Re: RESOLVED: (sorta) Re: [Samba] Oplocks question
Clearly some one who hasn't worked with Samba for that long. Theres no shame about Samba, it does what it does well, PDC and SMB sharing and has saved my a#% several times. I never chimed in as I didn't and still don't follow the thread. You can stack as many disk protocol sharing services as you want on a single box, but if you want to re export from one to another, sounds to me like you are very junior in the network fs space. As for MSDFS, man that sh$# sux. If you require clustering of that nature, start doing an RFQ from NetApp or BlueArc, etc... even look on eBay and actual auctions. My buddy picked up a few slightly used NetApps for $3.5K each at 4TB. - Brian On Jun 9, 2009, at 12:29 PM, Terry Haley wrote: Actually Dan that helps a lot. It tells me the amount of work and effort it takes to bend this application in order to fit a mold it was not intended for. In the end, I decided to bite the bullet and make my PDC double as my primary file server. 45 mins of swapping an FC-nic, remapping the lvm's and reconfiguring the smb.conf in order to make this a non-issue and prevent more complexity proliferation is well worth it. It's a shame it doesn't handle remote file systems more elegantly. Thank you, everyone, for your comments and advice. Terry On Jun 9, 2009, at 1:36 PM, Daniel Bourque wrote: I keep an old RH7 VM running samba as a gateway to NFS shares for our older Mac boxes , because I was having problems with the ressource fork on newer implementations of samba. everything works perfect with newer versions of samba, I experience lock issues accessing the same NFS shares. So I also have samba running on ever NFS servers, and drives are mapped directly to the server were the file system is locally mounted. As Volker said, look into msfds. It will allow you to point your clients to one SMB server and access SMB shares off other servers in a transparent way. You'll still need to install Samba on the NFS file servers you want to acesss. hope this helps Dan Terry Haley wrote: So reading this, I assume that noone uses samba as a simple authentication/gateway to network shares for windows machines. Since you are limited to sharing local volumes on the PDC? How would I go about setting up a passthrough for my machines to the actual fileserver? Do I setup clients on the file server? do I have samba point them with credentials to the file server? On Jun 9, 2009, at 12:16 PM, Volker Lendecke wrote: On Tue, Jun 09, 2009 at 11:59:11AM -0400, Terry Haley wrote: Hmm, so the thing would be to convert my NFS server to use samba? and setup an smbfs on the PDC? No, you should not re-export *any* file system you imported from some network file system. You should direct your clients at the original file server holding the storage, if necessary via msdfs redirects. Volker The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org/complianceline . If the e-mail was sent to you in error but does not contain patient information, please contact the sender and properly dispose of the e-mail. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] OSX causing multiple CLOSE_WAIT's
Hi Ed, First, I feel your pain. While I don't have an answer, I did switch from OSX based Samba server to Linux and my problems went away. My experience in general with OSX server 10.5 is that its a horrible XSAN, NFS, AFP, SMB server. What I've used to help trouble shoot OSX in general in addition to the built in process viewer is XRG ( X Resource Grapher). You can also try to dtrace stuff. Just type it in a term to see some help. There were some NFS bugs I uncovered and shared with the OSX Server dev guys which should be fixed in 10.6 server but who knows if that will also fix the plethora of other issues. - Brian On Jun 2, 2009, at 10:02 PM, Ed Kasky wrote: Lately it never fails when I attach a Mac running OSX 10.5 that I get runaway pid's. I tracked them down so far to multiple close_wait's: # /usr/sbin/lsof | grep pbg5mac smbd 24876 root6u IPv4 80015755 TCP yoda.wrenkasky.com:netbios-ssn-pbg5mac.wrenkasky.com:49381 (CLOSE_WAIT) They can grow to over 100 if I don't catch it or nobody can log on anymore ;-) Anybody had any problems with Macs using samba? Ed ... Randomly Generated Quote (50 of 1543): Defeat never comes to any man until he admits it. - Josephus Daniels -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Make CIFS look like NFS
You can have an NFS mount on your Nix box like /JOBS/stuff and a CIFS mount on XP like \\JOBS\stuff. In this case, JOBS is the Samba server name. This is how I maintain the same paths in scripts on diff platforms. Al you have to ensure is that your app will obey UNC paths so that a drive letter is never saved out in the file. - Brian On Jun 3, 2009, at 11:38 AM, Daniel L. Miller wrote: Is it possible to make CIFS look like NFS via some configuration/ mount options? What I mean is, from a client point of view, will the mounted share behave EXACTLY like NFS will? -- Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] net groupmap woes - solved + root in domain admins solved
Hi all, So I read in the Samba docs where in order to map a unix group with a windows group (when using LDAP backend), that unixgroup must exist in the LDAP db even though it already exists in /etc/group. So I added the unix group of root to my LDAP db via ldapadd and using an ldif file with the desired values. I removed the group mapping via net groupmap delete Domain Admins as net groupmap modify didn't work and added the mapping of Domain Admins to root and all is well. I had to unjoin/rejoin the domain so that the root login worked as an Administrator on the XP box but all is well. - Brian On May 27, 2009, at 7:06 PM, Brian Krusic wrote: Hi all, I've scoured the net looking for a solution but to no avail. net groupmap list returns Domain Admins (S-) - Domain Admins I would rather map Domain Admins to my root unix group. net groupmap modify ntgroup=Domain Admins unixgroupreturns type=d returns an error; Could not update group database. If I delete via; net groupmap delete Domain Admins and then net groupmap add ntgroup=Domain Admins unixgroup=root rid=512 type=d I get; adding entry for group Domain Admins failed! Any and I mean any feedback is greatly appreciated. - Brian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] domain admin cannot admin pc
Hi all, My env; Centos 5.3 Samba 3.0.33 Samba PDC using LDAP backend. Problem; I can join the XP box to my Samba domain (called DOMAIN) using the root user and pass. But after rebooting and logging into that XP box as root, I can not admin the box and am treated as a regular user. Commands and results; net rpc group members Domain Admins DOMAIN\root C:\net localgroup Administrators Alias name Administrators CommentAdministrators have complete and unrestricted access to the computer/domain Members --- Administrator DOMAIN\Domain Admins getent group Domain Admins:*:512:root **There is more groups but I felt the above line was relevant. I've combed google but found that I shouldn't have a problem. Any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] domain admin cannot admin pc
Hi, If you mean the Domain Admin group, its already there and was added upon joining the domain. - Brian On May 27, 2009, at 3:21 PM, Miguel Medalha wrote: I can join the XP box to my Samba domain (called DOMAIN) using the root user and pass. But after rebooting and logging into that XP box as root, I can not admin the box and am treated as a regular user. On that XP computer, add the Domain Admin to the Administrators group. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] net groupmap woes
Hi all, I've scoured the net looking for a solution but to no avail. net groupmap list returns Domain Admins (S-) - Domain Admins I would rather map Domain Admins to my root unix group. net groupmap modify ntgroup=Domain Admins unixgroupreturns type=d returns an error; Could not update group database. If I delete via; net groupmap delete Domain Admins and then net groupmap add ntgroup=Domain Admins unixgroup=root rid=512 type=d I get; adding entry for group Domain Admins failed! Any and I mean any feedback is greatly appreciated. - Brian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] mount 2k3 Dfs root on Linux via smbmount
Hi, Has any one used smbmount with some tweaks to the smb.conf to mount a 2k3 Dfs root? I'm looking at my Official Samba book but was woundering if anyone can cut down my trial and error time? Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2k3 ads and fc2 client
Hi, I am trying to join a fedora fc2 client (latest patches as of yesturday) to a 2k3 ads. when running; kinit [EMAIL PROTECTED] I get no errors. When running; klist I get; Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] ... klist: You have no tickets cached Winbind shows; spnego_gen_negTokenTarg failed: No credentials cache found. The renewel is in 10 hours. The Service principal looks funny; Service prinical is krbtgt/[EMAIL PROTECTED] Is the; client use spnego = yes in smb.conf a valid flag to use that may fix this? Does 2k3 require the ckients to cache the keys? Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba anfd colinux
Hi, Someone on this list ran CoLinux to access there Linux partiton (duel boot system) to then run Samba as a way of seeing the Linux partition in Windows. Who would that have been and would you mind emailing me? Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] throughput of 300MB/s
Hi, I've set it up for this purpose with a max sustained throughput of ~25-30MB/sec (megabytes). This was using p-ide on the backend and 3ware cards with RH9 and xfs and a mix of raid5 and raid10 (1+0). This was with a gig e (non jumbo capable) network and tricks like increased TCP window sizes and the typical Samba tricks like TCP no delay etc... However even with NetApps or BlueArcs (both with fiber channel on the backend @ raid4), the sustained throughput according to my bro at RH was like 45MB/sec. There are several things to consider like; - whats doing the file serving (fiber, ide, raid or striped) - is it an OS or an appliance - is the net topology ethernet - is it gig e with jumbo frames - can the client handle that throuput Choosing a backend is key as well as your net topology. Also, look into http://www.myri.com/ for a fast topology. For disk i/o look into http://www.pvfs.org/. I've nevr been called upon to look into these but they look like a lot of fun. Bri- Network Consulting Services -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] throughput of 300MB/s
Hi, I would like to emphasize that your protocol weather samba, nfs or even afp for that matter isn't the bottle neck as they are dependant on how well you; 1) config these protocols in terms of network tunning params 2) how well the OS is config'd in terms of its network params and deamons running, local file system used like reiferfs or xfs 3) how well the hardware is config'd in terms of bus speed of PCI bus, raid card throughput, drive throughput, network card throughput, etc... I've had a lot of customers throw out local theoretical #s of say Ultra 320 SCSI which are usually 60-70% of those figures in reality. Samba itself has been a blessing for many of my clients. Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC from 2 to 3, SID headaches
Hi, I had this very same issue and posted this problem many months ago to no avail. Since user profs and envs are critical in my env, what I did was 1) Ensure that a local version of the domain prof exsisted and that it was local vs roaming using the Windows profile tool. 2) I then made the identical user on the local machine account (if your machine is named foo, then your local acc would be foo\user). * login once on foo\user to ensure profile account creation. 3) Using the profile copy tool in Windows, I then copied the domain profile to the local machine account profile. 4) I then logged on as foo\user to ensure the env was as it should be. 5) I then copied the foo\user account to the domain account using the Windows tool and I was then able to migrate to v3 and keep my profs and env for each user. * Be admin when doing the profile migration or atleast another user with admin privs. Ofcourse a tedious thing for 30+ users but it was critical as they are in FX industry and are very picky about there env. Its ultimatly up to you on wether you want to go this extra step but I felt that it was my responability to provide this level of service. Bri- Network Consulting Services -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] machine account with w2k
The Domain Admin user domadmin must have the root-policies on the /etc/passwd like this: domadmin:x:0:0: This is incorrect as you should never have users with identical uids. You should mod the entry in etc/group to add your domadmin user to the root group. This gives it root privs. In my opinion it is not fine, because it is a security-hole, Incorrect. Only someone of root or admin privs should be able to initially join domains for if any one could, then a potential hacker to do so w/o admin/root privs and attain further domain trust by doing so. Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTFS-type directory permissions
Hi, I think if you choose to compile samba with the acl flag then you will have the complex access control desired. When you do a ./configure --help ... the options will be there but I think the option for acl support is --with-acl-support or something like that. Both my samba book and a unix terminal are not available to me now. Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 doesn't login to SAMBA domain
Hi, Why keep your XP pcs updated with the latest while neglecting your Samba? I would atleast do an upgrade to v2.2.11. Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP SP2 doesn't login to SAMBA domain
Hi, Is there one of these for Suse? More exact. for there OpenExchange product? I spoke with them but they weren't to informative. Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] migration from 2.2.7 to 3
Hi, I've downloaded the 3 how to pdf and am looking forward in implementing Samba 3 especially for the PDC enhancements (hopefully Samba 3 has Dfs enhancements as well). I would like a heads up from anyone as to what to do and not to do in making a successful transition (ie; diff in smbpasswd dbase, etc...). -aurf - Do you Yahoo!? The New Yahoo! Shopping - with improved product search -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] home dirs and profiles
Hi, I've a mixed env of linux and Windows (dual boot). My home server for the linux end is stuff:/people/ and is running a few virtual Samba servers but is not the PDC. I wish to store roaming profiles and have this as the home directory for Windows as well. My confusion is how to set the PDC to use stuff:/people as the home dirs and the use of; [netlogin] [profile] [homes] logon path logon drive all which seem very confusing for me. I have; [global] logon path = \\stuff\people\%U Would someone mind helping me? -aurf - Do you Yahoo!? The New Yahoo! Shopping - with improved product search -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
