Re: [Samba] net ads join disable dns update
Been there: 1. Compile Samba by yourself, remove WITH_DNS_UPDATE flag. 2. Disallow "allow insecure update" from DNS server. 3. Edit /etc/hosts, use shortname for your Samba server, then upon "net ads join " it will complain domain name not found hence will not update DNS. Cheers -David 2012/2/4 dalege dalege > > > We have a couple oracle RAC servers that we install samba/winbind on. > These servers require multiple NIC's / IP's. > > The problem is when we do "net ads join" it updates windows DNS and really > screws us up because seven IP's get put into DNS, all tied to the same > host, including the interconnect IP's which oracle insists needs to be > 169.254.x.x addresses. Because of the way the company is setup, we cannot > disable DNS update on the windows server. The company relies on it for most > of the machines. > > We are using the 3.5.12-44 rpms from ftp.sernet.de. > > I have Googled this for awhile now, and what I've found is that Samba > should be recompiled with the the "--with-dnsupdate" flag. This really > isn't an option for us. I've also seen that if its in an smb cluster > auto-update will disable. I've also seen a lot of complaints about this and > a reference saying that a command line option was going to be added similar > to "net ads join --disable-dns-update" but that doesn't appear to have been > implemented. > > So, the question is, is there entry that can be put in smb.conf, a command > line option, startup option, anything (other then recompiling) that can > disable dns auto update? > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] net ads join disable dns update
We have a couple oracle RAC servers that we install samba/winbind on. These servers require multiple NIC's / IP's. The problem is when we do "net ads join" it updates windows DNS and really screws us up because seven IP's get put into DNS, all tied to the same host, including the interconnect IP's which oracle insists needs to be 169.254.x.x addresses. Because of the way the company is setup, we cannot disable DNS update on the windows server. The company relies on it for most of the machines. We are using the 3.5.12-44 rpms from ftp.sernet.de. I have Googled this for awhile now, and what I've found is that Samba should be recompiled with the the "--with-dnsupdate" flag. This really isn't an option for us. I've also seen that if its in an smb cluster auto-update will disable. I've also seen a lot of complaints about this and a reference saying that a command line option was going to be added similar to "net ads join --disable-dns-update" but that doesn't appear to have been implemented. So, the question is, is there entry that can be put in smb.conf, a command line option, startup option, anything (other then recompiling) that can disable dns auto update? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Prevent smbd from consulting winbindd
a.key wrote: > Can't you just disable winbind from nssswitch ? I don't use winbind in nsswitch. Sorry, you misunderstood the whole thread. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5 & CIFS mounts - long standing issue...
On 02/03/2012 03:44 PM, Shirish Pargaonkar wrote: On Fri, Feb 3, 2012 at 6:13 AM, Jakov Sosic wrote: Hi. I can see that this is a long long standing issue... Apparently things changed in Windows 2008 R2, and after upgrade of domain from R1 to R2 cifs mounts don't work anymore between Linux servers. Windows can see Samba shares and mount them, but CIFS on another Linux box cannot... Here is a thread with explanation in lenght: http://ubuntuforums.org/showthread.php?t=1178484 I get the exact same logs and errors... I've tested with smbclient and everything works but with CIFS - no way :( Has anybody succeded in solving this one? Mount with CIFS: # mount -t cifs //server/share /mnt -o username=jakov.sosic,password=***,domain=mydomain -v mount.cifs kernel mount options: unc=//server\share,ver=1,username=jakov.sosic,domain=mydomain,ip=xxx.xxx.xxx.xxx,pass= mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) Login with smbclient: # smbclient -U jakov.sosic //server/share Enter Administrator's password: Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.5.4-0.83.el5_7.2] smb: \> I've tried adding various mount parameters like sec=ntlmv2, credentials=/path/to/file, but every attempt fails. Any ideas?!?!! Samba is version 3.5.4 on CentOS 5.7 on both Linux machines. Hm, it seems to be working now... I've added the following to smb.conf on the server: "map untrusted to domain = yes" restarted samba, tried - it wouldn't work. Removed that line, restarted again, tried again, now it works... Also, domain should be noted in lowercase. Don't know what fixed it ... Also if you have hidden share (with $ at the end of the name), you shouldn't escape it in /etc/fstab or in automount maps. PS: # modinfo cifs filename: /lib/modules/2.6.18-274.7.1.el5/kernel/fs/cifs/cifs.ko version:1.60RH description:VFS to access servers complying with the SNIA CIFS Specification e.g. Samba and Windows license:GPL author: Steve French srcversion: CB01A53173C481FE5E6FF69 depends: vermagic: 2.6.18-274.7.1.el5 SMP mod_unload gcc-4.1 parm: CIFSMaxBufSize:Network buffer size (not including header). Default: 16384 Range: 8192 to 130048 (int) parm: cifs_min_rcv:Network buffers in pool. Default: 4 Range: 1 to 64 (int) parm: cifs_min_small:Small network buffers in pool. Default: 30 Range: 2 to 256 (int) parm: cifs_max_pending:Simultaneous requests to server. Default: 50 Range: 2 to 256 (int) module_sig: 883f3504ea08a83e35359b9fcadd15112127009f5cd5f84520a7fe8b58314afabd51ca0b12cf0760a0cdb12f7ec2dd33a5f842dcc57d643245b5f434 -- Jakov Sosic www.srce.unizg.hr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Prevent smbd from consulting winbindd
Can't you just disable winbind from nssswitch ? On 28/01/12 11:45, Victor Sudakov wrote: Harry Jede wrote: I am running smbd in a setup described in http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.h tml#id2604553 under "Winbind is not used; users and groups are local". Samba is running in the security=domain mode, Do you have a PDC with the same setup? The PDC is a Windows 2000 (sic!) server. I cannot change that. Are you syncing uid/gid manually? I keep Unix uid/gid on Unix and don't want any Winbind-generated uids or gids. All I want is a Windows user MYDOMAIN\johndoe to be mapped to the unix user johndoe whose Unix uid is 2000 in /etc/passwd. This is exactly what happens when winbinnd is not started. [dd] Now I need to run winbindd for Squid authentication. The problem is, as soon as I start winbindd, smbd begins consulting it so you are running smbd and winbind an squid on the same machine Yes. and all Windows users start receiving uids/gids different from those in /etc/passwd. Thats quite normal. Thats undesirable. How do I prevent smbd from consulting winbindd and make it use the old /etc/passwd mechanism for uids? I do not know. I believe it's not possible. Run smbd on one machine with NIS or LDAP, winbind for squid on an other machine. This is an obvious solution, I will do that if I find no other way. But how does smbd communicate with winbindd? Can I hide them from each other? is "auth methods = ntdomain" or "auth methods = trustdomain" not what I want? Which of the auth methods does smbd use when it cannot find a functional winbindd? Alternatively you may try to run winbind with an own smb.conf This may be a good idea but how do I hide winbindd (even running with its own smb.conf) from smbd? How does it communicate with smbd? if you wish to try this, you may start with a new setup. I have done this tree times with LDAP as backend, it works. If you need more details, I can write a step-by-step guide, maybe next week. I don't need a step-by-step guide but I would appreciate an explanation how to hide smbd and winbindd from each other other than running them on different hosts. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.5 & CIFS mounts - long standing issue...
Hi. I can see that this is a long long standing issue... Apparently things changed in Windows 2008 R2, and after upgrade of domain from R1 to R2 cifs mounts don't work anymore between Linux servers. Windows can see Samba shares and mount them, but CIFS on another Linux box cannot... Here is a thread with explanation in lenght: http://ubuntuforums.org/showthread.php?t=1178484 I get the exact same logs and errors... I've tested with smbclient and everything works but with CIFS - no way :( Has anybody succeded in solving this one? Mount with CIFS: # mount -t cifs //server/share /mnt -o username=jakov.sosic,password=***,domain=mydomain -v mount.cifs kernel mount options: unc=//server\share,ver=1,username=jakov.sosic,domain=mydomain,ip=xxx.xxx.xxx.xxx,pass= mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) Login with smbclient: # smbclient -U jakov.sosic //server/share Enter Administrator's password: Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.5.4-0.83.el5_7.2] smb: \> I've tried adding various mount parameters like sec=ntlmv2, credentials=/path/to/file, but every attempt fails. Any ideas?!?!! Samba is version 3.5.4 on CentOS 5.7 on both Linux machines. -- Jakov Sosic www.srce.unizg.hr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba