Re: [Samba] Active directory - Unclean shutdown
Hello, Connecting to a share using Windows 7 should work fine. We do this a lot. Maybe you need some registry changes that are also needed for joining Windows 7 to a Samba domain. http://wiki.samba.org/index.php/Windows7#Windows_7_Registry_settings Regarding Samba 4, there is now a release candidate out, and I think it is wiser to use this over an older beta release. http://ftp.samba.org/pub/samba/rc/ Regards, Gerben Op 01-10-12 15:58, bjoern.bec...@easycash.de schreef: Hello, i try to connect samba with my active directory. I was able to join the domain successfully and my winbindd running fine. With samba 3.4.3 and samba 3.6.7 i get the following error when i try to connect to a share from a windows 7 box: [2012/10/01 15:01:14, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to / [2012/10/01 15:01:14, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/10/01 15:01:14, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2012/10/01 15:01:14, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2012/10/01 15:01:14, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2012/10/01 15:01:14, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2012/10/01 15:01:14, 3] smbd/server.c:845(exit_server_common) Server exit (failed to receive smb request) [2012/10/01 15:01:14, 3] smbd/server.c:216(remove_child_pid) smbd/server.c:216 Unclean shutdown of pid 28928 In my despair i try the same with samba 4.0.0beta8 and it works but unfortunately unstable. I be able to map the share but when i try to access the samba server getting PANIC. I suppose that i have to use samba 4 because i need smbv2? I thought that samba 3.5.* supporting smb v2 too. Is there any posibility to run this setup with samba 3.*? Regards, Bjoern -- Station to Station handtekening Gerben van Eck - Software Engineer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error
Did you follow the setfattrs tests in the howto? I don't have time to
read it now, but if there aren't any fixes in there, I'm sure you can
find them on the internet.
I assume/hope you use a filesystem that supports posix ACLs, I didn't
find a list of filesystems that support it, but according to Wikipedia
"Most of the Unix and Linux filesystems support posix ACLs".
I am using ext3 (using essentially the same Kickstart installer since
2006), and they work here.
Op 20-06-12 00:56, sandy.napo...@eccmg.cupet.cu schreef:
hu I make some change in my bind configuration, for example, I add in
my configuration
_ldap._tcp.eccmg.cupet.cu. SRV 0 0 389 capital.eccmg.cupet.cu.
_kerberos._tcp.eccmg.cupet.cu. SRV 0 0 88 capital.eccmg.cupet.cu.
_ldap._tcp.dc._msdcs.eccmg.cupet.cu. SRV 0 0 389 capital.eccmg.cupet.cu.
_kerberos._tcp.dc._msdcs.eccmg.cupet.cu. SRV 0 0 88 capital.eccmg.cupet.cu.
and when i run again the commands
./samba-tool domain join eccmg.cupet.cu DC -Uadministrator
Finding a writeable DC for domain 'eccmg.cupet.cu'
Found DC capital.eccmg.cupet.cu
Password for [ECCMG\administrator]:
workgroup is ECCMG
realm is eccmg.cupet.cu
checking sAMAccountName
Adding CN=ORION,OU=Domain Controllers,DC=eccmg,DC=cupet,DC=cu
Adding
CN=ORION,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=eccmg,DC=cupet,DC=cu
Adding CN=NTDS
Settings,CN=ORION,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=eccmg,DC=cupet,DC=cu
Adding SPNs to CN=ORION,OU=Domain Controllers,DC=eccmg,DC=cupet,DC=cu
Setting account password for ORION$
Enabling account
Calling bare provision
No IPv6 address will be assigned
get_nt_acl_no_snum: fset_nt_acl returned zero.
Join failed - cleaning up
checking sAMAccountName
Deleted CN=ORION,OU=Domain Controllers,DC=eccmg,DC=cupet,DC=cu
Deleted CN=NTDS
Settings,CN=ORION,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=eccmg,DC=cupet,DC=cu
Deleted
CN=ORION,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=eccmg,DC=cupet,DC=cu
ERROR(): uncaught exception -
ProvisioningError: Your filesystem or build does not support posix ACLs,
s3fs is unworkable in this mode
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
line 160, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py",
line 184, in run
machinepass=machinepass, use_ntvfs=use_ntvfs)
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py", line
965, in join_DC
ctx.do_join()
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py", line
871, in do_join
ctx.join_provision()
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py", line
599, in join_provision
use_ntvfs=ctx.use_ntvfs, dns_backend="NONE")
File
"/usr/local/samba/lib/python2.6/site-packages/samba/provision/__init__.py",
line 1749, in provision
raise ProvisioningError("Your filesystem or build does not support
posix ACLs, s3fs is unworkable in this mode")
root@orion:/usr/local/samba/bin#
--
Met vriendelijke groet,
*Germ van Eck*
/Software Engineer/
Station to Station
*Station to Station B.V. *
Pompmolenlaan 26
3447GK Woerden
Tel: +31(0)348-446963
Fax: +31(0)348-446936
g.va...@stationtostation.nl <mailto:g.va...@stationtostation.nl>
Website: www.stationtostation.nl <http://www.stationtostation.nl/>
Website KPN Onderwijs: www.kpn.com/onderwijs <http://www.kpn.com/onderwijs>
PDenk aan het milieu, alvorens te besluiten deze mail te printen.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error
I think you'd save yourself a lot of work if you would create a seperate subdomain for your Samba domain, and let your Samba PDC handle DNS for this. You can use a SOA record for this, but I expect you can find/configure this yourself with help from internet sources. I looked up the DNS items that the named plugin for samba automatically configures, it's on /opt/samba4/private on my server, so on /usr/share/samba/private on standard configurations and named dns_update_list . Next to this records will be automatically made for workstations joined to the domain. If you want to run a Samba4 server, I think you should have enough knowledge to fix the DNS error you have, I think it is clear enough. Your BDC is looking for a SRV record for _kerberos._udp.eccmg.cupet.cu. and it can't find it. So, make sure it is using the correct DNS server, and that your DNS server has a record for this. Op 19-06-12 23:41, sandy.napo...@eccmg.cupet.cu schreef: First commands in BDC host -t SRV _kerberos._udp.eccmg.cupet.cu. Host _kerberos._udp.eccmg.cupet.cu. not found: 3(NXDOMAIN) Second commands in BDC host -t A server.eccmg.cupet.cu. server.eccmg.cupet.cu has address 10.10.10.1 /etc/krb5.conf [libdefaults] dns_lookup_realm = true dns_lookup_kdc = true default_realm = ECCMG.CUPET.CU PD: My dns is not integrate to my samba4 -- Met vriendelijke groet, *Germ van Eck* /Software Engineer/ Station to Station *Station to Station B.V. * Pompmolenlaan 26 3447GK Woerden Tel: +31(0)348-446963 Fax: +31(0)348-446936 g.va...@stationtostation.nl <mailto:g.va...@stationtostation.nl> Website: www.stationtostation.nl <http://www.stationtostation.nl/> Website KPN Onderwijs: www.kpn.com/onderwijs <http://www.kpn.com/onderwijs> PDenk aan het milieu, alvorens te besluiten deze mail te printen. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Error
Hello, What do the following commands return, please return the first 2 host commands for both your PDC and your BDC, and the 2 cat commands for only the BDC server. host -t SRV _kerberos._udp.eccmg.cupet.cu. host -t A YOURPDCSERVER.eccmg.cupet.cu. cat /etc/krb5.conf cat /etc/krb.conf Best regards, Gerben Op 19-06-12 21:39, sandy.napo...@eccmg.cupet.cu schreef: Hello list, I have samba4 as PDC, I need join other samba4 as BDC, I follow the step in the how to, but when I run this step kinit@DOMAIN i have kinit: Cannot resolve network address for KDC in realm "ECCMG.CUPET.CU" while getting initial credentials Somebody can help me -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] XP clients cannot login after 3.5 to 3.6 upgrade
Hello, After an upgrade from 3.3 to 3.5, we ran into this bug when we tried using NTLM for authentication: https://bugzilla.samba.org/show_bug.cgi?id=7481 . To solve this issue, I am now trying to upgrade from the (latest) CentOS 3.5 packages, to the "Enterprise Samba" 3.6 packages from enterprisesamba.org. After upgrading, the SID changed, so I changed it back to the old value. Next to this, I found some charset issues in the logs, when searching for this on the internet, I found some forum post about changing the unix charset to UTF-8, and this indeed helped. The XP client I am testing doesn't want to login to the domain, the error I get says something that roughly translates to 'password incorrect'. I wrote the following script ( I use a script so I can easily retry it with snapshots of the CentOS/Windows VMs ), for testing, so this is what produces the problem: --- service smb stop rpm --nodeps -e samba3x samba3x-client samba3x-common samba3x-winbind rpm -i libwbclient0-3.6.5-44.el5.i386.rpm samba3-3.6.5-44.el5.i386.rpm samba3-client-3.6.5-44.el5.i386.rpm samba3-utils-3.6.5-44.el5.i386.rpm samba3-doc-3.6.5-44.el5.i386.rpm samba3-winbind-3.6.5-44.el5.i386.rpm mv -f /etc/samba/smb.conf.rpmsave /etc/samba/smb.conf sed -i 's/unix charset=.*/unix charset=UTF-8/ig' /etc/samba/smb.conf service smb stop net setlocalsid MYOLDSID service ntpd stop ntpdate pool.ntp.org service ntpd start service smb start service httpd restart --- The only error lines I see in the logs are: [2012/06/18 15:47:53.099572, 0] rpc_server/srv_pipe.c:500(pipe_schannel_auth_bind) pipe_schannel_auth_bind: Attempt to bind using schannel without successful serverauth2 [2012/06/18 15:47:53.206830, 0] auth/user_util.c:357(map_username) can't open username map /etc/samba/smbusers. Error Permission denied I already did a chmod 777 (for test) of the smbusers file, didn't help. The other line shouldn't do harm, according to earlier mailings to this mailing list. Best regards, Gerben van Ek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
