Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On 06/10/12 17:11, steve wrote: Hi I have folder redirection working fine in XP. I see that W7 has taken the same configuration as I made in XP. Here is a screenshot: http://dl.dropbox.com/u/45150875/gpo.png Unfortunately, on w7, whilst the roaming profile is correctly set, there is no folder redirection. Nothing appears in the \\hh1\USERS folder for the user who has logged in. Upon opening the GPO editor as Administrator in W7, I get an error message about AD and sysvol permissions: 'The permissions for this GPO in the SYSVOL folder are inconsistent with those in ctive Directory. (...) To change the SYSVOL permissions to those in Active Directory, click OK.' Clicking OK gives 'Access is Denied. I then ran samba-tool ntacl sysvolreset and restarted the GPO editor. It then opened without the error:) The settings appear exactly as I set them on XP but are not honoured in W7. The share for the redirected folders says it's offline. There is an offline tab where the security tab normally is under the share properties. Relevant? Can anyone help me trace what's wrong? Cheers, Steve Further tests show using the windows 'set' command, that the policy is only being applied to Administrator. IOW, 'APPDATA' is being redirected to the server. Everyone else still has the local Roaming folder for appdata. I have run gpupdate /force but still no folder redirection for users. Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On Sun, 2012-10-07 at 10:07 +0200, steve wrote: On 06/10/12 17:11, steve wrote: Hi I have folder redirection working fine in XP. I see that W7 has taken the same configuration as I made in XP. Here is a screenshot: http://dl.dropbox.com/u/45150875/gpo.png Unfortunately, on w7, whilst the roaming profile is correctly set, there is no folder redirection. Nothing appears in the \\hh1\USERS folder for the user who has logged in. Upon opening the GPO editor as Administrator in W7, I get an error message about AD and sysvol permissions: 'The permissions for this GPO in the SYSVOL folder are inconsistent with those in ctive Directory. (...) To change the SYSVOL permissions to those in Active Directory, click OK.' Clicking OK gives 'Access is Denied. I then ran samba-tool ntacl sysvolreset and restarted the GPO editor. It then opened without the error:) The settings appear exactly as I set them on XP but are not honoured in W7. The share for the redirected folders says it's offline. There is an offline tab where the security tab normally is under the share properties. Relevant? Can anyone help me trace what's wrong? Cheers, Steve Further tests show using the windows 'set' command, that the policy is only being applied to Administrator. IOW, 'APPDATA' is being redirected to the server. Everyone else still has the local Roaming folder for appdata. I have run gpupdate /force but still no folder redirection for users. Thanks, Steve Look for file permission errors in the network trace when accessing the GPO. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Having problem with Samba Internal DNS
Hello All, I've just installed the new samba 4 from git. the version is: Version 4.1.0pre1-GIT-8287938 My system is centos 6.3. I was following the Samba4/HOWTO, but when I reach the Testing/Debugging Dynamic DNS Updates level, and run /usr/local/samba/sbin/samba_dnsupdate --verbose --all-names, it failed with: ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Calling nsupdate for SRV _gc._tcp.default-first-site-name._sites.officedom.rak ramoffice.officedom.rak 3268 Outgoing update query: ;; -HEADER- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _gc._tcp.default-first-site-name._sites.officedom.rak. 900 IN SRV 0 100 3268 ramoffice.officedom.rak. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Failed update of 21 entries furthermore, after my installation, I've noticed some missing files like: /usr/local/samba/private/dns.keytab /usr/local/samba/private/dns /usr/local/samba/private/dns/${MYREALM}.zone samba4.te do anyone know why I do not have those files in my installation directories? Thanks beforehand, Inno. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On 07/10/12 10:52, Andrew Bartlett wrote: On Sun, 2012-10-07 at 10:07 +0200, steve wrote: On 06/10/12 17:11, steve wrote: Hi I have folder redirection working fine in XP. I see that W7 has taken the same configuration as I made in XP. Here is a screenshot: http://dl.dropbox.com/u/45150875/gpo.png Unfortunately, on w7, whilst the roaming profile is correctly set, there is no folder redirection. Nothing appears in the \\hh1\USERS folder for the user who has logged in. Upon opening the GPO editor as Administrator in W7, I get an error message about AD and sysvol permissions: 'The permissions for this GPO in the SYSVOL folder are inconsistent with those in ctive Directory. (...) To change the SYSVOL permissions to those in Active Directory, click OK.' Clicking OK gives 'Access is Denied. I then ran samba-tool ntacl sysvolreset and restarted the GPO editor. It then opened without the error:) The settings appear exactly as I set them on XP but are not honoured in W7. The share for the redirected folders says it's offline. There is an offline tab where the security tab normally is under the share properties. Relevant? Can anyone help me trace what's wrong? Cheers, Steve Further tests show using the windows 'set' command, that the policy is only being applied to Administrator. IOW, 'APPDATA' is being redirected to the server. Everyone else still has the local Roaming folder for appdata. I have run gpupdate /force but still no folder redirection for users. Thanks, Steve Look for file permission errors in the network trace when accessing the GPO. Andrew Bartlett Hi Andrew I did a wireshark of a user called steve2 logging on and off: http://dl.dropbox.com/u/45150875/logon The folder to which the gpo should redirect to, \\hh1\USERS, is mentioned only once, all the other SMB2 traces refer to the steve2.V2 profile folder. I have Application Data redirected to \\hh1\USERS 'set' shows APPDATA is still local to the client. The gpo works fine on XP but fails for all users other than Administrator on W7. 'set' for Administrator shows the redirection to the server share at \\hh1\USERS\Administrator\Application Data. For Administrator nothing is written to the share, but I think this is because Administrator does not have a uidNumber nor gidNumber. Any help most gretfuly received. Cheers, Steve This works fine on XP but fails on W7. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On 07/10/12 12:58, steve wrote: On 07/10/12 10:52, Andrew Bartlett wrote: On Sun, 2012-10-07 at 10:07 +0200, steve wrote: On 06/10/12 17:11, steve wrote: Hi I have folder redirection working fine in XP. I see that W7 has taken the same configuration as I made in XP. Here is a screenshot: http://dl.dropbox.com/u/45150875/gpo.png Unfortunately, on w7, whilst the roaming profile is correctly set, there is no folder redirection. Nothing appears in the \\hh1\USERS folder for the user who has logged in. Upon opening the GPO editor as Administrator in W7, I get an error message about AD and sysvol permissions: 'The permissions for this GPO in the SYSVOL folder are inconsistent with those in ctive Directory. (...) To change the SYSVOL permissions to those in Active Directory, click OK.' Clicking OK gives 'Access is Denied. I then ran samba-tool ntacl sysvolreset and restarted the GPO editor. It then opened without the error:) The settings appear exactly as I set them on XP but are not honoured in W7. The share for the redirected folders says it's offline. There is an offline tab where the security tab normally is under the share properties. Relevant? Can anyone help me trace what's wrong? Cheers, Steve Further tests show using the windows 'set' command, that the policy is only being applied to Administrator. IOW, 'APPDATA' is being redirected to the server. Everyone else still has the local Roaming folder for appdata. I have run gpupdate /force but still no folder redirection for users. Thanks, Steve Look for file permission errors in the network trace when accessing the GPO. Andrew Bartlett Hi Andrew I did a wireshark of a user called steve2 logging on and off: http://dl.dropbox.com/u/45150875/logon The folder to which the gpo should redirect to, \\hh1\USERS, is mentioned only once, all the other SMB2 traces refer to the steve2.V2 profile folder. I have Application Data redirected to \\hh1\USERS 'set' shows APPDATA is still local to the client. The gpo works fine on XP but fails for all users other than Administrator on W7. 'set' for Administrator shows the redirection to the server share at \\hh1\USERS\Administrator\Application Data. For Administrator nothing is written to the share, but I think this is because Administrator does not have a uidNumber nor gidNumber. Any help most gretfuly received. Cheers, Steve This works fine on XP but fails on W7. OK Getting a bit closer: The share \\hh1\USERS is not accessible by users, neither can I set the security on it as Administrator because the security tab has been replaced by 'offline files'. The underlying POSIX share is /home2/USERS and it is 0777, global RW. Summary: In W7, users cannot access the share. Question: how can I remove the offline files and get a security tab back? THanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On 07/10/12 16:02, steve wrote: On 07/10/12 12:58, steve wrote: On 07/10/12 10:52, Andrew Bartlett wrote: On Sun, 2012-10-07 at 10:07 +0200, steve wrote: On 06/10/12 17:11, steve wrote: Hi I have folder redirection working fine in XP. I see that W7 has taken the same configuration as I made in XP. Here is a screenshot: http://dl.dropbox.com/u/45150875/gpo.png Unfortunately, on w7, whilst the roaming profile is correctly set, there is no folder redirection. Nothing appears in the \\hh1\USERS folder for the user who has logged in. Upon opening the GPO editor as Administrator in W7, I get an error message about AD and sysvol permissions: 'The permissions for this GPO in the SYSVOL folder are inconsistent with those in ctive Directory. (...) To change the SYSVOL permissions to those in Active Directory, click OK.' Clicking OK gives 'Access is Denied. I then ran samba-tool ntacl sysvolreset and restarted the GPO editor. It then opened without the error:) The settings appear exactly as I set them on XP but are not honoured in W7. The share for the redirected folders says it's offline. There is an offline tab where the security tab normally is under the share properties. Relevant? Can anyone help me trace what's wrong? Cheers, Steve Further tests show using the windows 'set' command, that the policy is only being applied to Administrator. IOW, 'APPDATA' is being redirected to the server. Everyone else still has the local Roaming folder for appdata. I have run gpupdate /force but still no folder redirection for users. Thanks, Steve Look for file permission errors in the network trace when accessing the GPO. Andrew Bartlett Hi Andrew I did a wireshark of a user called steve2 logging on and off: http://dl.dropbox.com/u/45150875/logon The folder to which the gpo should redirect to, \\hh1\USERS, is mentioned only once, all the other SMB2 traces refer to the steve2.V2 profile folder. I have Application Data redirected to \\hh1\USERS 'set' shows APPDATA is still local to the client. The gpo works fine on XP but fails for all users other than Administrator on W7. 'set' for Administrator shows the redirection to the server share at \\hh1\USERS\Administrator\Application Data. For Administrator nothing is written to the share, but I think this is because Administrator does not have a uidNumber nor gidNumber. Any help most gretfuly received. Cheers, Steve This works fine on XP but fails on W7. OK Getting a bit closer: The share \\hh1\USERS is not accessible by users, neither can I set the security on it as Administrator because the security tab has been replaced by 'offline files'. The underlying POSIX share is /home2/USERS and it is 0777, global RW. Summary: In W7, users cannot access the share. Question: how can I remove the offline files and get a security tab back? THanks, Steve Hi Steve, a quick google finds: http://www.sevenforums.com/tutorials/48829-offline-files-enable-disable-use.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Roaming Profiles under Linux clients
On Thu, Oct 4, 2012 at 10:29 PM, Mario Codeniera mario.codeni...@gmail.com wrote: Any ideas how to implement roaming profile under Linux as the clients? pam_csync http://www.csync.org/ seems to be pretty close to a direct feature-equivalent for linux. though such a thing is not always appropriate, nfs or pam_mount will be faster and easier to maintain if you don't need the clients to be able to work off-line. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On 07/10/12 17:14, Rowland Penny wrote: On 07/10/12 16:02, steve wrote: On 07/10/12 12:58, steve wrote: On 07/10/12 10:52, Andrew Bartlett wrote: On Sun, 2012-10-07 at 10:07 +0200, steve wrote: On 06/10/12 17:11, steve wrote: Hi Steve, a quick google finds: http://www.sevenforums.com/tutorials/48829-offline-files-enable-disable-use.html Hi Rowland Thanks for that. I've now got a security tab back. But still no folder redirection:( Not given up yet. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
On 07/10/12 17:37, steve wrote: On 07/10/12 17:14, Rowland Penny wrote: On 07/10/12 16:02, steve wrote: On 07/10/12 12:58, steve wrote: On 07/10/12 10:52, Andrew Bartlett wrote: On Sun, 2012-10-07 at 10:07 +0200, steve wrote: On 06/10/12 17:11, steve wrote: Hi Steve, a quick google finds: http://www.sevenforums.com/tutorials/48829-offline-files-enable-disable-use.html Hi Rowland Thanks for that. I've now got a security tab back. But still no folder redirection:( Having the security tab back on \\hh1\USERS now gives everyone permission to enter and create files in the share and now Administrator has his Application Data redirected to the share. He has a file under \\hh1\USERS as per the GPO. However, ordinary users, whilst able to read and write the share do not have their Application Data redirected. Still works fine for all users with XP but not W7. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 and zarafa 7.x
Hi Louis, i think yo can store the needed zarafa information inside samba4. And with the zarafaads.exe you can install the zarafa bits in the ads.msc mangament console on each windows machine from which you want to change zarafa-enabled users. But I think the community edition of zarafa is not able to authenticate against this AD setup. According [1] you will need at least the Small Business edition to use the Active Directory features. As even the low price is too much for me i will try to achieve it with zentyal [2]. Maybe this can be interesting and helpful for you too. Greetings, Markus [1] http://www.zarafa.com/content/editions [2] http://www.zentyal.org/ On Wed, October 3, 2012 12:05, L.P.H. van Belle wrote: Hai, I was wondering, has anybody tried the sernet samba 4 applicance of installed the deb files of the appliance on a debian (squeeze) server, in combination with zarafa and if so, whats the experiance. I want to move my samba 3 pdc to samba 4 AD ( on new server ) and i want to move my current zarafa server to samba4 integrated setup. which is in the applicance, as i saw here : https://community.zarafa.com/pg/plugins/project/9588/developer/tdeklein/samba4-ad-integration-for-zarafa my question is, do i need to install samba 4 on both servers the new ad-dc server and my zarafa server ? It would be really great if this is possible and im in test fase now, so i can try this, but i cant find any guideline for such setup. ( samba4+zarafa 7 ) Since zarafa is also free this would be a very cheap setup to run samba/fileserver zarafa/mailserver like exchange And Im running also squid proxy, is it easy to use the AD users of samba 4 to auth my proxy users? what i now have samba3 PDC+bdc + ldap replicated, 3 dnservers and want, is samba4, in about same setup. but with samba 4 ad with zarafa manageable in AD, 3 dns servers, auth for proxy ( squid/dansguardian ) , maybe apache2 server auth for users, but if i know how for squid, apache isnt the problem anymore. Wel any comment, tips, anything, on this would be nice. I'll will write a new howto for this setup, so i can replace my last howto, and in the future, gluster fs, and samba 4 ad replicated over wan to multple offices. This all wil be running on debian ( or squeeze of wheezy ). Thank you in advance, for the comments, Greetings, Louis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Markus Bajones Fachschaft Elektrotechnik Gußhausstraße 27-29, 1040 Wien 0043 (0)1-58801/49553 b...@fet.at -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Roaming Profiles under Linux clients
On Sun, Oct 7, 2012 at 6:44 PM, Michael Wood esiot...@gmail.com wrote: On 6 October 2012 17:13, steve st...@steve-ss.com wrote: On 06/10/12 11:14, Michael Wood wrote: On 5 October 2012 17:36, steve st...@steve-ss.com wrote: On 05/10/12 17:21, Michael Wood wrote: On 5 October 2012 13:14, steve st...@steve-ss.com wrote: [...] [...] Linux clients map whatever the [home] share points at to the unixHomeDirectory attribute. The latter can use either winbind or nslcd to pull the info from ldap. Let me know if you need any more detail. That doesn't sound like a roaming profile at all. No it isn't. The bit before it was. I mentioned it as we set it at the same time as the profile path in the directory. That's all. By the bit before that I assume you mean the LDAP and share changes? That would not magically make the client do anything. In particular it would not make them copy profiles to/from the server. That is why I was asking about configuration and software on the client and not the server, which you had already mentioned. Anyway, from what you and Rowland have said that is not possible with Linux clients. Of course roaming profiles may not be what you want and you could instead access everything directly over the network using e.g. NFS4 as you say. -- Michael Wood esiot...@gmail.com -- Thank you guys. You give me ideas on the alternative coz as you said it is not possible. Suppose to be I want the a particular user account's profiles, the same regardless where he/she login on a workstations (either Windows or Linux). As far I read some articles it loads faster when you first login on a new workstation (I dunno know if it really true as of the moment). At the same time backup of files on the server side. I use winbind and modify some configurations on the pam.d. I dunno have idea yet of Samba4 ldap. I bit confused on it, unless some will give idea on it. Do I need to setup ldap clients? and/or the correct configurations? coz in samba3 (as DC) you need it to pull out the data via TLS to make it secure. On Mon, Oct 8, 2012 at 4:32 AM, Chris Weiss cwe...@gmail.com wrote: pam_csync http://www.csync.org/ seems to be pretty close to a direct feature-equivalent for linux. though such a thing is not always appropriate, nfs or pam_mount will be faster and easier to maintain if you don't need the clients to be able to work off-line. I will try to use it, among those three if which is more efficient, pam_csync, nfs or pam_mount. Thanks again for the information. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Picking the right installer
Hello, I was suggested to use Samba by Plone people, meaning I hadn't heard about it before. It seems to be exactly what I have been looking for for some time, but I obviously am completely blank about Samba, so you will excuse my silly question, please. I want to install Samba on my server, but after over two hours searching the site, I found there are plenty of very useful documentation, but not enough tips for a newbie like me to start with. Follows what I have, so you can kindly tell me which installer I must download to start. Apache Linux server (Arvixe) PC running Windows 7 Ultimate with MS Office. My problem arises from the fact that after all the time spent searching and reading I did not understand whether the installers are recommended according to the server or to the PC-OS. Which one shall I use, please? Thank you very much for enlightening me. Cheers, Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Picking the right installer
On 07/10/12 21:58, Andrew wrote: Hello, I was suggested to use Samba by Plone people, meaning I hadn't heard about it before. It seems to be exactly what I have been looking for for some time, but I obviously am completely blank about Samba, so you will excuse my silly question, please. I want to install Samba on my server, but after over two hours searching the site, I found there are plenty of very useful documentation, but not enough tips for a newbie like me to start with. Follows what I have, so you can kindly tell me which installer I must download to start. Apache Linux server (Arvixe) PC running Windows 7 Ultimate with MS Office. My problem arises from the fact that after all the time spent searching and reading I did not understand whether the installers are recommended according to the server or to the PC-OS. Which one shall I use, please? Thank you very much for enlightening me. Cheers, Andrew Hi, this seems to be the third time you have posted this! I think I understand it now. ;-) You have a Linux server on which is running an Apache webserver you have a workstation that is running Windows 7 and some version of microsoft office You somehow want to connect the two together with this thing called 'plone' (I have never heard of this myself) and have been advised to use samba on the server. Is all the above correct? , if so, just how much of a connection do you need between the workstation and server and what Linux OS is running on the server. Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Picking the right installer
On Fri, Oct 5, 2012 at 12:34 PM, Jeremy Allison j...@samba.org wrote: On Fri, Oct 05, 2012 at 01:01:19AM +0100, Andrew wrote: Hello, Today, I was suggested to use Samba by Plone people, meaning I Hadn't heard of Samba before. It seems to be exactly what I have been looking for for some time, but I obviously am completely blank about Samba, so you will excuse my silly question, please. I want to install Samba on my server, but after over two hours searching the site, I found there are plenty of very useful documentation, but not enough tips for a newbie like me to start with. Follows what I have, so you can kindly tell me which installer I must download to start. Apache Linux server (Arvixe) PC running Windows 7 Ultimate with MS Office. My problem arises from the fact that after all the time spent searching and reading I did not understand whether the installers are recommended according to the server or to the PC-OS. Which one shall I use, please? Thank you very much for enlightening me. If you install a standard Linux distribution (the most popular are Red Hat, SuSE, Ubuntu or Debian) then it will include a Samba server package (or the ability to add one). I would start there if I were you. It's not necessarily automatically installed, and is usually grouped among server packages. Arvixe is, from casual checking, a web hosting company. If you're going to host a Samba server on a web host, do double check your contract to make sure that the contract allows that sort of service: it's very easy for someone thinking I'll just set up an FTP server/NFS server/Samba server to allow generous uploading and downloading of shared materials, and get in deep trouble because people abuse anonymous or poorly managed services for hosting warez or personnel material, and eat up all your bandwidth. Many web hosting companies set up a dedicated virtual host with FTP or other upload technologies for the website, and do *not* allow the running of other services because it's really only one host used by multiple virtual clients, not a real host for each client. Others block the ports for Samba and NFS as a matter of basic security: so do some ISP's, so it can take extra work to gain access to such a server. What, exactly, are you trying to achieve? And given that you are reviewing Plone, why? It's a bit confusing as to why an open source content management needs file system sharing like Samba, when freeware content management systems like git do a very good job of managing and especially of merging distributed source control. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Having problem with Samba Internal DNS
I have managed to make it work. De : Innocent Yevide inye...@yahoo.fr À : samba@lists.samba.org samba@lists.samba.org Envoyé le : Dimanche 7 octobre 2012 14h27 Objet : [Samba] Having problem with Samba Internal DNS Hello All, I've just installed the new samba 4 from git. the version is: Version 4.1.0pre1-GIT-8287938 My system is centos 6.3. I was following the Samba4/HOWTO, but when I reach the Testing/Debugging Dynamic DNS Updates level, and run /usr/local/samba/sbin/samba_dnsupdate --verbose --all-names, it failed with: ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Calling nsupdate for SRV _gc._tcp.default-first-site-name._sites.officedom.rak ramoffice.officedom.rak 3268 Outgoing update query: ;; -HEADER- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _gc._tcp.default-first-site-name._sites.officedom.rak. 900 IN SRV 0 100 3268 ramoffice.officedom.rak. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Failed update of 21 entries furthermore, after my installation, I've noticed some missing files like: /usr/local/samba/private/dns.keytab /usr/local/samba/private/dns /usr/local/samba/private/dns/${MYREALM}.zone samba4.te do anyone know why I do not have those files in my installation directories? Thanks beforehand, Inno. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 and zarafa 7.x
Hi Mat, hi Louis and everyone else. The sernet appliance installs the zarafa extensions if you want to, but does zarafa does work with it ? I do not know if you can use zarafa + samba4, as the zarafa homepage [1] states that you have to use at least the Zarafa Small Business Edition to be able to use the Active Directory toolkit. If anyone can give me proof my information is incorrect i would be glad, beacause it would mean i can use samba4 + zarafa as i had in my mind. Greetings, Markus. [1] http://www.zarafa.com/content/editions Am 07.10.12 22:11, schrieb m...@matws.net: Check the sernet appliance at the end of the installation it proposes to add the zarafa schema extensions. On Oct 7, 2012, at 8:55 AM, Markus Bajones b...@fet.at wrote: Hi Louis, i think yo can store the needed zarafa information inside samba4. And with the zarafaads.exe you can install the zarafa bits in the ads.msc mangament console on each windows machine from which you want to change zarafa-enabled users. But I think the community edition of zarafa is not able to authenticate against this AD setup. According [1] you will need at least the Small Business edition to use the Active Directory features. As even the low price is too much for me i will try to achieve it with zentyal [2]. Maybe this can be interesting and helpful for you too. Greetings, Markus [1] http://www.zarafa.com/content/editions [2] http://www.zentyal.org/ On Wed, October 3, 2012 12:05, L.P.H. van Belle wrote: Hai, I was wondering, has anybody tried the sernet samba 4 applicance of installed the deb files of the appliance on a debian (squeeze) server, in combination with zarafa and if so, whats the experiance. I want to move my samba 3 pdc to samba 4 AD ( on new server ) and i want to move my current zarafa server to samba4 integrated setup. which is in the applicance, as i saw here : https://community.zarafa.com/pg/plugins/project/9588/developer/tdeklein/samba4-ad-integration-for-zarafa my question is, do i need to install samba 4 on both servers the new ad-dc server and my zarafa server ? It would be really great if this is possible and im in test fase now, so i can try this, but i cant find any guideline for such setup. ( samba4+zarafa 7 ) Since zarafa is also free this would be a very cheap setup to run samba/fileserver zarafa/mailserver like exchange And Im running also squid proxy, is it easy to use the AD users of samba 4 to auth my proxy users? what i now have samba3 PDC+bdc + ldap replicated, 3 dnservers and want, is samba4, in about same setup. but with samba 4 ad with zarafa manageable in AD, 3 dns servers, auth for proxy ( squid/dansguardian ) , maybe apache2 server auth for users, but if i know how for squid, apache isnt the problem anymore. Wel any comment, tips, anything, on this would be nice. I'll will write a new howto for this setup, so i can replace my last howto, and in the future, gluster fs, and samba 4 ad replicated over wan to multple offices. This all wil be running on debian ( or squeeze of wheezy ). Thank you in advance, for the comments, Greetings, Louis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Markus Bajones Fachschaft Elektrotechnik Gußhausstraße 27-29, 1040 Wien 0043 (0)1-58801/49553 b...@fet.at -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Hi Louis, i think yo can store the needed zarafa information inside samba4. And with the zarafaads.exe you can install the zarafa bits in the ads.msc mangament console on each windows machine from which you want to change zarafa-enabled users. But I think the community edition of zarafa is not able to authenticate against this AD setup. According [1] you will need at least the Small Business edition to use the Active Directory features. As even the low price is too much for me i will try to achieve it with zentyal [2]. Maybe this can be interesting and helpful for you too. Greetings, Markus [1] http://www.zarafa.com/content/editions [2] http://www.zentyal.org/ On Wed, October 3, 2012 12:05, L.P.H. van Belle wrote: Hai, I was wondering, has anybody tried the sernet samba 4 applicance of installed the deb files of the appliance on a debian (squeeze) server, in combination with zarafa and if so, whats the experiance. I want to move my samba 3 pdc to samba 4 AD ( on new server ) and i want to move my current zarafa server to samba4 integrated setup. which is in the applicance, as i saw here : https://community.zarafa.com/pg/plugins/project/9588/developer/tdeklein/samba4-ad-integration-for-zarafa my question is, do i need to install samba 4 on both servers the new ad-dc server and my zarafa server ? It would be really great if this is possible and im in test fase now, so i can try this, but i cant find any guideline for such setup. (
Re: [Samba] Internal DNS stops forwarding
On 10/05/2012 06:08 AM, fe...@epepm.cupet.cu wrote: Ok we found some bugs that could lead to a frozen dns server can you try rc2? Matthieu. Happened again with rc2 but found that at the same time this error shows every second: [2012/10/05 09:01:39, 0] ../source4/smbd/process_single.c:56(single_accept_connection) single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES After restarting everything is OK, but it happened yesterday though I didn't notice it was at the same time the dns error and this too many opened files. Next time when it happens can you do this: netstat -anp | grep 53 to get the pid of the samba process that is listening on port 53 then do gdb -p pid bt full thread apply all bt full info locals generate-core-file /tmp/core_for_dns And send to the list the info, keep the corefile in a safe place and send it upon request to one of the samba developer. Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: Folder Redirection GPO not working with Windows 7
Steve Hi Rowland Thanks for that. I've now got a security tab back. But still no folder redirection:( Having the security tab back on \\hh1\USERS now gives everyone permission to enter and create files in the share and now Administrator has his Application Data redirected to the share. He has a file under \\hh1\USERS as per the GPO. However, ordinary users, whilst able to read and write the share do not have their Application Data redirected. Still works fine for all users with XP but not W7. Obviously the biggest change between XP and Seven is the fact that seven will use smb 2.x by default when XP can do smb/cifs. So you have to carefully look at the SMB2 trace between your client and the samba server when doing it with an admininistrator (which works if I understood your emails) and a normal user. Most probably our fileserver either deny someting to simple users or didn't answer correctly. For this you'll need to use wireshark. Once you have more information we might be able to help you, providing information + traces (if no sensitive information) might help even more. Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Internal DNS replication and how to fix
On 10/05/2012 07:57 AM, Brett Rowley wrote: Hi All, First, off I'm a bit of a n00b w/Samba4 so I'll apologize ahead of time if any of this seems obvious/trivial. I'm working with Samba RC1 tar build and trying to get DNS replication working. Right how I get the following under --snip-- KCC CONNECTION OBJECTS Connection -- Connection name: fa253d86-3549-4208-ab29-a0d702ccdb02 Enabled: TRUE Server DNS name : target.OwnerIQ.local Server DN name : CN=NTDS Settings,CN=TARGET,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local TransportType: RPC options: 0x0001 Warning: No NC replicated for Connection! Is it the result of repadmin ? Can you send it in total ? Can you do samba-tool drs showrepl on the samba server ? I only have one server running W2k3 SP1. I have trolled Google and read that both the internal DNS does not replicate some objects and that dynamic updates are not fully functional. The updates are fixed as for the non replication of some object I never heard of it at least not on purpose. But, even after reading a bunch of documents, it's not clear /how/I fix that. I've read that the replication is not complete on a additional DC and that it has to be done manually. Not sure if that has anything to do with the samba_upgradedns command (which I ran, it complained about not having a zone file in /usr/local/samba/private/dns but all else seemed well). So for the moment when a second samba DC joins an active directory domain it didn't replicate the dns zones by default I also ran samba_dnsupdate --verbose and while that seemed alright, I did notice: schema_fsmo_init: we are master[no] updates allowed[no] Skipping PDC entry (SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN} That's normal most probably the FSMO for PDC is on you windows DC. Shouldn't updates allowed be yes if I added allow dns updates = true no you should use allow dns updates = signed but it should be the default now. in smb.conf? One final note, I do have my resolv.conf pointing to my Win2k3 as the first DNS server. That shouldn't be too much of a problem. My end goal is to replace the 2k3 server with Samba4 so, either way, if internal DNS is not an option right now because it hasn't matured, I'm tempted, based on what I've read, to try BIND to get around the internal problems. I have that built with Bind 9.8.3 with the following: ./configure --prefix=/var/named --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexe --sharedstatedir=/var/lib --with-libtool --enable-threads --with-dlopen --with-gssapi I would be willing to try the switch over but, while it's clear how to switch the backend (--/dns/-/backend=/BIND_DLZ) when provisioning Samba, how would I do this from a join perspective? Thanks in advance for any help! So I'm not too surprised that you run in such trouble for applications partitions as we have some bugs in the way we mark application partitions: 9200 9201 https://bugzilla.samba.org/show_bug.cgi?id=9201 https://bugzilla.samba.org/show_bug.cgi?id=9200 All of this should be resolvable hopefully. Matthieu -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] High load while printing a Word document
Alexander Busam schrieb: Hello! Sometimes I have problems printing a particular Word document on a Windows XP machine. The printing takes very long and the server load/CPU are very high. For testing I set the log level = 3 printdrivers:10 and got an STATUS_BUFFER_OVERFLOW error (see logfile-extract below) On the client side I use MS Office 2003 SP3 and Windows XP SP3. With Windows 7 all works fine. The postscript-driver of Lexmark X464 is configured as point-and-click. Samba 3.6.7 is configured as PDC on OpenSuSE 10.3. I've attached the log.smbd and smb.conf as zip-file. The word document is too big (272 kb). If it is needed for testing I can send directly. Probably the eps-part of the picture in the header of the word-document is the problem. Is it possible to config/fix samba to avoid this problem ? Thanks a lot. Alex extract of log.smbd: [2012/08/27 11:07:16.205463, 3] rpc_server/srv_pipe.c:1626(api_rpcTNP) api_rpcTNP: rpc command: SPOOLSS_ADDJOB [2012/08/27 11:07:16.205706, 3] smbd/error.c:81(error_packet_set) error packet at smbd/ipc.c(137) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW [2012/08/27 11:07:16.208747, 3] smbd/process.c:1662(process_smb) Transaction 149 of length 63 (0 toread) [2012/08/27 11:07:16.208959, 3] smbd/process.c:1467(switch_message) switch message SMBreadX (pid 30185) conn 0x80936638 .. any idea ? -- Mit freundlichen Grüßen Dipl.-Inform. Med. Alexander Busam *Hofmann Fördertechnik GmbH* Vertragshändler Linde Material Handling Silcherstraße 34 74172 Neckarsulm Germany Telefon: +49.71 32.4 89-52 Telefax: +49.71 32.4 89-99 a.bu...@hofmann-foerdertechnik.com http://www.hofmann-foerdertechnik.com Sitz: Neckarsulm-Obereisesheim Vertretungsberechtigter: Gerhard Hofmann Handelsregister: Amtsgericht Stuttgart HRB 102047 Kaercher Leichtmuellsauger http://www.hofmann.stapler.de/de/dealer_hofmann/aktuelle_angebote_infoservice_5/newsdetail_1920.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2012-10-07-1635/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2012-10-07-1635/samba3.stderr http://git.samba.org/autobuild.flakey/2012-10-07-1635/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2012-10-07-1635/samba.stderr http://git.samba.org/autobuild.flakey/2012-10-07-1635/samba.stdout The top commit at the time of the failure was: commit 9fc42daf75d0eee9fd22e66a3eeb687b178e29e3 Author: Volker Lendecke v...@samba.org Date: Tue Oct 2 15:44:41 2012 +0200 s3: Add two tests a CLEAR_IF_FIRST crash Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Sat Oct 6 17:16:39 CEST 2012 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 899cdc4 ntdb: remove unused local variable. from 9fc42da s3: Add two tests a CLEAR_IF_FIRST crash http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 899cdc4503696cbe1030f3023fe259ce0740a55c Author: Rusty Russell ru...@rustcorp.com.au Date: Mon Oct 8 11:26:43 2012 +1030 ntdb: remove unused local variable. Reported-by: Matthieu Patou m...@samba.org Signed-off-by: Rusty Russell ru...@rustcorp.com.au Autobuild-User(master): Rusty Russell ru...@rustcorp.com.au Autobuild-Date(master): Mon Oct 8 04:43:37 CEST 2012 on sn-devel-104 --- Summary of changes: lib/ntdb/free.c |2 -- 1 files changed, 0 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ntdb/free.c b/lib/ntdb/free.c index 470c376..0d0e25f 100644 --- a/lib/ntdb/free.c +++ b/lib/ntdb/free.c @@ -683,7 +683,6 @@ static ntdb_off_t lock_and_alloc(struct ntdb_context *ntdb, while (off) { const struct ntdb_free_record *r; - ntdb_len_t len; ntdb_off_t next; r = ntdb_access_read(ntdb, off, sizeof(*r), true); @@ -715,7 +714,6 @@ static ntdb_off_t lock_and_alloc(struct ntdb_context *ntdb, multiplier *= 1.01; next = r-next; - len = frec_len(r); ntdb_access_release(ntdb, r); off = next; } -- Samba Shared Repository
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2012-10-08-0446/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2012-10-08-0446/samba3.stderr http://git.samba.org/autobuild.flakey/2012-10-08-0446/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2012-10-08-0446/samba.stderr http://git.samba.org/autobuild.flakey/2012-10-08-0446/samba.stdout The top commit at the time of the failure was: commit 9fc42daf75d0eee9fd22e66a3eeb687b178e29e3 Author: Volker Lendecke v...@samba.org Date: Tue Oct 2 15:44:41 2012 +0200 s3: Add two tests a CLEAR_IF_FIRST crash Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Sat Oct 6 17:16:39 CEST 2012 on sn-devel-104