Re: [Samba] Joining Samba RODC, NT_STATUS_NOT_SUPPORTED
On 10/12/2012 12:05 AM, Oguz Yilmaz wrote: RODC is Windows Server 2008 R2 Enterprise 7601 Service Pack 1. What do you suggest? We keep rodc as read only. How can I join and continue to auth and get user list over read only dc? Your first problem is the join, I think this can only be done with a RWDC. As for the day to day use I think it's possible to use a RODC but if you didn't allow the RODC to replicate then every auth request will be proxied from the RODC to the RWDC. The list of users will be served by the RODC directly. Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Group maping
Hi! Is it possible to manage local unix group membership from AD ??? I.e. I'd like to assign some domain users to unix "adm" group. I've tried with net groupmap, but without success - it looks that it maps unix groups to AD, but not opposite. best regards Jarek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 - setting acl rwx but getting r-x
On 11/10/12 22:36, Innocent Yevide wrote: Hi again, the situation here is more complicate that for any new folder created within the parent folder, I have run manually the setfacl. It is just not nice. Hi With: default:group:317:rwx any folder you create in the share should also become rwx so you need only run the setfacl once. Isn't that the case? Cheers, Steve Regards, Inno. *De :* Innocent Yevide *À :* steve *Cc :* "samba@lists.samba.org" *Envoyé le :* Jeudi 11 octobre 2012 23h37 *Objet :* Re: [Samba] samba4 - setting acl rwx but getting r-x Hi Steve, Thanks for answering. This is what I did for the time being. but it means anytime I will grant write permission to a user on shared folder (from windows), I will have come to Linux and run the below command. I was wondering may be I missed something to configure, or it is a bug. Best Regards, Inno. *De :* steve *À :* samba@lists.samba.org *Envoyé le :* Jeudi 11 octobre 2012 22h28 *Objet :* Re: [Samba] samba4 - setting acl rwx but getting r-x On 11/10/12 20:13, Innocent Yevide wrote: > Hello, > > > > I am having problem setting permission on shared folder: > > > the folder is datasamba/common and after I set full permission for a user itester (317) and also tester (318), I could see that it is only granting r-x to those users. but I could see from the default permissions that they have rwx. > 317 and 318 seem to be a groups. How about: setfacl -m g:317:rwx /datasamba/common Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How can I switch from internal dns server to bind9
> On Tue, 2012-10-09 at 17:18 -0400, fe...@epepm.cupet.cu wrote: >> > On 10/9/12, fe...@epepm.cupet.cu wrote: >> >> How can I switch from internal dns server to bind9??? >> > >> > Add into [global] section of smb.conf "server services = -dns". >> > Configure Bind (see named.* files which comes with samba) to use dlz >> > plugin or good old plain files (requires basic zone definition). >> > -- >> >> I guess it's not that easy. First, I added by hand the file named.conf >> to >> /usr/local/samba/private. Second the dlz complains: Failed to connect to >> /usr/local/samba/private/dns/sam.ldb and there is no such directory, >> instead sam.ldb is directly under /usr/local/samba/private/ > > Run samba_upgradedns to create the extra files and the account. > > Andrew Bartlett > Now that I'm using bind9 I have two sam.ldb and sam.ldb.d. One pair directly under /usr/local/samba/private/ and the other pair under /usr/local/samba/private/dns/ The last pair was created when I switched to bind9. Can I delete the pair directly under /private ??? Cheers, Felix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba-generated keytab fails with kinit
Hi, I have joined a HP-UX server to a Windows Server 2003 domain. Join and keytab creation were successful. The keytab entries look like this: $ klist -ek Keytab name: FILE:/etc/krb5.keytab KVNO Principal -- 2 host/hostname.sub.company@sub.company.net (DES cbc mode with CRC-32) 2 host/hostname.sub.company@sub.company.net (DES cbc mode with RSA-MD5) 2 host/hostname.sub.company@sub.company.net (ArcFour with HMAC/md5) 2 host/hostn...@sub.company.net (DES cbc mode with CRC-32) 2 host/hostn...@sub.company.net (DES cbc mode with RSA-MD5) 2 host/hostn...@sub.company.net (ArcFour with HMAC/md5) 2 cifs/hostname.sub.company@sub.company.net (DES cbc mode with CRC-32) 2 cifs/hostname.sub.company@sub.company.net (DES cbc mode with RSA-MD5) 2 cifs/hostname.sub.company@sub.company.net (ArcFour with HMAC/md5) 2 cifs/hostn...@sub.company.net (DES cbc mode with CRC-32) 2 cifs/hostn...@sub.company.net (DES cbc mode with RSA-MD5) 2 cifs/hostn...@sub.company.net (ArcFour with HMAC/md5) 2 HOSTNAME$@SUB.COMPANY.NET (DES cbc mode with CRC-32) 2 HOSTNAME$@SUB.COMPANY.NET (DES cbc mode with RSA-MD5) 2 HOSTNAME$@SUB.COMPANY.NET (ArcFour with HMAC/md5) 2 HOST/hostn...@sub.company.net (DES cbc mode with CRC-32) 2 HOST/hostn...@sub.company.net (DES cbc mode with RSA-MD5) 2 HOST/hostn...@sub.company.net (ArcFour with HMAC/md5) 2 HOST/hostname.sub.company@sub.company.net (DES cbc mode with CRC-32) 2 HOST/hostname.sub.company@sub.company.net (DES cbc mode with RSA-MD5) 2 HOST/hostname.sub.company@sub.company.net (ArcFour with HMAC/md5) Now, when I issue a kinit -k it fails with: kinit(v5): Client not found in Kerberos database while getting initial credentials This is obviously correct since kinit uses the first entry to authenticate and the KDC knows the UPN HOSTNAME$@SUB.COMPANY.NET only. So, is this order correct? Shouldn't the real UPN be the first entry? What will happen when I will use a C-based GSS client acquiring default credential (GSS_C_NO_CREDENTIAL) with the keytab? Will it pick up the correct entry? My system: bash $ uname -a HP-UX hostname B.11.31 U ia64 1788107473 unlimited-user license bash $ net --version Version 3.4.3 based HP CIFS Server A.03.01.05 Thanks, Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Removing keytab entries with net ads keytab
Hi folks, I have added a keytab entry to our Samba-generated keytab file with $ net ads keytab add HTTP and the SPN entry has been successfully added in the Active Directory as well as in the keytab file. Now, what if I want to remove that service now? There is no net ads keytab remove I do not intend to leave the domain and the join against or recreate the keytab. I could fiddle with ktutil but that won't remove the SPN in the Active Directory. My system: bash $ uname -a HP-UX hostname B.11.31 U ia64 1788107473 unlimited-user license bash $ net --version Version 3.4.3 based HP CIFS Server A.03.01.05 Thanks, Michael -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How can I switch from internal dns server to bind9
2012-10-12 14:34 keltezéssel, fe...@epepm.cupet.cu írta: On Tue, 2012-10-09 at 17:18 -0400, fe...@epepm.cupet.cu wrote: On 10/9/12, fe...@epepm.cupet.cu wrote: How can I switch from internal dns server to bind9??? Add into [global] section of smb.conf "server services = -dns". Configure Bind (see named.* files which comes with samba) to use dlz plugin or good old plain files (requires basic zone definition). -- I guess it's not that easy. First, I added by hand the file named.conf to /usr/local/samba/private. Second the dlz complains: Failed to connect to /usr/local/samba/private/dns/sam.ldb and there is no such directory, instead sam.ldb is directly under /usr/local/samba/private/ Run samba_upgradedns to create the extra files and the account. Andrew Bartlett Now that I'm using bind9 I have two sam.ldb and sam.ldb.d. One pair directly under /usr/local/samba/private/ and the other pair under /usr/local/samba/private/dns/ The last pair was created when I switched to bind9. Can I delete the pair directly under /private ??? Cheers, Felix. NO! You will lose your samba domain. The sam.ldb in the private directory is the master part of the domain and the one under dns is just a replica which is created to do not give to bind access to the whole domain. Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How can I switch from internal dns server to bind9
> 2012-10-12 14:34 keltezéssel, fe...@epepm.cupet.cu írta: >>> On Tue, 2012-10-09 at 17:18 -0400, fe...@epepm.cupet.cu wrote: > On 10/9/12, fe...@epepm.cupet.cu wrote: >> How can I switch from internal dns server to bind9??? > Add into [global] section of smb.conf "server services = -dns". > Configure Bind (see named.* files which comes with samba) to use dlz > plugin or good old plain files (requires basic zone definition). > -- I guess it's not that easy. First, I added by hand the file named.conf to /usr/local/samba/private. Second the dlz complains: Failed to connect to /usr/local/samba/private/dns/sam.ldb and there is no such directory, instead sam.ldb is directly under /usr/local/samba/private/ >>> Run samba_upgradedns to create the extra files and the account. >>> >>> Andrew Bartlett >>> >> Now that I'm using bind9 I have two sam.ldb and sam.ldb.d. One pair >> directly under /usr/local/samba/private/ and the other pair under >> /usr/local/samba/private/dns/ >> The last pair was created when I switched to bind9. Can I delete the >> pair >> directly under /private ??? >> >> Cheers, >> Felix. >> > NO! > > You will lose your samba domain. The sam.ldb in the private directory is > the master part of the domain and the one under dns is just a replica > which is created to do not give to bind access to the whole domain. > > Regards > > Geza Gemes > -- Thanks for your answer Geza. Cheers, Felix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] about samba 4 rc2
Hello, I'm testing samba 4 rc2. I have created the domain without troubles using the command: /usr/local/samba/bin/samba-tool domain provision \ --realm=samdom.example.com --domain=SAMDOM \ --adminpass='p4$$word' --server-role=dc All is good, but in the step 7 Configure DNS(according to the samba4/howto(http://wiki.samba.org/index.php/Samba4/HOWTO)) i can not find the file /usr/local/samba/private/named.conf the provision step is not creating this file can you help me please? I don't speak english, Please, apologize for my language, Regards, Amaury. 10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS INFORMATICAS... CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION http://www.uci.cu http://www.facebook.com/universidad.uci http://www.flickr.com/photos/universidad_uci -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] about samba 4 rc2
On 10/12/12, Amaury Viera Hernández wrote: > Hello, I'm testing samba 4 rc2. > i can not find the file /usr/local/samba/private/named.conf Did you choose a type of DNS implementation? RC2 uses internal by default, see https://ftp.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba Digest, Vol 118, Issue 13
Pessoal, bom dia! Estarei de férias no período de 05/10 a 28/10, retornando no dia 29/10/2012. Na minha ausência as dúvidas poderão ser resolvidas pela seguinte equipe: Ricardo: Coordenação da equipe TI, e-mails e servidores – AMP e Inpacom - (011) 3616-1417 Igor: Gemma - AMP e Inpacom - (011) 3616-1438 Luciano e Vagner: Ginjo/ Silbra - Todos os sistemas - (011) 3659-3096 Robson: Indisa - Todos os sistemas - (019) 3765-6000 Essa é uma resposta automática. Até mais. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] users map with ADS not working
Hi Found something more which is interesing: - nbtstat -A on ip TST-SMB-UAT works fine, but fails for TST-SMB-DEV. Is there any specific samba option which I am missing or something on wins servers which is giving me grief? thanks Nitin > From: nitintha...@hotmail.com > To: samba@lists.samba.org > Date: Thu, 11 Oct 2012 21:52:48 -0400 > Subject: Re: [Samba] users map with ADS not working > > > Hi All, > > I have an update. I did snoop the network and found, when I use IP to connect > to the share, samba server sends packets to Windows AD. If I try to connect > using hostname, samba server does not make any attempts to connect to Windows > AD. > > It looks more like problem on the smb.conf side. If somebody has experienced > this problem in past then please help. > > (PS: I am using MIT Kerberos + Open LDAP and Samba - all current versions.) > > Thanks > > Nitin > > > From: nitintha...@hotmail.com > > To: samba@lists.samba.org > > Date: Wed, 10 Oct 2012 23:14:47 -0400 > > Subject: [Samba] users map with ADS not working > > > > > > Hi All > > > > I am running two instances of samba on same box. One instance of samba has > > joined AD domain ABC and the other 123. My workstation is on ABC domain and > > when I try to connect to samba server on ABC domain, it asks me for user > > name and password and then fails. If I put IP address instead it works. At > > the same time, when I try to connect to 123 domain, it asks me for user > > name and password and authenticates me without any problem. I set the debug > > level to 9 on both the instances. I am not running winbind - please dont > > ask me why. The strange problem is when a user who has same unix and > > windows account in ABC domain, when he tries to log into the samba server > > which is on ABC domain, it works with hostname where as folks who has > > different accounts on windows and unix, it dosent work for them with > > hostname but with IP. > > > > The Global section of both the instances is similar, here is the global > > section of samba server which is binding to ABC domain: - > > > > #=== Global Settings > > = > > [global] > > > > socket options = TCP_NODELAY IPTOS_LOWDELAY > > netbios name = TST-SMB-DEV > > workgroup = ABC > > server string = tst-smb-dev Server ver %v > > security = ADS > > log file = /opt/local/samba-3.6.7/dev/logs/log.%m > > max log size = 50 > > password server = AD1.ABC.com AD2.ABC.com > > encrypt passwords = yes > > realm = ABC.COM > > local master = no > > domain master = no > > domain logons = no > > dns proxy = no > > smb passwd file = /opt/local/samba-3.6.7/dev/private > > private dir = /opt/local/samba-3.6.7/dev/private > > username map = /opt/local/samba-3.6.7/dev/users.map > > pid directory = /opt/local/samba-3.6.7/dev > > bind interfaces only = yes > > wins support = no > > domain master = no > > locking = yes > > lock directory = /opt/local/samba-3.6.7/dev/var/locks > > preserve case = yes > > short preserve case = yes > > load printers = no > > printcap name = /dev/null > > deadtime = 15 > > preferred master = no > > guest account = nobody > > guest ok = no > > syslog = 0 > > interfaces = 10.20.20.3 > > socket address = 10.20.20.3 > > kerberos method = system keytab > > log level = 9 > > > > > > Here are the logs when user whose mapping is defined in users.map tries to > > log into samba instance which is binding to ABC domain > > > > [2012/10/10 15:07:11.896408, 3] libads/authdata.c:332(decode_pac_data) > > Found account name from PAC: foo [Foo Bar] > > [2012/10/10 15:07:11.896530, 3] > > auth/user_krb5.c:50(get_user_from_kerberos_info) > > Kerberos ticket principal name is [f...@abc.com] > > [2012/10/10 15:07:11.896611, 4] auth/user_util.c:361(map_username) > > Scanning username map /opt/local/samba-3.6.7/dev/users.map > > [2012/10/10 15:07:11.896665, 3] auth/user_util.c:402(map_username) > > Mapped user ABC\foo to bar > > [2012/10/10 15:07:11.896725, 5] lib/username.c:171(Get_Pwnam_alloc) > > Finding user bar > > [2012/10/10 15:07:11.896758, 5] lib/username.c:116(Get_Pwnam_internals) > > Trying _Get_Pwnam(), username as lowercase is bar > > [2012/10/10 15:07:11.897025, 5] lib/username.c:149(Get_Pwnam_internals) > > Get_Pwnam_internals did find user [bar]! > > [2012/10/10 15:07:11.897418, 6] param/loadparm.c:7490(lp_file_list_changed) > > lp_file_list_changed() > > file /opt/local/Samba/lib/smb.conf.dev -> > > /opt/local/Samba/lib/smb.conf.dev last mod_time: Wed Oct 10 15:06:58 2012 > > > > [2012/10/10 15:07:11.897530, 5] lib/username.c:171(Get_Pwnam_alloc) > > Finding user ABC\foo > > [2012/10/10 15:07:11.897562, 5] lib/username.c:116(Get_Pwnam_internals) > > Trying _Get_Pwnam(), username as lowercase is ABC\foo > > [2012/10/10 15:07:11.897648, 5] lib/us
Re: [Samba] about samba 4 rc2
Hi, I skept this step, the dns was internal. just make sure you have proper forwarder in your smb.conf at the end. Best Regards, Inno. De : Amaury Viera Hernández À : samba@lists.samba.org Envoyé le : Vendredi 12 octobre 2012 20h37 Objet : [Samba] about samba 4 rc2 Hello, I'm testing samba 4 rc2. I have created the domain without troubles using the command: /usr/local/samba/bin/samba-tool domain provision \ --realm=samdom.example.com --domain=SAMDOM \ --adminpass='p4$$word' --server-role=dc All is good, but in the step 7 Configure DNS(according to the samba4/howto(http://wiki.samba.org/index.php/Samba4/HOWTO)) i can not find the file /usr/local/samba/private/named.conf the provision step is not creating this file can you help me please? I don't speak english, Please, apologize for my language, Regards, Amaury. 10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS INFORMATICAS... CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION http://www.uci.cu http://www.facebook.com/universidad.uci http://www.flickr.com/photos/universidad_uci -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] about samba 4 rc2
> Hello, I'm testing samba 4 rc2. > I have created the domain without troubles using the command: > > /usr/local/samba/bin/samba-tool domain provision \ > --realm=samdom.example.com --domain=SAMDOM \ > --adminpass='p4$$word' --server-role=dc > > All is good, but in the step 7 > > Configure DNS(according to the > samba4/howto(http://wiki.samba.org/index.php/Samba4/HOWTO)) > > i can not find the file /usr/local/samba/private/named.conf > > the provision step is not creating this file > > can you help me please? > If you want to keep using the provision you did with bind9 then you need to run samba_upgradedns this way. /usr/local/samba/sbin/samba_upgradedns --dns-backend=BIND9_DLZ This step creates the extra files and the account. If you need to use a forwarder in dns I don't recommend the internal dns server. Furthermore, I couldn't make it update the reverse zone either. It's a pity because is very light indeed. Bind9 does the job very well. Cheers, Felix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] about samba 4 rc2
On 10/12/2012 01:22 PM, Hleb Valoshka wrote: On 10/12/12, Amaury Viera Hernández wrote: Hello, I'm testing samba 4 rc2. i can not find the file /usr/local/samba/private/named.conf Did you choose a type of DNS implementation? RC2 uses internal by default, see https://ftp.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt thanks, there is any way to install a dns server in a remote machine and the domain controller in other machine? regards, Amaury 10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS INFORMATICAS... CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION http://www.uci.cu http://www.facebook.com/universidad.uci http://www.flickr.com/photos/universidad_uci -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Users randomly unable to login after machine left idle on boot
Everyone, Perhaps this is an known issue, but: For some time, we have inconsistently been running into an issue where end users are unable to login to their machines if they have been left booted, but idle and not logged in, for some amount of time (it is not clear what the minimum is) after being booted. In (almost) every case, rebooting the machine restores their access. Caveat this only because internal IT staff have only recently decided this is a priority to resolve, instead of a lower priority irritant, so I don't have anything more substantive than a bunch of inconsistent anecdotes to base a problem description off of, and there's an outside chance that we're looking at multiple issues or two inter-related problems. Unfortunately, the problem is not reproducible, either... machines / users that had it happen semi-frequently no longer run into it, other recent reports come from machines / users who have not run into it before. One tech did get wireshark on it at one point, and found requests going out, but replies not making it back in again (this is being relayed through a second party). There was a major instance of this last week, which resulted in a number of users being unable to login, and the resolution was kind of messy, with the result that the problem got pushed up the stack. We are going to attempt to replicate that instance on Monday, in hopes of getting multiple machines in the failed state so that my partner and I can do forensics on the resulting logs and network captures... but it never hurts to simply ask the experts if they've run into this before. We're running samba 3.4.7 on Ubuntu 10.04 (Lucid). The clients are all Windows XP SP3. Fast Ethernet. Local profiles, centralized network authentication via Samba/LDAP. Samba server sits on a different subnet than all the clients. I'm thinking that I'm running into a network timeout issue, where a connection is closed but not re-opened, after some period of idleness. Most likely on the client, but I don't know enough to be sure, or where to look in Windows or Ubuntu. Does this problem description match any known issue? I've already trolled through Google extensively, and haven't found an exact match, or at least not one with a solution attached. Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 4.0 and Netapp filer ?
No but i don't see any reason while it should fail. I think netapp would have complained at the latestc sdc plugfest. Matthieu. Frank Bonnet wrote: Hello Does anyone has tested to register a Netapp filer in a windows domain managed by a samba 4.0 server ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] remove IP from DNS ldb
First make a backup of samba incase something goes wrong. Then `nslookup realm.tld` should give you a list of all the ip's linked to realm.tld, then you can use something like `samba-tool dns delete host realm.tld @ A ip.you.rem.oved -Uadministrator` also you will want to use `samba-tool dns delete host realm.tld host.realm.tld A ip.you.rem.oved -Uadministrator` run a `nslookup realm.tld` again and it should only show the 1 ip address. You will want to restart both bind and samba after making these changes just to be safe. Also remember that realm.tld is the realm you set during the provision. Ricky On Wed, Oct 10, 2012 at 12:25 AM, Mohammad Ebrahim Abravi < lamp@gmail.com> wrote: > Hello > install samba4beta8 white bind 9.9.1 and internal samba DNS DB on server > white tow IP, then remove one of IPs. > Users can not connect to the server or to communicate with a server takes . > Because, Removed IP in response to client requests are sent ! > > How to remove not use IP from samba dns DB by Samba Tools ? > -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] file sharing issue in samba4
Hello, I understand that you people are too much busy. but still I want to give it try with hope of miracle. my question is, I have installed samba 4 PDC on ubuntu. and in this domain we will have windows7,mac etc as client. and ubuntu will be centralized file server. so, I am facing problem is samba is not giving any respect to acl file level permission. if share is read only and I give explicit permission of read/write to any file through acl its not working. if I keep share in write mode and then explicitly give just readonly permission to any file, it is not stopping samba to let user edit file. it was working this way in samba3. we have tried to find out everywhere, the solution of this problem but we failed. finally I thought to leave an email. I believe this is very commonly asked question and now proper answer anywhere. please help thanks Ankur Chotai www.reputeinfosystems.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 HOWTO: Correction on Setting up a File Share
Hi Samba Wiki Editors, I just created my account on the wiki so I can't edit (this section) of this SAMBA4 page yet: https://wiki.samba.org/index.php/Samba4/HOWTO#Step_12:_Setup_a_File_Share It tells you to edit smb.conf, and then it says: "Note: In older alpha versions of Samba4 you need to restart Samba to make new shares visible." However, simply editing smb.conf was not sufficient for my new share to appear automatically. I'm running s3fs on Samba 4.0.0 RC2, so I'm inferring that the switch from ntvfs to s3fs broke the ability of Samba4 to automatically re-read smb.conf for new shares.. Fortunately, I was able to make the share appear without restarting samba entirely by running this s3fs-specific command: /usr/local/samba/bin/smbcontrol smbd reload-config And I'd recommend the wiki page be updated to instruct all s3fs users to run that command. Thanks, -Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] can not change mandatory owner to administrators
Now Upgrade to samba 4.0.0rc2 But Again the error is observed !! *this security ID may not be assigned as the owner of this object administrators * On Mon, Oct 8, 2012 at 2:49 PM, Mohammad Ebrahim Abravi wrote: > Hello > > upgrading from samba 4alpha17 to samba4beta8. > > Problem : > *can`t change mandatory profile owner to Administrators and see This > error: > this security ID may not be assigned as the owner of this object > administrators * > > now my mandatory profile not work ! > > thanks a lot > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] low samba performance with glusterfs backend
Hello folks, We test samba performance with local ext4 and glusterfs backends, it shows performance is very different. The samba server has 4 1Gbps NICs and bond with mode 6, backend storage is raid0 with 12 SAS disks. A LUN is created over all disks, make as EXT4 file system, and used as glusterfs brick. On the samba server, use dd test local ext4 and glusterfs, write bandwidth are 477MB/s and 357MB/s, details as follow. When mount cifs on Centos 6.0, write bandwidth downgrade to 184MB/s and 117MB/s, very different. Using 4 win7 clients to test with SANergy/Iometer, cifs over ext4 aggregate throughput can get about 391 MB/s. However, cifs over glusterfs aggregate throughput only can get about 180 MB/s. Why CIFS performance is so slow over glusterfs backend? Anybody meet such issues and how to resolve(samba and glusterfs parameters)? thanks a lot in advance. #test local ext4 [root@pana53 5f4554cf-3b56-43e5-847e-cb409b0edc30]# dd if=/dev/zero of=dd.dat bs=1MB count=10k 10240+0 records in 10240+0 records out 1024000 bytes (10 GB) copied, 21.4764 s, 477 MB/s #test local glusterfs [root@pana53 61659a17-69bd-4704-81fe-0853f1c891cd]# dd if=/dev/zero of=dd.dat bs=1MB count=10k 10240+0 records in 10240+0 records out 1024000 bytes (10 GB) copied, 28.7148 s, 357 MB/s #test cifs over ext4 [root@pana53 ext4-share]# dd if=/dev/zero of=dd.dat bs=1MB count=10k 10240+0 records in 10240+0 records out 1024000 bytes (10 GB) copied, 55.5549 s, 184 MB/s #test cifs over glusterfs [root@pana53 glusterfs-share]# dd if=/dev/zero of=dd.dat bs=1MB count=10k 10240+0 records in 10240+0 records out 1024000 bytes (10 GB) copied, 87.4899 s, 117 MB/s here is smb.conf: [global] server string = samba server map to guest = Bad Password log file = /var/log/samba/log.%m max log size = 50 max protocol = SMB2 socket options = TCP_NODELAY IPTOS_LOWDELAY idmap config * : backend = tdb aio read size = 16384 aio write size = 16384 use sendfile = Yes posix locking = No [ext4-share] comment = None path = /data/5f4554cf-3b56-43e5-847e-cb409b0edc30 read only = No guest ok = Yes [glusterfs-share] comment = None path = /reexport/61659a17-69bd-4704-81fe-0853f1c891cd read only = No guest ok = Yes here is gluster volume info: [root@pana53 glusterfs-share]# gluster volume info Volume Name: vol1 Type: Distribute Status: Started Number of Bricks: 1 Transport-type: tcp Bricks: Brick1: pana53:/data/5f4554cf-3b56-43e5-847e-cb409b0edc30 Options Reconfigured: auth.allow: *,192.168.1.* features.quota: on nfs.disable: on BR, liuben nuaa_liu...@sina.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] can not change mandatory owner to administrators
On Sat, 2012-10-13 at 08:19 +0330, Mohammad Ebrahim Abravi wrote: > Now Upgrade to samba 4.0.0rc2 But Again the error is observed !! > > *this security ID may not be assigned as the owner of this object > administrators * > > On Mon, Oct 8, 2012 at 2:49 PM, Mohammad Ebrahim Abravi > wrote: > > > Hello > > > > upgrading from samba 4alpha17 to samba4beta8. > > > > Problem : > > *can`t change mandatory profile owner to Administrators and see This > > error: > > this security ID may not be assigned as the owner of this object > > administrators * > > > > now my mandatory profile not work ! > > > > thanks a lot > > If you return to using the ntvfs file server, does it work again? (This isn't a very long term solution, but it certainly could help us isolate the issue). https://wiki.samba.org/index.php/Samba4/s3fs#Using_it server services = +smb -s3fs dcerpc endpoint servers = +winreg +srvsvc Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] can not change mandatory owner to administrators
Solved Thanks a lot On Sat, Oct 13, 2012 at 8:58 AM, Andrew Bartlett wrote: > On Sat, 2012-10-13 at 08:19 +0330, Mohammad Ebrahim Abravi wrote: > > Now Upgrade to samba 4.0.0rc2 But Again the error is observed !! > > > > *this security ID may not be assigned as the owner of this object > > administrators * > > > > On Mon, Oct 8, 2012 at 2:49 PM, Mohammad Ebrahim Abravi > > wrote: > > > > > Hello > > > > > > upgrading from samba 4alpha17 to samba4beta8. > > > > > > Problem : > > > *can`t change mandatory profile owner to Administrators and see This > > > error: > > > this security ID may not be assigned as the owner of this object > > > administrators * > > > > > > now my mandatory profile not work ! > > > > > > thanks a lot > > > > > If you return to using the ntvfs file server, does it work again? (This > isn't a very long term solution, but it certainly could help us isolate > the issue). > > https://wiki.samba.org/index.php/Samba4/s3fs#Using_it > > server services = +smb -s3fs > dcerpc endpoint servers = +winreg +srvsvc > > Andrew Bartlett > > -- > Andrew Bartletthttp://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
