Re: [Samba] oLschema2ldif segfault
This is a very good news, no only problems with BINARY (I fill the Bug 9567 to others and ever is the same problem) 2013/7/12 Andrew Bartlett > On Thu, 2013-07-11 at 13:11 -0500, Bo Kersey wrote: > > I'm seeing a oLschema2ldif segfault when it comes across attributetypes > with syntax '1.3.6.1.4.1.1466.115.121.1.5' that is a BINARY attribute. > > > > Is this by design? > > > > Can I store binary attributes in samba4 ldap? > > We need to remove this tool, and someone needs to write a replacement in > python. > > Andrew Bartlett > > -- > Andrew Bartletthttp://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > > > -- Alejandro Escanero Blanco Consultor de sistemas basados en fuentes abiertas Desarrollador de FusionDirectory (http://www.fusiondirectory.org) Blog: http://www.disasterproject.com Jabber: blain...@jabberes.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Migrate samba to new server
Hi, i have a really old server running samba 3.0.11 (PDC, tdbsam backend) and i'd like to update my server and start using samba 3.6.7 from sernet, my question here is. What files do i need to migrate from one version to another, do i need to make some changes on my current conf file? Do i need to join all clients again to the domain? -- Alejandro Rodriguez Luna E-mail: el_alexl...@yahoo.com.mx -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help with migration
Hello to all, my name is Alejandro and I have a little question to anyone of this list. I´ve created ,6 years ago, an ldap+smb proyect for a big company. Back then, samba (Lenny server) only worked with NT hashes but now (Squeeze server) they want to authenticate with Win7 (ntlm2 protocols) And configurating windows7 to accept old NT hashes is not an exit. I want to update ONLY the smb package from samba (2:3.2.5-4lenny15) to samba (2:3.5.6~dfsg-3squeeze8). PD: I'm using an OLD and modified by myself openldap version so i cant touch it. My question is this: Have someone of you did this kind of migration any time? can you give me advices? i need to know if something could go wrong in the relation with openldap. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problems with netapp filers and Samba3.6
Ok, is related with 8455 bug, but I have this (ldap nss): # id hu.scanner uid=9138(hu.scanner) gid=2068(HU_CICE) grupos=2068(HU_CICE) In auth/server_info.c, in function group_sids_to_info3: ... /* if it is the primary gid, skip it, we * obviously already have it */ if (info3->base.primary_gid == rid) continue; ... Is not obvious because I don't find where the group (HU_CICE) is added to struct netr_SamInfo3 info3. Thanks. On 16/09/11 15:51, Volker Lendecke wrote: On Fri, Sep 16, 2011 at 11:21:58AM +0200, Alejandro Escanero Blanco wrote: In some tests of moving from samba3.5 to samba3.6 I find that the netapp filer don't recognize the groups of the users. Anybody knows where is the problem? Can you try the just uploaded fix in https://bugzilla.samba.org/show_bug.cgi?id=8455 The patch is https://bugzilla.samba.org/attachment.cgi?id=6897 Thanks, Volker -- ----- Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problems with netapp filers and Samba3.6
Actually I'm using Samba 3.6.3 with the same problem. In samba 3.2 until 3.5 I get this in netr_LogonSamLogon: struct netr_LogonSamLogon groups: struct samr_RidWithAttributeArray count: 0x0001 (1) rids : * rids: ARRAY(1) rids: struct samr_RidWithAttribute rid : 0x1411 (5137) attributes : 0x0007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) In samba 3.6.3 I get: groups: struct samr_RidWithAttributeArray count: 0x (0) rids : * rids: ARRAY(0) The problem is clear, but I don't know where look for this struct. Thanks. On 16/09/11 15:51, Volker Lendecke wrote: On Fri, Sep 16, 2011 at 11:21:58AM +0200, Alejandro Escanero Blanco wrote: In some tests of moving from samba3.5 to samba3.6 I find that the netapp filer don't recognize the groups of the users. Anybody knows where is the problem? Can you try the just uploaded fix in https://bugzilla.samba.org/show_bug.cgi?id=8455 The patch is https://bugzilla.samba.org/attachment.cgi?id=6897 Thanks, Volker -- ----- Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Is possible to force the domain in ntlm_auth with squid-2.5-ntlmssp helper?
I find that ntlm_auth --helper-protocol=squid-2.5-ntlmssp don't use the switch --domain at all. Is this normal or a bug? Thanks -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Announce] Samba 3.6.1 Available for Download
2011/10/20 Karolin Seeger : > Major enhancements in Samba 3.6.1 include: > > o Fix smbd crashes triggered by Windows XP clients (bug #8384). Bug 8384 is in REOPEN status: https://bugzilla.samba.org/show_bug.cgi?id=8384 Is really closed in 3.6.1 or I must wait until 3.6.2? Cheers. -- Alejandro Escanero Blanco Administrador de Sistemas GNU/Linux Desarrollador de FusionDirectory (http://www.fusiondirectory.org) Blog: http://www.mylifebetweencomputers.com Jabber: blain...@jabberes.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problems with netapp filers and Samba3.6
In some tests of moving from samba3.5 to samba3.6 I find that the netapp filer don't recognize the groups of the users. Anybody knows where is the problem? Thanks. -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem exporting samba 3.6 registry
Runs perfectly. El 07/09/11 10:51, Gregor Beck escribió: On Wednesday, September 07, 2011 09:56:59 AM Alejandro Escanero Blanco wrote: In samba3.6 I get a reject: rebased on release-3-6-0rc1-1-g69ee029 Gregor -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem exporting samba 3.6 registry
In samba3.6 I get a reject: *** *** 333,339 switch (type) { case REG_SZ: - if (!(f->hex_fmt & REG_FMT_HEX_SZ)) { char* str = NULL; size_t dlen; if (pull_ucs2_talloc(mem_ctx, &str, (const smb_ucs2_t*)data, &dlen)) { --- 339,347 switch (type) { case REG_SZ: + if (!(f->hex_fmt & REG_FMT_HEX_SZ) + && is_zero_terminated_ucs2(data, len)) + { char* str = NULL; size_t dlen; if (pull_ucs2_talloc(mem_ctx, &str, (const smb_ucs2_t*)data, &dlen)) { Line 342 is: if (!(f->flags & REG_FMT_HEX_SZ)) { El 06/09/11 08:29, Gregor Beck escribió: Hi, On Monday, September 05, 2011 10:02:25 AM Alejandro Escanero Blanco wrote: Valgrind give me: ==25578== Memcheck, a memory error detector ==25578== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==25578== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info ==25578== Command: XXX XXX ==25578== Parent PID: 24066 ==25578== --25578-- --25578-- Valgrind options: --25578---v --25578----trace-children=yes --25578----log-file=vg.log --25578-- Contents of /proc/version: --25578-- Linux version 2.6.18-194.el5 (mockbu...@x86-007.build.bos.redhat.com) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-48)) #1 SMP Tue Mar 16 21:52:43 EDT 2010 --25578-- Arch and hwcaps: X86, x86-sse1-sse2 --25578-- Page sizes: currently 4096, max supported 4096 --25578-- Valgrind library directory: /usr/lib/valgrind --25578-- Reading syms from /usr/local/samba/bin/net (0x108000) --25578-- Reading syms from /lib/ld-2.5.so (0xb2f000) --25578-- Reading syms from /usr/lib/valgrind/memcheck-x86-linux (0x3800) --25578--object doesn't have a dynamic symbol table --25578-- Reading suppressions file: /usr/lib/valgrind/default.supp --25578-- REDIR: 0xb447d0 (index) redirected to 0x3803e483 (vgPlain_x86_linux_REDIR_FOR_index) --25578-- Reading syms from /usr/lib/valgrind/vgpreload_core-x86-linux.so (0x4801000) --25578-- Reading syms from /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so (0x4803000) ==25578== WARNING: new redirection conflicts with existing -- ignoring it --25578-- new: 0x00b447d0 (index ) R-> 0x04806640 index --25578-- REDIR: 0xb44970 (strlen) redirected to 0x4806820 (strlen) --25578-- Reading syms from /lib/libresolv-2.5.so (0x4811000) --25578-- Reading syms from /lib/libnsl-2.5.so (0x4824000) --25578-- Reading syms from /lib/libdl-2.5.so (0x483b000) --25578-- Reading syms from /lib/librt-2.5.so (0x484) --25578-- Reading syms from /usr/lib/libpopt.so.0.0.0 (0x4849000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/lib/libgssapi_krb5.so.2.2 (0x4851000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/lib/libkrb5.so.3.3 (0x487f000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/lib/libk5crypto.so.3.1 (0x4915000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libcom_err.so.2.1 (0x493b000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libuuid.so.1.2 (0x493f000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/lib/libldap-2.3.so.0.2.31 (0x4943000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/lib/liblber-2.3.so.0.2.31 (0x497d000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/local/samba/lib/libtalloc.so.2.0.5 (0x498b000) --25578-- Reading syms from /usr/local/samba/lib/libtdb.so.1.2.9 (0x4994000) --25578-- Reading syms from /usr/local/samba/lib/libwbclient.so.0 (0x49a5000) --25578-- Reading syms from /usr/lib/libz.so.1.2.3 (0x49b2000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libc-2.5.so (0x49c5000) --25578-- Reading syms from /lib/libpthread-2.5.so (0x4b0b000) --25578-- Reading syms from /usr/lib/libkrb5support.so.0.1 (0x4b23000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libkeyutils-1.2.so (0x4b2d000) --25578--object doesn't have a symbol table --25578-- Reading syms from /usr/lib/libsasl2.so.2.0.22 (0x4b3) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libssl.so.0.9.8e (0x4b49000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libcrypto.so.0.9.8e (0x4b91000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libselinux.so.1 (0x4cd2000) --25578--object doesn't have a symbol table --25578-- Reading syms from /lib/libcrypt-
Re: [Samba] Problem exporting samba 3.6 registry
C6: net_make_ipc_connection_ex (in /usr/local/samba/bin/net) ==25578== --25578-- --25578-- used_suppression: 71 dl-hack3 ==25578== ==25578== ERROR SUMMARY: 496 errors from 6 contexts (suppressed: 71 from 10) El 18/08/11 23:15, Volker Lendecke escribió: On Thu, Aug 18, 2011 at 02:12:57PM -0700, Jeremy Allison wrote: On Thu, Aug 18, 2011 at 01:31:36PM +0200, Alejandro Escanero Blanco wrote: I'm triing to put some samba3.6 server like print server, the load of ntprinters and ntdrivers is ok, but when I try to do a backup of the registry I find it: #net rpc registry export 'HKLM\System\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3\Canon iR2270/iR2870 PCL6' printers.reg Violación de segmento (Segmentation Fault) Export fail but enumerate runs correctly. Where is the problem? Can you run under gdb and print out a stack backtrace please ? Valgrind? Volker -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problems with ntlm_auth and machines accounts
b_request_done[2:PAM_AUTH_CRAP]: NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT winbind_client_response_written[2:PAM_AUTH_CRAP]: delivered response to client closing socket 27, client exited closing socket 25, client exited I think the problem is in auth/auth_checksamsec.c line 282: --> if (!(user_info->logon_parameters & MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT)) { logon_parameters has value 0 and MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT has value 8. The ldap object has not change, is marked like a Workstation and the hash is valid. Anybody knows where is the problem? Thanks. -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem exporting samba 3.6 registry
nt$\W32X86\3\Cnp60M_DE1DE.DLL" Valuename = Data File Type = REG_SZ Value = "\print$\W32X86\3\IR2270XS.XPD" Valuename = Configuration File Type = REG_SZ Value = "\print$\W32X86\3\Cnp60MUI_DE1DE.DLL" Valuename = Help File Type = REG_SZ Value = "\print$\W32X86\3\Cnp6S46.HLP" Valuename = Dependent Files Type = REG_MULTI_SZ Value[000] = "\print$\W32X86\3\IR2270XS.UPD" Value[001] = "\print$\W32X86\3\CnP6E1DE.dat" Value[002] = "\print$\W32X86\3\CnP6040a_DE1DE.DLL" Value[003] = "\print$\W32X86\3\cnxp0log.DLL" Value[004] = "\print$\W32X86\3\AUSSDRV.DLL" Value[005] = "\print$\W32X86\3\CnxD0130.DAT" Value[006] = "\print$\W32X86\3\CnxDias2.DLL" Value[007] = "\print$\W32X86\3\CnxIpc2.DLL" Value[008] = "\print$\W32X86\3\Cnp6S46.CNT" Value[009] = "\print$\W32X86\3\CNLK.PRF" Value[010] = "\print$\W32X86\3\CPC10S.DLL" Value[011] = "\print$\W32X86\3\CPC10D.EXE" Value[012] = "\print$\W32X86\3\CPC10Q.EXE" Value[013] = "\print$\W32X86\3\CPC10E.DLL" Value[014] = "\print$\W32X86\3\CPC10V.EXE" Value[015] = "\print$\W32X86\3\Cpc1ES.DLL" Value[016] = "\print$\W32X86\3\Cpc1ES.HLP" Value[017] = "\print$\W32X86\3\Cpc1ES.CNT" Value[018] = "\print$\W32X86\3\cnxpcf32.DLL" Value[019] = "\print$\W32X86\3\cnxpcp32.DLL" Value[020] = "\print$\W32X86\3\CnPXCM32.DLL" Value[021] = "\print$\W32X86\3\UCS32P.DLL" Value[022] = "\print$\W32X86\3\cnxptn32.DLL" Value[023] = "\print$\W32X86\3\AUCPLMNT.DLL" Valuename = Monitor Type = REG_SZ Value = "" Valuename = Datatype Type = REG_SZ Value = "" Valuename = Previous Names Type = REG_MULTI_SZ Valuename = DriverDate Type = REG_SZ Value = "01/01/1601" Valuename = DriverVersion Type = REG_SZ Value = "0.0.0.0" Valuename = Manufacturer Type = REG_SZ Value = "" Valuename = OEM URL Type = REG_SZ Value = "" Valuename = HardwareID Type = REG_SZ Value = "" Valuename = Provider Type = REG_SZ Value = "" Valuename = Print Processor Type = REG_SZ Value = "" Valuename = VendorSetup Type = REG_SZ Value = "" Valuename = Color Profiles Type = REG_MULTI_SZ Valuename = InfPath Type = REG_SZ Value = "" Valuename = PrinterDriverAttributes Type = REG_DWORD Value = 0 Valuename = CoreDependencies Type = REG_MULTI_SZ Valuename = MinInboxDriverVerDate Type = REG_SZ Value = "01/01/1601" Valuename = MinInboxDriverVerVersion Type = REG_SZ Value = "0.0.0.0" Thanks -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Net rpc strange results
I have a ldap based domain and different machines with different version of samba triing to get the user list from the PDC. The Server is samba 3.5.6 With version 3.4.7 I do: net rpc user -S myserver and get 1024 users same as wbinfo -u Whi version 3.0 I do net rpc user -S myserver and get 2875 users same as wbinfo -u Any clue? -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Simple question about Samba3 and Samba4 in the same site
I want to deploy a test server with the same SID and same users as the samba3 server. My idea is next: - Samba3 PDC running actually is located throught WINS - Samba4 is located by DNS putting his own DNS server in the client configuration. The two servers are in the same network/VLAN separate from the users network/VLAN. This test could give me any problem? Thanks. -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problems changing permissions
Hi all, A few nights ago, I started with problems changing permission of groups called from Windows workstations. Checking logs I saw this as follows: -modules/vfs_posixacl.c:349(smb_acl_to_posix) -smb_acl_to_posix: ACL is invalid for set (Invalid argument) But if I change them by acls commands from the server there is no problem and permissions changes right. I´ve checked all my archives, blogs forums and read the list looking for whatever witch can head me to the solution. I hope someone could help me, and tell me witch information could you need. Just with an advise could be right at least to know where looking for. Regards and thanks for all Álex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problems changing permissions
Hi all, Yesterday night, I started with problems changing permission of groups called from Windows workstations. Checking logs I saw this as follows: -modules/vfs_posixacl.c:349(smb_acl_to_posix) -smb_acl_to_posix: ACL is invalid for set (Invalid argument) But if I change them by acls commands from the server there is no problem and permissions changes right. I´ve checked all my archives, blogs forums and read the list looking for whatever witch can head me to the solution. I hope someone could help me, and tell me witch information could you need. Regards Álex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Configure Samba as Client of Samba PDC
idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=domain,dc=loc ldap ssl = no ldap user suffix = ou=People idmap uid = 15000-2 idmap gid = 15000-2 admin users = @administradores create mask = 0777 directory mask = 0777 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 deadtime = 15 map to guest = Bad User reset on zero vc = yes [Proveedores] comment = Carpeta de proveedores path = /samba/proveedores read only = no admin users = @administradores,@jefesPT2,@jefesPR,@dt users = xxx, @xxx guest ok = no [yyy] comment = Carpetas comunes, documentación, drivers path = /samba/proveedores/yyy read only = No admin users = @administradores,@jefesPT2,@jefesPR,@dt valid user = yyy1 guest ok = no [xxx] comment = Carpetas xxx path = /samba/proveedores/xxx read only = No admin users = @administradores,@jefesPT2,@jefesPR,@dt users = @developpers guest ok = no The problem is that Im having problems with the second samba when I try to modified or add permissions , cause it looks for the users in the new samba SID and it should look for in the domain. When I start smbd I got this errors: Could not peek rid out of sid S-1-5-21-1681343281-3888673916-306851540-500 [2010/08/27 12:54:11, 0] passdb/passdb.c:593(lookup_global_sam_name) User nobody with invalid SID S-1-5-21-1681343281-3888673916-306851540-2998 in passdb And if I go to phpldapadmin I see that now I have two sambadomainname domain , and chachopartners (Yes the netbios of the second one) thats why I thought the problem was here , I thought it could be joining as DC and no as client. I´ve done this: testparm smb.chachopartners.conf and I got: Load smb config files from /etc/samba/smb.chachopartners.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section "[Proveedores]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions Thanks for all and sorry for my English Alejandro Gándara , Junior System and Security Manager -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is possible to use samba4 and openldap without ldapi?
Thanks for the patch, i test it and no more "Not Implemented" problem. But i have now another problem when a try to authenticate: smbclient -L localhost -Uadministrator%A123456a Failed to connect to ncacn_np:localhost - NT_STATUS_INTERNAL_DB_CORRUPTION In OpenLDAP the error is: conn=1000 op=8 SRCH base="dc=ceic,dc=junta-andalucia,dc=com" scope=2 deref=0 filter="(&(!(isDeleted=TRUE))(&(sAMAccountName=administrator)(objectClass=user)))" conn=1000 op=8 SRCH attr=isDeleted sAMAccountName objectClass objectClass sAMAccountName userPrincipalName servicePrincipalName replPropertyMetaData msDS-SupportedEncryptionTypes supplementalCredentials dBCSPwd unicodePwd userAccountControl objectSid pwdLastSet accountExpires logonHours userWorkstations displayName scriptPath profilePath homeDirectory homeDrive lastLogon lastLogoff accountExpires badPwdCount logonCount primaryGroupID memberOf entryUUID slap_global_control: unrecognized control: 1.2.840.113556.1.4.529 I check the controls with: ldapsearch -H "ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi" -x -b "" -s base supportedControl dn: supportedControl: 1.3.6.1.4.1.4203.666.5.14 supportedControl: 1.3.6.1.4.1.4203.1.9.1.1 supportedControl: 1.3.6.1.4.1.4203.666.11.9.5.1 supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1 supportedControl: 1.3.6.1.4.1.4203.666.5.16 supportedControl: 1.3.6.1.4.1.4203.666.5.17 supportedControl: 1.3.6.1.4.1.21008.108.63.1 supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.666.11.7.2 supportedControl: 1.3.6.1.4.1.4203.666.5.12 supportedControl: 1.3.6.1.4.1.4203.666.5.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.2.840.113556.1.4.1340 supportedControl: 1.2.840.113556.1.4.805 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.3.6.1.4.1.4203.666.5.15 supportedControl: 1.2.840.113556.1.4.1339 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12 I don't find the extended dn control (1.2.840.113556.1.4.529), but appear in ldap.h: include/ldap.h:#define LDAP_CONTROL_X_EXTENDED_DN "1.2.840.113556.1.4.529" Which is the overlay to use the extended dn control? Thanks. 2010/7/27 Andrew Bartlett > On Tue, 2010-07-27 at 09:58 +0200, Michael Wood wrote: > > Hi > > > > On 27 July 2010 08:22, Alejandro Escanero Blanco > > wrote: > > > I want to use samba4 in a openldap multimaster enviroment, but my tests > are > > > going bad, this are the problems: > > > > You might have more luck with your Samba4+OpenLDAP questions on the > > samba-technical list. > > > > > - Provision is broken for openldap: NotImplementedError: > > OpenLDAPBackend.post_setup of object > > > at 0xb626194c> > > For various reasons, the OpenLDAP backend for Samba4 is not functional > at this time. A fix for this particular error is in my git repo, in the > openldap-config branch, but this isn't enough, we have a serious issue > with the dereference control that I have not yet debugged. > > > http://gitweb.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/openldap-config > (if someone wants to push those patches I'm fine with that, but we still > have a long way to go to resolve the other issues) > > Andrew Bartlett > > -- > Andrew Bartletthttp://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Cisco Inc. > -- Alejandro Escanero Blanco Administrador de Sistemas GNU/Linux Desarrollador de GOsa (http://www.gosa-project.org) Blog: http://www.mylifebetweencomputers.com Jabber: blain...@jabberes.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Is possible to use samba4 and openldap without ldapi?
I want to use samba4 in a openldap multimaster enviroment, but my tests are going bad, this are the problems: - Provision is broken for openldap: NotImplementedError: OpenLDAPBackend.post_setup of object at 0xb626194c> - When i try to run samba i get errors like this: samba -i -M single samba version 4.0.0alpha12-GIT-c75106f started. Copyright Andrew Tridgell and the Samba Team 1992-2010 ldb: module schema_load initialization failed ldb: module kludge_acl initialization failed ldb: module operational initialization failed ldb: module acl initialization failed ldb: module descriptor initialization failed ldb: module objectclass initialization failed ldb: module asq initialization failed ldb: module server_sort initialization failed ldb: module paged_results initialization failed ldb: module lazy_commit initialization failed ldb: module rootdse initialization failed ldb: module samba_dsdb initialization failed ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: (null) samba: using 'single' process model ldb: module schema_load initialization failed ldb: module kludge_acl initialization failed ldb: module operational initialization failed ldb: module acl initialization failed ldb: module descriptor initialization failed ldb: module objectclass initialization failed ldb: module asq initialization failed ldb: module server_sort initialization failed ldb: module paged_results initialization failed ldb: module lazy_commit initialization failed ldb: module rootdse initialization failed ldb: module samba_dsdb initialization failed ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: (null) task_server_terminate: [nbtd failed to open samdb] samba_terminate: nbtd failed to open samdb ... In openldap i get errors like this: conn=1005 op=3 SRCH base="cn=Schema,cn=Configuration,dc=xxx,dc=xxx,dc=com" scope=0 deref=0 filter="(&(!(isDeleted=TRUE))(|(objectClass=*)(entryDN=*)))" conn=1005 op=3 SRCH attr=isDeleted objectClass entryDN prefixMap schemaInfo fSMORoleOwner conn=1005 op=3 SEARCH RESULT tag=101 err=32 nentries=0 text= But, where is the BIND? ... - I don't know how to configure samba4 to use a remote ldap (not a ldapi). Anybody can helpme in this test? Thanks. -- - Alejandro Escanero Blanco Servicio de Informática Sistemas - GISI Tel: 671 569 262 (769262) Edificio Empresarial Aljarafe, mod. 36 41940 Tomares (Sevilla) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba + openldap + phpldapadmin
Hi all, i just installed a new samba server with openldap, my question is, do i need to put the "$" character after de name of the machine under the machines group? -- Alejandro Rodriguez Luna Web: http://www.alexluna.org E-mail: el_alexl...@yahoo.com.mx MSN: el_alexl...@yahoo.com.mx GTalk: alexl...@gmail.com Movil: 044-311-112-86-41 -- ¡Obtén la mejor experiencia en la web! Descarga gratis el nuevo Internet Explorer 8. http://downloads.yahoo.com/ieak8/?l=e1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.5 compilation
Hi all. One simple (perhaps dummy) question. I want to install the latest samba version for a test networrk with W7 clients, all i need is samba as a PDC nothing fancy like kerberos, ldap, etc etc, which parameter do i have to put along ./configure -- Alejandro Rodriguez Luna Web: http://www.alexluna.org E-mail: el_alexl...@yahoo.com.mx MSN: el_alexl...@yahoo.com.mx GTalk: alexl...@gmail.com Movil: 044-311-112-86-41 -- Encuentra las mejores recetas en Yahoo! Cocina. http://mx.mujer.yahoo.com/cocina/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Move samba server
Hi everybody, I got a new servers and I'd like to move the old ones to the news, I know that to move samba, I need to move the SID. anybody knows a howto, o where I can find documentation to move the SID along with the users and machines. P.D. Currently the samba server is the PDC. ------ Alejandro Rodriguez Luna Web: http://www.alexluna.org E-mail: el_alexl...@yahoo.com.mx MSN: el_alexl...@yahoo.com.mx GTalk: alexl...@gmail.com Movil: 044-311-112-86-41 -- Encuentra las mejores recetas en Yahoo! Cocina. http://mx.mujer.yahoo.com/cocina/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Update Samba
Hi all, i'm working with debian etch and samba 3.0.24, i would like to update my samba version to 3.0.34, how can i do that? any ideas? ------ Alejandro Rodriguez Luna Web: http://www.alexluna.org E-mail: el_alexl...@yahoo.com.mx Movil: 044-311-112-86-41 -- __ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.yahoo.com.mx/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Large file problem with version 3.0.34
I answer myself, the problem is in the Antivir VFS that don't have support of files over 2GB. Thanks. Alejandro Escanero Blanco escribió: I have a problem with large files (>2 Gb) in a Debian sarge based system. I install samba 3.0.34 with this configuration: ./configure --with-smbwrapper --with-ldap --with-automount --with-smbmount --with-pam --with-pam_smbpass --with-ldapsam --with-syslog --without-profiling-data --with-quotas --with-sys-quotas --with-libsmbclient --with-acl-support --with-utmp --with-vfs --with-winbind --localstatedir='/var/lib/samba/locks' --prefix='/usr/local/samba' --mandir='${prefix}/man' --exec_prefix='${prefix}' --sbindir='${exec_prefix}/sbin' --bindir='${exec_prefix}/bin' --sysconfdir='/etc/samba' --with-configdir='/etc/samba' --with-lockdir='/var/lib/samba/locks' --with-logfilebase='/var/log/samba' --libdir='${exec_prefix}/lib' --with-piddir='/var/lib/samba/locks' --with-privatedir='/etc/samba/private' --with-swatdir='${prefix}/swat' --enable-cups Kernel is a 2.6.8 I uploaded two files of 2,2Gb and 2,9 Gb and i can't get it from a Windows XP or a smbclient. The log (level 10) says: [2009/02/02 09:40:15, 3] smbd/process.c:switch_message(927) switch message SMBntcreateX (pid 31174) conn 0x8544638 [2009/02/02 09:40:15, 4] smbd/uid.c:change_to_user(226) change_to_user: Skipping user change - already user [2009/02/02 09:40:15, 5] smbd/filename.c:unix_convert(147) unix_convert called on file "PATH/FILE.zip" [2009/02/02 09:40:15, 2] smbd/dosmode.c:unix_mode(90) unix_mode(PATH/FILE.zip) inheriting from PATH [2009/02/02 09:40:15, 2] smbd/dosmode.c:unix_mode(99) unix_mode(PATH/FILE.zip) inherit mode 40777 [2009/02/02 09:40:15, 3] smbd/dosmode.c:unix_mode(142) unix_mode(PATH/FILE.zip) returning 0766 [2009/02/02 09:40:15, 5] smbd/files.c:file_new(123) allocated file structure 190, fnum = 4286 (2 used) [2009/02/02 09:40:15, 4] smbd/open.c:open_file_ntcreate(1605) calling open_file with flags=0x0 flags2=0x0 mode=0766, access_mask = 0x20089, open_access_mask = 0x20089 [2009/02/02 09:40:15, 3] smbd/open.c:open_file(301) Error opening file PATH/FILE.zip (NT_STATUS_ACCESS_DENIED) (local_flags=0) (flags=0) [2009/02/02 09:40:15, 5] smbd/files.c:file_free(456) freed files structure 4286 (1 used) [2009/02/02 09:40:15, 3] smbd/error.c:error_packet_set(106) error packet at smbd/nttrans.c(805) cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED [2009/02/02 09:40:15, 5] lib/util.c:show_msg(484) [2009/02/02 09:40:15, 5] lib/util.c:show_msg(494) But the user can access without any problem, the file is uploaded by the same user via scp. I can't find information why samba can't access the file. Thanks. -- - Alejandro Escanero Blanco Secretaría General Técnica - Servicio de Informática Sistemas Tel: 954 995 614 (395614) Consejería de Innovación, Ciencia y Empresa Junta de Andalucía -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Large file problem with version 3.0.34
I have a problem with large files (>2 Gb) in a Debian sarge based system. I install samba 3.0.34 with this configuration: ./configure --with-smbwrapper --with-ldap --with-automount --with-smbmount --with-pam --with-pam_smbpass --with-ldapsam --with-syslog --without-profiling-data --with-quotas --with-sys-quotas --with-libsmbclient --with-acl-support --with-utmp --with-vfs --with-winbind --localstatedir='/var/lib/samba/locks' --prefix='/usr/local/samba' --mandir='${prefix}/man' --exec_prefix='${prefix}' --sbindir='${exec_prefix}/sbin' --bindir='${exec_prefix}/bin' --sysconfdir='/etc/samba' --with-configdir='/etc/samba' --with-lockdir='/var/lib/samba/locks' --with-logfilebase='/var/log/samba' --libdir='${exec_prefix}/lib' --with-piddir='/var/lib/samba/locks' --with-privatedir='/etc/samba/private' --with-swatdir='${prefix}/swat' --enable-cups Kernel is a 2.6.8 I uploaded two files of 2,2Gb and 2,9 Gb and i can't get it from a Windows XP or a smbclient. The log (level 10) says: [2009/02/02 09:40:15, 3] smbd/process.c:switch_message(927) switch message SMBntcreateX (pid 31174) conn 0x8544638 [2009/02/02 09:40:15, 4] smbd/uid.c:change_to_user(226) change_to_user: Skipping user change - already user [2009/02/02 09:40:15, 5] smbd/filename.c:unix_convert(147) unix_convert called on file "PATH/FILE.zip" [2009/02/02 09:40:15, 2] smbd/dosmode.c:unix_mode(90) unix_mode(PATH/FILE.zip) inheriting from PATH [2009/02/02 09:40:15, 2] smbd/dosmode.c:unix_mode(99) unix_mode(PATH/FILE.zip) inherit mode 40777 [2009/02/02 09:40:15, 3] smbd/dosmode.c:unix_mode(142) unix_mode(PATH/FILE.zip) returning 0766 [2009/02/02 09:40:15, 5] smbd/files.c:file_new(123) allocated file structure 190, fnum = 4286 (2 used) [2009/02/02 09:40:15, 4] smbd/open.c:open_file_ntcreate(1605) calling open_file with flags=0x0 flags2=0x0 mode=0766, access_mask = 0x20089, open_access_mask = 0x20089 [2009/02/02 09:40:15, 3] smbd/open.c:open_file(301) Error opening file PATH/FILE.zip (NT_STATUS_ACCESS_DENIED) (local_flags=0) (flags=0) [2009/02/02 09:40:15, 5] smbd/files.c:file_free(456) freed files structure 4286 (1 used) [2009/02/02 09:40:15, 3] smbd/error.c:error_packet_set(106) error packet at smbd/nttrans.c(805) cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED [2009/02/02 09:40:15, 5] lib/util.c:show_msg(484) [2009/02/02 09:40:15, 5] lib/util.c:show_msg(494) But the user can access without any problem, the file is uploaded by the same user via scp. I can't find information why samba can't access the file. Thanks. -- - Alejandro Escanero Blanco Secretaría General Técnica - Servicio de Informática Sistemas Tel: 954 995 614 (395614) Consejería de Innovación, Ciencia y Empresa Junta de Andalucía -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] System Policies
Hi all, i've tried to configure the policies as the samba wiki says, but i haven't any luck. I/m using debian etch and samba 3.0.24, my question is, do i have to install a newer version of samba?. __ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.yahoo.com.mx/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Question about Logon on
Hi everybody. i was wondering if there are some kind of trick or method that only allow me log on with 2 accounts in my windows machine. The thing is that all in my office uses my machine. The server is a samba PDC. Thanks. __ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.yahoo.com.mx/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba with apps clipper very slow
Hello. I have an app running on a clipper Samba version 3.02319121616102 . In my network there are approximately 80 clients Win98 and 20 clients NT-XP. By connecting customers begins to degrade the performance of the app very slow getting around. Any help? Thank you. Deputy smb.conf. Hola. Tengo una app en clipper ejecutándose sobre Samba version 3.02319121616102 . En mi red hay aproximadamente 80 clientes Win98 y 20 clientes NT-XP. Al conectarse los clientes comienza a degradarse la performance de la app poniéndose muy lento todo. Alguna ayuda? Gracias. Adjunto smb.conf. # Samba config file # Date: 2008/07/29 10:50:03 [global] workgroup = UEPC netbios name = MENDIETA server string = Samba Server security = user null passwords = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* passwd chat debug = Yes unix password sync = Yes log level = 1 log file = /var/log/samba/%m.log max log size = 50 socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE SO_RCVBUF=32768 SO_SNDBUF=32768 printcap name = cups logon script = %G.bat domain logons = Yes os level = 64 domain master = Yes time server = Yes dns proxy = No wins support = Yes idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind trusted domains only = Yes admin users = @adm cups options = raw interfaces = 10.1.3.2/16 127.0.0.1 bind interfaces only = Yes kernel oplocks = No level2 oplocks = No lock spin count = 50 lock spin time = 25 oplocks = No add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ local master = Yes preferred master = Yes [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /home/netlogon force user = root force group = root read only = No guest ok = Yes browseable = No share modes = No write list = root [printers] comment = All Printers path = /usr/spool/samba printable = Yes browseable = No [sistemas] comment = Sistemas de UEPC writeable = yes path = /sistemas write list = @autorizador,@optica,@faradm,@fardep,@fardom,@farinv,@farvta,@sistemas,@csrecodo [autorizador] browseable = no comment = Autorizador para Imed writable = yes path = /sistemas/farmacia [compartido] comment = Para transferencia de archivos en la red browseable = no writable = yes path = /sistemas/compartido [cola_sistemas] comment = Cola de Impres. del Depto. Sistemas path = /sistemas guest ok = Yes printable = Yes use client driver = Yes force printername = Yes [cola_optica] comment = Cola de Impresion de Optica path = /sistemas guest ok = Yes printable = Yes use client driver = Yes force printername = Yes [cola_faradm] comment = Cola de Impresion de Administracion de Farmacia path = /sistemas guest ok = Yes printable = Yes use client driver = Yes force printername = Yes [cola_farvta] comment = Cola de Impresion de Ventas de Farmacia path = /sistemas guest ok = Yes printable = Yes use client driver = Yes force printername = Yes [cola_fardep] comment = Cola de Impresion de Deposito de Farmacia path = /sistemas guest ok = Yes printable = Yes use client driver = Yes force printername = Yes [cola_csrecodo] comment = Cola de Impresion de Recepción de Odontología path = /sistemas guest ok = Yes printable = Yes use client driver = Yes force printername = Yes Ing. Alejandro Paredes Gte. de Sistemas U.E.P.C. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] a brand new PDC
are there a way to change a PDC from a machine to another machine without lose anything? i currenly run samba 3.0.14 on Ubuntu, i would like to migrate to either slackware or debian. ¡Capacidad ilimitada de almacenamiento en tu correo! No te preocupes más por el espacio de tu cuenta con Correo Yahoo!: http://correo.yahoo.com.mx/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] hide unreadable files
Hi Charles! Thanks for your ideas! I read this post http://lists.samba.org/archive/samba/2007-July/133723.html and found some similarities with the behavior of my configuration. For example, sometimes a user can delete files or directories with "r-x" permissions. Then, I upgrade to samba 3.0.26a. I don't know if this is a good idea, but at least users can't delete files/directories now (I think). However, the problem still existing with the "hide unreadable = Yes" option. I understand now the behavior. For example, I have two directories in a share directory "groups" with the following ACL entries: # file: groups# owner: root# group: rootuser::rwxgroup::r-x group:admins:rwx group:users:r-x mask::rwxother::--- # file: dir1# owner: root# group: rootuser::rwxgroup::r-xgroup:admins:rwxmask::rwxother::--- # file: dir2# owner: root# group: rootuser::rwxgroup::---other::---And I have a user "joe" that belongs to the group "users". Then, if "joe" map the share directory, he can see only dir1 and dir2 is not visible for his. Also, "joe" should not see dir1. Now, if I change the ACL permissions of dir2 to the following: # file: dir2# owner: root# group: rootuser::rwxgroup::r-xgroup:admins:rwxmask::rwxother::--- "joe" can see (incorrectly) both directories. Believe me, I don't understand. I don't know if this "errors" are for a bad configuration or what... I'm using: debian etch 4.0r1 amd64, kernel 2.6.18-5-amd64, samba 3.0.26a, XFS file system with acl support and quotas and LDAP for user authentication. This is my smb.conf: [global] workgroup = NT-DEQ server string = %h server obey pam restrictions = Yes passdb backend = ldapsam:ldap://127.0.0.1 passwd program = /usr/sbin/smbldap-passwd '%u' syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 printcap name = cups add user script = /usr/sbin/smbldap-useradd -a -m -k '%u' delete user script = /usr/sbin/smbldap-userdel -r '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m -k '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' dns proxy = No ldap admin dn = cn=admin,dc=upc,dc=es ldap group suffix = ou=groups ldap suffix = dc=upc,dc=es ldap ssl = no ldap user suffix = ou=users panic action = /usr/share/samba/panic-action %d invalid users = root profile acls = Yes map acl inherit = Yes hide unreadable = Yes map hidden = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0700 directory mask = 0700 browseable = No [groups] comment = Grups Files path = /home/groups read only = No Thank you very much!!!Diego _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] hide unreadable files
Sorry, perhaps I don't explain my problem correctly. Suppose that I have a directory "dir" in a "groups" share directory. "groups" and "dir" has the following ACL permissions: groups| |--- dir # file: groups/# owner: lisa# group: adminuser::rwxgroup::r-xgroup:staff:r-x mask:rwxother:---default:user::rwxdefault:group::r-xdefault:mask:rwxdefault:other:--- # file: dir/# owner: lisa# group: adminuser::rwxgroup::r-x mask:rwxother:---default:user::rwxdefault:group::r-xdefault:mask:rwxdefault:other:--- Then, another user "joe" (that belongs to "staff" group) access to the share directory "groups". I think that "joe" shouldn't see the directory "dir" if the option "hide unreadable" is setted to "yes". But I this behavior don't occurr in my samba 3. "joe" can see "dir". I don't know if this is the correct behavior. I hoped that "hide unreadable" hides that files/directories that don't has "r" flag for the user/group that try to access it. Thanks. Diego PD: I try with client windows option 'Tools > Folder options > View > Show hidden files and folders' disabled. But the "incorrect" behavior occurrs also with linux smbclient. > Date: Thu, 8 Nov 2007 12:45:53 -0500> From: [EMAIL PROTECTED]> To: samba@lists.samba.org> Subject: Re: [Samba] hide unreadable files> > On 11/8/2007, Diego Alejandro Cheda ([EMAIL PROTECTED]) wrote:> > I have a problem with the "hide unreadable = yes" option. In windows > > xp professional sp2 with explorer, or ssh or smbclient, either > > directories and files does not hide. > > Do you have 'Tools > Folder options > View > Show hidden files and > folders' enabled on the windows workstations?> > -- > > Best regards,> > Charles> -- > To unsubscribe from this list go to the following URL and read the> instructions: https://lists.samba.org/mailman/listinfo/samba Express yourself instantly with MSN Messenger! MSN Messenger _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] hide unreadable files
Hi all! I have a problem with the "hide unreadable = yes" option. In windows xp professional sp2 with explorer, or ssh or smbclient, either directories and files does not hide. I'm using debian 4.0 with XFS file system, ACL, kernel 2.6.18-5-amd64, and samba 3.0.24. Any idea? It is a bug? Thanks! -- Diego _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Disable USB storage
Hello Everyone! i need to know if there is a way to send to windows XP a key reg to disable the usb storage, my samba is a PDC. the key in the window's registry is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor - Comparte video en la ventana de tus mensajes (y también tus fotos de Flickr). Usa el nuevo Yahoo! Messenger versión Beta. Visita http://mx.beta.messenger.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permissions on Domain Admin created files
That is correcto, there is a parameter that forces a connection to the folder with certain user regardless of the credentials given: force user = myfolder user this goes on the share folder section of the smb.conf From: "Warren Beldad" <[EMAIL PROTECTED]> To: "Julian Pilfold-Bagwell" <[EMAIL PROTECTED]> CC: Samba Subject: Re: [Samba] Permissions on Domain Admin created files Date: Thu, 23 Nov 2006 12:44:16 +0800 the ownership of the file should be the user connected to the service. maybe you have some options like force user. kindly check also the permission of your home folders, only the user should have permission in his home folder unless you have a different configuration. "inherit owner" is useful but i think its not good for homes. warren On 11/22/06, Julian Pilfold-Bagwell <[EMAIL PROTECTED]> wrote: Hi All, I have a PDC that serves 800 users all of whom have their own home directory. From time to time, members of the Domain Admins group scan pages for the users and save them into the users home directories but the permissions for the file are created with the admin as owner. Is there any way of forcing ownership of a file or directory to the owner of the home folder rather than the admin who created the file. Cheers, Jools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba _ ¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en MSN Motor. http://motor.msn.es/researchcentre/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] execute-open access in samba
Hello, i have the next problem: I installed samba server 3.0232 on a Fedora Core 6 used webmin to configure it. i created a user in linux as in samba, then i created a share directory in samba that maps to the linux directory TEMP that has de permissions -rwxrwxrwx. I then connect to the samba server from a windows xp, the login works great and i can access the folder and even copy files in it, the problem arises when i try to open the file, for a example a txt, the server keeps throwing me an access denied messages, the same happens if i try to copy a file from samba to the XP PC. If i check the permission on the copied file they are also -rwxrwxrwx and i am loggin in with de owner of the copied file. has anyone had this problem before, its pretty anoying. _ ¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en MSN Motor. http://motor.msn.es/researchcentre/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba on two machines [solved]
what a stupid thing! i had to DO it ... :-) J. Alejandro Noli wrote: Hi all ! Nice to write my first message here. I'm trying to find out how can I make samba work on two machines, and can't find the answer at the web. I mean, i got two machines with gnu and want to serve samba on both. From a third machine there is a win98 client trying to locate those. Where can i start reading? Thank you all. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba on two machines
Hi all ! Nice to write my first message here. I'm trying to find out how can I make samba work on two machines, and can't find the answer at the web. I mean, i got two machines with gnu and want to serve samba on both. From a third machine there is a win98 client trying to locate those. Where can i start reading? Thank you all. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Possible to use 2 LDAP-Servers for different purposes?
Oliver Heering wrote: Now our plan is it to use another, external LDAP server for pure authentication. This means the external LDAP server should _NOT_ contain the (most) Samba schema attributes for the users. > > The idea behind this is that we will soon have one single > user-database for all campus-users (students and employees) at our > campus and if a user is registered there he should gain access to our > samba domain as well. But as there might be several other samba > domains on our campus we cannot store those samba schema attributes in > the "master LDAP" (for example the users profile is at a different > location in another domain). > > The only way out i can think of (other proposals are welcome!) is that > Samba accesses two different LDAP-servers. The first one only for > authentication (does the user exist at all? and did he provide the > correct password?) and the second one for the storage of all his > domain-specific attributes like "where is my homedrive?", "where is my > profile located" and so on. If the user was authenticated successfully > but doesn't exist in the local LDAP server, the "add user script" will > add him. Really need two servers?, any samba user in the ldap master server have a sambaDomainName, it can be used in smb.conf to let this user get usage in his domain. The standars solutions are: - slave ldap servers, you can use them for each samba server, only need to get a copy of things you need, and any server have his own access. - kerberos server, well, is better, is complex, is... , You can try if you want, a lot of people is using it, remember, kerberos is usable for passwords and samba for the other stuff. For example i'm using heimdal kerberos over ldap, and i create the samba users and the heimdal user at the same time. -- _____ Alejandro Escanero Blanco Administrador Sistemas Centro Europeo De Congresos Tel. +34 952058050 e-mail: [EMAIL PROTECTED] _ Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, contiene información de carácter confidencial +exclusivamente dirigida a su destinatario o destinatarios. Queda prohibida su divulgación, copia o distribución, total o parcial, a terceros sin la previa autorización escrita del +remitente. En caso de haber recibido este correo electrónico por error, se ruega notifíquese inmediatamente esta circunstancia mediante +reenvío a la dirección electrónica del remitente y borre el mensaje original junto con sus ficheros anexos, sin grabarlos +total o parcialmente. This electronic mail and whatever files are attached thereto, contain confidential information solely and exclusively for +the addressee or addressees. Its total or partial propagation, reproduction and distribution to third parties is strictly forbidden without prior written +authorization by the sender. In the event of erroneous receipt of this electronic mail, kindly advise the sender immediately by forwarding the message to +sender, and erase the original message together with attached files, if any. Please do not copy, totally or partially, the contents of this electronic mail. Thank you for your cooperation. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba needs samba-common ???
Hi people, I've just downloaded samba-3.0.14a-1.i386.rpm from www.samba,org to my Linux Red Hat 9, but I can't see the samba-common packet. I heart that samba-common is needed in order to run samba..I ask you: do I have to get samba-common or I just need to install samba-3.0.14a-1.i386.rpm in order to run samba in my Linux box ??? Thanks Alejandro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] W2K Workstation not reading NTConfig.pol
You must make sure that, if path directive in the share is, /srv/netlogon, both directories (or _any_directory_ in the way to NTconfig.POL) have the 'x' bit on its permissions. For example (and not complete :) /srv $ ls -ld netlogon rwxrwx--- owner group 2048 netlogon will never let you read anything in Samba if your group is not 'group'. Because the position bit (execution for files, position/placement for directories) is not set and Samba needs it. If instead of rwxrwx--- you, at least, have rwx--x--x Samba will let you read the NTconfig.POL like it or not :) We had tons of incidencies regarding our user profiles and most of the time it was due to it. Same applies to any other file or directory, like... [homes]! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with valid users in Samba
Hi people, I have Linux Red Hat 9 with Samba installed (samba, samba-client and samba-common 2.2.7a-7.9.0). All the Windows clients in my LAN have accessed the corresponding home directories in the Samba server, but since yesterday they can't access them. When the Windows clients try to access their Samba directories in my Red Hat server, they are prompted for a user and password, so they put the correct data but they are kicked off. In the smb.conf file, in the corresponding line to the valid users in the home dirs, I have this: Valid users = %S I didn't do anything wrong.what could be happened ??? What can I do in order to acces Samba directories again ??? Thanks a lot !!! Greetings Alejandro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] very low speed local network browsing from win xp clients
Hi: Change this parameters: name resolve order = wins host lmhosts bcast And you must have the correct parameters in resolv.conf and hosts regards. El jue, 27-11-2003 a las 19:12, Buda GÃbor escribiÃ: > Hi There! > > > Thank You for your very quick help. It's nice to see that are so helpfull > people in the world of linux. Thanks! > > I changed my network card's settings to 'half-duplex' on my win XP, but the > machines in the workgroup (and the workgrup 'vorosko' too) appearing very > slow (10-15 seconds). It' the same, that it was before the changes.) My new > smb.conf file: > > [global] > ; domain master = no > ; local master = yes > ; preferred master = yes > passwd program = /usr/bin/passwd %u > printing = bsd > syslog only = no > dns proxy = no > null passwords = yes > protocol = NT1 > name resolve order = bcast host > strict sync = no > socket options = TCP_NODELAY IPTOS_LOWDELAY > character set = iso8859-2 > short preserve case = yes > printcap name = /etc/printcap > invalid users = root > max log size = 1000 > interfaces = 192.168.32.253/255.255.255.0 > debug level = 0 > passwd chat = *Enter\snew\sUNIX\spassword:* %n\n > *Retype\snew\sUNIX\spassword:* %n\n > preserve case = yes > security = user > unix password sync = no > workgroup = vorosko > server string = %h server (Samba %v) > syslog = 0 > client code page = 852 > netbios name = SERVER > guest account = nobody > load printers = no > os level = 33 > ; socket address = 192.168.32.253 > > > > Best regards > Gabor > > > > -Original Message- > > From: James Courtier-Dutton [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, November 26, 2003 1:47 AM > > To: Buda GÃbor > > Cc: [EMAIL PROTECTED] > > Subject: Re: [Samba] very low speed local network browsing > > from win xp clients > > > > > > Buda GÃbor wrote: > > > Hi Everyone there! > > > > > > > > > We have a very annoying problem since several months when > > browsing the > > > local network (workgroup) from win xp clients (from win98 > > clients it's > > > almost OK). The machines in the workgroup appearing very > > slooow (about > > > 15-20 sec), and this value doesn't change even in the 2nd or 3rd > > > browse. We have 1 linux (debian 2.4.21 pre 3) pc, running the samba > > > (2.2312) server, about 15 win98 clients, 60 win xp clients, > > 1 win nt > > > server. When I shutdown our win nt server, the problem > > doesn't change. > > > When I shutdown our samba server, the browsing of our > > workgroup become > > > very fast. > > > > > > Here is my smb.conf file, perhaps You can help me to solve this > > > problem. Thank You. > > > > > I don't know if it will help, but try changing the settings on the > > Network card of the Windows XP clients. > > Go into advanced settings and change "Duplex" from "Auto" to > > "Half Duplex". > > > > I have found that samba functions quite badly with Windows > > clients when > > network packets start getting lost. > > > > You would only need to try the change to "half duplex" on one > > Windows XP > > client to see if it helps for that one client. > > > > I am still investigating ways to improve samba under these > > packet loss > > conditions, but it would be nice to see if changing to "half duplex" > > helps others like it helped me. > > > > Cheers > > James > > > > > > > > > > -- Alejandro Soler Administrador de Sistemas Martina di Trento S.A. Buenos Aires - Argentina [EMAIL PROTECTED] www.martinaditrento.com TEL.: 4000-7200 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printing Buffer Overflow
Hi, I have a print server, with RH9 and the last Samba 3 version (i have to update because i have this problems many times with previus samba versions) When i try to print from WinNt 4, from Oracle Reports 3, drWatson come in. In the print server i have this log: [2003/11/19 10:10:30, 3] rpc_server/srv_pipe.c:api_rpcTNP(1503) api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX checking name: \\mtba9\finanzas2 [2003/11/19 10:10:30, 3] rpc_server/srv_spoolss_nt.c:set_printer_hnd_printertype(447) Setting printer type=\\mtba9\finanzas2 [2003/11/19 10:10:30, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544) free_pipe_context: destroying talloc pool of size 68 [2003/11/19 10:10:30, 3] smbd/process.c:process_smb(890) Transaction 771 of length 1312 [2003/11/19 10:10:30, 3] smbd/process.c:switch_message(685) switch message SMBtrans (pid 1292) [2003/11/19 10:10:30, 3] smbd/ipc.c:reply_trans(530) trans <\PIPE\> data=1224 params=0 setup=2 [2003/11/19 10:10:30, 3] smbd/ipc.c:named_pipe(334) named pipe command on <> name [2003/11/19 10:10:30, 3] smbd/ipc.c:api_fd_reply(296) Got API command 0x26 on pipe "spoolss" (pnum 70e3)free_pipe_context: destroying talloc pool of size 0 [2003/11/19 10:10:30, 3] rpc_server/srv_pipe.c:api_rpcTNP(1503) api_rpcTNP: rpc command: SPOOLSS_GETPRINTER [2003/11/19 10:10:30, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544) free_pipe_context: destroying talloc pool of size 1076 [2003/11/19 10:10:30, 3] smbd/error.c:error_packet(118) error packet at smbd/ipc.c(99) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW The user have administrator rights over printer. Please help me... Thanks. -- Alejandro Soler Administrador de Sistemas Martina di Trento S.A. Buenos Aires - Argentina [EMAIL PROTECTED] www.martinaditrento.com TEL.: 4000-7200 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba help
Hi, I´m an university student of Las Palmas de Gran Canaria ( Canary Islands, Spain). I apply to you because I´m begining to develop my last project, I´m at the end of my Computer Engeneer career. What I try in this project is to extensive the PHP language with a library that it conects to a SAMBA file server and makes the functions that alows us the SMBCLIENT on the actually systems. The actually developments that I could see ( including SAMBA2WWW) are developed making use of the function system that includes the majority of the languages to make calls to own operative system functions. My idea is to try don´t ude this function and use others mechanisms to obtein that those who use them could do it quietest it´s a security question. And also of trying that a language so extended as the PHP is evident that have a function library to the conexions with SAMBA. Well what I´d like is that if you can and with all the experience that I suppose that you have, you would indicate me if it´s possible to do my project and would send me all the information that you think it could de useful any way. First of all thank you and I hope to recieve your news as soon as possible. -- Alejandro Glez de Chaves Guerrero Dpto. Diseño y programación web http:\\www.cana-web.com mail: [EMAIL PROTECTED] movil: 646154545 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Hi, project (samba-php)
Hi, I´m an university student of Las Palmas de Gran Canaria ( Canary Islands, Spain). I apply to you because I´m begining to develop my last project, I´m at the end of my Computer Engenieer career. What I try in this project is to extend the PHP language with a library that it conects to a SAMBA server and makes the functions that alows us the SMBCLIENT on the actually systems. The actually developments that I could see (including SAMBA2WWW) are developed making use of the function system that includes the majority of the languages to make calls to own operative system functions. My idea is to try don´t use this function and use others mechanisms to obtein that those who use them could do it quietest it´s a segurity question. And also of trying that a language so extended as the PHP is evident that have a function library to the conexions with SAMBA servers. Well what I´d like is that if you can and with all the experience that I suppose that you have, you would indicate me if it´s possible to do my project and would send me all the information that you think it could de useful any way. First of all thank you and I hope to recieve your news as soon as possible. Alejandro Glez de Chaves Guerrero Dpto. Diseño y programación web http:\\www.cana-web.com mail: [EMAIL PROTECTED] movil: 646154545 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba