[Samba] Re: Re: Date Mismatch
My German is not too good anymore, but it doesn't sound like the same problem, really. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Date Mismatch
The files are getting created on the client by all sorts of different methods, MS Word, Excel, Acrobat, or from an email attachment. It gets created on the server when the user logs out and the profile gets synchronized. Thanks for your reply - can you send me any information about the other people who have had similar problems? Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Date Mismatch
I've posted this problems before but have some new information. Suse 9.1, kernel 2.6.5-7.111-smp, reiserfs, SAMBA 3.0.9 (just upgraded to 3.0.20 today), OpenLDAP backend, as a PDC. I've had a series of files get created in user profiles with a mtime of Dec 13, 1901 14:45. 'stat -c %Y' reports -2147483648. When a user attempts to delete these files from their profile and then log out, the file does not get deleted from the server copy of the profile. I figured out that this was because SAMBA represents this date to Windows as Jan 2038 so it thinks the server copy has a newer file in it. I suspected this was a Windows problem, but it appears in every version of Windows, not just XP. If I touch the file and give it any other date, Say Dec 14, 1901 14:45, Windows correctly displays that date. This is not a filesystem problem, fscheck is clean as a whistle, this must be a SAMBA issue. I suspect that whatever problem causes the misrepresentation in date is also what causes the date to be wrong in the first place. Any help? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba and MSI package installer
If using a guest account, I think null passwords must be enabled in the global section. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba-3.0.10 domain issue
Are the netbios names the same for all OSes or different? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Change time causes profile corruption
Jerry, Wow, now this problem has changed a bit - the same user received yet another file but this time with the correct times. He saved it to his desktop and the times were once again correct. When he logged out, however, the file time on the PDC was set to Dec 13, 1901 - Since the Windows client is apparently initially setting the time correctly and the time only changes when SAMBA gets ahold of it, this is starting to sound like a SAMBA bug. Perhaps a true level 10 on logout is in order, would you like that? >> Could you send me a level 10 debug from smbd of the >> file with a 0 mtime getting created ? I've got a >> feeling something else is going on here. > > Well, not exactly. The production server serves several users as minute > so a level 10 log would produce so much output it would be unusable. > > Here's what I have. I upped the log level on an internal only server and > booted everyone off - then uploaded the file. This should be the same, > right? > > I've attached the log from that operation. If this is not sufficient, I > can try to replicate it in my test domain environment, but it's tied up > right > now. I might also try to come in on a weekend when the use would be low > and the output not so high. > > Thanks for the help, > Danny -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Profiles share on BDC
It occurs to me that I should have attached the smb.conf files --PDC-- [global]         workgroup = DOMAIN         server string = "Primary Domain Controller"         null passwords = Yes         passdb backend = ldapsam:ldap://XX         log level = 1         syslog = 0         name resolve order = wins hosts bcast         time server = Yes         socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY         show add printer wizard = No         add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'         delete user script = /var/lib/samba/sbin/smbldap-userdel.pl '%u'         add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'         delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g'         add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g'         delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl-x '%u' '%g'         set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u'         add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'         logon script = netlogon.cmd         logon path = \\XX\profiles\%U         logon home = \\XX\profiles\%U         domain logons = Yes         os level = 75         preferred master = Yes         domain master = Yes         wins support = Yes         ldap admin dn = cn=Manager,XX         ldap group suffix = ou=group         ldap idmap suffix = ou=Idmap         ldap machine suffix = ou=people         ldap suffix = dc=XX         ldap user suffix = ou=people         idmap backend = ldap://XX         idmap uid = 1-2         idmap gid = 1-2         profile acls = Yes         map acl inherit = Yes [netlogon]         comment = "Net logon share"         path = /netlogon         write list = root [profiles]         comment = "Roaming profile share"         path = /profiles         read only = No         hide files = /desktop.ini/Desktop.ini/DESKTOP.INI/ --BDC-- [global] workgroup = DOMAIN server string = "Backup Domain Controller" passdb backend = ldapsam:ldap://172.22.10.23 log level = 1 syslog = 0 logon path = \\pdc\profiles\%U logon home = \\pdc\profiles\%U domain logons = Yes domain master = No wins server = ldap admin dn = uid=root,ou=People,dc=columbia,dc=mo,dc=gov ldap group suffix = ou=group ldap idmap suffix = ou=Idmap ldap machine suffix = ou=people ldap suffix = dc=XX ldap user suffix = ou=people idmap backend = ldap:// idmap uid = 1-2 idmap gid = 1-2 [genvol] comment = "General Storage" path = /data/genvol valid users = helpdesk read only = No [webdata] comment = "Web data" path = /data/www valid users = helpdesk read only = No [backup] comment = "Backup Volume" path = /data/backup valid users = helpdesk read only = No [inventory] comment = "Inventory 2005" path = /data/www/secure/inventory2005 valid users = inventory read only = No [netlogon] comment = "Net logon share" path = /netlogon write list = root -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Profiles share on BDC
Greetings, I have a Suse 9.3 server running 3.0.9 as a PDC, using OpenLDAP as the passdb and idmap backend. I also have a 3.0.9 server set up as an OpenLDAP slave, but it only serves files. I decided that I'd like to set this other server up to service logins as well. When I add the "domain logons = yes" in this server's smb.conf file, I get some rather strange behavior. Many users experience no problems whatsoever and logons are a little speedier (to be expected). Other users, on the other hand, are able to log in, but after their profile has loaded, they are informed that a domain controller could not be contacted and changes to their profile will not be saved. Note that this occurs AFTER the profiles has loaded - the user is at the desktop, with all their icons when a modal dialog box gives them this error. Even stranger, the %logonserver% environment variable is set to the PDC! When I set "domain logons = no" on the BDC, everything behaves properly. Every user has the sambaProfilePath explicitly set in the LDAP directory. Also logon home and logon path are set the same on both PDC and BDC. 'pdbedit -v' outputs the exact same information whether run on PDC or BDC. I can't understand why some users have this experience and some do not. I do not, however, have a profiles share set up on the BDC. In reading the "By Example" book, it does not explicitly state that I must have it set, however the "500 user office" BDC does have a profiles share. I'm wondering if BDCs need a profiles share, even if it only shares an NFS export from the PDC. Is that the case? I have one other possibility. Since the BDC was not alwasy a BDC, it had its own SID for most of its life. While I did do a "net rpc getsid" and a "net rpc join", the old sid still appears in the secrets.tdb along with the new sid. I'm thinking of erasing the .tdb files and starting over - could smbd be reading the wrong SID and thus somehow cause the problem? Many thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: find_domain_master_name_query_fail
I agree with John's port 139 fix - you might also try setting domain master = yes if there is not already another server serving this purpose. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: find_domain_master_name_query_fail
Please post a copy of your smb.conf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Change time causes profile corruption
> Could you send me a level 10 debug from smbd of the > file with a 0 mtime getting created ? I've got a > feeling something else is going on here. Well, not exactly. The production server serves several users as minute so a level 10 log would produce so much output it would be unusable. Here's what I have. I upped the log level on an internal only server and booted everyone off - then uploaded the file. This should be the same, right? I've attached the log from that operation. If this is not sufficient, I can try to replicate it in my test domain environment, but it's tied up right now. I might also try to come in on a weekend when the use would be low and the output not so high. Thanks for the help, Danny [2005/07/14 14:16:40, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/07/14 14:16:40, 3] smbd/error.c:error_packet(129) error packet at smbd/notify.c(55) cmd=160 (SMBnttrans) NT_STATUS_CANCELLED [2005/07/14 14:16:40, 6] lib/util_sock.c:write_socket(449) write_socket(22,75) [2005/07/14 14:16:40, 6] lib/util_sock.c:write_socket(452) write_socket(22,75) wrote 75 [2005/07/14 14:16:40, 3] smbd/notify_kernel.c:kernel_remove_notify(144) kernel_remove_notify: fd=28 [2005/07/14 14:16:40, 3] smbd/nttrans.c:reply_ntcancel(1523) reply_ntcancel: cancel called on mid = 3971. [2005/07/14 14:16:40, 10] lib/util_sock.c:read_smb_length_return_keepalive(505) got smb length of 41 [2005/07/14 14:16:40, 6] smbd/process.c:process_smb(1091) got message type 0x0 of len 0x29 [2005/07/14 14:16:40, 3] smbd/process.c:process_smb(1092) Transaction 92 of length 45 [2005/07/14 14:16:40, 5] lib/util.c:show_msg(461) [2005/07/14 14:16:40, 5] lib/util.c:show_msg(471) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=5763 smt_wct=3 smb_vwv[ 0]= 7116 (0x1BCC) smb_vwv[ 1]=65535 (0x) smb_vwv[ 2]=65535 (0x) smb_bcc=0 [2005/07/14 14:16:40, 3] smbd/process.c:switch_message(887) switch message SMBclose (pid 29010) conn 0x82d7bf0 [2005/07/14 14:16:40, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (1091, 513) - sec_ctx_stack_ndx = 0 [2005/07/14 14:16:40, 5] auth/auth_util.c:debug_nt_user_token(491) NT user token of user S-1-5-21-175737297-2311997533-1601259624-3182 contains 9 SIDs SID[ 0]: S-1-5-21-175737297-2311997533-1601259624-3182 SID[ 1]: S-1-5-21-175737297-2311997533-1601259624-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-175737297-2311997533-1601259624-1029 SID[ 6]: S-1-5-21-175737297-2311997533-1601259624-1033 SID[ 7]: S-1-5-21-175737297-2311997533-1601259624-1035 SID[ 8]: S-1-5-21-175737297-2311997533-1601259624-1067 [2005/07/14 14:16:40, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 1091 Primary group is 513 and contains 5 supplementary groups Group[ 0]: 14 Group[ 1]: 16 Group[ 2]: 17 Group[ 3]: 33 Group[ 4]: 513 [2005/07/14 14:16:40, 5] smbd/uid.c:change_to_user(281) change_to_user uid=(1091,1091) gid=(0,513) [2005/07/14 14:16:40, 3] smbd/reply.c:reply_close(2758) close directory fnum=7116 [2005/07/14 14:16:40, 5] smbd/files.c:file_free(385) freed files structure 7116 (2 used) [2005/07/14 14:16:40, 5] lib/util.c:show_msg(461) [2005/07/14 14:16:40, 5] lib/util.c:show_msg(471) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=5763 smt_wct=0 smb_bcc=0 [2005/07/14 14:16:40, 6] lib/util_sock.c:write_socket(449) write_socket(22,39) [2005/07/14 14:16:40, 6] lib/util_sock.c:write_socket(452) write_socket(22,39) wrote 39 [2005/07/14 14:16:40, 10] lib/util_sock.c:read_smb_length_return_keepalive(505) got smb length of 36 [2005/07/14 14:16:40, 6] smbd/process.c:process_smb(1091) got message type 0x0 of len 0x24 [2005/07/14 14:16:40, 3] smbd/process.c:process_smb(1092) Transaction 93 of length 40 [2005/07/14 14:16:40, 5] lib/util.c:show_msg(461) [2005/07/14 14:16:40, 5] lib/util.c:show_msg(471) size=36 smb_com=0xa4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=888 smb_uid=101 smb_mid=4032 smt_wct=0 smb_bcc=0 [2005/07/14 14:16:40, 3] smbd/process.c:switch_message(887) switch message SMBntcancel (pid 29010) conn 0x82d7bf0 [2005/07/14 14:16:40, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/07/14 14:16:40, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2005/07/14 14:16:40, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/07/14 14:16:40, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/07/14 14:16:40, 3] smbd/error.c:error_packet(129) error packet at smbd/notify.c(55) cmd=160 (SMBnttrans) NT_STATUS_CANCELLED [2
[Samba] Re: Change time causes profile corruption
Jerry, In this particular instance, the user received the files via email from an external source, so it's really hard to say exactly why the date is 0. I can be sure, however, that the date is like that on the file before it enters our network. I've had similar problems before, for example if you FTP a file from a site that has an cheap FTP daemon or some sort of filesystem issue. I suspect there is nothing really that can be done about this, except to advise the user to check these things out before he/she logs out. In an ideal world, the time would be set and this wouldn't be an issue. However, this has happened numerous times in the past and will likely keep happening well into the future. Also I've been thinking, it's possible that the mtime is actually maxed out as opposed to blank. Perhaps Linux is looking at it as a negative number using 2's complement arithmetic while Windows is looking at it as a positive number. Anyway, I'm beat. I have no idea what to do about those stupid things. I suppose I could write a cron job to touch any files with that date? What say you? Thanks for your reply. Later, Danny -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Blank ctime or mtime causes on files in profile
I have Samba 3.0.9 running on SuSE 9.2, 2.6.5-7.111-smp kernel. SAMBA is a PDC using OpenLDAP as a passdb backend. Workstations are combination w2k SP3, SP4, and Windows XP SP1. The problem I have is with profile synchronization. If a user obtains a file that has a blank modified time, Windows substitutes Jan 13, 2038 for the date. When the user logs out, the file is copied to the share with the modified date of Jan 13, 2038 AND a creation date of the same. Normally, this wouldn't be a problem. However, when the user deletes the file and logs out, the file isn't deleted from the share. This behavior is of course because the date on the file is greater than the folder that contains it. Windows then assumes that the file was created after the current session was started so it merges with the rest of the profile. Now, when the user logs in, that file is back. The file can only be deleted via shell session on connecting to the share. As an interesting side note, I discovered that any file with that date/time stamp under Windows has a timestamp of Dec 13, 1901 under Linux. Any suggestions? smb.conf attached [global]         workgroup = XX         server string = "XX Primary Domain Controller"         null passwords = Yes         passdb backend = ldapsam:ldap://XX         log level = 1         syslog = 0         name resolve order = wins hosts bcast         time server = Yes         socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY         show add printer wizard = No         add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'         delete user script = /var/lib/samba/sbin/smbldap-userdel.pl '%u'         add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'         delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g'         add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g'         delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl-x '%u' '%g'         set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u'         add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'         logon script = netlogon.cmd         logon path = \\XX\profiles\%U         logon home = \\XX\profiles\%U         domain logons = Yes         os level = 75         preferred master = Yes         domain master = Yes         wins support = Yes         ldap admin dn = cn=Manager,XX         ldap group suffix = ou=group         ldap idmap suffix = ou=Idmap         ldap machine suffix = ou=people         ldap suffix = dc=XX         ldap user suffix = ou=people         idmap backend = ldap://XX         idmap uid = 1-2         idmap gid = 1-2         profile acls = Yes         map acl inherit = Yes [netlogon]         comment = "Net logon share"         path = /netlogon         write list = root [profiles]         comment = "Roaming profile share"         path = /profiles         read only = No         hide files = /desktop.ini/Desktop.ini/DESKTOP.INI/ Yes, I'm aware that all those X's might be a problem - no they're not actually in the file!-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Change time causes profile corruption
Greetings, I have Samba 3.0.9 running on SuSE 9.2, 2.6.5-7.111-smp kernel. SAMBA is a PDC using OpenLDAP as a passdb backend. Workstations are combination w2k SP3, SP4, and Windows XP SP1. The problem I have is with profile syncronization. If a user obtains a file that has a blank modified time, Windows substitutes Jan 13, 2038 for the date. When the user logs out, the file is copied to the share with the modified date of Jan 13, 2038 AND a creation date of the same. Normally, this wouldn't be a problem. However, when the user deletes the file and logs out, the file isn't deleted from the share. This behavior is of course because the date on the file is greater than the folder that contains it. Windows then assumes that the file was created after the current session was started so it merges with the rest of the profile. Now, when the user logs in, that file is mysteriously back, causing a great deal of confusion, frustration, paranoia, and eventually dementia for the user and, now, the SAMBA administrator! As an interesting side note, I discovered that any file with that date/time stamp under Windows has a timestamp of Dec 13, 1901 under Linux. I suppose that this is due to a '0' in that field being misinterpreted by Windows as 1 second beyond the maximum possible date (Those familiar with binary math using 2's complement know exactly what I'm talking about.) Any suggestions? smb.conf attached: [global] workgroup = XX server string = "XX Primary Domain Controller" null passwords = Yes passdb backend = ldapsam:ldap://XX log level = 1 syslog = 0 name resolve order = wins hosts bcast time server = Yes socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY show add printer wizard = No add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u' delete user script = /var/lib/samba/sbin/smbldap-userdel.pl '%u' add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g' delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g' add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g' delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl-x '%u' '%g' set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u' add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u' logon script = netlogon.cmd logon path = \\XX\profiles\%U logon home = \\XX\profiles\%U domain logons = Yes os level = 75 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=Manager,XX ldap group suffix = ou=group ldap idmap suffix = ou=Idmap ldap machine suffix = ou=people ldap suffix = dc=XX ldap user suffix = ou=people idmap backend = ldap://XX idmap uid = 1-2 idmap gid = 1-2 profile acls = Yes map acl inherit = Yes [netlogon] comment = "Net logon share" path = /netlogon write list = root [profiles] comment = "Roaming profile share" path = /profiles read only = No hide files = /desktop.ini/Desktop.ini/DESKTOP.INI/ Yes, I'm aware that all those X's might be a problem - no they're not actually in the file! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Nagging error
I believe this is caused by Windows' inability to decide which port to communicate on. Linux initiates a conversation on both ports, Windows picks one, and the other times out. This is not an error but peculiarity. Don't worry about it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Questions to share right's
The "write list" directive is used to override the 'read only' or 'writeable' directive. The best way to achieve what you want to do is put all the users that need write access to this share in one group. Remove the "write list" directive, and change the group owner ship of /daten/Install to that group and the mode to 660. This will allow access to that group and the owner, but not anyone else. See if this works for you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: help needed to move from Samba 2 to 3
You should post your smb.conf and exactly what Windows error message you are receiving. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Number of SAMBA client
It has been my experience that each SAMBA process has a resident stack size of about 3-4MB. You will have one SAMBA process for each active SAMBA connection. NMBD memory use seems to be low, 2 processes at around 2-3 MB each. So, let's say you have a domain with 100 users; plan on 300-400 MB of RAM just for SAMBA. Then you must consider the recommendations for your host OS, + any other service you intend on running. Also consider the throughput of your storage devices. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: getent doesn't find the ldap users
PAM and SLAPD both usually write errors to /var/log/messages. Try doing a follow (tail -f /var/log/messages) on one terminal while doing a getent on another terminal. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba share problem
> > If a user belong to group 'a' logs into the windows PC > he can access the folder "ab" but he can also see the > shared "cd" folder. If he tries to access this "cd" > folder he is asked with username and pasword. If he > gives the correct username/password of a broup 'b' > user he is not able to get into the "cd" folder. > > How can I make samba to allow users belonging to group > 'a' to access "cd" folder when he gives the userame > password of a group 'b' user. I don't believe Windows will allow you to connect to the same server with two different usernames. In order to connect to the CD chare, the user would first have to clear his connections to the AB share first. To test this, try mapping drives using the windows net use command: 1st, net use * \\server\ab /user:auser /persistent:no 2nd, net use * \\server\cd /user:buser /persistent:no If the 2nd command fails with "Multiple connections not allowed" then that is the problem. Your best bet is to make another group of AB users that should also be allowed access to CD stuff. Then add that group to the valid users directive. All the best! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: pdc dont save the profile
> > the problem was the client. the owner played to much with the admin rights > the settings r completly changed. > > but perhaps u can tell my what u mean with profile share? It looks like from your config file that the logon path directive is \\SAMBA_PDC\profiles\%U. This means that profiles would be stored on server SAMBA_PDC, on share profiles, in a subdirectory that is the same as However, you do not have a "profiles" share defined. The standard profiles share looks something like this: [profiles] comment = "Roaming profile share" path = /profiles read only = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: group policies in samba PDC for windows 2000 professional and xp clients
The only thing I've tried with any success is to find the registry keys that need to be changed, create a patch, and add regedit /s patch_name.reg to the user's login script. Of course, if you need to set Machine Settings as opposed to user settings, this will not work because the user is not allowed to change this settings. John, I'd be interested in testing this with you and helping with documentation. Can you send me what you have? Thanks, Danny Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Migration script from smbpasswd to LDAP
Modify your smb.conf file to include the necessary ldap parameters and then set the LDAP secret password with smbpasswd -w. Then use pdbedit to export your users to the LDAP database, like so: pdbedit -i smbpasswd -e ldapsam Good luck! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Share reversal
Can you please include your host OS and your smb.conf file? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: group policies in samba PDC for windows 2000 professional and xp clients
I don't believe there is any way to create group policies on SAMBA domain controllers. However, you can make NT4 style domain policies. Use "poledit" from the WindowsNT resource kit to create your policies. Save the policy as ntconfig.pol in the netlogon share. These policies will work with Windows2000 and XP. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: pdc dont save the profile
It doesn't appear that you have a profiles share. This is pretty important if you want to save your profiles. Also, you smb.conf file seems pretty bloated. Typically, I make my config file as smb.conf.master. Then, I run testparm -s smb.conf.master > smb.conf. This command outputs the options in a logical format and discards the comments and unneccessary commands. This increases the performance and readability of the smb.conf file. Happy Holidays P.S. Please respond to this thread instead of directly to my email account -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Groupmap problem
> ldap passwd sync = Yes > ldap delete dn = yes > ldap suffix = dc=ZahidTractor,dc=com > ldap user suffix = dc=zahidtractor,dc=com > ldap group suffix = dc=zahidtractor,dc=com > ldap group suffix = dc=zahidtractor,dc=com > ldap machine suffix = ou=Computers First of all, you have two group suffix directives, when you should only have one. Beyond that, they are both incorrect, along with the user and machine suffixes. The group suffix, along with machine suffix, user suffix, etc are additive to the ldap suffix. Your config should look something like this: ldap group suffix = ou=group ldap idmap suffix = ou=Idmap ldap machine suffix = ou=people ldap suffix = dc=zahidtractor,dc=com This causes the context of the group to be ou=group,dc=zahidtractor,dc=com. Also, the Machines and Users must be stored in the same OU. It appears that you have users stored in one OU and Computers stored in another OU. I don't believe this is supported right now. (I believe this is because PAM will only search one OU for a UNIX user instead of multiples.) Please reply to this thread instead of my email address. Happy Holidays! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Unable to access shares on a Linux Samba server
Sounds like the SAMBA machine isn't joined to the domain. Try that and see if that helps. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba Question
This is not a SAMBA isssue but a workstation issue. Chances are, Windows is trying to connect as whatever user you are logged into the machine as. Example, if you log in to the machine as user 1, windows sends user1 as it's authentication information with each communication. If you have one SMB connection to a computer as user1, Windows will not allow you to make another SMB connection as user2 until the first is disconnected. If you want to specify that WIndows is to connect with a different username in the case of mapping a drive, try: net use \\server\share /user: Once again, this will not work if you are already have a drive or printer mapped to that server as another user. This will not work on 9x or ME. Your only option on 9x is to reboot and log in as a different user. Also, for future reference, please always include your server os, client os, samba version, smb.conf file, any other pertinent information, and a subject that gives some clue to what your problem may be. Since you are posting to a SAMBA group, we know that you have a problem with SAMBA. For this, "Can only connect as one user" or something of that nature would be appropriate. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Group permissions not working on 3.0.8
Try removing these lines from the share definition and see what you get. > force group = +developers_group ... > force directory mode = 070 > write list = @developers_group -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Upgrade from 3.0.2 --> 3.0.7
> Here are my questions: > 1). Can someone give me more detail on the "syntax errors" that were > corrected? There were certain problems in the samba.schema file of the 3.0.6 release that went unnoticed until after the release. The SAMBA team quickly made available a good samba.schema file and incorporated it into the next release (3.0.7). > 2). Also, what (if any) effect will I see if I use my existing > schema/directory with the 3.0.7? As far as I know, you should see no ill effect using your existing directory. You should, howver, use your new samba.schema in place of your 3.0.2 version. > 3). What's the proper procedure to upgrade the directory so that it *can* > use the updated schema? As far as I know, there should be no conversion necessary. If you were, however, as paranoid as I am you would first make sure you have a thourough backup of your current setup in case your had to roll back. Next, I would export the entire LDAP directory to an LDIF file for safekeeping. Then upgrade to 3.0.7 and everything should fly fine. If SAMBA refuses to function after the upgrade, first do a testparm, since some options have changed since 3.0.2. If SAMBA acts like the info in the directory is no good, clear out the entire directory. Verify the samba.schema is the one shipped with 3.0.7. Then import those LDIF files again. I cannot imagine a scenario in which an upgrade would fail after all of that, but of course. Good luck. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: SAMBA problem.
1st-"SAMBA Problem" is a terrible problem description. Read SAMBA Newsgroup etiquette: http://us1.samba.org/samba/ml-etiquette.html 2nd-Most errors can be pinpointed by tailing the samba log file. For instance, if your log file was /usr/local/samba/var/log.smbd then do 'tail -f /usr/local/samba/var/log.smbd' Then do whatever causes the error. The tail command will output the lines that get added to the end of the log file. This may help you narrow the problem down. > SAMBA share. Sometimes we face the problem of read/write access to the > files shared by SAMBA on UNIX server. Can you be more specific? When is this occurring? > Please guide us to resolve the problem and let us know if you need any > further information. Start by posting more helpful information, like your smb.conf file and other details of your configuration. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: SAMBA / LDAP / Domain Password change problem - Repost, actually making some progress
Hmmm. Glad to hear WINS fixed some of the issues. I checked out your slapd.conf and everything looks fine there. I then reread you previous posts and realized the computers and users are in separate OUs. PAM/NSS only allows for one OU for Users, and since a machine to UNIX is just another user, they must all be in the same OU. Try putting your machines and users in the same OU and changing all of your config files to reflect this changes. Also, make sure that the user you are using to add machines to the domain has the right to do so. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Re: SAMBA / LDAP / Domain Password change problem
Ok, now it sounds like the account SAMBA uses to sonnect to LDAP is too restricted. Attach your slapd.conf. John Schmerold wrote: > First I setup DHCP on the server - we were using the Linksys router to > provide DHCP > > Then did following: > service smb stop ; service winbind stop ; rm -f > /var/cache/samba/wins.dat ; service smb start ; service winbind start > Same problem > > I looked at the log file for one of the computers that won't join the > domain. It says the following: > cat /var/log/samba/log.ron_laptop > [2004/11/30 11:25:24, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1870) > ldapsam_add_sam_account: failed to modify/add user with uid = > ron_laptop$ (dn = uid=ron_laptop$,ou=Computers,dc=twinoakschurch,dc=org) > [2004/11/30 11:25:24, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2277) > could not add user/computer ron_laptop$ to passdb. Check permissions? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: SAMBA / LDAP / Domain Password change problem
Remove the 'pam password change' option along with the 'remote announce'. Also take out the 'password chat' option - it's not needed with ldapsam. It sounds like maybe your clients don't realize your PDC is also a WINS server. Is that info added to DHCPd? If not, are the clients configured to use it as a WINS server manually? Also, I still stand by the wins.dat fix. It seems like the wins file is corrupted. Try it again after everyone has left for the day. One more thing, run your config through testparm to make sure there are no errors. Then catch the output of the testparm -s into a new smb.conf file. This way the conf file is optimised and the errors are removed. I usually make all my changes to smb.conf.master, then do testparm -s smb.conf.master > smb.conf. Also, please do not contact me directly - only through the newsgroup posting. >>>John Schmerold <[EMAIL PROTECTED]> 11/30 1:26 pm >>> Danny, Thanks but that didn't solve the problem, matter of fact things have gotten a little worse since I first wrote. None of the XP boxes will join the TOPC domain, boxes that have already joined aren't having the problem, just new joins seem to be giving us trouble. I'll wait until end of day when everyone is off system & try the wins.dat delete trick again, I've also added a couple lines that may make a difference with regard to the password change issue: pam password change = yes &the browsing issue: remote announce = 192.168.70.255 local master = Yes Thanks again, it's really helpful having someone that knows what they are doing help out. John John Schmerold Katy Computer & Wireless 20 Meramec Station Rd Valley Park MO 63088 636-861-6900 v 775-227-6947 f Danny Paul wrote: >While it looks wrong, it is correct. It means the subnet at that interface, >so you're OK there. > >What you're experiencing is bad entries in the WINS.DAT file. You should >stop smbd and nmbd, delete the wins.dat file >(/usr/local/samba/var/locks/wins.dat), then restart smbd and nmbd. That >should fix your problem. > > >John Schmerold wrote: > > > >>cat /var/log/samba/nmbd.log | grep error shows: >>Âregister_name_response: WINS server at IP 127.0.0.1 rejected our name >>registration of TOPC<00> IP 192.168.70.10 with error code 5. >>Âregister_name_response: WINS server at IP 127.0.0.1 rejected our name >>registration of TOPC<1e> IP 192.168.70.10 with error code 5. >>lists.samba.org has reported this error 6 times with no solutions >>listed, any idea what I'm doing wrong >> >>tail -50 < /var/log/samba/nmbd.log shows following may be a problem, >>what do you think? >>Samba server FS1 is now a domain master browser for workgroup TOPC on >>subnet UNICAST_SUBNET >>Samba server FS1 is now a domain master browser for workgroup TOPC on >>subnet 192.168.70.10 >> >>Shouldn't the second line read 192.168.70.0 ? >> >> >> > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: SAMBA / LDAP / Domain Password change problem
While it looks wrong, it is correct. It means the subnet at that interface, so you're OK there. What you're experiencing is bad entries in the WINS.DAT file. You should stop smbd and nmbd, delete the wins.dat file (/usr/local/samba/var/locks/wins.dat), then restart smbd and nmbd. That should fix your problem. John Schmerold wrote: > cat /var/log/samba/nmbd.log | grep error shows: > register_name_response: WINS server at IP 127.0.0.1 rejected our name > registration of TOPC<00> IP 192.168.70.10 with error code 5. > register_name_response: WINS server at IP 127.0.0.1 rejected our name > registration of TOPC<1e> IP 192.168.70.10 with error code 5. > lists.samba.org has reported this error 6 times with no solutions > listed, any idea what I'm doing wrong > > tail -50 < /var/log/samba/nmbd.log shows following may be a problem, > what do you think? > Samba server FS1 is now a domain master browser for workgroup TOPC on > subnet UNICAST_SUBNET > Samba server FS1 is now a domain master browser for workgroup TOPC on > subnet 192.168.70.10 > > Shouldn't the second line read 192.168.70.0 ? > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: SAMBA / LDAP / Domain Password change problem
Do a tail -25 . This will give you the last 25 lines of the nmbd log file. See if there are any error messages relating to name resolution problems or errors registering domain names. If you are having such errors, stop smbd & nmbd, remove wins.dat (probably /usr/local/samba/var/locks/wins.dat), then restart smbd & nmbd. Best of luck -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: PROFILES - XP - SAMBA 3.0.8 - 3.0.9
1. What is the specific error message your users recieve? 2. Who is the owner/group of the profile you are trying to load? 3. What is the mode of that directory? 4. What is the mode of the /raid/smb/profiles directory? 5. For a given user, what does pdbedit -v report as that user's profile directory? Jan Kellerhoff wrote: > Danny Paul wrote: > >>Please post a copy of your smb.conf >> >> >> > > Here is my [Profiles] part: > > [profiles] >path = /raid/smb/profiles >read only = No >create mask = 0600 >directory mask = 0700 >nt acl support = yes >profile acls = yes > > Do you still need something > Thats all about my profiles in smb.conf... > > THX > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: PROFILES - XP - SAMBA 3.0.8 - 3.0.9
Please post a copy of your smb.conf -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba