[Samba] GPO
Hey, I have a PDC working with LDAP+Samba+Kerberos+afs... And teh other day the boss told met that i have to build a PDC with Active Directory, I was testing it and I realizes taht I'm very very rooky in this, i left to mess around with windows some years ago...the question is that I found out that with active directory I can modify the GPO of the clients...can I do the same with Samba ??? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming Profiles
hey, Im trying to avoid the roaming with the profiles, i found something in te list about that, but it doesn't works, I changed in the registry the parameters... > > [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User > > Shell Folders] > > AppData=%USERPROFILE%\Datos de programa > > Cookies=%USERPROFILE%\Cookies > > ... > > .. > > > > to > > [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User > > Shell Folders] > > AppData=P:\Profile\Datos de programa > > Cookies=P:\Profile\Cookies but as i said it doesn work...it still download and upload the profile folder... can someone help me? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-passwd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, I'm trying to make works this script...from linux it works right with all users...but in win...it fails when try to do this line of script: chomp($pass=); In win i got this error: "No tiene permiso para cambiar su contraseña" "you dont have permission to change the passwd" I have the options in smb.conf: unix password sync = yes ldap passwd sync = no thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGAvEIu1kTJztljjMRAkjvAJkBAo0+dHXMQsvlNLsLKQa0cMwpeACdE4Yb ljWnq+mRucvHXveqYt/Cx4w= =Ta7P -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-passwd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, I'm trying to make works this script...from linux it works right with all users...but in win...it fails when try to do this line of script: chomp($pass=); In win i got this error: "No tiene permiso para cambiar su contraseña" "you dont have permission to change the passwd" I have the options in smb.conf: unix password sync = yes ldap passwd sync = no thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGAoKUu1kTJztljjMRAqiAAJ0Xr0eYXqWNRdg7QQYxgDVgdUCZDwCeO/PX mYEfc6gRGrTK4615a31yiT4= =ilMQ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba+Ldap+smbldap-tools
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, I have aproblem with the smbldap-tools...when I try to change the passwd fron a user in win...I get the error "", and I know that the script of smbldap-tools fails when try to execute the next line: # non-root user if (!defined($oldpass)) { # prompt for current password system "stty -echo"; print "(current) UNIX password: "; chomp($oldpass=); ###(this line)### print "\n"; system "stty echo"; My smb.conf is : [global] workgroup = IRONMAN netbios name = SHOGUN server string = SAMBA-LDAP PDC server ; wins support = no ; wins server = w.x.y.z interfaces = eth1 ; pam password change = Yes dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 ; syslog only = yes syslog = 0 panic action = /usr/share/samba/panic-action %d name resolve order = lmhosts host wins bcast AUTENTIFICACION## security = user encrypt passwords = true passdb backend = ldapsam:ldaps://shogun.ironman.es:636 ; guest account = guest invalid users = root unix password sync = no ; ldap passwd sync = yes passwd program = /usr/sbin/changepasswd.atc -o %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . ; obey pam restrictions = yes ; pam password change = no #LDAP# ldap admin dn = cn=admin,dc=ironman,dc=es ldap ssl = on ldap delete dn = no ldap suffix = dc=ironman,dc=es ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=machines ## Printing ## # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # lpr(ng) printing. You may wish to override the location of the # printcap file ; printing = bsd ; printcap name = /etc/printcap # CUPS printing. See also the cupsaddsmb(8) manpage in the # cupsys-client package. printing = cups printcap name = cups # When using [print$], root is implicitly a 'printer admin', but you can # also give this right to other users to add drivers and set printer # properties printer admin = @domainprintoperators ###PDC###3 os level = 80 preferred master = yes domain master = yes local master = yes domain logons = yes logon path = //SHOGUN/profiles/%u logon drive = V: logon home = //SHOGUN/%u logon script =%u.bat ; domain admin group = @domainadmins add user script = /usr/local/sbin/smbldap-useradd -w %u someone can help me? thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF9JEMu1kTJztljjMRAhHvAJ4z6BAn/sMeBgpDMREdtMaC5czIKgCfaYa9 mLRlk7+dB36lC3a/5YeUpEE= =w5ts -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-tools problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hey , I installed smbldap tools for have sync linux and win passwd, and it worked. But today i did some modifies to the script smbldap-passwd and it doesn't work. I check that win when try to change the password don't use it now...i try to reinstall again but still no working...this is my smb.conf someone can help me..? thanks [global] workgroup = IRONMAN netbios name = SHOGUN server string = SAMBA-LDAP PDC server ; wins support = no ; wins server = w.x.y.z interfaces = eth1 ; pam password change = Yes dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 ; syslog only = yes syslog = 0 panic action = /usr/share/samba/panic-action %d name resolve order = lmhosts host wins bcast AUTENTIFICACION## security = user encrypt passwords = true passdb backend = ldapsam:ldaps://shogun.ironman.es:636 ; ldap passwd sync = only ; guest account = guest invalid users = root unix password sync = no ; ldap password sync = yes passwd program = /usr/local/sbin/smbldap-passwd -o %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . ; obey pam restrictions = yes ; pam password change = no #KERBEROS use kerberos keytab = yes realm = IRONMAN.ES ;security = ads ;ads server = 192.168.2.3 #LDAP# ldap admin dn = cn=admin,dc=ironman,dc=es ldap ssl = on ldap delete dn = no ldap suffix = dc=ironman,dc=es ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=machines ## Printing ## # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # lpr(ng) printing. You may wish to override the location of the # printcap file ; printing = bsd ; printcap name = /etc/printcap # CUPS printing. See also the cupsaddsmb(8) manpage in the# When using [print$], root is implicitly a 'printer admin', but you can # also give this right to other users to add drivers and set printer # properties printer admin = @domainprintoperators ###PDC###3 os level = 80 preferred master = yes domain master = yes local master = yes domain logons = yes logon path = //SHOGUN/profiles/%u logon drive = V: logon home = //SHOGUN/%u logon script =%u.bat ; domain admin group = @domainadmins add user script = /usr/local/sbin/smbldap-useradd -w %u Misc socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash add user script = /usr/local/sbin/smbldap-useradd -w %u File sharing # Name mangling options ; preserve case = yes ; short preserve case = yes # cupsys-client package. printing = cups printcap name = cups -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF7+Eou1kTJztljjMRAoz/AJ49j5RkqzWNIr6ltQfeDOW9MMUwiQCbBdPg pO1sowR4osRFd17ZQoeu54Q= =05IU -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-tools problem
hey , I installed smbldap tools for have sync linux and win passwd, and it worked. But today i did some modifies to the script smbldap-passwd and it doesn't work. I check that win when try to change the password don't use it now...i try to reinstall again but still no working...this is my smb.conf someone can help me..? thanks [global] workgroup = IRONMAN netbios name = SHOGUN server string = SAMBA-LDAP PDC server ; wins support = no ; wins server = w.x.y.z interfaces = eth1 ; pam password change = Yes dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 ; syslog only = yes syslog = 0 panic action = /usr/share/samba/panic-action %d name resolve order = lmhosts host wins bcast AUTENTIFICACION## security = user encrypt passwords = true passdb backend = ldapsam:ldaps://shogun.ironman.es:636 ; ldap passwd sync = only ; guest account = guest invalid users = root unix password sync = no ; ldap password sync = yes passwd program = /usr/local/sbin/smbldap-passwd -o %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . ; obey pam restrictions = yes ; pam password change = no #KERBEROS use kerberos keytab = yes realm = IRONMAN.ES ;security = ads #LDAP# ldap admin dn = cn=admin,dc=ironman,dc=es ldap ssl = on ldap delete dn = no ldap suffix = dc=ironman,dc=es ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=machines ## Printing ## # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # lpr(ng) printing. You may wish to override the location of the # printcap file ; printing = bsd ; printcap name = /etc/printcap # CUPS printing. See also the cupsaddsmb(8) manpage in the# When using [print$], root is implicitly a 'printer admin', but you can # also give this right to other users to add drivers and set printer # properties printer admin = @domainprintoperators ###PDC###3 os level = 80 preferred master = yes domain master = yes local master = yes domain logons = yes logon path = //SHOGUN/profiles/%u logon drive = V: logon home = //SHOGUN/%u logon script =%u.bat ; domain admin group = @domainadmins add user script = /usr/local/sbin/smbldap-useradd -w %u Misc socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash add user script = /usr/local/sbin/smbldap-useradd -w %u File sharing # Name mangling options ; preserve case = yes ; short preserve case = yes # cupsys-client package. printing = cups printcap name = cups ;ads server = 192.168.2.3 _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba + kerberos
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hey, I read something about samba can use kerberos password from an external kdc using pam... someone knows how can do it thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF7fB2u1kTJztljjMRAmuNAJ4+WTCtVWqPEAtjbBLQhV8Tf+yDSQCfRNH1 3VJ6ZyRIVZeazS6k7d/X+Pg= =m+G7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba profiles and homes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, I like my homes and profiles don't do roaming...i mean work directly to the server...I have a pdc in samba over ldap...and i want winxp mount the units in net for homes and profiles and work over them instead download at first and upload and the end of session...someone know how can i do... thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF7fASu1kTJztljjMRAtlJAJ4j3XDhN83qIRG/UF3Ct71WEJHVfACeJtVf xeRh+zXwbkdl/u8GAeBWijU= =GjE4 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba attributes for openldap
Hi, (sorry for my english I'm a telecomunications student from spain) I'm building a PDC with samba from a ldapbackend which was created without samba attributes...it's a very big database...does someone know how can I add the samba attributes to all users..? and what attributes I have to add so that the pdc have the next characteristics: - backend openldap(replica-server,it's not the master, i think i'll have to add attributes on both servers) - kerberos passwords - home directory and profile in the server by openafs or samba thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
hey... I build a pdc with openldap samba and kerberos...it works right ...almost...i can't change passwords...i mean if i change the password in linux samba don't see it and if i change the password in win kerberos don't see it...i read something about the module smbk5pwd overlay...i installed...but i don't get unify all passwd ... can you help me with some advise or howto? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] slow profiles
Hi I read this mail somedays ago and I tried to use changing the variables that it says but it still doing roaming...I use a net unit mount in V:\ where is the profile and every directory is path AppData=V: \Datos de programa like this... someone can help me thanks On mié, 2006-10-25 at 11:32 -0300, Felipe Augusto van de Wiel wrote: > On 10/10/2006 08:22 AM, Lluís Forns Puigmartí escreveu: > > Hello, I am new to Samba and I have to administrate a server working ok; > > but some users have huge profiles (about 10Gb), and each login takes > > really long. > > > > I think the problem exists because each login all the profile is > > download, and at logout it is upload. > > Is there a way to use all the profile from the server? I have you can > > modify all of this by changing: > > > > [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User > > > > Shell Folders] > > AppData=%USERPROFILE%\Datos de programa > > Cookies=%USERPROFILE%\Cookies > > ... > > .. > > > > to > > [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User > > > > Shell Folders] > > AppData=P:\Profile\Datos de programa > > Cookies=P:\Profile\Cookies > > ... > > .. > > > > am I right? is there a way to make all this changes without using > > regedit on each user?. > > Yes, there are a few options on that matter, please check > the Official HOWTO, chpater of Desktop Profile Management. :) > > http://samba.org/samba/docs/man/Samba-HOWTO-Collection/ProfileMgmt.html > > > > thanks a lot and excuse me for my poor English > > Kind regards, > > -- > Felipe Augusto van de Wiel <[EMAIL PROTECTED]> > Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE > http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] netlogon error
Hi I mounted a pdc with ldap and samba, it works right...but when I use the script to mount a net unit it fails... i can mount it manually ...and if i execute the script like the user it ask me the username and the password..but also fails...someone know what happen? my script is this: net time \\shogun net use z: \\shogun\profiles\ thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error ldapsam
hi I have pdc with openldap and samba...two server a master(shogun) and slave(shinobi), two works right and are replicated, and samba works right just when ldapsam is pointed to the same host where it installed (samba is in shogun the master) i mean "passdb backend = ldapsam:ldaps://shogun.ironman.es:636" , it works right...but when i put "passdb backend = ldapsam:ldaps://shinobi.ironman.es:636" or "passdb backend = ldapsam:"ldaps://shogun.ironman.es:636 ldaps://shinobi.ironman.es:636", it works just when shogun is up. I test shinobi for auth and it works right. The certificates are right cause i can get auth from all machines and when i start samba teh log don't show any thing wrong. My smb.conf [global] workgroup = IRONMAN netbios name = SHOGUN server string = SAMBA-LDAP PDC server ; wins support = no ; wins server = w.x.y.z interfaces = eth1 pam password change = Yes dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 ; syslog only = no syslog = 0 panic action = /usr/share/samba/panic-action %d name resolve order = lmhosts host wins bcast AUTENTIFICACION## security = user encrypt passwords = true passdb backend = ldapsam:ldaps://shogun.ironman.es:636 ;ldappassword sync =yes ; guest account = guest ; invalid users = root unix password sync = no ldap password sync = yes passwd program = /usr/local/sbin/bin/smbldap-passwd -o %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX \spassword:* %n\n . ; obey pam restrictions = yes ; pam password change = no #LDAP# ldap admin dn = cn=admin,dc=ironman,dc=es ldap ssl = on ldap delete dn = no ldap suffix = dc=ironman,dc=es ldap user suffix = ou=people ldap group suffix = ou=groups ldap machine suffix = ou=machines ## Printing ## # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # lpr(ng) printing. You may wish to override the location of the # printcap file ; printing = bsd ; printcap name = /etc/printcap # CUPS printing. See also the cupsaddsmb(8) manpage in the # cupsys-client package. printing = cups printcap name = cups # When using [print$], root is implicitly a 'printer admin', but you can # also give this right to other users to add drivers and set printer # properties printer admin = @domainprintoperators ###PDC###3 os level = 80 preferred master = yes domain master = yes local master = yes domain logons = yes ; logon path = //SHOGUN/profiles/%u logon drive = V: logon home = //SHOGUN/%u logon script =%u.bat ; domain admin group = @domainadmins add user script = /usr/local/sbin/smbldap-useradd -w %u File sharing # Name mangling options ; preserve case = yes ; short preserve case = yes Misc socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash add user script = /usr/local/sbin/smbldap-useradd -w %u #=== Share Definitions === [homes] comment = Home Directories browseable = no writable = yes create mask = 0700 directory mask = 0700 [printers] comment = All Printers browseable = no path = /var/spool/samba browseable = no guest ok = no create mask = 0700 use client driver = no printable = yes public = yes writable = no printer admin = root, @domainprintoperators [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no ; write list = root, chechu [netlogon] comment = Network Logon Service path = /home/users/netlogon writeable = no share modes = no guest ok = yes write list = @domainadmins [profiles] comment = User's Profiles path = /home/users/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 guest ok = yes [peliculas] comment = Peliculas path = /mnt/media/peliculas writable = no browseable = yes guest ok = no [videoclips] comment = Videoclips path = /mnt/ftp/videoclips writable = no browseable = yes guest ok = no [series] comment = Series path = /mnt/media/series writable = no browseable = yes guest ok = no [musica] comment = musica path = /mnt/media/musica writable = no browseable = yes guest ok = no [mldonkey] comment = Peliculas path = /mldonkey writable = no browseable = yes guest ok = no [pelis] comment = Peliculas path = /pelis writable = no browseable = yes gu
[Samba] no version information avaible
hi¡¡ Someone knows why i get this error after install cyrus-sasl from the source and how to solve it: /usr/lib/libsasl2.so.2: no version information available (required by /usr/lib/libldap_r.so.2) thanks¡ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba