildserver/BT-Platform-6.1/src/linux/domainjoin/domainjoin-gui/gtk/main.c:347 /builder/src-buildserver/BT-Platform-6.1/src/linux/domainjoin/libdomainjoin/src/djmodule.c:339 /builder/src-buildserver/BT-Platform-6.1/src/linux/domainjoin/libdomainjoin/src/djauthinfo.c:858 /builder/src-buildserver/BT-Platform-6.1/src/linux/domainjoin/libdomainjoin/src/djauthinfo.c:1241 Is it possible to join the server to the domain? Thanks Steve. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] oplocks issue when trying to copy file
Hello everyone, I would like to follow up on the thread "[Samba] oplocks issue when trying to copy file", which I found while googling for a problem. We have the same setup and problem mentioned in that thread: Our Samba server (version 3.5.12) exports a share that was mounted via NFS from another machine. We are using SUSE Linux Enterprise and this setup used to work with "kernel oplocks = yes" in SLES10, but not in SLES11SP1. I did some research and found that the kernel commit http://kernel.opensuse.org/cgit/kernel/commit/?h=SLE11-SP1&id=dd143426eaaadea159c8dd2d3c9ff5e9da94bcfd mentioned in this thread is included in SLES11SP1 kernel 2.6.32.29. So I downgraded to SLES11SP1 2.6.32.12 on a test-machine and can confirm that the problem goes away with kernel oplocks turned on! As a workaround, one can disable kernel oplocks or use the "-o nolock" option when mounting via NFS. I guess this kernel regression should be reported to Novell. I can provide the samba-level-10 logfiles for 2.6.32.12 (working) and 2.6.32.29 (not working). Best regards, -- Dipl.-Ing. Joschi Brauchle, M.Sc. Institute for Communications Engineering (LNT) Technische Universitaet Muenchen (TUM) 80290 Munich, Germany Tel (work): +49 89 289-23474 Fax (work): +49 89 289-23490 E-mail: joschi.brauc...@tum.de Web: http://www.lnt.ei.tum.de/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] XP SP3 can't authenticate
XP will not require in registry edits for samba 3 (at least samba 3.0.x through 3.5.x) Machines names should end in "$" # pdbedit -Lv opus$ smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=XX))] smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server init_sam_from_ldap: Entry found for user: OPUS$ init_group_from_ldap: Entry found for group: 515 Unix username:OPUS$ NT username: OPUS$ Account Flags:[W ] User SID: S-1-5-21-xxx-xxx-xxx- Primary Group SID:S-1-5-21-xxx-xxx-xxx-515 Full Name:OPUS$ . Logon time: 0 Logoff time: never Kickoff time: never Password last set:Wed, 23 Nov 2011 14:03:47 EST Password can change: Wed, 23 Nov 2011 14:03:47 EST Password must change: Fri, 22 Nov 2013 14:03:47 EST Last bad password : 0 Bad password count : 0 Logon hours : FF # On 12/15/2011 12:52 PM, Hervé Hénoch wrote: Here is the result of net groupmap list Domain Admins (S-1-5-21-1031258178-388409940-3248586695-512) -> Domain Admins Domain Users (S-1-5-21-1031258178-388409940-3248586695-513) -> Domain Users Domain Guests (S-1-5-21-1031258178-388409940-3248586695-514) -> nogroup Domain Computers (S-1-5-21-1031258178-388409940-3248586695-515) -> Domain Computers Administrators (S-1-5-32-544) -> Administrators Account Operators (S-1-5-32-548) -> Account Operators Print Operators (S-1-5-32-550) -> Print Operators Backup Operators (S-1-5-32-551) -> Backup Operators Replicators (S-1-5-32-552) -> Replicators It is seems ok. Here is the result of pdbedit -Lv of the user "pharma" which can't enter in the session : pdbedit -Lv | grep pharma init_sam_from_ldap: Entry found for user: pharma Unix username:pharma NT username: pharma Logon Script: pharma.bat Can it be a problem in the register of windows ? The machine is a XP Pro SP3 ... Regards Le 15/12/2011 17:40, Gaiseric Vandal a écrit : It might be an issues with group mappings (for the well know groups.) Can you verify that the " net groupmap list" shows at a minimum "Domain Users" and "Domain Admins." If you login as Administrator, can you can network users or groups to the local "Users" group? Does "pdbedit -Lv" show the computer account on the PDC. Does "getent passwd" shows the computer account on the PDC? On 12/15/2011 11:16 AM, Hervé Hénoch wrote: Hello, I have a strange problem. I've re-included a XP SP3 pro in my samba domain. Only the administrators can authenticate and enter in a windows session. All other users can't. smb version : 3.3.5 Any help would be appreciate ... regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba