Re: [Samba] Samba4 in FreeBSD 9 i386 for Domain controller not working. Samba version 4.1.0 pre1-GIT cf15406
pccom frank hotmail.com> writes: > > > Hi, I have deinstalled bind99 and re-made Samba4But still, Samba4 not working.The following are what I > did.Looks like it is the dnsupdate problem. This time, it is the samba4's dnsupdate problem. > Do I have to initialize kdc server? > Those are copied from FreeBSD handbook for Kerberos 5. > .Note that this /etc/krb5.conf file implies that your KDC will have the fully-qualified hostname of > kerberos.example.org. You will need to add a CNAME (alias) entry to your zone file to accomplish this if > your KDC has a different hostname.Note: For large networks with a properly configured BIND DNS server, > ... > root f10:/usr/local/samba/sbin # ./samba -i -M singlesamba version 4.1.0pre1-GIT-e6a100e > started.Copyright Andrew Tridgell and the Samba Team 1992-2012samba: using 'single' process > model/usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call > last):/usr/local/samba/sbin/samba_dnsupdate: File "/usr/local/samba/sbin/samba_dnsupdate", > line 507, in /usr/local/samba/sbin/samba_dnsupdate: > get_credentials(lp)/usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/sbin/samba_dnsupdate", line 121, in > get_credentials/usr/local/samba/sbin/samba_dnsupdate: creds.get_named_ccache(lp, > ccachename)/usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for F10$@F10.PCCOM.CA > failed (Cannot contact any KDC for requested realm)/usr/local/samba/sbin/samba_dnsupdate: > ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_ACCESS_DENIED^C > Did you manage to resolve this issue? I am encountering the same problem with FreeBSD9 amd64 and Samba Version 4.1.0pre1-GIT-99efe84, and so far have found no solutions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba logins disconnect?
I have been chasing down a problem where PC logins to our Samba server get disconnected from their printer and file shares. Here is the sequence of events: User logs in to PC File shares from NetApp file server are mapped and mounted Printer shares from Samba server go into "opening" state, may or may not become "Ready" Later, mapped network drives are "Disconnected Network Drives" and printers may report "Ready" but printing fails Opening a mapped network drive brings it out of "Disconnected" state but but it will go back to "Disconnected" after a few minutes Opening a printer window from "Printers and Faxes" may re-initialize the printer but may not Here's our environment: server room: Samba 3.0.21 NetApp Release 7.3.4 file server client networks: Winows XP clients IPsec tunnel (running on pfSense 2.0 firewalls) connects server room to client networks I haven't been able to find anything helpful in web searches, although there are a number of hits on similar problems. Carl G. Riches IT Manager Department of Biostatistics Box 357232 voice: 206-616-2725 University of Washingtonfax: 206-543-3286 Seattle, WA 98195-7232 internet: c...@u.washington.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help needed to debug Samba problem
I have a Samba domain that is having problems. We have a new NetApp file server (FAS2040 running NetApp Release 7.3.4) that keeps dropping its connection to the Samba server. We didn't have this problem with an older NetApp box (FAS250 running NetApp Release 6.5.1R1). I can run tcpdump on the Samba server and see traffic going back and forth between the FAS2040 and the Samba server when the filer tries to connect, but don't know enough about the protocol to decipher the traffic. One thought I had was to move the Samba domain to a newer version of Samba (on a newer server) but I don't know if that will really help. The above means that I have two questions: how to decipher the tcpdump info, and how to migrate existing Samba tdb databases to a new server? Thanks in advance for any pointers! Carl Carl G. Riches Department of Biostatistics University of Washington Seattle, WA 98195-7232 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba PDC and big files
Roaming profiles with folder redirection... Regards Carl t...@tms3.com wrote: --- Original message --- Subject: [Samba] Samba PDC and big files From: Pedro Rafael Alves Simoes To: Date: Thursday, 24/06/2010 5:03 AM Hello, I'm trying to setup a PDC with Samba, but I have the known problem of the roaming profiles: big files. I think it's difficult to guarantee that a inexperienced user will copy is downloaded files, documents, or whatever, to a H:\ share instead of is handy desktop. Other problem is the files of Outlook or Thunderbird that can get big. The goal is to avoid email configuration each time the user changes to another workstation, so I can't configure the email client to store the files locally on the workstation. Could someone give me some lights in how I can circumvent this problem? BOFH's Guide to Electrified Keyboards: 101 Tips and tricks to train your users. Cheers, TMS III P.S. for email imap is a good idea. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Wrong PDC IP from multi-homed samba PDC
I am trying to join a SAMBA client to a SAMBA domain. The SAMBA PDC is on a different network from the SAMBA client. I have a SAMBA server on the client network acting as a local browse master. The "net join" command fails because the PDC is multi-homed, it gives out a list of addresses, the address at the head of the list can't be reached by the client and the command does not iterate through the list of PDCs. Is there a way to specify the order of IP addresses handed out by the SAMBA server when it is asked for the PDC address(es)? The PDC is multi-homed with these addresses: 10.142.36.94 (a /25 net) 10.142.36.125 (a /27 net) 10.142.36.254 (a /25 net) The client can connect to the PDC's 10.142.36.94 address (ping, ssh, etc.) via an IPsec tunnel. I can successfully run many commands against the PDC: nmblookup -B server __SAMBA__ nmblookup -M -- - smbclient -L server -U% and so on. However, the "net lookup dc" command gives me a list of PDC addresses in this order: 10.142.36.254 10.142.36.94 10.142.36.125 The file wins.dat has these entries for the PDC: "SERVER#00" 1275257441 10.142.36.94 10.142.36.254 10.142.36.125 66R "SERVER#03" 1275257441 10.142.36.94 10.142.36.254 10.142.36.125 66R "SERVER#20" 1275257441 10.142.36.94 10.142.36.254 10.142.36.125 66R A "net join" command fails. It tries to use this address for the PDC: 10.142.36.254 There is no route to that address. The "net join" command does not iterate through the list of PDC addresses, though. It just fails. Is there a way to specify the order in which the SAMBA PDC hands out its addresses (when multi-homed) such that the IP address at the top of the list is the one on which the request arrived? That is, if a request for the PDC list arrives on the 10.142.36.94 interface can the response put the address 10.142.36.94 at the head of the list of PDC addresses? Thanks, Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] multi-homed samba PDC and NetApp filers
On Sun, 2010-05-16 at 19:23 -0700, Carl G. Riches wrote: > On Fri, 14 May 2010, John H Terpstra wrote: > > > On 05/14/2010 07:14 PM, Carl G. Riches wrote: > >> We are having a problem getting a NetApp filer to re-join a samba > >> domain after a move to a new network. The filer worked fine with > >> samba before the move. Apologies in advance for the long missive. > >> > >> I've tried the following: > >> > >> - re-running the CIFS setup program on the filer > >> - removing the problem filer's samba account, replacing it, and > >> re-running the setup program on the filer > >> - creating a new machine account on the samba server and re- > >> running the setup program on the filer > >> > >> None of these worked. I also looked through a number of mailing > >> list postings about NetApp filers and samba but didn't find any- > >> thing to help. > >> > >> Has anyone gone through this before and provide insight into > >> this problem? > > > > Do you happen to specify in your /etc/samba/smb.conf file: > > interfaces = "list of interfaces" > > bind interfaces only = Yes > > > > If so, remove them, then retry the domain join. After successfully > > joining you ca re-enable these parameters. > > > > Please let me know if that is the solution. > > > > That's part of the solution. The NetApp filer now shows up in Windows PC > browse lists, but we still can't get a PC (or the samba server itself) to > mount a CIFS file share from the filer. Does anyone have a suggestion for > what to try next? Here's what I've done so far: > > I commented out these lines in /etc/samba/smb.conf: > >; interfaces = 127.0.0.1 10.142.36.94/27 10.142.36.192/26 > 10.142.36.125/27 >; bind interfaces only = yes > > and restarted samba, then restarted CIFS on the NetApp filer. Tcpdump on > the samba server now looks like this: > >18:45:57.189347 IP gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns > > mead.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): QUERY; > REQUEST; UNICAST >18:45:57.189425 IP mead.in.gcc.biostat.washington.edu.netbios-ns > > gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): QUERY; > POSITIVE; RESPONSE; UNICAST >18:45:59.137275 IP gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns > > mead.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): > REGISTRATION; REQUEST; UNICAST >18:45:59.137390 IP mead.in.gcc.biostat.washington.edu.netbios-ns > > gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): > REGISTRATION; POSITIVE; RESPONSE; UNICAST > > These message are on the filer's console: > >Sun May 16 18:46:29 PDT [auth.dc.DCPasswdChange.failed:error]: AUTH: The >filer's attempt to change the shared password with filer's domain >controller failed with status 0xc05e: Scheduled automatic password >change failed. The filer will retry in 1 hour. > > At this point the filer shows up in a Windows PC's browse list. > > An attempt to mount a share from the filer on the samba server using this > command: > >mount -t cifs //10.208.235.134/geneva_fc /mnt -o username=cgr,domain=UWT-15 > > fails with this message: > >mount error 5 = Input/output error >Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) > > and these lines show up in /var/log/debug: > >May 16 18:49:49 mead kernel: Status code returned 0xc05e > NT_STATUS_NO_LOGON_SERVERS >May 16 18:49:49 mead kernel: CIFS VFS: Send error in SessSetup = -5 >May 16 18:49:49 mead kernel: CIFS VFS: cifs_mount failed w/return code = > -5 > > An attempt to map the above share to a drive (Z:) on a Windows PC fails > with the message: > >The mapped network drive could not be created because the following >error has occurred: > >There are currently no logon servers available to service the logon >request. > > These messages appeared on the filer's console during the drive mapping > request: > >Sun May 16 19:01:19 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: > TraceDC- Starting DC address discovery for UWT-15. >Sun May 16 19:01:19 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: > TraceDC- Found no DC addresses using generic DNS query. >Sun May 16 19:01:19 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: > TraceDC- Starting WINS queries. >Sun May 16 19:01:22 PDT [auth.dc.trace.DCConnection.statusMs
Re: [Samba] multi-homed samba PDC and NetApp filers
On Fri, 14 May 2010, John H Terpstra wrote: On 05/14/2010 07:14 PM, Carl G. Riches wrote: We are having a problem getting a NetApp filer to re-join a samba domain after a move to a new network. The filer worked fine with samba before the move. Apologies in advance for the long missive. I've tried the following: - re-running the CIFS setup program on the filer - removing the problem filer's samba account, replacing it, and re-running the setup program on the filer - creating a new machine account on the samba server and re- running the setup program on the filer None of these worked. I also looked through a number of mailing list postings about NetApp filers and samba but didn't find any- thing to help. Has anyone gone through this before and provide insight into this problem? Do you happen to specify in your /etc/samba/smb.conf file: interfaces = "list of interfaces" bind interfaces only = Yes If so, remove them, then retry the domain join. After successfully joining you ca re-enable these parameters. Please let me know if that is the solution. That's part of the solution. The NetApp filer now shows up in Windows PC browse lists, but we still can't get a PC (or the samba server itself) to mount a CIFS file share from the filer. Does anyone have a suggestion for what to try next? Here's what I've done so far: I commented out these lines in /etc/samba/smb.conf: ; interfaces = 127.0.0.1 10.142.36.94/27 10.142.36.192/26 10.142.36.125/27 ; bind interfaces only = yes and restarted samba, then restarted CIFS on the NetApp filer. Tcpdump on the samba server now looks like this: 18:45:57.189347 IP gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns > mead.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; UNICAST 18:45:57.189425 IP mead.in.gcc.biostat.washington.edu.netbios-ns > gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST 18:45:59.137275 IP gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns > mead.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; UNICAST 18:45:59.137390 IP mead.in.gcc.biostat.washington.edu.netbios-ns > gcc-fs1.in.gcc.biostat.washington.edu.netbios-ns: NBT UDP PACKET(137): REGISTRATION; POSITIVE; RESPONSE; UNICAST These message are on the filer's console: Sun May 16 18:46:29 PDT [auth.dc.DCPasswdChange.failed:error]: AUTH: The filer's attempt to change the shared password with filer's domain controller failed with status 0xc05e: Scheduled automatic password change failed. The filer will retry in 1 hour. At this point the filer shows up in a Windows PC's browse list. An attempt to mount a share from the filer on the samba server using this command: mount -t cifs //10.208.235.134/geneva_fc /mnt -o username=cgr,domain=UWT-15 fails with this message: mount error 5 = Input/output error Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) and these lines show up in /var/log/debug: May 16 18:49:49 mead kernel: Status code returned 0xc05e NT_STATUS_NO_LOGON_SERVERS May 16 18:49:49 mead kernel: CIFS VFS: Send error in SessSetup = -5 May 16 18:49:49 mead kernel: CIFS VFS: cifs_mount failed w/return code = -5 An attempt to map the above share to a drive (Z:) on a Windows PC fails with the message: The mapped network drive could not be created because the following error has occurred: There are currently no logon servers available to service the logon request. These messages appeared on the filer's console during the drive mapping request: Sun May 16 19:01:19 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Starting DC address discovery for UWT-15. Sun May 16 19:01:19 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Found no DC addresses using generic DNS query. Sun May 16 19:01:19 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Starting WINS queries. Sun May 16 19:01:22 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Found no BDC addresses through WINS. Sun May 16 19:01:25 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Found no PDC addresses through WINS. Sun May 16 19:01:25 PDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- DC address discovery for UWT-15 complete. 0 unique addresses found. The WINS server has been defined: options.cifs.wins_servers=10.142.36.94 which is the samba server. We have this line in the /etc/samba/smb.conf file: wins support = yes An attempt to browse to the filer fail with this message: \\gcc-fs1 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The network path was not found.
[Samba] multi-homed samba PDC and NetApp filers
We are having a problem getting a NetApp filer to re-join a samba domain after a move to a new network. The filer worked fine with samba before the move. Apologies in advance for the long missive. I've tried the following: - re-running the CIFS setup program on the filer - removing the problem filer's samba account, replacing it, and re-running the setup program on the filer - creating a new machine account on the samba server and re- running the setup program on the filer None of these worked. I also looked through a number of mailing list postings about NetApp filers and samba but didn't find any- thing to help. Has anyone gone through this before and provide insight into this problem? We have the following: samba server: Red Hat Enterprise Linux 5.3 kernel 2.6.18 i868 samba 3.0.33 multiple network interfaces: 10.142.36.64/27 10.142.36.96/27 10.142.36.192/26 NetApp filer #1: NetApp Release 7.2.4L1 connected through VPN to samba server network 10.142.36.192/26 NetApp filer #2: NetApp Release 7.3.1.1 connected through VPN to samba server network 10.142.36.64/27 Each filer can ping the samba server. CIFS connections from each filer are registered by the samba server and are logged in the file: 0.0.0.0.log Each of the filers moved to a new network. Filer #1 rejoined the domain but filer #2 can't. A tcpdump of the unsuccessful transaction is: 10:42:38.137963 IP gcc-fs1.netbios-ns > mead.netbios-ns: NBT UDP PACKET(137): MULTIHOMED REGISTRATION; REQUEST; UNICAST 10:42:38.138165 IP mead.netbios-ns > gcc-fs1.netbios-ns: NBT UDP PACKET(137): WACK; POSITIVE; RESPONSE; UNICAST 10:42:58.270693 IP mead.netbios-ns > gcc-fs1.netbios-ns: NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST 10:44:11.627124 IP gcc-fs1.netbios-ns > mead.netbios-ns: NBT UDP PACKET(137): MULTIHOMED REGISTRATION; REQUEST; UNICAST 10:44:11.627292 IP mead.netbios-ns > gcc-fs1.netbios-ns: NBT UDP PACKET(137): WACK; POSITIVE; RESPONSE; UNICAST 10:44:32.309202 IP mead.netbios-ns > gcc-fs1.netbios-ns: NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST 10:45:45.665702 IP gcc-fs1.netbios-ns > mead.netbios-ns: NBT UDP PACKET(137): MULTIHOMED REGISTRATION; REQUEST; UNICAST 10:45:45.665803 IP mead.netbios-ns > gcc-fs1.netbios-ns: NBT UDP PACKET(137): WACK; POSITIVE; RESPONSE; UNICAST 10:46:06.312676 IP mead.netbios-ns > gcc-fs1.netbios-ns: NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST Part of the samba log 0.0.0.0.log related to filer #2 is: [2010/05/14 16:54:52, 3] nmbd/nmbd_winsserver.c:wins_process_name_registration_request(1138) wins_process_name_registration_request: Group name registration for name UWT-15<00> IP 10.208.235.134 [2010/05/14 16:54:52, 3] nmbd/nmbd_winsserver.c:wins_process_name_registration_request(1222) wins_process_name_registration_request: Adding IP 255.255.255.255 to group name UWT-15<00>. [2010/05/14 16:54:52, 4] nmbd/nmbd_packets.c:reply_netbios_packet(940) reply_netbios_packet: sending a reply of packet type: wins_reg UWT-15<00> to ip 10.208.235.134 for id 39786 [2010/05/14 16:54:52, 4] libsmb/nmblib.c:debug_nmb_packet(112) nmb packet from 10.208.235.134(137) header: id=39786 opcode=Registration(5) response=Yes header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=UWT-15<00> rr_type=32 rr_class=1 ttl=345600 answers 0 char .. hex EAD0EB86 [2010/05/14 16:54:52, 5] libsmb/nmblib.c:send_udp(779) Sending a packet of len 62 to (10.208.235.134) on port 137 Thanks, Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ShadowLastChange does not update
Hi Everyone, I have a Samba 3.0.34 PDC setup with OpenLDAP 2.3.43 as backend on a Gentoo server. I also use LDAP for IMAP, SMTP and proxy authentication. For some reason the shadowLastChange does not update when a user changes his/her password from Windows XP. The samba and unix passwords and also the samba "Password must change field" does change as required, it is only the ShadowLastChange that does not update. It does update when I run smbldap-passwd from command line and also through LDAP Account Manager. This causes the unix password on LDAP to expire before the Samba password has expired and then the user can not use his email or internet connection. I have tried different combinations of the passwd settings in smb.conf, including: Only: ldap password sync = yes Also tried: ldap password sync = yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n *Re*ype*new*password* %n\n \ I also created my own script which calls smbldap-passwd and then manually updates ShadowLastChange. This worked fine from the command line but did not seem to work from Windows XP. I have also given full access to all users on LDAP in case it was a permissions problem, but to no avail... I have been battling with this problem for the last month. Hope someone can give me some pointers. Please let me know if i need to post any other info... Regards Carl Werner -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Mixed Win98 and WinXP Pro
Hi I have a PDC server version samba-3.2.8-0.27.fc10.i386.rpm serving mostly Win98 machines after adding the following two lines managed to get it working with authentication and logon.bat scripts. /etc/samba/smb.conf lanman auth = Yes ntlm auth = No Now I want to add some XPPro machines but they can no not see server shares any more ( used to work on Fedora 5 server ) I have tried adding with some success. include = /etc/samba/smb.conf.%a smb.conf.WinXP Also do I need winbind /etc/nsswitch.conf hosts: files wins dns nis ldap NOTE: I have a BDC and trying to get ldap working but disabled for now. Incidently a Vista machine works fine can I modify all the winxp machines in the registry to get them working as well. And I get samba.___192.168.1.28 in the logs I have tried disabling ipv6 but perhaps somehow it is still enabled and causing me problems somehow. Also when the clients try to use the Fedora 10 server often it seems a lot slower than Fedora 5 even though the server is more powerfull. Carl -- PinGNU Systems Ltd A company registered in England and Wales Registered office: 6 Flackdale Road, Hilton, Cambs, PE28 9NY Registered company number: 4176338 Mobile 07709 935666 Day time only Home: 01480 831607 weekends Skype: carlpingnu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba trouble with Vista
ap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /dev/null winbind use default domain = yes winbind separator = @ winbind cache time = 360 winbind trusted domains only = yes winbind nested groups = no winbind nss info = no winbind refresh tickets = no winbind offline logon = no [homes] comment = Home Directories path = /home read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no share modes = no locking = no [profiles] comment = User Profiles path = /var/samba/profiles read only = no available = yes browseable = no writable = yes guest ok = no public = no printable = no locking = no create mode = 0600 directory mask = 0700 [printers] comment = All Printers path = /var/spool/samba browseable = yes writable = no guest ok = no public = no printable = yes share modes = no locking = no [RAID5] path = \RAID5\ comment = Main 1.8TB RAID5 share valid users = @friends carl-e directory mask = 777 create mode = 777 force user = 777 read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba PDC
Hi Yes it is working I just added the following not sure if they are all needed but at last it is working for Win98 Clients and Samba Version 3.2.8-0.26.fc10. lanman auth = Yes ntlm auth = No lm announce = Yes client lanman auth = Yes Carl Thanks again once I am hoping to get ldap and PDC BDC working for Fedora 10 will post on http://www.pingun.org Miguel Medalha wrote: I have a Fedora 6 with samba 3.0.2465 working great as a PDC with Win98 clients. The server has domain logon working and login scripts running I have made a second server to replace the first but after upgrading beyond Fedora 8 it no longer works. I can see shares with Vista64 Business and XP Pro although they will not authenticate but the win98 boxes I get "the domain password you supplied is not correct or access to your server has been denied." I am not sure if this applies to your case or to the samba version you quote, but recently the defaults for parameters "client lanman auth" and "lanman auth" have been changed from "Yes" to "No". Disabling this option will also disable the |client plaintext auth| option. Please consult the smb.conf man page for these parameters. -- PinGNU Systems Ltd A company registered in England and Wales Registered office: 6 Flackdale Road, Hilton, Cambs, PE28 9NY Registered company number: 4176338 Landline: 01480 831607 Mobile 07709 935666 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba PDC
Hello THANK YOU I never even thought to look there that must be the problem seems obvious now. It is still not working but this maybe something I have done since. Feb 18 10:41:37 canada winbindd[2705]: [2009/02/18 10:41:37, 0] libsmb/namequery.c:saf_store(75) Feb 18 10:41:37 canada winbindd[2705]: saf_store: refusing to store 0 length domain or servername! Feb 18 10:41:47 canada winbindd[2705]: [2009/02/18 10:41:47, 0] libsmb/clientgen.c:cli_receive_smb(165) Feb 18 10:41:47 canada winbindd[2705]: Receiving SMB: Server stopped responding Feb 18 10:41:47 canada smbd[2829]: [2009/02/18 10:41:47, 0] lib/util_sock.c:matchname(1749) Feb 18 10:41:47 canada smbd[2829]: matchname: host name/address mismatch: :::192.168.1.3 != canada.localdomain Feb 18 10:41:47 canada smbd[2829]: [2009/02/18 10:41:47, 0] lib/util_sock.c:get_peer_name(1870) Feb 18 10:41:47 canada smbd[2829]: Matchname failed on canada.localdomain :::192.168.1.3 Tried to turn off ipv6 but seem to still have failed. Security is not a problem either just getting the logon scripts to work. Carl Miguel Medalha wrote: I have a Fedora 6 with samba 3.0.2465 working great as a PDC with Win98 clients. The server has domain logon working and login scripts running I have made a second server to replace the first but after upgrading beyond Fedora 8 it no longer works. I can see shares with Vista64 Business and XP Pro although they will not authenticate but the win98 boxes I get "the domain password you supplied is not correct or access to your server has been denied." I am not sure if this applies to your case or to the samba version you quote, but recently the defaults for parameters "client lanman auth" and "lanman auth" have been changed from "Yes" to "No". Disabling this option will also disable the |client plaintext auth| option. Please consult the smb.conf man page for these parameters. -- PinGNU Systems Ltd A company registered in England and Wales Registered office: 6 Flackdale Road, Hilton, Cambs, PE28 9NY Registered company number: 4176338 Landline: 01480 831607 Mobile 07709 935666 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba PDC
Hello I have a Fedora 6 with samba 3.0.2465 working great as a PDC with Win98 clients. The server has domain logon working and login scripts running I have made a second server to replace the first but after upgrading beyond Fedora 8 it no longer works. I can see shares with Vista64 Business and XP Pro although they will not authenticate but the win98 boxes I get "the domain password you supplied is not correct or access to your server has been denied." Any suggestions would be appreciated I have been working on this for ages and run out of idea's Perhaps I need to specify the char set which I might try I am not bothered about Vista or XP just win98. Carl # Samba config file created using SWAT # from # Date: 2009/02/04 17:26:57 [global] workgroup = DOMAIN server string = FEDORA %v on %h interfaces = 192.168.1.3/24 log level = 10 log file = /var/log/samba/samba.%m max log size = 50 time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 add user script = /usr/sbin/useradd -m '%u' -g users -G users delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usernod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u logon script = %U.bat logon path = \\%N\profiles\%u domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes idmap uid = 15000-2 idmap gid = 15000-2 template shell = /bin/bash winbind enum groups = No invalid users = bin, deamon, sys, man, postfix, mail, ftp admin users = @wheel hosts allow = 192.168.1., 127., 192.168.1.41 printer name = Epson [netlogon] path = /home/samba/netlogon valid users = root, @smbusers browseable = No [profiles] path = /home/samba/profiles valid users = root, @smbusers read only = No create mask = 0700 directory mask = 0700 browseable = No [homes] comment = Home Directories path = /home/%U force group = staff read only = No create mask = 0700 directory mask = 0700 browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [public] comment = Public Stuff path = /home/public valid users = @staff force group = staff read only = No create mask = 0775 directory mask = 0775 guest ok = Yes tail log.nmbd [2009/02/17 21:31:54, 3] nmbd/nmbd_become_dmb.c:become_domain_master_query_success(223) become_domain_master_query_success(): Our address (192.168.1.3) returned in query for name DOMAIN<1b> (domain master browser name) on subnet UNICAST_SUBNET. Continuing with domain master code. [2009/02/17 21:31:54, 2] nmbd/nmbd_become_dmb.c:become_domain_master_stage1(178) become_domain_master_stage1: Becoming domain master browser for workgroup DBTECH on subnet UNICAST_SUBNET [2009/02/17 21:31:54, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(170) find_workgroup_on_subnet: workgroup search for DBTECH on subnet UNICAST_SUBNET: found. [2009/02/17 21:31:54, 3] nmbd/nmbd_become_dmb.c:become_domain_master_stage1(187) become_domain_master_stage1: go to first stage: register <1b> name [2009/02/17 21:31:54, 3] nmbd/nmbd_namelistdb.c:add_name_to_subnet(250) add_name_to_subnet: Added netbios name DOMAIN<1b> with first IP 192.168.1.3 ttl=259200 nb_flags=64 to subnet UNICAST_SUBNET [2009/02/17 21:31:54, 6] nmbd/nmbd_nameregister.c:multihomed_register_one(322) Registering name DBTECH<1b> IP 192.168.1.3 with WINS server 127.0.0.1 using tag '*' [2009/02/17 21:31:54, 4] nmbd/nmbd_packets.c:initiate_multihomed_name_register_packet(359) initiate_multihomed_name_register_packet: sending registration for name DOMAIN<1b> IP 192.168.1.3 (bcast=No) to IP 127.0.0.1 [2009/02/17 21:31:54, 5] libsmb/nmblib.c:send_udp(824) Sending a packet of len 68 to (127.0.0.1) on port 137 [2009/02/17 21:31:54, 4] nmbd/nmbd_responserecordsdb.c:add_response_record(37) add_response_record: adding response record id:16407 to subnet UNICAST_SUBNET. num_records:14 [2009/02/17 21:31:54, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(170) find_workgroup_on_subnet: workgroup search for DOMAIN on subnet 192.168.1.3: found. [2009/02/17 21:31:54, 10] nmbd/nmbd_sendannounce.c:announce_myself_to_domain_master_browser(381) announce_myself_to_domain_master_browser: t (1234906314) - last(1234906313) < 900 [2009/02/17 21:35:44, 0] nmbd/nmbd.c:main(849) nmbd version 3.2.8-0.26.fc10 started. Copyright Andrew Tridgell and the Samba Team 1992-2009 [2009/02/17 21:35:44, 5] lib/debug.c:debug_dump_status(407) INFO: Current de
[Samba] samba trouble with Vista
ap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /dev/null winbind use default domain = yes winbind separator = @ winbind cache time = 360 winbind trusted domains only = yes winbind nested groups = no winbind nss info = no winbind refresh tickets = no winbind offline logon = no [homes] comment = Home Directories path = /home read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no share modes = no locking = no [profiles] comment = User Profiles path = /var/samba/profiles read only = no available = yes browseable = no writable = yes guest ok = no public = no printable = no locking = no create mode = 0600 directory mask = 0700 [printers] comment = All Printers path = /var/spool/samba browseable = yes writable = no guest ok = no public = no printable = yes share modes = no locking = no [RAID5] path = \RAID5\ comment = Main 1.8TB RAID5 share valid users = @friends carl-e directory mask = 777 create mode = 777 force user = 777 read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] howto sync unix passwd & samba passwd?
Iris Lames wrote: Hi, I'm using samba-3.0.28-0.fc8. I'm trying to build a file server for 100 users. I created a perl script that automatically adds the 100 users plus their passwords with success. Now I'm having difficulty creating a script using the smbpasswd command because passwords must be entered in stdin. I also tried smbpasswd -s option but it asks passwd in stdin. Is there a way that I can use the command smbpasswd plus the user password in one line? You will be able to knock something up using expect. http://expect.nist.gov/ There may be a better way, but that will work -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] monitoring file access levels?
Michael Heydon wrote: Sorry, missed the list. There is already an audit VFS module. I don't think it will do quite what you want, but I think it would be a better place to start than the standard log files. *nod* I've been trying to get that working with the following in the general section of smb.conf : log level = 0 vfs:2 log file = /var/log/samba/%U.%m.log vfs objects = audit # Put a capping on the size of the log files (in Kb). max log size = 0 but so far it doesn't seem to be logging what I expected it to (ie: nothing!) You aren't going to prevent access once they reach some limit are you? you are just going to email the boss or something? (I would hate to be working on some big project, hit the limit and find myself unable to save all my work). Heh, no .. that's what he wants but not what he's getting, he'll get an alert, that's all. I know this is crazy, but it is his server, so it is his call. Also, things like Windows' "search for words in a file" tool will basically transfer everything to the client machine, so just remind him that monitoring traffic alone is a poor indicator of what is going on. Would it be possible to disable USB storage devices and CD/DVD burners so they can't get the data onto removable media instead? Not really, he's just gone a bit paranoid of late, the best solution is some sort of encryption I think, or just for him to realise that he has to trust his staff. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] monitoring file access levels?
I've got a paranoid client who has a samba server on a small LAN who wants to know if and when any of his employees 'transfer' (read, copy off etc) any more than a certain threshold of data a day from the server, I think he's worried that some employee may grab a lot of stuff off the server and then share it with his competition. I tried to explain that this wasn't a very good solution to that problem, but to no avail. So I'm going to try and give him what he wants. The only way I can think to do it is to knock up some script that parses smb log files and reports on them by file access and username. Before I do it, has it already been done? I don't want to re-invent a wheel if I can avoid it? Thankyou Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can't access shares - still doesn't work
That was it. Thanks. Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 -Original Message- From: Adam Williams [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 18, 2008 2:17 PM To: [EMAIL PROTECTED] Cc: samba@lists.samba.org Subject: Re: [Samba] Can't access shares - still doesn't work have you tried adding msdfs root = yes in your global section? i had to do that on mine Carl Carpenter wrote: I started over and tried again. Using only the Fedora Core 6 installation disks went all the way through the process of setting up Samba. Had absolutely no problem with accessing the shares. Ran 'yum update'. Now I'm back to being asked for a username and password which it then won't validate. Does this narrow it down for anybody? Is there something in the Samba updates (or something else) that changes the rules? Running FC6 and Samba 3.0.24-11.fc6. Workstation is XP Pro Authentication is to NT4 domain - PDC is NT4 server. Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] rg] On Behalf Of Carl Carpenter Sent: Friday, March 14, 2008 9:46 AM To: samba@lists.samba.org Subject: RE: [Samba] Can't access shares - additional information I realized I forgot to include my smb.conf file: [EMAIL PROTECTED] etc]# testparm -s Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[tmp]" Processing section "[Intranet]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER [global] workgroup = HCCMHMRC server string = Intranet security = DOMAIN password server = colnago log file = /var/log/samba/%m.log max log size = 50 preferred master = No dns proxy = No wins server = 192.168.0.7 default service = Intranet cups options = raw [homes] comment = Home Directories read only = No [printers] comment = All Printers path = //var/spool/samba printable = Yes browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes [Intranet] path = /var/www/html read only = No create mask = 0774 directory mask = 0775 guest ok = Yes I can access the tmp share and the Printer share. This tells me that there is not an issue finding the Samba server. Permissions on Intranet share (/var/www/html): [EMAIL PROTECTED] www]# pwd /var/www [EMAIL PROTECTED] www]# ls -al html total 16 drwxrwxr-x 2 apache www-data 4096 Sep 18 10:27 . drwxr-xr-x 8 root root 4096 Sep 18 10:27 .. Ccarpenter is a member of www-data. I cleared out the samba log for my machine. Then I tried to access the Intranet share. It asked for username and password which, of course, failed. Here's the contents of the log after that attempt. [2008/03/14 09:39:23, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 72df [2008/03/14 09:39:35, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6070) [2008/03/14 09:39:37, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet [2008/03/14 09:39:49, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6071) [2008/03/14 09:39:57, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet [EMAIL PROTECTED] samba]# tail -40 osc00062.log [2008/03/14 09:39:23, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 72df [2008/03/14 09:39:35, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6070) [2008/03/14 09:39:37, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet [2008/03/14 09:39:49, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6071) [2008/03/14 09:39:57, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet Then, looking through Webmin at the connections, I see this: 6097IPC$ccarpenter ccarpenter osc00062Fri Mar 14 09:43:38 2008None Which also coincides with the appearance of the Printers share which is not visible when I first open Custer through Network Neighborhood. Is this a
RE: [Samba] Can't access shares - still doesn't work
I started over and tried again. Using only the Fedora Core 6 installation disks went all the way through the process of setting up Samba. Had absolutely no problem with accessing the shares. Ran 'yum update'. Now I'm back to being asked for a username and password which it then won't validate. Does this narrow it down for anybody? Is there something in the Samba updates (or something else) that changes the rules? Running FC6 and Samba 3.0.24-11.fc6. Workstation is XP Pro Authentication is to NT4 domain - PDC is NT4 server. Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 > -Original Message- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > rg] On Behalf Of Carl Carpenter > Sent: Friday, March 14, 2008 9:46 AM > To: samba@lists.samba.org > Subject: RE: [Samba] Can't access shares - additional information > > > I realized I forgot to include my smb.conf file: > > [EMAIL PROTECTED] etc]# testparm -s > Load smb config files from /etc/samba/smb.conf > Processing section "[homes]" > Processing section "[printers]" > Processing section "[tmp]" > Processing section "[Intranet]" > Loaded services file OK. > Server role: ROLE_DOMAIN_MEMBER > [global] > workgroup = HCCMHMRC > server string = Intranet > security = DOMAIN > password server = colnago > log file = /var/log/samba/%m.log > max log size = 50 > preferred master = No > dns proxy = No > wins server = 192.168.0.7 > default service = Intranet > cups options = raw > > [homes] > comment = Home Directories > read only = No > > [printers] > comment = All Printers > path = //var/spool/samba > printable = Yes > browseable = No > > [tmp] > comment = Temporary file space > path = /tmp > read only = No > guest ok = Yes > > [Intranet] > path = /var/www/html > read only = No > create mask = 0774 > directory mask = 0775 > guest ok = Yes > > I can access the tmp share and the Printer share. This tells > me that there is not an issue finding the Samba server. > > Permissions on Intranet share (/var/www/html): > > [EMAIL PROTECTED] www]# pwd > /var/www > [EMAIL PROTECTED] www]# ls -al html > total 16 > drwxrwxr-x 2 apache www-data 4096 Sep 18 10:27 . > drwxr-xr-x 8 root root 4096 Sep 18 10:27 .. > > Ccarpenter is a member of www-data. > > I cleared out the samba log for my machine. Then I tried to > access the Intranet share. It asked for username and > password which, of course, failed. Here's the contents of > the log after that attempt. > > [2008/03/14 09:39:23, 1] smbd/ipc.c:api_fd_reply(290) > api_fd_reply: INVALID PIPE HANDLE: 72df > [2008/03/14 09:39:35, 1] smbd/service.c:make_connection_snum(950) > osc00062 (192.168.0.101) connect to service Intranet > initially as user ccarpenter (uid=501, gid=501) (pid > 6070) > [2008/03/14 09:39:37, 1] smbd/service.c:close_cnum(1150) > osc00062 (192.168.0.101) closed connection to service > Intranet [2008/03/14 09:39:49, 1] > smbd/service.c:make_connection_snum(950) > osc00062 (192.168.0.101) connect to service Intranet > initially as user ccarpenter (uid=501, gid=501) (pid > 6071) > [2008/03/14 09:39:57, 1] smbd/service.c:close_cnum(1150) > osc00062 (192.168.0.101) closed connection to service > Intranet [EMAIL PROTECTED] samba]# tail -40 osc00062.log > [2008/03/14 09:39:23, 1] smbd/ipc.c:api_fd_reply(290) > api_fd_reply: INVALID PIPE HANDLE: 72df > [2008/03/14 09:39:35, 1] smbd/service.c:make_connection_snum(950) > osc00062 (192.168.0.101) connect to service Intranet > initially as user ccarpenter (uid=501, gid=501) (pid > 6070) > [2008/03/14 09:39:37, 1] smbd/service.c:close_cnum(1150) > osc00062 (192.168.0.101) closed connection to service > Intranet [2008/03/14 09:39:49, 1] > smbd/service.c:make_connection_snum(950) > osc00062 (192.168.0.101) connect to service Intranet > initially as user ccarpenter (uid=501, gid=501) (pid > 6071) > [2008/03/14 09:39:57, 1] smbd/service.c:close_cnum(1150) > osc00062 (192.168.0.101) closed connection to service Intranet > > Then, looking through Webmin at the connections, I see this: > > 6097IPC$ccarpenter ccarpenter > osc00062 Fri > Mar 14 09:43:38 2008 None > > Which also coincides with the appearance of the Printers > share which is not visible when I first open Custer through > Network Neighborhood. > > Is this an old prob
RE: [Samba] Can't access shares - additional information
I realized I forgot to include my smb.conf file: [EMAIL PROTECTED] etc]# testparm -s Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[tmp]" Processing section "[Intranet]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER [global] workgroup = HCCMHMRC server string = Intranet security = DOMAIN password server = colnago log file = /var/log/samba/%m.log max log size = 50 preferred master = No dns proxy = No wins server = 192.168.0.7 default service = Intranet cups options = raw [homes] comment = Home Directories read only = No [printers] comment = All Printers path = //var/spool/samba printable = Yes browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes [Intranet] path = /var/www/html read only = No create mask = 0774 directory mask = 0775 guest ok = Yes I can access the tmp share and the Printer share. This tells me that there is not an issue finding the Samba server. Permissions on Intranet share (/var/www/html): [EMAIL PROTECTED] www]# pwd /var/www [EMAIL PROTECTED] www]# ls -al html total 16 drwxrwxr-x 2 apache www-data 4096 Sep 18 10:27 . drwxr-xr-x 8 root root 4096 Sep 18 10:27 .. Ccarpenter is a member of www-data. I cleared out the samba log for my machine. Then I tried to access the Intranet share. It asked for username and password which, of course, failed. Here's the contents of the log after that attempt. [2008/03/14 09:39:23, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 72df [2008/03/14 09:39:35, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6070) [2008/03/14 09:39:37, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet [2008/03/14 09:39:49, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6071) [2008/03/14 09:39:57, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet [EMAIL PROTECTED] samba]# tail -40 osc00062.log [2008/03/14 09:39:23, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 72df [2008/03/14 09:39:35, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6070) [2008/03/14 09:39:37, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet [2008/03/14 09:39:49, 1] smbd/service.c:make_connection_snum(950) osc00062 (192.168.0.101) connect to service Intranet initially as user ccarpenter (uid=501, gid=501) (pid 6071) [2008/03/14 09:39:57, 1] smbd/service.c:close_cnum(1150) osc00062 (192.168.0.101) closed connection to service Intranet Then, looking through Webmin at the connections, I see this: 6097IPC$ccarpenter ccarpenter osc00062Fri Mar 14 09:43:38 2008None Which also coincides with the appearance of the Printers share which is not visible when I first open Custer through Network Neighborhood. Is this an old problem that I'm supposed to find the answer in an obvious place, or has it stumped everyone out there? Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 > -Original Message- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > rg] On Behalf Of Carl Carpenter > Sent: Thursday, March 13, 2008 3:10 PM > To: samba@lists.samba.org > Subject: [Samba] Can't access shares > > > Running FC6 and Samba 3.0.24-11.fc6. > Workstation is XP Pro > > Initially, after disabling SELinux and turning off Iptables, > I could access the shares that were set up. Came in this > morning ready to start copying files and can't get in. > Prompts me for a username and password which is rejected. I > know it's not my workstation because I have another FC6/Samba > server running and have no problem getting to it. Here's > what else I know: > > 1. Samba log for my machine shows no errors. In fact, shows > me as connected. > > 2. Viewing connections to Samba through Webmin shows me as connected. > > 3. Testing from the console connects me. > > smbclient //Custer/ccarpenter -U ccarpenter > Password: > Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] > smb: \> > > 4. From the DOS prompt on my workstation, I can ping the > Samba server by name. When I do a net view \\Custer it shows >
[Samba] Can't access shares
Running FC6 and Samba 3.0.24-11.fc6. Workstation is XP Pro Initially, after disabling SELinux and turning off Iptables, I could access the shares that were set up. Came in this morning ready to start copying files and can't get in. Prompts me for a username and password which is rejected. I know it's not my workstation because I have another FC6/Samba server running and have no problem getting to it. Here's what else I know: 1. Samba log for my machine shows no errors. In fact, shows me as connected. 2. Viewing connections to Samba through Webmin shows me as connected. 3. Testing from the console connects me. smbclient //Custer/ccarpenter -U ccarpenter Password: Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] smb: \> 4. From the DOS prompt on my workstation, I can ping the Samba server by name. When I do a net view \\Custer it shows the shares. When I do net use m: \\Custer\Intranet it prompts me for a username and password and then fails. I have added user=ccarpenter to the share--no effect. As far as I know, I didn't make any changes to Samba after I got it working. It's probably something simple, but what am I missing? Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] NT_STATUS_BAD_NETWORK_NAME
Finally found the answer after reinstalling and even the fresh reinstall didn't work. A review of dmesg showed that selinux was running. Thanks to this link http://howtoforge.com/installing_a_lamp_system_with_fedora_core_6_p3 I found out how to turn off selinux and problem solved. Hope nobody else has this difficulty. Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 > -Original Message- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > rg] On Behalf Of Carl Carpenter > Sent: Monday, March 10, 2008 3:56 PM > To: samba@lists.samba.org > Subject: [Samba] NT_STATUS_BAD_NETWORK_NAME > > > I am trying to run Samba 3.0.24-11.fc6 on Fedora Core 6. > I've run across two problems that are keeping me from being > successful. > > 1. IPTables. Even when I configure it through Webmin to not > run at startup, it does anyway. I consider this a minor > problem, at least for now, although I wouldn't mind some > input on how to configure it to allow Samba. > > 2. Access to shares. We are running an NT4 network. I have > joined the Samba server to the domain and can see it in the > browse list on my XP machine. I can also see the shares. > However, when I double-click on the shares, I am prompted for > a password which fails. I have been through Samba Security > and Troubleshooting guide from Linux Home Networking and > numerous other documents with no positive results. This is > the test that fails: > > [EMAIL PROTECTED] www]# smbclient //Custer/Intranet -U ccarpenter > Password: > Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] > tree connect failed: NT_STATUS_BAD_NETWORK_NAME > > This test works (Colnago being the PDC): > > [EMAIL PROTECTED] www]# smbclient -L Custer > Password: > Anonymous login successful > Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] > > Sharename Type Comment > - --- > IntranetDisk > IPC$IPC IPC Service (Intranet) > Anonymous login successful > Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] > > Server Comment > ---- > COLNAGO > CUSTER Intranet > > WorkgroupMaster > ---- > HCCMHMRC COLNAGO > > My username on the NT4 network is exactly the same as on the > Samba server; however, I have no password on the Samba > server. I use this setup on several other servers with no > problem, which is part of the irony of the situation. I have > another server running FC6 and the same version of Samba and > it works perfectly. The only difference that I can tell is > that I got Samba working straight off the FC6 installation > disks before doing any updates whereas this time I did all > the updates first. I have checked for the existence of a > 'msdfs'; none could be found. I do not have SELinux > installed: > > [EMAIL PROTECTED] www]# rpm -q selinux > package selinux is not installed > > Testparm shows the following: > > [EMAIL PROTECTED] www]# testparm -s > Load smb config files from /etc/samba/smb.conf > Processing section "[Intranet]" > Loaded services file OK. > Server role: ROLE_DOMAIN_MEMBER > [global] > workgroup = HCCMHMRC > server string = Intranet > security = DOMAIN > password server = Colnago > log level = 3 > log file = /var/log/samba/%m.log > max log size = 50 > preferred master = No > dns proxy = No > wins server = 192.168.0.7 > default service = Intranet > > [Intranet] > path = /var/www/html > read only = No > create mask = 0774 > directory mask = 0775 > guest ok = Yes > > The actual smb.conf looks like this: > > #=== Global Settings > == > [global] > protocol = NT1 > log file = /var/log/samba/%m.log > dns proxy = no > ; load printers = yes > netbios name = Custer > ; cups options = raw > server string = Intranet > password server = Colnago > default = Intranet > wins server = 192.168.0.7 > workgroup = hccmhmrc > os level = 20 > debug level = 3 > encrypt passwords = yes > security = domain > preferred master = no > max log size = 50 > ; winbind enable local accounts = no > > > [Intranet] >
[Samba] NT_STATUS_BAD_NETWORK_NAME
I am trying to run Samba 3.0.24-11.fc6 on Fedora Core 6. I've run across two problems that are keeping me from being successful. 1. IPTables. Even when I configure it through Webmin to not run at startup, it does anyway. I consider this a minor problem, at least for now, although I wouldn't mind some input on how to configure it to allow Samba. 2. Access to shares. We are running an NT4 network. I have joined the Samba server to the domain and can see it in the browse list on my XP machine. I can also see the shares. However, when I double-click on the shares, I am prompted for a password which fails. I have been through Samba Security and Troubleshooting guide from Linux Home Networking and numerous other documents with no positive results. This is the test that fails: [EMAIL PROTECTED] www]# smbclient //Custer/Intranet -U ccarpenter Password: Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] tree connect failed: NT_STATUS_BAD_NETWORK_NAME This test works (Colnago being the PDC): [EMAIL PROTECTED] www]# smbclient -L Custer Password: Anonymous login successful Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] Sharename Type Comment - --- IntranetDisk IPC$IPC IPC Service (Intranet) Anonymous login successful Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] Server Comment ---- COLNAGO CUSTER Intranet WorkgroupMaster ---- HCCMHMRC COLNAGO My username on the NT4 network is exactly the same as on the Samba server; however, I have no password on the Samba server. I use this setup on several other servers with no problem, which is part of the irony of the situation. I have another server running FC6 and the same version of Samba and it works perfectly. The only difference that I can tell is that I got Samba working straight off the FC6 installation disks before doing any updates whereas this time I did all the updates first. I have checked for the existence of a 'msdfs'; none could be found. I do not have SELinux installed: [EMAIL PROTECTED] www]# rpm -q selinux package selinux is not installed Testparm shows the following: [EMAIL PROTECTED] www]# testparm -s Load smb config files from /etc/samba/smb.conf Processing section "[Intranet]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER [global] workgroup = HCCMHMRC server string = Intranet security = DOMAIN password server = Colnago log level = 3 log file = /var/log/samba/%m.log max log size = 50 preferred master = No dns proxy = No wins server = 192.168.0.7 default service = Intranet [Intranet] path = /var/www/html read only = No create mask = 0774 directory mask = 0775 guest ok = Yes The actual smb.conf looks like this: #=== Global Settings == [global] protocol = NT1 log file = /var/log/samba/%m.log dns proxy = no ; load printers = yes netbios name = Custer ; cups options = raw server string = Intranet password server = Colnago default = Intranet wins server = 192.168.0.7 workgroup = hccmhmrc os level = 20 debug level = 3 encrypt passwords = yes security = domain preferred master = no max log size = 50 ; winbind enable local accounts = no [Intranet] writeable = yes create mode = 774 path = /var/www/html directory mode = 775 guest ok = Yes I am not using winbindd or ldap. Any help with this would be appreciated. It's really annoying when my boss sticks his head in the door every 20 minutes and says "Well?" Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbtorture epoll
Hello again, Do I need to patch the kernel (2.4.21) to support epoll? -Original Message- From: Carl Dubois [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 11, 2007 9:43 AM To: samba@lists.samba.org Subject: [Samba] smbtorture epoll Hi All, Looks like smbtorture is attempting to recreate an epoll event handle when pid changes. Not sure why? How do I fix this? [EMAIL PROTECTED] bin]# ./smbtorture //10.60.100.131/moab2 BENCH-NBENCH -U engsmoke/admin1%"pass()wd" --numprogs 1 --loadfile client2.txt Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Snip of client.txt: ReadX 12294 69632 4096 4096 NT_STATUS_OK ReadX 12294 73728 4096 4096 NT_STATUS_OK SET_FILE_INFORMATION 12294 1004 NT_STATUS_OK WriteX 12294 0 4096 4096 NT_STATUS_OK Close 12294 NT_STATUS_OK NTCreateX "\clients\client1\~dmtmp\PWRPNT\PCBENCHM.PPT" 0x40 0x1 12295 NT_STATUS_OK SET_FILE_INFORMATION 12295 1004 NT_STATUS_OK Close 12295 NT_STATUS_OK NTCreateX "\clients\client1\~dmtmp\PWRPNT\PCBENCHM.PPT" 0x40 0x1 12296 NT_STATUS_OK ReadX 12296 0 4096 4096 NT_STATUS_OK FIND_FIRST "\clients\client1\~dmtmp\<.JNK" 260 1366 0 NT_STATUS_NO_SUCH_FILE FIND_FIRST "\clients\client1\~dmtmp\<.JNK" 260 1366 0 NT_STATUS_NO_SUCH_FILE Thanks Carl -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kurt De Kesel Sent: Tuesday, December 11, 2007 8:20 AM To: samba@lists.samba.org Subject: [Samba] net rpc group error Hello, I receive this error when trying to add an Active Directory user in the Backup Operators group. Do you know what could be the reason and how to fix it ? The server dali is a sun solaris system: SunOS dali 5.9 Generic_118558-05 sun4u sparc SUNW,Sun-Fire-480R The samba version on this server is 3.0.9 This server is succesfully joined into the active directory domain EMEA net rpc info -S dali Domain Name: EMEA Domain SID: S-1-5-21-2188191474-962303098-1574304029 Sequence number: 1197369746 Num users: 0 Num domain groups: 0 Num local groups: 0 net rpc group list -Uadminbbs Password: System Operators Replicators Guests Power Users Print Operators Administrators Account Operators Backup Operators Users net groupmap list System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Admins (S-1-5-21-2188191474-962303098-1574304029-512) -> -1 Domain Guests (S-1-5-21-2188191474-962303098-1574304029-514) -> -1 Domain Users (S-1-5-21-2188191474-962303098-1574304029-513) -> -1 Power Users (S-1-5-32-547) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Account Operators (S-1-5-32-548) -> -1 Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> -1 net rpc group addmem "Backup Operators" adminbbs -Uadminbbs Password: Could not lookup up group member adminbbs Could not add adminbbs to Backup Operators: NT_STATUS_NONE_MAPPED -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbtorture epoll
Hi All, Looks like smbtorture is attempting to recreate an epoll event handle when pid changes. Not sure why? How do I fix this? [EMAIL PROTECTED] bin]# ./smbtorture //10.60.100.131/moab2 BENCH-NBENCH -U engsmoke/admin1%"pass()wd" --numprogs 1 --loadfile client2.txt Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Failed to recreate epoll handle after fork Snip of client.txt: ReadX 12294 69632 4096 4096 NT_STATUS_OK ReadX 12294 73728 4096 4096 NT_STATUS_OK SET_FILE_INFORMATION 12294 1004 NT_STATUS_OK WriteX 12294 0 4096 4096 NT_STATUS_OK Close 12294 NT_STATUS_OK NTCreateX "\clients\client1\~dmtmp\PWRPNT\PCBENCHM.PPT" 0x40 0x1 12295 NT_STATUS_OK SET_FILE_INFORMATION 12295 1004 NT_STATUS_OK Close 12295 NT_STATUS_OK NTCreateX "\clients\client1\~dmtmp\PWRPNT\PCBENCHM.PPT" 0x40 0x1 12296 NT_STATUS_OK ReadX 12296 0 4096 4096 NT_STATUS_OK FIND_FIRST "\clients\client1\~dmtmp\<.JNK" 260 1366 0 NT_STATUS_NO_SUCH_FILE FIND_FIRST "\clients\client1\~dmtmp\<.JNK" 260 1366 0 NT_STATUS_NO_SUCH_FILE Thanks Carl -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kurt De Kesel Sent: Tuesday, December 11, 2007 8:20 AM To: samba@lists.samba.org Subject: [Samba] net rpc group error Hello, I receive this error when trying to add an Active Directory user in the Backup Operators group. Do you know what could be the reason and how to fix it ? The server dali is a sun solaris system: SunOS dali 5.9 Generic_118558-05 sun4u sparc SUNW,Sun-Fire-480R The samba version on this server is 3.0.9 This server is succesfully joined into the active directory domain EMEA net rpc info -S dali Domain Name: EMEA Domain SID: S-1-5-21-2188191474-962303098-1574304029 Sequence number: 1197369746 Num users: 0 Num domain groups: 0 Num local groups: 0 net rpc group list -Uadminbbs Password: System Operators Replicators Guests Power Users Print Operators Administrators Account Operators Backup Operators Users net groupmap list System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Admins (S-1-5-21-2188191474-962303098-1574304029-512) -> -1 Domain Guests (S-1-5-21-2188191474-962303098-1574304029-514) -> -1 Domain Users (S-1-5-21-2188191474-962303098-1574304029-513) -> -1 Power Users (S-1-5-32-547) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Account Operators (S-1-5-32-548) -> -1 Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> -1 net rpc group addmem "Backup Operators" adminbbs -Uadminbbs Password: Could not lookup up group member adminbbs Could not add adminbbs to Backup Operators: NT_STATUS_NONE_MAPPED -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbtorture w/ samba 3.0.27a
Hi All, Now per my reading's to run the smbtorture test tool required in the dbench config.txt file. Is this still ture? I am using distribution samba-3.0.27a. Results from initial run: host=10.60.100.131 share=moab2 user=engsmoke/admin1 myname=rh-scale-144 Did not find a test named 1 Running NBENCH 1 clients started ERROR: You are using a dbench 1 load file Throughput 0 MB/sec NBENCH took 0.043605 secs Are these smb operation code still valid? Deltree "\clients\client1" NT_STATUS_OK Mkdir "\clients" NT_STATUS_OK NTCreateX "\clients\client1" 0x1 0x2 16385 NT_STATUS_OK Close 16385 NT_STATUS_OK NTCreateX "\clients\client1\mixfile" 0x40 0x1 9935 NT_STATUS_OBJECT_NAME_NOT_FOUND QUERY_PATH_INFORMATION "\clients\client1\~dmtmp" 1004 NT_STATUS_OBJECT_NAME_NOT_FOUND FIND_FIRST "\clients\client1\FILLER.*" 260 1366 0 NT_STATUS_NO_SUCH_FILE NTCreateX "\clients\client1\~dmtmp" 0x1 0x2 9937 NT_STATUS_OK Close 9937 NT_STATUS_OK NTCreateX "\clients\client1\filler.000" 0x40 0x2 9938 NT_STATUS_OK QUERY_FS_INFORMATION 1 NT_STATUS_OK WriteX 9938 65534 1 1 NT_STATUS_OK QUERY_FILE_INFORMATION 9938 258 NT_STATUS_OK WriteX 9938 0 65536 65536 NT_STATUS_OK WriteX 9938 65536 65536 65536 NT_STATUS_OK WriteX 9938 131072 65536 65536 NT_STATUS_OK WriteX 9938 196608 65536 65536 NT_STATUS_OK WriteX 9938 262144 65536 65536 NT_STATUS_OK WriteX 9938 327680 65536 65536 NT_STATUS_OK Or shall I rewite to try: http://timothydevans.me.uk/nbf2cifs/smb-smbcommandcode.html Thanks in advance, Carl Dubois -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Log in without username and password
Hi, Could you please help? My problem is below. I install the Samba 2.2.7 rpm on AIX 5.3 which is downloaded from IBM Linux Tools for AIX. I can start smbd and nmbd successfully. My smb.conf is like below. [global] Workgroup = TEST # TEST is my domain name Netbios name = aixserver Security = DOMAIN Encrypt passwords = yes Create mask = 0775 Null password = yes I add a unix id test1, and then I add it into smbpasswd by this command smbpasswd -a test1 -n In windows, I have a lan id test1. When I open \\aixserver using this lan id, I still need to use username and password. So how can I open \\aixserver without username and password? But "security = domain" should be kept. Please help! Thanks. Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple processes of smbd spawning...don't know why
I'm running the latest version of ubuntu with Samba "smbd 3.0.24" and for some reason I the server is spawning multiple like 50-100 instances of smbd. I try stopping samba, but the processes keep running. This is a very small network with only a few clients.like 4...so I'm not sure what the issue is. I've been using samba for years and have never seen it spawn processes like cancer before. The issue is bringing down my server every few days. Any help would be appreciated. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] "not enough storage is available to process this command" error
Carl Brewer wrote: This turns out to be a bug in NetBSD, which is not fixed in NetBSD 3.1 but is in 4.0 (when it's released) and involves a library memory leak. NetBSD problem report : PR/24324 (telldir) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] "not enough storage is available to process this command" error
Hello, I have a Samba 3.0.24 server running on a NetBSD 3.1 (i386) box, which has been very reliable for a long time, but recently started to occasionally show the following error on PC's connected to it running XP Pro and AutoDesk (AutoCAD) files: z:\ is not available Not enough storage is available to process this command log.smbd shows this when it happens : [2007/06/08 10:01:50, 0] lib/util.c:Realloc(1036) Memory allocation error: failed to expand to 4136 bytes [2007/06/08 10:01:50, 0] lib/util.c:Realloc(1036) Memory allocation error: failed to expand to 4136 bytes The server currently has 512MB of RAM and runs a few other apps as well (squid, IPF, sendmail, it's a general LAN server). It has loads of swap space available (~4GB) Would that error suggest that I need to increase the memory limits that NetBSD is imposing on the smbd process? I think NetBSD limits processes by default to 128MB. These CAD files are big (upwards of 1 GB), but they load ok, it's only when the users are manipulating them that the problem occurs. I think autoDesk writes to files a lot, but don't really know much about what it does. I don't have a snapshot of the memory footprint of smbd at the time, and it'll be a bit tricky to get one quickly (the site isn't close to me, and they're closed all weekend). Any suggestions? Thanks! Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] solaris 10 SMF setup?
Carl Brewer wrote: [chomp] Following up to my own mail with how I got it working : Created two methods, and two manifest files : These are the methods - very similar to init.d scripts. /lib/svc/method/smbd : #!/sbin/sh # # . /lib/svc/share/smf_include.sh SMB_HOME=/usr/sfw/sbin CONF_FILE=/etc/sfw/smb.conf PIDFILE=/var/samba/locks/smbd.pid [ ! -f ${CONF_FILE} ] && exit $SMF_EXIT_ERR_CONFIG case "$1" in start) /bin/rm -f ${PIDFILE} exec ${SMB_HOME}/smbd -D 2>&1 & ;; stop) PID=`head -1 ${PIDFILE}` kill -TERM ${PID} ;; *) echo "Usage: $0 {start|stop)" exit 1 ;; esac /lib/svc/method/nmbd : #!/sbin/sh # # . /lib/svc/share/smf_include.sh SMB_HOME=/usr/sfw/sbin CONF_FILE=/etc/sfw/smb.conf PIDFILE=/var/samba/locks/nmbd.pid [ ! -f ${CONF_FILE} ] && exit $SMF_EXIT_ERR_CONFIG case "$1" in start) /bin/rm -f ${PIDFILE} exec ${SMB_HOME}/nmbd -D 2>&1 & ;; stop) PID=`head -1 ${PIDFILE}` kill -TERM ${PID} ;; *) echo "Usage: $0 {start|stop)" exit 1 ;; esac And the manifests. /var/svc/manifest/application/smbd.xml : Samba /var/svc/manifest/application/nmbd.xml : Samba To make them live, as root : svccfg -v import /var/svc/manifest/application/nmbd.xml svccfg -v import /var/svc/manifest/application/smbd.xml To check them : svcs -vx nmbd svcs -vx smbd This is only a very dirty installation, but maybe it'll help someone? Note, this is for SMF with the Samba as distributed with Solaris 10. Hacking it to work with other releases should be a simple cut & shut in the method files above to locate the smbd & nmbd (and winbindd if required? what does it do again?!). More examples of SMF can be found here : http://www.rfcgr.mrc.ac.uk/~ptribble/Solaris/smf.html (that's what I used as an example, it's not my page or my work) Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] solaris 10 SMF setup?
Hello I'm in the process of putting SMB onto a dual Opteron x64 box running Solaris 10, with the SFW samba as supplied by Sun. I haven't found any hooks for this for the new SMF/SVC startup system, so I'm doing so now, but before I go any further, am I duplicating any efforts? Is anyone else doing this and has done it? At present I'm only starting smbd and nmbd (I never really understood what that other bit was for anyway!) Carl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] win98 and domain logins, Can't browse network
Hello, I've just replaced an NT4 server with a NetBSD box running Samba 3.0.7. There's 2 win98 boxes on the network, which were logging into the NT server, so I set up samba as : [global] workgroup = BENFAB2 log level = 1 browsable = yes server string = Samba %v (%h) security = user hosts allow = 10.0.0. 127. load printers = yes printcap name = /etc/printcap printing = bsd log file = /var/log/samba/log.%m password level = integer passdb backend = smbpasswd interfaces = 10.0.0.1/24 local master = yes domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U wins support = yes [homes] comment = Home Directories browseable = yes writable = yes valid users = %S [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes public = yes writable = no printable = yes [print$] comment = Printer Driver Download Area path = /home/samba/drivers browseable = yes guest ok = yes read only = yes write list = @staff, root [groups] path = /home/samba/groups writable = yes valid users = ben,administrator,irene public = no create mask = 0765 [netlogon] path = /home/samba/netlogon [Profiles] path = /home/samba/profiles browsable = yes guest ok = yes writable = yes create mask = 0765 The 2 win98 boxes can log in to the domain (as far as I can tell), they load their profiles into the profiles directory anyway. They can both mount the server shares if I do a manual mount of a filesystem, they can use the printer that's set up on the samba server too. But they can't browse, if I click on 'browse' in the win98 GUI, I get errors telling me it can't see the network. This would be ok, except I need to share a printer on one of the PCs to the other one, and I'd like it to 'work properly' for aesthetic reasons. I don't mind having to rejig the PCs to just use workgroups rather than domain logins, if that's a 'better' way to do a pretty simple network. I was trying to reproduce the NT setup on the Sambe server, but am not idealogically committed to it. Can anyone make a suggestion for how to go about this? I'm no samba wiz, I've cobbled the config above from various howtos that seemed pretty close to what I wanted to achieve, but I've made mistakes, I'm sure! thanks! Carl -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't become connected user! - network browsing issue
Hi, I am having an issue browsing my work group, i have made the samba server the master browser and it wins the elections. As far as i can tell from the nmbd.logs it is also collecting hosts for the workgroup but when you try to list the workgroup this error is recorded in the messages log : nss_wins[7417]: [2004/09/14 09:54:23, 0] smbd/service.c:make_connection_snum(570) nss_wins[7417]: Can't become connected user! Now all users can use \\server and list the shares and access them all, so all users and passwords are correct. windows gives the error "Workgroup is not accessible, you might not have permission to use the network resource" The server is running Fedora Core 1 and samba version : 3.0.6-2.FC1 The best bits of my smb.conf is below, thanks for any help. Carl Matthews # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] log file = /var/log/samba/%m.log loglevel = 1 load printers = No security = user encrypt passwords = yes guest ok = yes dos filemode = Yes ldap ssl = no name resolve order = wins lmhosts host bcas socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 deadtime = 15 create mask = 0775 encrypt passwords = yes oplock break wait time = 100 wins support = Yes dns proxy = No netbios aliases = FC1 server string = -Server- FC1 #unix password sync = yes local master = yes mangle prefix = 8 os level = 255 directory mask = 0775 valid users = @MLE-ALL preferred master = yes max log size = 500 [www] comment = Mandrake Webserver path = /var/www valid users = carl admin users = carl read list = carl write list = carl read only = No [homes] comment = Home Directories path = /home/%u read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Workgroup Browsing Issue and wins on 3.0.6
okay the wins issue is resolved it was the firewall not allowing port 445, so theres just the network browsing issue left and then I can be happy. Carl. To add to what i said before the second server (that cant register to the first servers wins) has these errors in its log file : Sep 14 08:37:36 fedora2 nmbd[2389]: [2004/09/14 08:37:36, 0] nmbd/nmbd_nameregister.c:register_name_response(130) Sep 14 08:37:36 fedora2 nmbd[2389]: register_name_response: WINS server at IP 192.168.123.241 rejected our name registration of WORKGROUP<00> IP 192.168.1 Sep 14 08:37:36 fedora2 nmbd[2389]: [2004/09/14 08:37:36, 0] nmbd/nmbd_workgroupdb.c:fail_register(215) Sep 14 08:37:36 fedora2 nmbd[2389]: fail_register: Failed to register name WORKGROUP<00> on subnet UNICAST_SUBNET. Sep 14 08:37:36 fedora2 nmbd[2389]: [2004/09/14 08:37:36, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283) Sep 14 08:37:36 fedora2 nmbd[2389]: standard_fail_register: Failed to register/refresh name WORKGROUP<00> on subnet UNICAST_SUBNET Sep 14 08:37:36 fedora2 nmbd[2389]: [2004/09/14 08:37:36, 0] nmbd/nmbd_nameregister.c:register_name_response(130) Sep 14 08:37:36 fedora2 nmbd[2389]: register_name_response: WINS server at IP 192.168.123.241 rejected our name registration of WORKGROUP<1e> IP 192.168.1 Sep 14 08:37:36 fedora2 nmbd[2389]: [2004/09/14 08:37:36, 0] nmbd/nmbd_workgroupdb.c:fail_register(215) Sep 14 08:37:36 fedora2 nmbd[2389]: fail_register: Failed to register name WORKGROUP<1e> on subnet UNICAST_SUBNET. Sep 14 08:37:36 fedora2 nmbd[2389]: [2004/09/14 08:37:36, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283) Sep 14 08:37:36 fedora2 nmbd[2389]: standard_fail_register: Failed to register/refresh name WORKGROUP<1e> on subnet UNICAST_SUBNET Sep 14 08:46:30 fedora2 smbd[2414]: [2004/09/14 08:46:30, 0] lib/util_sock.c:get_peer_addr(1000) Sep 14 08:46:30 fedora2 smbd[2414]: getpeername failed. Error was Transport endpoint is not connected Sep 14 08:46:30 fedora2 smbd[2414]: [2004/09/14 08:46:30, 0] lib/util_sock.c:read_socket_data(384) Sep 14 08:46:30 fedora2 smbd[2414]: read_socket_data: recv failure for 4. Error = Connection reset by peer Sep 14 08:58:01 fedora2 nmbd[2389]: [2004/09/14 08:58:01, 0] nmbd/nmbd_nameregister.c:register_name_response(130) Sep 14 08:58:01 fedora2 nmbd[2389]: register_name_response: WINS server at IP 192.168.123.241 rejected our name registration of FC2<00> IP 192.168.123.252 Sep 14 08:58:01 fedora2 nmbd[2389]: [2004/09/14 08:58:01, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283) Sep 14 08:58:01 fedora2 nmbd[2389]: standard_fail_register: Failed to register/refresh name FC2<00> on subnet UNICAST_SUBNET Sep 14 08:58:01 fedora2 nmbd[2389]: [2004/09/14 08:58:01, 0] nmbd/nmbd_nameregister.c:register_name_response(130) Sep 14 08:58:01 fedora2 nmbd[2389]: register_name_response: WINS server at IP 192.168.123.241 rejected our name registration of FC2<03> IP 192.168.123.252 Sep 14 08:58:01 fedora2 nmbd[2389]: [2004/09/14 08:58:01, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(283) Sep 14 08:58:01 fedora2 nmbd[2389]: standard_fail_register: Failed to register/refresh name FC2<03> on subnet UNICAST_SUBNET Sep 14 09:00:47 fedora2 smbd[2417]: [2004/09/14 09:00:47, 0] lib/util_sock.c:get_peer_addr(1000) Sep 14 09:00:47 fedora2 smbd[2417]: getpeername failed. Error was Transport endpoint is not connected Sep 14 09:00:47 fedora2 smbd[2417]: [2004/09/14 09:00:47, 0] lib/util_sock.c:read_socket_data(384) Sep 14 09:00:47 fedora2 smbd[2417]: read_socket_data: recv failure for 4. Error = Connection reset by peer Sep 14 10:34:02 fedora2 smbd[2468]: [2004/09/14 10:34:02, 0] lib/util_sock.c:get_peer_addr(1000) Sep 14 10:34:02 fedora2 smbd[2468]: getpeername failed. Error was Transport endpoint is not connected Sep 14 10:34:02 fedora2 smbd[2468]: [2004/09/14 10:34:02, 0] lib/util_sock.c:read_socket_data(384) Sep 14 10:34:02 fedora2 smbd[2468]: read_socket_data: recv failure for 4. Error = Connection reset by peer Sep 14 10:40:25 fedora2 smbd[2476]: [2004/09/14 10:40:25, 0] lib/util_sock.c:get_peer_addr(1000) Sep 14 10:40:25 fedora2 smbd[2476]: getpeername failed. Error was Transport endpoint is not connected Sep 14 10:40:25 fedora2 smbd[2476]: [2004/09/14 10:40:25, 0] lib/util_sock.c:read_socket_data(384) Sep 14 10:40:25 fedora2 smbd[2476]: read_socket_data: recv failure for 4. Error = Connection reset by peer Hi, I am having an issue browsing my work group, i have made the samba server the master browser and it wins the elections. As far as i can tell from the nmbd.logs it is also collecting hosts for the workgroup but when you try to list the workgroup this error is recorded in the messages log : nss_wins[7417]: [2004/09/14 09:54:23, 0] smbd/service.c:make_connection_snum(570) nss_wins[7417]: Can't become connected user! Now all users can use \\server and lis
[Samba] Re: Workgroup Browsing Issue and wins on 3.0.6
sion to use the network resource" The server is running Fedora Core 1 and samba version : 3.0.6-2.FC1 Also i had a problem the other day where some wins entries were wrong so i deleted the wins.dat and restarted the server, but the wrong wins entries reappeared. after rebooting the server it seems to be working now, apart from another samba server doesnt add it self to the wins server list. It has win support = false and win server = xxx.xxx.xxx.xxx in its config. The best bits of my smb.conf is below, thanks for any help. Carl Matthews # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] log file = /var/log/samba/%m.log loglevel = 1 load printers = No security = user encrypt passwords = yes guest ok = yes dos filemode = Yes ldap ssl = no name resolve order = wins lmhosts host bcas socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 deadtime = 15 create mask = 0775 encrypt passwords = yes oplock break wait time = 100 wins support = Yes dns proxy = No netbios aliases = FC1 server string = -Server- FC1 #unix password sync = yes local master = yes mangle prefix = 8 os level = 255 directory mask = 0775 valid users = @MLE-ALL preferred master = yes max log size = 500 [www] comment = Mandrake Webserver path = /var/www valid users = carl admin users = carl read list = carl write list = carl read only = No [homes] comment = Home Directories path = /home/%u read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Workgroup Browsing Issue and wins on 3.0.6
Hi, I am having an issue browsing my work group, i have made the samba server the master browser and it wins the elections. As far as i can tell from the nmbd.logs it is also collecting hosts for the workgroup but when you try to list the workgroup this error is recorded in the messages log : nss_wins[7417]: [2004/09/14 09:54:23, 0] smbd/service.c:make_connection_snum(570) nss_wins[7417]: Can't become connected user! Now all users can use \\server and list the shares and access them all, so all users and passwords are correct. windows gives the error "Workgroup is not accessible, you might not have permission to use the network resource" The server is running Fedora Core 1 and samba version : 3.0.6-2.FC1 Also i had a problem the other day where some wins entries were wrong so i deleted the wins.dat and restarted the server, but the wrong wins entries reappeared. after rebooting the server it seems to be working now, apart from another samba server doesnt add it self to the wins server list. It has win support = false and win server = xxx.xxx.xxx.xxx in its config. The best bits of my smb.conf is below, thanks for any help. Carl Matthews # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] log file = /var/log/samba/%m.log loglevel = 1 load printers = No security = user encrypt passwords = yes guest ok = yes dos filemode = Yes ldap ssl = no name resolve order = wins lmhosts host bcas socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 deadtime = 15 create mask = 0775 encrypt passwords = yes oplock break wait time = 100 wins support = Yes dns proxy = No netbios aliases = FC1 server string = -Server- FC1 #unix password sync = yes local master = yes mangle prefix = 8 os level = 255 directory mask = 0775 valid users = @MLE-ALL preferred master = yes max log size = 500 [www] comment = Mandrake Webserver path = /var/www valid users = carl admin users = carl read list = carl write list = carl read only = No [homes] comment = Home Directories path = /home/%u read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0.6rc2 Available for Download
Did you look into the hash errors? ( see post : "Re: String overflow in safe_strcpy" 3/08/04 ) as 3.0.5 doesnt solve these errors. Thanks Carl. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is the second release candidate snapshot of the Samba 3.0.6 code base (the first rc was labeled as 3.0.5rc1) and should be considered for testing only. A release candidate (RC) means that we are close to the final, stable release and in provided for Quality Assurance (QA) purposes. This release is *not* intended for production servers. Use at your own risk. There have been several bug fixes since the 3.0.4/5 release that we feel are important to make available to the Samba community for wider testings. Common bugs fixed in 3.0.6rc1 include: ~ o Fix stalls in smbd caused by inaccessible LDAP servers. ~ o Remove various memory leaks. ~ o Fix issues in the password lockout feature. ~ o Merge security fixes for CAN-2004-0600, CAN-2004-0686 ~from 3.0.5. New features introduced in this release include: ~ o Support for maintaining user password history ~in tdbsam (the ldapsam support will be fixed prior ~to the final 3.0.6 release). The source code can be downloaded from: ~ http://download.samba.org/samba/ftp/rc/ The uncompressed tarball and patch file have been signed using GnuPG. Please read the instructions for verifying the tarball signature at http://www.samba.org/samba/download.html#verify The Samba public key is available at ~ http://download.samba.org/samba/ftp/samba-pubkey.asc Links to binary packages can be found on the release announcement at ~ http://www.samba.org/samba/samba.html The release notes are also available in the same directory. Please report any bugs you uncover at https://bugzilla.samba.org/ ~--Enjoy ~The Samba Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBFTuXIR7qMdg1EfYRAuoiAJ9r5f+kiWBDwGcMR8S/DgfpxN3l9QCfbAfX JnddWFliTm63QYAi8URpqlk= =KIc0 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy
Hi Jeremy, Please See the attached .tar with an example file structure that will cause the problem on FC2. Samba version 3.05 FC2 2.4.22-1.2194.nptl #1 Thu Jun 17 10:56:28 EDT 2004 i686 athlon i386 GNU/Linux These folders were located in /home/local/samba-public But again this will happen for every file over the 8.3 limit Below are the errors it causes when i list the directory using winxp home client: Aug 3 08:56:59 mandrake1 nss_wins[7438]: [2004/08/03 08:56:59, 0] lib/util_str.c:safe_strcpy_fn(602) Aug 3 08:56:59 mandrake1 nss_wins[7438]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [THIS ~P0.TXT] Aug 3 08:56:59 mandrake1 nss_wins[7438]: [2004/08/03 08:56:59, 0] lib/util_str.c:safe_strcpy_fn(602) Aug 3 08:56:59 mandrake1 nss_wins[7438]: ERROR: string overflow by 1 (20 - 19) in safe_strcpy [This Folder is long.txt] Aug 3 08:57:02 mandrake1 nss_wins[7438]: [2004/08/03 08:57:02, 0] lib/util_str.c:safe_strcpy_fn(602) Aug 3 08:57:02 mandrake1 nss_wins[7438]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [THIS ~50.TXT] Aug 3 08:57:02 mandrake1 nss_wins[7438]: [2004/08/03 08:57:02, 0] lib/util_str.c:safe_strcpy_fn(602) Aug 3 08:57:02 mandrake1 nss_wins[7438]: ERROR: string overflow by 1 (24 - 23) in safe_strcpy [This Folder is long too.txt] If you need any more info just let me know. Best Regards Carl. Carl wrote: Hi, We have 98se2 and xp home sp1 and xp pro sp1 clients, i know for sure win98 and xp home when listing a directory cause this problem, we only have a few xp pro laptops so i cant be 100% sure about those. as for the directory i can on monday when i go back to work, but it will happen with any file over the limit, i end up with error logs of about 500-600mb full of these errors. The clients are windows 98 se and windows xp home, I know that errors are reported for them im pretty sure its any client but i cant say i have proven that. I have a fedora box here so i might try to reproduce the errors on it tonight so i have sumthing to send you. Its a shame are old compilers and our old pcb cad system dont like the hash2. Thanks, Carl. On Fri, Jul 30, 2004 at 07:58:59PM +0100, Carl wrote: Hi jeremy, You not going to like this but I am still getting the errors "String overflow in safe_strcpy" with the same config file as before and with the latest release (3.0.5.2 - fedora2 rpms from http://www.mirror.ac.uk/sites/ftp.samba.org/Binary_Packages/Fedora/RPMS/i386/core/2/ ) I have included the errors in the attached .txt file. all i had to do to reproduce the error was goto a directory containing the samba rpm files ( which are over the 8.3 ) and of course the same happens for any other file over the 8.3 but not for directories. Ok, can you give me a tarball containing the directory and also the *exact* client you're using to reproduce this so I can check. Thanks, Jeremy. # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] server string = Mandrake1 netbios aliases = FC1 password server = None guest account = mleall username map = /etc/samba/smbusers log level = 0 log file = /var/log/samba/%m.log max log size = 500 name resolve order = wins lmhosts host bcas deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No mangling method = hash preferred master = Yes domain master = No dns proxy = No wins support = Yes oplock break wait time = 100 ldap ssl = no valid users = @MLE-ALL create mask = 0775 directory mask = 0775 guest ok = Yes dos filemode = Yes [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No [NET-GMDB] comment = MLE-NET GoldMine DB path = /mnt/mle-net/MLE-NET/MLE-NET-GMDB write list = @MLE-ALL force user = mleall read only = No veto oplock files = /*.DBT/*.DBF/*.MDX/ blocking locks = No level2 oplocks = No dos filemode = No [NET-Public] comment = MLE-NET Public Share path = /home/local/samba-public write list = @MLE-ALL force user = mleall read only = No copy = NET-Eng -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy - bug in documentation
Hi, We have 98se2 and xp home sp1 and xp pro sp1 clients, i know for sure win98 and xp home when listing a directory cause this problem, we only have a few xp pro laptops so i cant be 100% sure about those. as for the directory i can on monday when i go back to work, but it will happen with any file over the limit, i end up with error logs of about 500-600mb full of these errors. The clients are windows 98 se and windows xp home, I know that errors are reported for them im pretty sure its any client but i cant say i have proven that. I have a fedora box here so i might try to reproduce the errors on it tonight so i have sumthing to send you. Its a shame are old compilers and our old pcb cad system dont like the hash2. Thanks, Carl. On Fri, Jul 30, 2004 at 07:58:59PM +0100, Carl wrote: Hi jeremy, You not going to like this but I am still getting the errors "String overflow in safe_strcpy" with the same config file as before and with the latest release (3.0.5.2 - fedora2 rpms from http://www.mirror.ac.uk/sites/ftp.samba.org/Binary_Packages/Fedora/RPMS/i386/core/2/ ) I have included the errors in the attached .txt file. all i had to do to reproduce the error was goto a directory containing the samba rpm files ( which are over the 8.3 ) and of course the same happens for any other file over the 8.3 but not for directories. Ok, can you give me a tarball containing the directory and also the *exact* client you're using to reproduce this so I can check. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy - bug in documentation
Hi jeremy, You not going to like this but I am still getting the errors "String overflow in safe_strcpy" with the same config file as before and with the latest release (3.0.5.2 - fedora2 rpms from http://www.mirror.ac.uk/sites/ftp.samba.org/Binary_Packages/Fedora/RPMS/i386/core/2/ ) I have included the errors in the attached .txt file. all i had to do to reproduce the error was goto a directory containing the samba rpm files ( which are over the 8.3 ) and of course the same happens for any other file over the 8.3 but not for directories. Many Thanks, Carl. Jeremy Allison wrote: On Mon, Jul 26, 2004 at 10:21:09AM +0100, Carl Matthews wrote: Hi Jeremy, Ive been checking the svn for mangling fixes but didnt see any should i just add it to bugzilla so it theres a record of it? It's definately been fixed in the samba-docs svn tree. Jeremy. Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [28-07~CU.ZIP] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (20 - 19) in safe_strcpy [28-07-2004 02-37-34.zip] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~N0.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (24 - 23) in safe_strcpy [samba-swat-3.0.5-2.i386.rpm] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~SE.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (19 - 18) in safe_strcpy [samba-3.0.5-2.i386.rpm] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~R7.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (26 - 25) in safe_strcpy [samba-client-3.0.5-2.i386.rpm] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~54.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (26 - 25) in safe_strcpy [samba-common-3.0.5-2.i386.rpm] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy - bug in documentation
Hi Jeremy, Ive been checking the svn for mangling fixes but didnt see any should i just add it to bugzilla so it theres a record of it? Cheers Carl. On Tue, Jul 20, 2004 at 09:51:25PM +0200, Thomas Bork wrote: Herb Lewis schrieb: you can change "mangle prefix" to specify the number of characters you want to stay the same. Just remember the more letters that remain the same the more likely you will get a collision and slow things down. http://de.samba.org/samba/docs/man/smb.conf.5.html mangling method (G) controls the algorithm used for the generating the mangled names. Can take two different values, "hash" and "hash2". "hash" is the default and is the algorithm that has been used in Samba for many years. "hash2" is a newer and considered a better algorithm (generates less collisions) in the names. However, many Win32 applications store the mangled names and so changing to the new algorithm must not be done lightly as these applications may break unless reinstalled. Default: mangling method = hash2 Example: mangling method = hash But: "hash" is not the default (this was in 2.2.x) Fixed in the SVN docs - thanks a *lot* ! Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy .
Is there another way to make shares readable to 16 bit apps that use the 8.3 filename. because with out specifying "mangling method = hash" the file names are completly mangled and only the first letter remains the same. Where as "mangling method = hash" only mangles the last 3 letters. Carl. Carl Matthews wrote: Hi Jeremy, Sorry for not replying sooner, ive attached my config file. as a quick test, I created a folder called : "Test Directory That Is Long" under which i created a folder called "This folder is long too" and a file called "This Folder is long.txt" and this gives me the string errors. Thanks. Jeremy Allison wrote: On Wed, Jul 14, 2004 at 11:03:26PM +0100, Carl wrote: Just Installed 3.0.5rc1 and the problem persists unfortunately, Ok, can you give me the smb.conf file and the directory and filenames you're using. I'll see if I can reproduce with the latest SVN code. Thanks, Jeremy. # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] server string = Mandrake1 netbios aliases = FC1 password server = None guest account = mleall username map = /etc/samba/smbusers log level = 0 log file = /var/log/samba/%m.log max log size = 500 name resolve order = wins lmhosts host bcas deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No mangling method = hash preferred master = Yes domain master = No dns proxy = No wins support = Yes oplock break wait time = 100 ldap ssl = no valid users = @MLE-ALL create mask = 0775 directory mask = 0775 guest ok = Yes dos filemode = Yes [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No [NET-GMDB] comment = MLE-NET GoldMine DB path = /mnt/mle-net/MLE-NET/MLE-NET-GMDB write list = @MLE-ALL force user = mleall read only = No veto oplock files = /*.DBT/*.DBF/*.MDX/ blocking locks = No level2 oplocks = No dos filemode = No [NET-Public] comment = MLE-NET Public Share path = /home/local/samba-public write list = @MLE-ALL force user = mleall read only = No copy = NET-Eng -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy .
Hi Jeremy, Sorry for not replying sooner, ive attached my config file. as a quick test, I created a folder called : "Test Directory That Is Long" under which i created a folder called "This folder is long too" and a file called "This Folder is long.txt" and this gives me the string errors. Thanks. Jeremy Allison wrote: On Wed, Jul 14, 2004 at 11:03:26PM +0100, Carl wrote: Just Installed 3.0.5rc1 and the problem persists unfortunately, Ok, can you give me the smb.conf file and the directory and filenames you're using. I'll see if I can reproduce with the latest SVN code. Thanks, Jeremy. # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] server string = Mandrake1 netbios aliases = FC1 password server = None guest account = mleall username map = /etc/samba/smbusers log level = 0 log file = /var/log/samba/%m.log max log size = 500 name resolve order = wins lmhosts host bcas deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No mangling method = hash preferred master = Yes domain master = No dns proxy = No wins support = Yes oplock break wait time = 100 ldap ssl = no valid users = @MLE-ALL create mask = 0775 directory mask = 0775 guest ok = Yes dos filemode = Yes [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No [NET-GMDB] comment = MLE-NET GoldMine DB path = /mnt/mle-net/MLE-NET/MLE-NET-GMDB write list = @MLE-ALL force user = mleall read only = No veto oplock files = /*.DBT/*.DBF/*.MDX/ blocking locks = No level2 oplocks = No dos filemode = No [NET-Public] comment = MLE-NET Public Share path = /home/local/samba-public write list = @MLE-ALL force user = mleall read only = No copy = NET-Eng -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] String overflow in safe_strcpy .
Just Installed 3.0.5rc1 and the problem persists unfortunately, heres a sample of my log : wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [TAENO~EI.PDF] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (16 - 15) in safe_strcpy [taeno_checklist.pdf] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [TAENO~M9.PDF] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (16 - 15) in safe_strcpy [taeno_effective.pdf] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [TAENO~K1.PDF] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (16 - 15) in safe_strcpy [taeno_structure.pdf] Jul 12 12:31:09 mandrake1 nss_wins[15215]: [2004/07/12 12:31:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:09 mandrake1 nss_wins[15215]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [INITC~FJ.BAK] Jul 12 12:31:09 mandrake1 nss_wins[15215]: [2004/07/12 12:31:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:09 mandrake1 nss_wins[15215]: ERROR: string overflow by 1 (7 - 6) in safe_strcpy [INIT.C.bak] i also get these errors ocasionaly wins[15421]: [2004/07/12 12:37:19, 0] smbd/service.c:make_connection_snum(535) Jul 12 12:37:19 mandrake1 nss_wins[15421]: Can't become connected user! my .conf remains the same as before. If you need anything else just let me know. see the thread ( String overflow in safe_strcpy ) for history Cheers, Carl Matthews Jeremy Allison wrote: > On Tue, Jun 29, 2004 at 09:13:05AM +0100, Carl Matthews wrote: > >> Also i've just noticed the errors never occur for directorys but only for files longer than the 8.3. Which again suggests an error in the hash mangling method. > > > > Here's the fix. Incorrect use of safe_strcpy (memcpy should be used instead). > > Jeremy. > > > > > Index: smbd/mangle_hash.c > === > --- smbd/mangle_hash.c(revision 1298) > +++ smbd/mangle_hash.c(working copy) > @@ -546,8 +546,10 @@ > /* Fill the new cache entry, and add it to the cache. */ > s1 = (char *)(new_entry + 1); > s2 = (char *)&(s1[mangled_len + 1]); > -safe_strcpy( s1, mangled_name, mangled_len ); > -safe_strcpy( s2, raw_name, raw_len ); > +memcpy( s1, mangled_name, mangled_len ); > +s1[mangled_len] = '\0'; > +memcpy( s2, raw_name, raw_len ); > +s2[raw_len] = '\0'; > ubi_cachePut( mangled_cache, i, new_entry, s1 ); > } > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: string overflow in safe_strcpy
Just Installed 3.0.5rc1 and the problem persists unfortunately, heres a sample of my log : wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [TAENO~EI.PDF] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (16 - 15) in safe_strcpy [taeno_checklist.pdf] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [TAENO~M9.PDF] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (16 - 15) in safe_strcpy [taeno_effective.pdf] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [TAENO~K1.PDF] Jul 12 12:31:03 mandrake1 nss_wins[15212]: [2004/07/12 12:31:03, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:03 mandrake1 nss_wins[15212]: ERROR: string overflow by 1 (16 - 15) in safe_strcpy [taeno_structure.pdf] Jul 12 12:31:09 mandrake1 nss_wins[15215]: [2004/07/12 12:31:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:09 mandrake1 nss_wins[15215]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [INITC~FJ.BAK] Jul 12 12:31:09 mandrake1 nss_wins[15215]: [2004/07/12 12:31:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jul 12 12:31:09 mandrake1 nss_wins[15215]: ERROR: string overflow by 1 (7 - 6) in safe_strcpy [INIT.C.bak] i also get these errors ocasionaly wins[15421]: [2004/07/12 12:37:19, 0] smbd/service.c:make_connection_snum(535) Jul 12 12:37:19 mandrake1 nss_wins[15421]: Can't become connected user! my .conf remains the same as before. If you need anything else just let me know. Cheers, Carl Matthews Jeremy Allison wrote: On Tue, Jun 29, 2004 at 09:13:05AM +0100, Carl Matthews wrote: Also i've just noticed the errors never occur for directorys but only for files longer than the 8.3. Which again suggests an error in the hash mangling method. Here's the fix. Incorrect use of safe_strcpy (memcpy should be used instead). Jeremy. Index: smbd/mangle_hash.c === --- smbd/mangle_hash.c (revision 1298) +++ smbd/mangle_hash.c (working copy) @@ -546,8 +546,10 @@ /* Fill the new cache entry, and add it to the cache. */ s1 = (char *)(new_entry + 1); s2 = (char *)&(s1[mangled_len + 1]); - safe_strcpy( s1, mangled_name, mangled_len ); - safe_strcpy( s2, raw_name, raw_len ); + memcpy( s1, mangled_name, mangled_len ); + s1[mangled_len] = '\0'; + memcpy( s2, raw_name, raw_len ); + s2[raw_len] = '\0'; ubi_cachePut( mangled_cache, i, new_entry, s1 ); } -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: string overflow in safe_strcpy
also there are smbd errors but they happen alot less than the nmbd ones, heres a sample : Jun 29 15:50:09 mandrake1 smbd[27918]: [2004/06/29 15:50:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 15:50:09 mandrake1 smbd[27918]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SHORT~GC.LNK] Jun 29 15:50:09 mandrake1 smbd[27918]: [2004/06/29 15:50:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 15:50:09 mandrake1 smbd[27918]: ERROR: string overflow by 1 (25 - 24) in safe_strcpy [Shortcut to 75als176.pdf.lnk] Jun 29 15:50:09 mandrake1 smbd[27918]: [2004/06/29 15:50:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 15:50:09 mandrake1 smbd[27918]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SHORT~WF.LNK] Jun 29 15:50:09 mandrake1 smbd[27918]: [2004/06/29 15:50:09, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 15:50:09 mandrake1 smbd[27918]: ERROR: string overflow by 1 (25 - 24) in safe_strcpy [Shortcut to hcpl7101.pdf.lnk] Heres my smb.conf, just incase: # Global parameters [global] netbios aliases = FC1 server string = FedoraCore1 password server = None guest account = mleall username map = /etc/samba/smbusers log level = 0 log file = /var/log/samba/%m.log max log size = 500 name resolve order = wins lmhosts host bcas deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No mangling method = hash preferred master = Yes domain master = No dns proxy = No wins support = Yes oplock break wait time = 100 ldap ssl = no valid users = @MLE-ALL create mask = 0775 directory mask = 0775 guest ok = Yes dos filemode = Yes [www] comment = Webserver path = /var/www read list = carl write list = carl force user = mleall force group = MLE-ALL read only = No guest ok = No [homes] comment = Home Directories path = /home/%u read only = No Thanks, Carl Matthews Carl Matthews wrote: Also i've just noticed the errors never occur for directorys but only for files longer than the 8.3. Which again suggests an error in the hash mangling method. Carl wrote: I updated our server to 3.0.5pre1 this morning from the fc1 rpms linked by samba.org. But the errors persist, But like corey they do dissappear when "mangling method = hash" is rem'd out but this then makes long file names unreadable to programs that use 8.3 filenames, like some of the old compilers we use here. The errors occur at the sametime as Corey's when ever you browse a share you get an error for all the files in that directory. Is there any more info you might need to track this down? Thanks, Carl Matthews sample of my log file : Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (57 - 56) in safe_strcpy [Software & Driver downloads HP Officejet g55 All-] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [HP OF~YU.URL] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (97 - 96) in safe_strcpy [HP Officejet g55 All-in-One HP OfficeJet G Series] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [28-06~LT.ZIP] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (20 - 19) in safe_strcpy [28-06-2004 09-56-06.zip] I updateJeremy Allison wrote: On Fri, Jun 25, 2004 at 12:57:53AM +0100, Carl wrote: Yeah i get this problem too, with samba 3.04 on FC1 exactly the same, string errors when browsing any share which fills up my /var/log/messages file Any one know a fix? Can you try 3.0.5pre1. This looks like a bug we've fixed w.r.t. NetBIOS names. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: string overflow in safe_strcpy
Also i've just noticed the errors never occur for directorys but only for files longer than the 8.3. Which again suggests an error in the hash mangling method. Carl wrote: I updated our server to 3.0.5pre1 this morning from the fc1 rpms linked by samba.org. But the errors persist, But like corey they do dissappear when "mangling method = hash" is rem'd out but this then makes long file names unreadable to programs that use 8.3 filenames, like some of the old compilers we use here. The errors occur at the sametime as Corey's when ever you browse a share you get an error for all the files in that directory. Is there any more info you might need to track this down? Thanks, Carl Matthews sample of my log file : Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (57 - 56) in safe_strcpy [Software & Driver downloads HP Officejet g55 All-] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [HP OF~YU.URL] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (97 - 96) in safe_strcpy [HP Officejet g55 All-in-One HP OfficeJet G Series] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [28-06~LT.ZIP] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (20 - 19) in safe_strcpy [28-06-2004 09-56-06.zip] I updateJeremy Allison wrote: On Fri, Jun 25, 2004 at 12:57:53AM +0100, Carl wrote: Yeah i get this problem too, with samba 3.04 on FC1 exactly the same, string errors when browsing any share which fills up my /var/log/messages file Any one know a fix? Can you try 3.0.5pre1. This looks like a bug we've fixed w.r.t. NetBIOS names. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: string overflow in safe_strcpy
I updated our server to 3.0.5pre1 this morning from the fc1 rpms linked by samba.org. But the errors persist, But like corey they do dissappear when "mangling method = hash" is rem'd out but this then makes long file names unreadable to programs that use 8.3 filenames, like some of the old compilers we use here. The errors occur at the sametime as Corey's when ever you browse a share you get an error for all the files in that directory. Is there any more info you might need to track this down? Thanks, Carl Matthews sample of my log file : Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (57 - 56) in safe_strcpy [Software & Driver downloads HP Officejet g55 All-] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [HP OF~YU.URL] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (97 - 96) in safe_strcpy [HP Officejet g55 All-in-One HP OfficeJet G Series] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [28-06~LT.ZIP] Jun 29 08:41:16 mandrake1 nss_wins[27719]: [2004/06/29 08:41:16, 0] lib/util_str.c:safe_strcpy_fn(600) Jun 29 08:41:16 mandrake1 nss_wins[27719]: ERROR: string overflow by 1 (20 - 19) in safe_strcpy [28-06-2004 09-56-06.zip] I updateJeremy Allison wrote: On Fri, Jun 25, 2004 at 12:57:53AM +0100, Carl wrote: Yeah i get this problem too, with samba 3.04 on FC1 exactly the same, string errors when browsing any share which fills up my /var/log/messages file Any one know a fix? Can you try 3.0.5pre1. This looks like a bug we've fixed w.r.t. NetBIOS names. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: string overflow in safe_strcpy
Corey Spalding wrote: I recently upgraded both of my samba servers (mirrors of each other) to 3.0.4, my log files now fill with the following messages (hundred lines per day): Jun 24 13:55:33 Clyde smbd[8597]: [2004/06/24 13:55:33, 0] lib/util_str.c:safe_strcpy_fn(602) Jun 24 13:55:33 Clyde smbd[8597]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [LIBRA~V$.DOC] Jun 24 14:20:34 Clyde smbd[8597]: [2004/06/24 14:20:34, 0] lib/util_str.c:safe_strcpy_fn(602) Jun 24 14:20:34 Clyde smbd[8597]: ERROR: string overflow by 1 (11 - 10) in safe_strcpy [Config.pol.bak] The messages appear when I'm browsing any share setup on either server. Heres the smb.conf from the backup server. # Global parameters [global] unix charset = UTF8 workgroup = SPRINGFIELD server string = Clyde security = SHARE map to guest = Bad User passwd program = /usr/bin/passwd%u passwd chat = *password* %n\n *password* %n\n *successful* log level = 1 name resolve order = lmhosts host wins bcast mangling method = hash add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ add machine script = /usr/sbin/useradd -d /dev/null -g 503 -s /bin/false -M %u logon path = \\%L\Profiles\%U os level = 60 preferred master = No local master = No domain master = No wins support = Yes ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 winbind enum users = No winbind enum groups = No path = /var/spool/samba admin users = root, cspalding read only = No guest ok = Yes [homes] comment = Home Directories path = /home/%U create mask = 0700 directory mask = 0700 guest ok = No nt acl support = No locking = No [netlogon] comment = Network Logon Service path = /home/NETLOGON nt acl support = No locking = No [Profiles] comment = Nt Roaming Profiles path = /home/profiles create mask = 0777 guest ok = No [public] comment = Public on Clyde path = /usr2/public create mask = 0777 force create mode = 0777 directory mask = 0777 force directory mode = 0777 [printers] comment = All Printers printable = Yes browseable = No [apache] comment = webserver share path = /var/www/html username = billy,@billy, nobody, cspalding valid users = cspalding, mcaley, lynn, billy admin users = cspalding, mcaley, corey write list = billy, @billy [office] path = /usr2/office Any ideas how to get rid of this error? Its more of a nuisance that anything else at the moment. Yeah i get this problem too, with samba 3.04 on FC1 exactly the same, string errors when browsing any share which fills up my /var/log/messages file Any one know a fix? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] PDC/LDAP/SAMBA3/NT4/winbind/trusted domains corrections
If you wanted to follow my steps for setting up a samba PDC in a trusted domain with NT4, please note that there are some corrections. I had a second person follow my steps and we found some problems. First, the link I originally posted as incomplete. It needs a slash at the end. The correct link is: http://www.hilinski.net/samba/ The doc file posted there was corrected today, 11/26/2003 at 11:30 a.m. est. I have some questions while I am posting. #1. If you use winbind, is there any reason to put the add machine, add user, etc., scripts in smb.conf? It seems winbind doesn't bother with these. #2. Along the same lines, if you use winbind is there any reason to do the group mapping between nt groups and unix groups? #3. According to the docs, "winbind gid" is supposed to be a synonym for "idmap ." I don't think that works in the latest prerelease code. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] At 4 a.m. it finally worked...Samba 3, interdomain trust, ldap, winbind
I spent a solid two weeks trying to make a RH 9 with Samba 3 PDC operate the way I wanted it to in a domain that includes an NT 4.0 PDC. Early this morning, the NT user dogbreath belonging to the NT group mongrels was able to log into the NT PDC, map to the big_ugly_dogs share on the Samba machine, copy a file there, open it in OpenOffice 1.1.0, edit it, save it and then delete it. All of this was done because I finally got things configured correctly to make it all work. Along the way, I read so much stuff at such odd hours. Without the help of others, this could never have been accomplished. A how-to by Carl Weiss was critical. So was the info from Ignacio Coupeau and the official Samba 3.0 documentation. So now I have two PDCs (one NT4 and one Samba 3 on Linux) that trust each other. Therefore, a user in one domain has access to shares and resources in the other by vitue of that trust. And it's a single sign on because winbind knows the users and groups from each of the domains. The use of OpenLDAP will allow me to take the next step, which is adding a samba BDC to the network. There is still a lot of testing to be done before I am comfortable enough to let "real users" onto the machines. There are things I still don't understand. I did spend the time to write up documentation on how to do this (I shouldn't say I wrote it...I took a lot of bits and pieces from various sources and compiled it all into one document). If anyone is interested, check out the stuff at http://www.hilinski.net/samba . The documentation is there, along with the configuration files I used. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trust, users, groups, scripts, etc. questions.
I have some things I'd like someone brighter than me to explain. #1. Add scripts. Everyone seems to put these scripts in their smb.conf. The add user and add machine make sense, and they work, but explain to me how the other scripts, such as add user to group, are supposed to work? When do they get called, etc.? I guess most of these involve the smbldap tools. #2. Here's my situation. I have an NT PDC in the domain TIMES. I have a SAMBA 3.0 PDC (on RH9) in the domain FAIRFAX. LDAP is set up. The domains trust each other. A windowsXP pro user logs into TIMES, browses the network and opens the FAIRFAX domain PDC. As soon as the FAIRFAX domain is touched, a user (and probably machine, but I haven't tested this fully) account is set up in LDAP for that user. Obviously the adduser and addmachine scripts work. I'm going to assume this is the way this is supposed to work, right? #2a. The user from #2 has an account in LDAP formed when he/she touched the FAIRFAX domain. There is no password.in GQ, the sambaLMpassword and sambaNTpassword show as XXX. The user password in GQ shows up as {crypt}x and the encryption is set to crypt. Is this the expected behavior? Obviously a password is not needed because the user is granted access via the trust relationship. #2b. It appears that if you have two trusted domains and you have joined one of them, you do not need to join the other to log into it. Is that correct? Once I join the TIMES domain, the winxp pro logon screen allows me to pick both the TIMES and the FAIRFAX domain. I can then log into the FAIRFAX domain if I have a username and password there. Is this the designed behavior? #2c. Groups. This is something that just doesn't click with me. I have a group called pagination on the FAIRFAX domain. I have a group called pagination on the TIMES domain. I did the net groupmap add rid=1000 ntgroup=pagination unixgroup=pagination. If I log into the TIMES domain and I am a member of the pagination group, should I have access to all of pagination's shares on the SAMBA FAIRFAX domain? In GQ, shouldn't I see my sambaPrimaryGroupSID as 1000? Should the primary group be passed over and handled by the addxxx scripts? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba 3.0.0 - LDAP Authetication trouble
Ok if all your users have the same SID xxx-3000 they are not incrementing correctly in the add user script. I had this same problem when I wasn't correctly authenticating to the LDAP server I was in fact using the /etc/passwd file, and then using the same test user accounts that I had on the box, i.e. cweiss in ldap and cweiss in /etc/passwd. To further test change all your SID's manually with an graphical editor like GQ. I'm guessing you don't have too many because it's a test install. Also make sure to change the SID's of any computers you added. When I initially found this problem I created a new function in the adduser script to find the highest UID and increment by one. The user sid is calculated by UID+RID*2 I believe, in any event it is based on the UID. If it comes down to this I have another method how it would write the function. I just wanted to get it working then. It's my experience that you should be able to log in using your LDAP accounts to the samba server, unless explicitly denied in the users LDAP entry. If it's all configured correctly. It took me 3 days before I made ANY progress with this project and not 3 8 hour days. If it's driving you nuts, it got to me too. There is so little information out there for samba LDAP and then the differences between 2 and 3 schema. -=Carl Weiss=- good luck - Original Message - From: "Bart Bekker" <[EMAIL PROTECTED]> To: "Carl Weiss" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, November 12, 2003 2:33 AM Subject: Re: [Samba] Re: Samba 3.0.0 - LDAP Authetication trouble > My smbpasswd file is empty. I am ptretty sure Samba uses LDAP for > authenticating users. Changing the password in LDAP database results in > login errors, so there is a connection. The bart account is indeed the > first, but I already noticed other accounts use the same user SID, so > there is something wrong here with the increment indeed. > My system runs on Suse 8.2, and for now uses /etc/passwd file for local > login since I could not configure ldap login at installation time. > I have to admit samba 3.0.0. takes a lot longer to get to work (at least > with ldap backend) than the 2.2.x versions. I am not an unexperienced > user, but I keep running in to problems. > Also, there are numerous sources (how-to's etc) to be found on the www, > all telling different stories. Especially the LDAP configuration seems > to be, at least in my case, the cause of trouble.. > > Thanks, > > Bart. > > Carl Weiss wrote: > > >If this solved you problem is sounds like your not really authenticating to > >LDAP and just using the smbpassdb file, although it can read from LDAP it > >may not be using it for Authentication. > > > >Verify that you are using LDAP for authentication, you can run Authconfig in > >redhat, otherwise you'll have to check you PAM. To test simply you can try > >to login with your user Bart at the console( verify that the account isn't > >in /etc/password). > > > >Is the Bart account is the first user you created SID x3000 this is the > >default first user, if all your accounts have this same sid they will not > >authenticate. Points to an issue with the script smbldap-useradd.pl not > >incrementing the sid, may also point to the above PAM problem. > > > > > >-=carl=- > > > >"Bart Bekker" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > > > > >>Thanks, problem solved. > >>But I am still confused. Why are those password tools delivered with > >>Samba, if they are not useful.. I saw in the LDAP that smbpasswd uses a > >>SMD5 encryption for the password; the smbldap-passwd tools adds them > >>using SSHA. No wonder it did not work. > >> > >>Thanks again. > >> > >> Bart. > >> > >>Andrew Bartlett wrote: > >> > >> > >> > >>>On Tue, 2003-11-11 at 23:42, Bart Bekker wrote: > >>> > >>> > >>> > >>> > >>>>For quite some time I am trying to get samba 3.0.0 woring with an LDAP > >>>>backend. > >>>>The latest problem I have is that user authenticaltion doe not work. The > >>>>passwords are right, added them with the ldaptools from the samba > >>>>source, > >>>> > >>>> > >>>> > >>>> > >>>Add them with smbpasswd. The passwords in LDAP is simply not the > >>>password that the user is sending. > >>> > >>>Andrew Bartlett > >>> > >>> > >>> > >>> > >>> > >>-- > >>To unsubscribe from this list go to the following URL and read the > >>instructions: http://lists.samba.org/mailman/listinfo/samba > >> > >> > >> > > > > > > > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: No Roaming profiles local only
I've had success with logon home = logon path = but if your using LDAP it will override these settings so you need to set those fields blank in you LDAP user as well. -=Carl=- <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > On a windows server there is a local profile by default unless you tell it > to have a roaming profile. I want to have the same thing happen. All the > machines say that they used the local copy then a couple seconds later > it says it could not copy to the server and any changes will not be saved. > I know that I could let it be a roaming and switch it to a local later > but in a larger enterprise that is too much work. > > I tried this in my smb.conf on debian testing with samba 3.0 > > logon home = "" > logon path = "" > > I used to use this on redhat 8 with samba 2.28a before and it worked. > > and logon home = c:\documents and settings\%u > logon path = c:\documents and settings\%u > > I saw this on a web site and so I tried it but it did not work. > > I bought the book called The official Samba 3 howto and reference guide. > What a great book but it says in there if you want to disable roaming > profiles, there are three ways to do it. Do it in the smb.conf file but > does not show how just says to do it. Then it says to do it in the > windows registry but this is not practical to do to 100 workstations. Or > to leave as roaming and then switch to local which is also not practical > to do to 100 workstations. There should be a way to just make it do > local on the fly as it creates the profile as windows does it. I would > like to know how your smb.conf file should look in order to accomplish > this. Any help would be appreciated. > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0.0 - LDAP Authetication trouble
If this solved you problem is sounds like your not really authenticating to LDAP and just using the smbpassdb file, although it can read from LDAP it may not be using it for Authentication. Verify that you are using LDAP for authentication, you can run Authconfig in redhat, otherwise you'll have to check you PAM. To test simply you can try to login with your user Bart at the console( verify that the account isn't in /etc/password). Is the Bart account is the first user you created SID x3000 this is the default first user, if all your accounts have this same sid they will not authenticate. Points to an issue with the script smbldap-useradd.pl not incrementing the sid, may also point to the above PAM problem. -=carl=- "Bart Bekker" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Thanks, problem solved. > But I am still confused. Why are those password tools delivered with > Samba, if they are not useful.. I saw in the LDAP that smbpasswd uses a > SMD5 encryption for the password; the smbldap-passwd tools adds them > using SSHA. No wonder it did not work. > > Thanks again. > > Bart. > > Andrew Bartlett wrote: > > >On Tue, 2003-11-11 at 23:42, Bart Bekker wrote: > > > > > >>For quite some time I am trying to get samba 3.0.0 woring with an LDAP > >>backend. > >>The latest problem I have is that user authenticaltion doe not work. The > >>passwords are right, added them with the ldaptools from the samba > >>source, > >> > >> > > > >Add them with smbpasswd. The passwords in LDAP is simply not the > >password that the user is sending. > > > >Andrew Bartlett > > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: AW: Samba Success Story
I've heard of people having problems with the connector. Maybe that's why I never implemented it. The colander functionality it the toughest part in replacing Exchange. -=Carl=- "Jerry Haltom" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Well, Bynari has a lot of down sides. The server is just a wrapped > commercialized OpenLDAP + Cyrus. Nothing worth paying for. > > The plugin tends to break all the time. If the IMAP server goes down, it > starts spitting out error messages. It keeps calendars and contacts in > tnef in mail messages. Very very non-portable. Bynari is a better way to > get stuck to Outlook than Exchange is! > > If Outlook was a bit better at handling IMAP everything would be great. > > On Mon, 2003-11-10 at 20:13, Carl Weiss wrote: > > Take a look into Bynari www.bynari.net or suse openexchange as replacements > > for Exchange. > > I've been running bynari for a few years now and haven't had any issues, > > although I haven't used the outlook connector. > > > > If you set up Samba with openldap you could configure outlook clients to use > > your openldap server as the contact database, and use openldap to > > authenticate mail users. This would let them have one password for domain > > and mail. Another project to consider. > > > > -=Carl=- > > > > "Jerry Haltom" <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED] > > No, I bought the Samba 3.0 Official Reference and Howto book and > > followed the instructions. :) > > > > On Mon, 2003-11-10 at 18:44, SEFEROVIC Edvin wrote: > > > Congratulations... nice move... a high quality solution doesn't have to > > mean > > > expensive solution as well... I wish you luck in your next step ( " > > removing > > > Windows from the desktop" )... another question - have you documented this > > > project of yours? > > > > > > Greets > > > SEFEROVIC Edvin > > > > > > -Ursprngliche Nachricht- > > > Von: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] Im Auftrag > > > von Jerry Haltom > > > Gesendet: Dienstag, 11. November 2003 01:33 > > > An: Greg Folkert > > > Cc: SambaUser List > > > Betreff: Re: [Samba] Samba Success Story > > > > > > Well, getting off of Active Directory was our main goal. I'm sure most > > > here can figure out why. Thanks to MS's "innovation", one can't just > > > keep Exchange working with it. > > > > > > So... we searched for alternatives that were exactly the same, and found > > > nothing that offered any clear benefits. They'res just nothing the can > > > offer the "Outlook Integration" thing, which is apparently intentional. > > > :) > > > > > > We wanted to get with a standard IMAP server, and we did. Cyrus-IMAP. it > > > performs well, is WAY more usable, storing messages as normal files. > > > Easy to tar up and backup normal files vs. a massive JET database. It > > > doesn't offer Calendar/Contacts such as Exchange does though... so we > > > kept looking. > > > > > > A new project just appeared, OpenGroupware (www.opengroupware.org). It > > > started as a commerical project, but has recently been released under > > > the GPL. The code base itself is very mature, however the conversion to > > > rename everything from SKYRIX to OGo has caused some headaches. It is > > > however not Exchange. It offers a lot of features Exchange doesn't, and > > > doesn't offer some Exchange does, and offers others differently. It's a > > > different product. It's a lot like ACT actually, which some of our users > > > love. > > > > > > That is taking some adjusting by our users, but they'll get over it. > > > > > > Also, unless you pay for the commercial Outlook plugin, it doesn't just > > > work in Outlook. It does however have a nice WebUI Mmmm WebUI... > > > *coughhackcough*. > > > > > > We're using the WebUI. It works okay. > > > > > > Outlook makes using an IMAP server a bitch though, it does the crossout > > > deleted messages thing. Can't store the password properly. Doens't ask > > > you when it changes, just silently fails. Outlook is at fault, but > > > that's that. We can live with it. > > > > > > Now that our server end is "clean" we can begin on our ultimate goal of > &
[Samba] Re: AW: Samba Success Story
Take a look into Bynari www.bynari.net or suse openexchange as replacements for Exchange. I've been running bynari for a few years now and haven't had any issues, although I haven't used the outlook connector. If you set up Samba with openldap you could configure outlook clients to use your openldap server as the contact database, and use openldap to authenticate mail users. This would let them have one password for domain and mail. Another project to consider. -=Carl=- "Jerry Haltom" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] No, I bought the Samba 3.0 Official Reference and Howto book and followed the instructions. :) On Mon, 2003-11-10 at 18:44, SEFEROVIC Edvin wrote: > Congratulations... nice move... a high quality solution doesn't have to mean > expensive solution as well... I wish you luck in your next step ( " removing > Windows from the desktop" )... another question - have you documented this > project of yours? > > Greets > SEFEROVIC Edvin > > -Ursprüngliche Nachricht- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Im Auftrag > von Jerry Haltom > Gesendet: Dienstag, 11. November 2003 01:33 > An: Greg Folkert > Cc: SambaUser List > Betreff: Re: [Samba] Samba Success Story > > Well, getting off of Active Directory was our main goal. I'm sure most > here can figure out why. Thanks to MS's "innovation", one can't just > keep Exchange working with it. > > So... we searched for alternatives that were exactly the same, and found > nothing that offered any clear benefits. They'res just nothing the can > offer the "Outlook Integration" thing, which is apparently intentional. > :) > > We wanted to get with a standard IMAP server, and we did. Cyrus-IMAP. it > performs well, is WAY more usable, storing messages as normal files. > Easy to tar up and backup normal files vs. a massive JET database. It > doesn't offer Calendar/Contacts such as Exchange does though... so we > kept looking. > > A new project just appeared, OpenGroupware (www.opengroupware.org). It > started as a commerical project, but has recently been released under > the GPL. The code base itself is very mature, however the conversion to > rename everything from SKYRIX to OGo has caused some headaches. It is > however not Exchange. It offers a lot of features Exchange doesn't, and > doesn't offer some Exchange does, and offers others differently. It's a > different product. It's a lot like ACT actually, which some of our users > love. > > That is taking some adjusting by our users, but they'll get over it. > > Also, unless you pay for the commercial Outlook plugin, it doesn't just > work in Outlook. It does however have a nice WebUI Mmmm WebUI... > *coughhackcough*. > > We're using the WebUI. It works okay. > > Outlook makes using an IMAP server a bitch though, it does the crossout > deleted messages thing. Can't store the password properly. Doens't ask > you when it changes, just silently fails. Outlook is at fault, but > that's that. We can live with it. > > Now that our server end is "clean" we can begin on our ultimate goal of > removing Windows from the desktop though. > > On Mon, 2003-11-10 at 18:10, Greg Folkert wrote: > > On Mon, 2003-11-10 at 19:03, Jerry Haltom wrote: > > > I'd like to thank the Samba team for making our switch off of Active > > > Directory amazingly smooth. We're a small company, only 30 desktops, but > > > things went great for us. Actually, nobody even notices the Windows DC > > > is even gone! > > > > > > The Exchange migration that went along with this wasn't as hassle free > > > though. =( > > > > > > It's really refreshing to be able to SSH into our file server and see > > > what's going on! > > > > > > Kudo's to the Samba team for saving us time/money and our sanity! > > > > Could you share what you did? Along with what "e-mail/groupware" package > > did you switch to... > > > > I'd be interested to know. I am sure other would be as well. > -- > Jerry Haltom <[EMAIL PROTECTED]> > Feedback Plus, Inc. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- Jerry Haltom <[EMAIL PROTECTED]> Feedback Plus, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3 Redhat 9 Openldap doc
>>OK here are some answers hopefully they help "SEFEROVIC Edvin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Great job... Maybe you should think of a better structure for your document, but ist okay and filled with information... now I have a few questions for you... >> the HTML version might be a little better http://www.carlweiss.com/Samba3-redhat9-openldap.html What is SID actually used for?? >> SID is the number coresponding to NT user accounts that controls permissions, it it similar to UID. Should I set it as UIDNR under Linux? >>not sure what your asking here, what is UIDNR? Do I need the scripts for adding users and changing passwords in smb.conf? >> only if you want to be able to modify user accounts from NT/2000, ie change passwd dialog box Does PDC means that the Samba is administrating all user accounts and computernames for Network Neighbourhood? >> yes, it is the master browser for the domain or Primary Domain Controller Why is wins proxy set to OFF? >> becuase it's not acting as a proxy server for WINS, for more info check out the smb.conf man Last but not least - does Samba creates your home dirs when users log on? >>No the directories are created with the smbldap-adduser.pl script, (if set) this is where you set the varables you want passed to the user account. ie. individual login script, home directory, drives to map, roaming profiles. I think it is easier to set these values to null and use one login script called from the smb.conf file. >>> -=Carl=- TIA SEFEROVIC Edvin -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Carl Weiss Gesendet: Dienstag, 11. November 2003 01:40 An: [EMAIL PROTECTED] Betreff: [Samba] Samba 3 Redhat 9 Openldap doc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 Redhat 9 Openldap doc
Hello I'd like to thank you all for helping my setup of samba3 with Ldap, here are my notes on configuring samba3 openldap on redhat 9. Hopefully this information will help all of you who are trying to preform a similar setup. -=Carl=- this can also be found at: http://www.carlweiss.com/Samba3-redhat9-openldap.html Installing Samba 3 With OpenLDAP on Redhat 9 Commands are listed in italics they can be copied directly to your terminal. This example shows a configuration of a windows PDC with samba 3 on redhat 9 using openldap. The example uses test.com as the ldap suffix. Any comments can be sent to [EMAIL PROTECTED] Hope this helps. Check for installed packages - Redhat Shrike (9) installs many packages from the default install check to see what packages your system has. [EMAIL PROTECTED] root]# rpm -q openssl cyrus-sasl perl openldap krb5-devel samba samba-client openssl-0.9.7a-2 cyrus-sasl-2.1.10-4 perl-5.8.0-88 openldap-2.0.27-8 krb5-devel-1.2.7-10 samba-2.2.7a-7.9.0 samba-client-2.2.7a-7.9.0 Remove the samba 2 packages [EMAIL PROTECTED] root]# rpm -e samba [EMAIL PROTECTED] root]# rpm -e samba-client # more might be installed. samba-devel etc. Download Software packages BDB 4.1.25 current release db-4.1.25.tar.gz http://www.sleepycat.com/download/index.shtml openLDAP 2.1.23 current release openldap-2.1.23.tgz http://www.openldap.org/software/download/ Samba 3 samba-latest.tar.gz http://us1.samba.org/samba/download.html GQ http://rpmfind.net/linux/RPM/freshrpms/redhat/9/gq/gq-0.6.0-fr2.i386.html Perl Convert-ASN1-0.17.tar.gz http://sourceforge.net/project/showfiles.php?group_id=5050 perl-ldap-0.29.tar.gz http://sourceforge.net/project/showfiles.php?group_id=5050 IO-Socket-SSL-0.95.tar.gz http://www.cpan.org/modules/by-module/IO/BEHROOZI/ Net_SSLeay.pm-1.25.tar.gz http://www.cpan.org/authors/id/S/SA/SAMPO/ smbldap-tools http://samba.idealx.org/index.en.html Install -BDB 4.x -sasl2 --maybe installed verify with rpm -q -kerberos --maybe installed verify with rpm -q -openldap 2.1 -Samba 3 Extras --GQ ldap GUI --Swat --smbldap-tools --Requires Perl Convert-ASN1-0.17.tar.gz perl-ldap-0.29.tar.gz IO-Socket-SSL-0.95.tar.gz Net_SSLeay.pm-1.25.tar.gz Configure create sldap.conf copy samba-3.0.0/examples/LDAP/samba.schema from samba source to /usr/local/etc/openldap/schema create smb.conf set smbpasswd -w LDAP_ROOTDN_PASSWORD to store the password for the LDAP rootdn smbldap_conf.pm --modify scrips as needed. make and extract the mkntpwd file to /usr/local/sbin/ ---To find sid net domainsid GQ Setup LDAP for Samba ---create user account for root in ldap with SID-1000 and uid =0 Setup startup scripts /etc/init.d/smb /etc/init.d/ldap make sure there executable enable services in chkconfig Install smbldap-tools Populate the LDAP databse with the default Windows accounts OU's and groups. Using smbldap-populate.pl User management To add users: sbmldap-useradd.pl -a -P username -a (add a Samba account) -P prompt for passwd after account is created To change password: smbldap-passwd.pl username To delete User: smbldap-userdel.pl username To add computer accounts: smbldap-useradd.pl -a -w computername Test On windows computer Ping the samba server, by ip address, then by name If name is not resolving add the samba server to the windows host file or create an entry in DNS or set WINS to you samba server(if enabled in smb.conf). Log on as administrator to your windows computer and attempt to add the computer to the samba domain as specified in the smb.conf file. Log in as administrator and try to change your password. Install Installing Berkly Data Base Download db-4.1.25.tar.gz tar -zxf db-4.1.25.tar.gz cd db-4.1.25/dist/ ./configure make make install cd .. Installing OpenLDAP server download openldap-2.1.23.tgz tar -zxf openldap-2.1.23.tgz cd openldap-2.1.23 Copy /usr/local/BerkeleyDB.4.1/include/db.h to /usr/include/db.h cp /usr/local/BerkeleyDB.4.1/include/db.h /usr/include/db.h In /etc/ld.so.conf, add the line: /usr/local/BerkeleyDB.4.1/lib and run ldconfig. Configure Script pointing to your krb.h file and your BDB directories. env CPPFLAGS='-I/usr/local/BerkeleyDB.4.1/include \ -I/usr/kerberos/include' LDFLAGS=-L/usr/local/BerkeleyDB.4.1/lib \ ./configure --enable-ldbm --with-tls=openssl make depend make make test #(scripts that will verify the installation) make install cd .. Installing Samba 3 Download samba-latest.tar.gz (at this time is samba-3.0.0) tar -zxf samba-latest.tar.gz cd samba-3.0.0/source/ ./configure --with-krb5=/usr/kerberos/ --with-winbind
[Samba] Group sharing between NT and Linux domains
I need a little better information regarding the mapping of groups between an NT PDC and a SAMBA PDC, which trust each other. On the NT machine is a group called "ntgreen." On the Linux box (running RH9 with Samba 3.0), there is a group called "lxgreen". I've done a: net groupmap add ntgroup=ntgreen unixgroup=lxgreen. The mapping shows up in a net groupmap list. However, when a member of the ntgreen group logs in on the NTPDC and attempts to access a share in the SAMBA-controlled domain that is supposed to be restricted to the lxgreen group, access is denied. The user can access shares that are open to all users. I am obviously missing something here. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: machine accounts aren't added properlywithsmbldap-useradd.pl + ldap backend
may want to check if this is uncommented in your smbldap-useradd.pl file if (!$with_smbpasswd) { # (jtournier) # Objectclass sambaSAMAccount is now added directly by samba when joigning the domain (for samba3) if (!add_samba_machine_mkntpwd($userName, $userUidNumber)) { die "$0: error while adding samba account\n"; } } else { if (!add_samba_machine($userName)) { die "$0: error while adding samba account\n"; } "Carl Weiss" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > you were so close. It's a combination of the two. > /usr/local/bin/smbldap-useradd.pl -a -w computerName > > from smb.conf > add machine script = /usr/local/bin/smbldap-useradd.pl -a -w "%m" > > -=Carl=- > > "J B Bell" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: machine accounts aren't added properly withsmbldap-useradd.pl + ldap backend
you were so close. It's a combination of the two. /usr/local/bin/smbldap-useradd.pl -a -w computerName from smb.conf add machine script = /usr/local/bin/smbldap-useradd.pl -a -w "%m" -=Carl=- "J B Bell" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Compiling Samba3.0.0 on Solaris2.6
Hi, I've been trying to compile up Samba with active-directory support. I've got Solaris2.6, gcc, openldap-2.1.22 and MIT kerberos5 1.3.1 ldap and kerberos are all compiled up happily. Running ./configure --with-ads on Samba configures things OK, and the result is: Using libraries: LIBS = -lsec -lgen -lresolv -lsocket -lnsl KRB5_LIBS = -L/usr/local/lib -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lsocket -lnsl -lresolv LDAP_LIBS = -llber -lldap AUTH_LIBS = However, when running make, I get: Using FLAGS = -g -O2 -I/usr/local/include -I./popt -Iinclude -I/usr/local/install/samba-3.0.0/source/include -I/usr/local/install/samba-3.0.0/source/ubiqx -I/usr/local/install/samba-3.0.0/source/smbwrapper -I. -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/local/include -I/usr/local/install/samba-3.0.0/source LIBS = -lsec -lgen -lresolv -lsocket -lnsl LDSHFLAGS = -G LDFLAGS = Generating smbd/build_options.c Building include/proto.h creating /usr/local/install/samba-3.0.0/source/include/proto.h Building include/wrepld_proto.h creating /usr/local/install/samba-3.0.0/source/include/wrepld_proto.h Building include/build_env.h creating /usr/local/install/samba-3.0.0/source/nsswitch/winbindd_proto.h creating /usr/local/install/samba-3.0.0/source/web/swat_proto.h creating /usr/local/install/samba-3.0.0/source/client/client_proto.h creating /usr/local/install/samba-3.0.0/source/utils/net_proto.h Compiling dynconfig.c In file included from include/includes.h:429, from dynconfig.c:21: /usr/local/include/gssapi/gssapi.h:120: warning: redefinition of `gss_cred_id_t' /usr/include/rpc/rpcsec_gss.h:60: warning: `gss_cred_id_t' previously declared here /usr/local/include/gssapi/gssapi.h:121: warning: redefinition of `gss_ctx_id_t' /usr/include/rpc/rpcsec_gss.h:59: warning: `gss_ctx_id_t' previously declared here /usr/local/include/gssapi/gssapi.h:172: conflicting types for `gss_channel_bindings_t' /usr/include/rpc/rpcsec_gss.h:61: previous declaration of `gss_channel_bindings_t' *** Error code 1 make: Fatal error: Command failed for target `dynconfig.o' There seems to be some conflict between the gssapi stuff from the openldap and some of the Solaris libraries. I've tried removing the gssapi include files and reconfiguring, but things fail later in the build with the ads library. Has anyone else found a workaround or solution to this? TIA Carl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Carl Vincent http://www.netskills.ac.uk/ (URL) Systems, Software, Webmaster 0191 222 5003 (voice) NETSKILLS - Quality Internet Training 0191 222 5001 (fax) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Ghosting Linux Partitions.
>> -Original Message- >> From: Jon Niehof [mailto:[EMAIL PROTECTED] >> Same diff; any ext2-based tools work just fine with a clean >> ext3 partition. So just make sure to shut down cleanly >> before using ghost. >Not always true. >Partition Magic 4.0 works great for resizing ext2 partitions, but won't work >on ext3 partitions. For some reason even if you convert them to ext2 by >removing the journal they don't work. >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba Its the same with Powerquest's Drive Image Pro, and Image Centre. Ext2 works, reiserfs works but ext3 doesn't :( -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, Reiserfs and Large files (25GB)
Hi All, We are running SuSE Linux Enterprise Server, Samab 2.2.7a, and sharing a partition formated to reiserfs 3.6 format. When we try and copy a large video file (25GB) to a share on the reiserfs partition from a windows 2000 client I get the error message: "Cannot copy filename: The specified network name is no longer available" Then as soon as you click okay the share becomes available again. I have tried copying the same file to an ext2 and it works fine. And I have just tried testing 2.2.8 pre2 and get the same results. I have also tried copying a 16GB file to shares on both ext2 and reiserfs and it works fine. It just seems there is a cut off somewhere between 16GB and 25GB. Does anyone know of any reiserfs/samba issues? Thanks for any help I get, Carl. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Upgrading to Samba 2.2.7
Hi: I am the system admin at my company. We are running Samba 2.2.2 and I have been made aware of security issue for 2.2.2 - 2.2.6. I went to your web site, found this page: http://au1.samba.org/samba/whatsnew/samba-2.2.7.html but does not speak on upgrading from an earlier version. Found this page "Unofficial How To" , the first part of which seems to describe upgrading: http://hr.uoregon.edu/davidrl/samba.html Can you direct me to a location that has instructions specifically on upgrading to 2.2.7. Also do I need to stop Samba first, install patch and then restart? Thanks, Carl Ambroise MxEnergy 203-356-1318 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] sorta-newbie: installing 2.2.6 rpm with --nodeps on RedHat 7.2 ?
Hi Tarvin, I performed this upgrade recently. I played it safe by downloading and installing the appropriate libraries. I performed a search for the dependent files on www.rpmfind.net and installing the associated rpm packages. Hope this helps, Carl. - Original Message - From: "Rhodes, Tarvin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, November 05, 2002 3:39 PM Subject: [Samba] sorta-newbie: installing 2.2.6 rpm with --nodeps on RedHat 7.2 ? > I have samba (server-only) running on a server with a stock RedHat 7.2 'server' install and am trying to upgrade Samba to 2.2.6-1.i386. I get the following dependency failures when trying to "rpm -ivh samba-2.2.6-1.i386.rpm": > > libncurses.so.4 is needed by samba-2.2.6-1 > libreadline.so.3 is needed by samba-2.2.6-1 > > ncurses4-5.0-4.i386.rpm and ncurses-5.2-12.i386.rpm is already installed and "/usr/lib/libreadline.so.4" exists on the system. Can someone tell me if it safe to install 2.2.6 with '--nodeps' or, if that is not the best way out, point me to the correct solution? > > > Thanks, > > Tarvin Rhodes > Network Admin > Sysco/Charlotte > 704.723.6062 > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] nmblookup problem
Hi, I've been working through the Teach Yourself Samba book with my install of Samba and I run up against this issue while going through the diagnostics after I failed to see my samba server in my network places on my Windows 2000 client. nmblookup -d 2 '*' "If the broadcast address is configured correctly, you should see multiple messages saying "Got a positive name query response from..." even if you have only two machines on the network as I do here. The actual number of responses is not important as long as you get one from a machine other than the server. If you do not see output similar to the example, you might need to experiment with the interfaces parameter in smb.conf to manually configure the interface and netmask to which smbd and nmbd will bind. If you have more than one network interface, Samba binds only to the first one by default." My set up is a home ADSL connection with two ethernet cards, one to masquerade for an internal lan and the other to deal with external traffic. eth0 (external) is on 192.168.1.2 and eth1 (lan) is on 192.168.1.3. The firewall rules have been relaxed so that there are no restrictions while I try to get the samba fileshares up and running. Now I've experimented with the interfaces and netmasks. I'm just wondering how much I should experiment. My smb.conf interfaces line reads: interfaces=192.168.1.3/255.255.255.0 192.168.1.2/255.255.255.0 and I've tried it with just the one interface at a time. If I go for a setting of /0.0.0.0 I can pick up all of my LAN, but I have a feeling that it's not a good idea to do it this way. Am I correct to feel this way ? My set up is a home ADSL connection with two ethernet cards, one to masquerade for an internal lan and the other to deal with external traffic. Thanks in advance, Carl.
[Samba] Samba server - windows Archive bit's
im having a problem... i cant seem to be able to clear the archive bit from any on the windows pcs on the network. When ever i try i get a message box say it is unable to. All users on the network are part of the same group and the files they work on our in that group. So how come they cant clear the archive bits? Can any one help Ive pasted the global parameters from the conf file: Cheers. Carl # Global parameters[global] coding system = client code page = 850 code page directory = /var/lib/samba/codepages workgroup = SERVERS netbios name = netbios aliases = netbios scope = server string = MLE-NET Mandrake Server interfaces = bind interfaces only = No security = SERVER encrypt passwords = Yes update encrypted = Yes allow trusted domains = Yes hosts equiv = min passwd length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = smb passwd file = /etc/samba/smbpasswd root directory = pam password change = No passwd program = /usr/bin/passwd passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = No lanman auth = Yes use rhosts = No admin log = No log level = 0 syslog = 1 syslog only = No log file = /var/log/samba/log.%m max log size = 50 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 large readwrite = No max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes nt smb support = Yes nt pipe support = Yes nt status support = Yes announce version = 4.5 announce as = NT max mux = 50 max xmit = 65535 name resolve order = lmhosts host wins bcast max packet = 65535 max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max smbd processes = 0 max disk size = 0 max open files = 1 read size = 16384 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 stat cache size = 50 use mmap = Yes total print jobs = 0 load printers = Yes printcap name = lpstat disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = strip dot = No mangling method = hash character set = mangled stack = 100 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 20 lm announce = Auto lm interval = 60 preferred master = Auto local master = Yes domain master = Auto browse list = Yes enhanced browsing = Yes dns proxy = No wins proxy = No wins server = wins support = No wins hook = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 add share command = change share command = delete share command = config file = preload = lock dir = /var/cache/samba pid directory = /var/run/samba utmp directory = wtmp directory = utmp = No default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = auto.home time offset = 0 NIS homedir = No source environment = panic action = " hide local users = No host msdfs = No winbind uid = winbind gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 15 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No comment = path = alternate permissions = No username = @MLE-ALL guest account = nobody invalid users = valid users = admin users = read list = write list = printer admin = force user = force group = MLE-ALL read only = Yes create mask = 0775 force create mode = 00 security mask = 0777 force security mode = 00 directory mask = 0775 force directory mode = 00 directory security mask = 0777 force directory security mode = 00 force unknown acl user = 00 inherit permissions = No inherit acls = No guest only = No guest ok = No only user = No hosts allow = hosts deny = status = Yes nt acl support = Yes block size = 1024 max connections = 0 min print space = 0 strict allocate = No strict sync = No sync always = No write cache size = 0 max print jobs = 1000 printable = No postscript = No printing = bsd print command = lpr -r -P%p %s lpq command = lpq -P%p lprm command = lprm -P%p %j lppause command = lpresume command = queuepause command = queueresume command = printer name = use client driver = No default devmode = No printer driver = printer driver file = /etc/samba/printers.def printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes
Re: [Samba] Samba Log file format
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: > Look at the parameter lp_admin_log() and the calls to sys_adminlog(). > These should be expanded to be the kind of log you want. The Samba log > files look like programmer info because they *are* programmer info. > We need them when tracking down bugs. > That's fine if need programmer info, but it would be nicer to let the admin set "debug" info when needed but otherwise be a more "readable" file. are lp_admin_log and sys_adminlog params that can be set in the smb.conf file? I don't see any docs on these anywhere. -- Carl B. Constantine University of Victoria Programmer Analyst http://www.uvic.ca UNIX System Administrator Victoria, BC, Canada [EMAIL PROTECTED]ELW A220, 721-8753 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Log file format
The samba log files leave something to be desired in both format and management. I'd like to propose a change if I could. Format: Previously, a log entry is cut with date and timestamp and action on a SINGLE line. Now the date and timestamp is on a separate line from the information that you'd look for in a log file (machine name, ip address, connection status for service, etc.) This is really awkward when you are searching log files for information. You can't use standard tools very easily. I'm using a custom perl script myself. The logs in 2.2.* are not very UNIX like at all. They seem more geared to the programmer, and not the admin. A Programmer version of a log is fine to send back to the samba team for debugging, but the admin should be kept in mind when writting log output. Management: It would be nice if samba gave up management of the logs to syslog and the like. syslog could then control WHEN logs should roll over, where they are stored, and so forth. Samaba should not be controlling this at all. It would also be nice to have the flexability to have samba produce a single log for all machines connecting to the samba server instead of or as well as separate log.netbiosname files. any comments? -- Carl B. Constantine University of Victoria Programmer Analyst http://www.uvic.ca UNIX System Administrator Victoria, BC, Canada [EMAIL PROTECTED]ELW A220, 721-8753 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Re[2]: [Samba] Solve of problem "network disks - lost connection under w2k and wxp"
* Vladimir I. Umnov ([EMAIL PROTECTED]) wrote: > Hello, Fredrik. > > > FA> Ah.. So that's the reason for some of the problems.. Why can't samba > FA> "correctly process nt status code"? Do you know? > Samba process nt status code, but besides nt status code must die send > many other commands, and there is no documention about this commands. > But Microsoft KB article says, that only nt status code processed > incorrectly. I think, this is a politics of Microsoft. They want kill > free software!!! > > > FA> Should it be a dword och a regular string in the registry? > >From KB article: > Start Registry Editor (Regedt32.exe). > Locate and then click the following key in the registry: > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters > On the Edit menu, click Add Value, and then add the following registry value: > Value name: EnableDownLevelLogOff > Data type: REG_DWORD > Radix: Hexadecimal > Value data: 1 > Quit Registry Editor. What's the link to the KB article? Also, this patch doesn't produce a single connect/disconnect like NT does. This is unfortunate. However, the log files show that there is always one over-riding connection with many connect/disconnect messages. You can count them to determine amount of time people are logged on. Bit of a pain, but it works. -- Carl B. Constantine University of Victoria Programmer Analyst http://www.uvic.ca UNIX System Administrator Victoria, BC, Canada [EMAIL PROTECTED]ELW A220, 721-8753 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Stupid Newbie: can't connect localhost:901 - help
I changed disable to "no" as you suggested and restarted xinetd...still nothing Mozilla is set to "Direct Connection to the Internet" I also looked in hosts.allow and hosts.deny and there were no entries in either of these. I tried adding: localhost to hosts.allow, then I logged out since I didn't know how to make sure that this took affect. And this did nothing. I'm not sure that logging out was good enough , maybe i should try rebooting...or if there is a command that will do this then great. I hope this helps someone help me. Thanks Carl --- Yannick Tousignant <[EMAIL PROTECTED]> wrote: > > Check your /etc/xinetd.d/swat file, make sure > disable = no > > restart xinetd : /etc/init.d/xinetd restart > > totally disable your proxy in ie... > ie is sensitive when adding a port, try > http://localhost:901/ > > If it doesn't work, check out your hosts.allow, > hosts.deny > or maybe ipchains/iptables... > > good luck! > > Yannick > > > -----Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On > > Behalf Of Carl Larson > > Sent: Friday, May 31, 2002 12:44 PM > > To: [EMAIL PROTECTED] > > Subject: [Samba] Stupid Newbie: can't connect > localhost:901 - help > > > > > > I've installed the rpm's and everything seems to > be > > set up fine. I've been through many documents > (even > > the one on redhat that says i must change > localhost to > > 127.0.0.1 in one of the config files > > (/etc/xinetd.d/swat). When i direct mozilla to > > http://localhost:901 I get, "The connection was > > refused when attempting to contact localhost:901 > > > > I think maybe that something is not properly setup > in > > my browser, but i've tried: > > no proxy for: > > localhost //added by me to see if it would > make > > any difference...but it didn't > > > > I'm sure there is something really small and > stupid > > that i've forgotten, and i'll feel like an idiot > when > > someone tells me, but i've spent WAY TOO LONG > trying > > to figure this out on my own. Thanks in advance > > Carl > > > > __ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > -- > > To unsubscribe from this list go to the following > URL and read the > > instructions: > http://lists.samba.org/mailman/listinfo/samba > > __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Stupid Newbie: can't connect localhost:901 - help
I've installed the rpm's and everything seems to be set up fine. I've been through many documents (even the one on redhat that says i must change localhost to 127.0.0.1 in one of the config files (/etc/xinetd.d/swat). When i direct mozilla to http://localhost:901 I get, "The connection was refused when attempting to contact localhost:901 I think maybe that something is not properly setup in my browser, but i've tried: no proxy for: localhost //added by me to see if it would make any difference...but it didn't I'm sure there is something really small and stupid that i've forgotten, and i'll feel like an idiot when someone tells me, but i've spent WAY TOO LONG trying to figure this out on my own. Thanks in advance Carl __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Password Length Conundrum
I've jsut installed Samba-2.2.4, from source on a Solaris 2.6 box. I'm looking to upgrade from some 2.0.x versions I'm running. I've createed a password entry using smbpasswd -a and added my password. My password has 9 characters in it. Using smbclient on the Solaris box, I can access the share, but I can't from Win95 or Win2000 clients (encryption is on). If I try to access using only the first 8 characters from my password (without changing the password on the server) it works on all three platforms. I then copied the password hashes (just the two hashes, not the whole old format line)from my 2.0.3 server password file, and it works properly on all platforms with the 9 character password. I haven't got any of the password synchronisation stuff turned on, just a basic test setup (conf file below). I've tried increasing the values of PASSWORD_LENGTH in source/include/includes.h and recompiling, but it hasn't helped. There appears to be something truncating my password before the hashes are created in the smbpasswd file. Does anyone who knows the source better than me know how to patch this out? Cheers Carl % more ../lib/smb.conf # Samba config file. # Global parameters [global] workgroup = FRUIT netbios name = APPLE domain master = no encrypt passwords = Yes lmannounce = no local master = no syslog only = yes log level = 0 invalid users = root #password level = 10 [TEST] comment = Test share service points at /tmp path = /tmp -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Carl Vincent http://www.netskills.ac.uk/ (URL) Software, Systems and Webmaster0191 222 5003 (voice) NETSKILLS - Quality Internet Training 0191 222 5001 (fax) PGP fingerprint: 5522 ADAF F6BF 897A 1529 B035 D4F6 AE5F B6EF C289 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] winbind
Does anybody know if it is possible to set-up winbind on an AIX server?? _ Carl Routledge Information Systems Support Administrator UCB Films plc e-mail: <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] tel: +44 (0) 16973 4-1322 \ 41709 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba