Re: [Samba] How to set ACLs with Samba4 AD?
Hello Lee, I am not sure I understand what is your real need. but If you don't want to use samba-tool, you can use windows explorer to set your acls... assuming you have your file system supporting xattr, you can connect to your share drive from windows with a privileged account like the administrator. and then right click on the folder / property / security. you should be able to set/reset acls for users and groups what I used to do, is create my folder, give full priviledge and even acls (OS level) for all on that folder, and then as Admin on windows, I remove and set privilege for only those who need it. You might need the following under your shared folder in smb.conf: vfs objects = acl_xattr Regards, Inno. De : Lee Allen l...@leecallen.com À : samba@lists.samba.org Envoyé le : Vendredi 18 janvier 2013 22h12 Objet : [Samba] How to set ACLs with Samba4 AD? I apologize if this is very beginner/basic. In my defense, I can't get the Samba4 documentation to compile on my system, and I can't find the man pages online (a pointer to them would be extremely helpful). And in general, I am having difficulty sorting through the documentation on the wiki because much of it is clearly pre-Samba4 and therefore obsolete, or at least questionable. It's hard to know what is relevant. Most of the posts I see here seem to be much better informed than I am. I would love to know how they obtained their knowledge. So here is my question: I am running Samba4 as an AD and file server. How do I define ACLs for the samba shares, for domain users groups? These users and groups are not defined on the underlying OS (CentOS 6.3). It seems the answer is to do it via the underlying filesystem, but how is that possible when the domain users groups are not defined in the OS? I see samba-tool has some ACL get/set capability. Is that the answer? Or is there some special magic to get CentOS to control file access by referring to the Samba4 AD? Many thanks in advance for any help. And I would be very grateful for pointers to Samba4 introductory or background material (I have used the HOW-TOs extensively). Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 rc6 join win2k3 domain failed
Hello, There might be some problems with local, but I haven't this problem with rc5, actually I just fallback to rc5 because of that issue. Best Regards, Inno. De : Ali Bendriss ali.bendr...@googlemail.com À : Innocent Yevide inye...@yahoo.fr Cc : samba@lists.samba.org Envoyé le : Dimanche 9 décembre 2012 23h28 Objet : Re: [Samba] samba4 rc6 join win2k3 domain failed On Friday, December 07, 2012 10:56:12 PM Innocent Yevide wrote: Hello, I am trying to join samba4 rc6 to win2k3 server, and failing with: descriptor_sd_propagation_recursive: DC=DomainDnsZones,DC=office,DC=local not found under DC=office,DC=local full log below... anyone knows why? Not sure but there is a lot of discussions on the web about some problems using a .local domain name not only with samba. -- Ali -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 rc6 join win2k3 domain failed
Hello, I am trying to join samba4 rc6 to win2k3 server, and failing with: descriptor_sd_propagation_recursive: DC=DomainDnsZones,DC=office,DC=local not found under DC=office,DC=local full log below... anyone knows why? [root@ccserver2 samba-4.0.0rc6]# samba-tool domain join office.local DC -Uadministrator --realm=office.local Finding a writeable DC for domain 'office.local' Found DC ccserver.office.local Password for [OFFICE\administrator]: workgroup is OFFICE realm is office.local checking sAMAccountName Adding CN=CCSERVER2,OU=Domain Controllers,DC=office,DC=local Adding CN=CCSERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=local Adding CN=NTDS Settings,CN=CCSERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=local Adding SPNs to CN=CCSERVER2,OU=Domain Controllers,DC=office,DC=local Setting account password for CCSERVER2$ Enabling account Calling bare provision More than one IPv4 address found. Using 192.168.100.100 No IPv6 address will be assigned Provision OK for domain DN DC=office,DC=local Starting replication Schema-DN[CN=Schema,CN=Configuration,DC=office,DC=local] objects[402] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=office,DC=local] objects[804] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=office,DC=local] objects[1206] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=office,DC=local] objects[1376] linked_values[0] Analyze and apply schema objects Partition[CN=Configuration,DC=office,DC=local] objects[402] linked_values[0] Partition[CN=Configuration,DC=office,DC=local] objects[804] linked_values[0] Partition[CN=Configuration,DC=office,DC=local] objects[1206] linked_values[0] Partition[CN=Configuration,DC=office,DC=local] objects[1549] linked_values[0] Replicating critical objects from the base DN of the domain Partition[DC=office,DC=local] objects[93] linked_values[0] Partition[DC=office,DC=local] objects[329] linked_values[0] Done with always replicated NC (base, config, schema) Replicating DC=DomainDnsZones,DC=office,DC=local Partition[DC=DomainDnsZones,DC=office,DC=local] objects[56] linked_values[0] Replicating DC=ForestDnsZones,DC=office,DC=local Partition[DC=ForestDnsZones,DC=office,DC=local] objects[22] linked_values[0] Partition[DC=ForestDnsZones,DC=office,DC=local] objects[44] linked_values[0] Committing SAM database descriptor_sd_propagation_recursive: DC=DomainDnsZones,DC=office,DC=local not found under DC=office,DC=local Join failed - cleaning up checking sAMAccountName Deleted CN=CCSERVER2,OU=Domain Controllers,DC=office,DC=local Deleted CN=NTDS Settings,CN=CCSERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=local Deleted CN=CCSERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=local ERROR(ldb): uncaught exception - descriptor_sd_propagation_recursive: DC=DomainDnsZones,DC=office,DC=local not found under DC=office,DC=local File /usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py, line 552, in run machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) File /usr/local/samba/lib/python2.6/site-packages/samba/join.py, line 1104, in join_DC ctx.do_join() File /usr/local/samba/lib/python2.6/site-packages/samba/join.py, line 1009, in do_join ctx.join_replicate() File /usr/local/samba/lib/python2.6/site-packages/samba/join.py, line 782, in join_replicate ctx.local_samdb.transaction_commit() A transaction is still active in ldb context [0x9e32db0] on /usr/local/samba/private/sam.ldb -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 logon server against windows server 2003
Thanks Gémes, the point here is that whenever the clients login, I see that they have only the windows server as logon server and not the samba4 server: I always have this: LOGONSERVER=\\WINSERVER My Expectation is to have: LOGONSERVER=\\SAMBA4SERVER but when I switch off the Win Server, I could log into the samba4 server. I even tried Adjusting the Weight and Priority for DNS SRV Records in the Registry on the Windows server so that the samba4 will be prioritized... but it doesn't help. Best Regards, Innocent. De : Gémes Géza g...@kzsdabas.hu À : samba@lists.samba.org Envoyé le : Jeudi 22 novembre 2012 19h41 Objet : Re: [Samba] Samba4 logon server against windows server 2003 2012-11-21 23:47 keltezéssel, Innocent Yevide írta: Hello, does any one knows how I can force samba4 to be the logon server against windows server 2003? I have below in my smb.conf but it doesn't help: domain logons = Yes domain master = Yes preferred master = Yes os level = 255 Best Regards, Innocent. IMHO you can't. Active Directory was designed to provide a round robin type failover, and thus each AD controller (in a site) is equally probably chosen by clients. Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 logon server against windows server 2003
Hello, does any one knows how I can force samba4 to be the logon server against windows server 2003? I have below in my smb.conf but it doesn't help: domain logons = Yes domain master = Yes preferred master = Yes os level = 255 Best Regards, Innocent. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4: samba-tool drs showrepl = NO OUTBOUND NEIGHBORS
Hello Mathieu, they all have Default-First-Site-Name, and my samba would have got that from the WIN SERVER 2003 while joining that domain as AD DC. Best Regards, Innocent. De : Matthieu Patou m...@samba.org À : samba@lists.samba.org Envoyé le : Dimanche 18 novembre 2012 8h57 Objet : Re: [Samba] samba4: samba-tool drs showrepl = NO OUTBOUND NEIGHBORS On 11/17/2012 12:28 PM, Innocent Yevide wrote: Hello, I have samba4 rc4 installed and connected it to WIN Server 2003 AD DC, as a DC. and when I see the replication activities, I didn't see any outbound neighbors... is that normal? do anyone know why? because the windows DC didn't ask to get notified for changes. Are the DC in the same site ? Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4: samba-tool drs showrepl = NO OUTBOUND NEIGHBORS
Hello, I have samba4 rc4 installed and connected it to WIN Server 2003 AD DC, as a DC. and when I see the replication activities, I didn't see any outbound neighbors... is that normal? do anyone know why? [root@MYSERVER2 ~]# samba-tool drs showrepl Default-First-Site-Name\MYSERVER2 DSA Options: 0x0001 DSA object GUID: 017f9482-5157-4884-aed8-9251a997b047 DSA invocationId: c5ff9712-36c5-4cc4-b728-9cd45587ac76 INBOUND NEIGHBORS DC=ForestDnsZones,DC=office,DC=local Default-First-Site-Name\MYSERVER via RPC DSA object GUID: 9df68fad-5f4f-49bc-a3d5-798f32779713 Last attempt @ Sun Nov 18 00:00:52 2012 GST was successful 0 consecutive failure(s). Last success @ Sun Nov 18 00:00:52 2012 GST DC=DomainDnsZones,DC=office,DC=local Default-First-Site-Name\MYSERVER via RPC DSA object GUID: 9df68fad-5f4f-49bc-a3d5-798f32779713 Last attempt @ Sun Nov 18 00:00:52 2012 GST was successful 0 consecutive failure(s). Last success @ Sun Nov 18 00:00:52 2012 GST OUTBOUND NEIGHBORS KCC CONNECTION OBJECTS Connection -- Connection name: 5e5e269f-eca6-45bb-bbe1-129a2f6968f6 Enabled : TRUE Server DNS name : MYSERVER.office.local Server DN name : CN=NTDS Settings,CN=MYSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=local TransportType: RPC options: 0x0001 Warning: No NC replicated for Connection! Connection -- Connection name: a7fc1e46-ddeb-4383-a93d-2246f0b7d79d Enabled : TRUE Server DNS name : RAMOFFICE.office.local Server DN name : CN=NTDS Settings,CN=RAMOFFICE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=office,DC=local TransportType: RPC options: 0x0001 Warning: No NC replicated for Connection! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Additional Zones with Samba4 DNS
Hi, yes I use internal DNS not bind. how do you want me to check the DNS? I am able to resolve host normally, when a new client join the domain the DNS is updated properly as well. yes the the machine running the DNS tool is properly logged in the domain with domain Administrator username. When I try to connect, it just says it cannot connect to DNS server. but when I try to monitor/test that DNS server with dns tool, I see that reverse dns is working, but simple dns test fails. Best Regards, Innocent. De : Michael Hildenbrand michael.hildenbr...@visualimg.de À : samba@lists.samba.org Envoyé le : Vendredi 16 novembre 2012 10h21 Objet : Re: [Samba] Additional Zones with Samba4 DNS Hi, config file smb.conf is quite unimportant for DNS. Do you use internal Samba DNS, not bind, and did you check your DNS ? Is your user who uses the DNS tool from MS in the domain and in the domain logged on? Without a logged on Domain User with Admin Rights your are not able to connect to the DNS Server. What error message do you get? Von: Innocent Yevide [mailto:inye...@yahoo.fr] Gesendet: Donnerstag, 15. November 2012 23:39 An: Michael Hildenbrand Betreff: Re: [Samba] Additional Zones with Samba4 DNS Hi Michael, I also have samba4 rc5 installed but cannot connect to the internal dns with MS DNS tool. could u please share your config file with me? perhaps I am missing something. Regards, Inno. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] detected unhandled Python exception in '/usr/local/samba/sbin/samba_dnsupdate'
Hello, I've just seen the below exception in my log file. does any one knows why ? Nov 17 00:37:55 MyHost abrt: detected unhandled Python exception in '/usr/local/samba/sbin/samba_dnsupdate' Nov 17 00:37:55 MyHost abrtd: New client connected Nov 17 00:37:55 MyHost abrt-server[6427]: Saved Python crash dump of pid 6424 to /var/spool/abrt/pyhook-2012-11-17-00:37:55-6424 Nov 17 00:37:55 MyHost abrtd: Directory 'pyhook-2012-11-17-00:37:55-6424' creation detected Nov 17 00:37:55 MyHost abrtd: Executable'/usr/local/samba/sbin/samba_dnsupdate' doesn't belong to any package Nov 17 00:37:55 MyHost abrtd: 'post-create' on '/var/spool/abrt/pyhook-2012-11-17-00:37:55-6424' exited with 1 Nov 17 00:37:55 MyHost abrtd: Corrupted or bad directory /var/spool/abrt/pyhook-2012-11-17-00:37:55-6424, deleting Nov 17 00:47:55 MyHost abrt: detected unhandled Python exception in '/usr/local/samba/sbin/samba_dnsupdate' Nov 17 00:47:55 MyHost abrtd: New client connected Nov 17 00:47:55 MyHost abrtd: Directory 'pyhook-2012-11-17-00:47:55-6513' creation detected Nov 17 00:47:55 MyHost abrt-server[6516]: Saved Python crash dump of pid 6513 to /var/spool/abrt/pyhook-2012-11-17-00:47:55-6513 Nov 17 00:47:55 MyHost abrtd: Executable '/usr/local/samba/sbin/samba_dnsupdate' doesn't belong to any package Nov 17 00:47:55 MyHost abrtd: 'post-create' on '/var/spool/abrt/pyhook-2012-11-17-00:47:55-6513' exited with 1 Nov 17 00:47:55 MyHost abrtd: Corrupted or bad directory /var/spool/abrt/pyhook-2012-11-17-00:47:55-6513, deleting -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Additional Zones with Samba4 DNS
Hi Michael, could you please send me your server dns info as below, so that I can compare if there is anything missing on my side... [root@MyHost ~]# samba-tool dns serverinfo MyHost Password for [administrator@OFFICE.LOCAL]: dwVersion : 0xece0205 fBootMethod : DNS_BOOT_METHOD_DIRECTORY fAdminConfigured : FALSE fAllowUpdate : TRUE fDsAvailable : TRUE pszServerName : MyHost.office.local pszDsContainer : CN=MicrosoftDNS,DC=DomainDnsZones,DC=office,DC=local aipServerAddrs : ['192.168.100.100 (53)'] aipListenAddrs : ['192.168.100.100 (53)'] aipForwarders : [] dwLogLevel : 0 dwDebugLevel : 0 dwForwardTimeout : 3 dwRpcPrototol : 0x5 dwNameCheckFlag : DNS_ALLOW_MULTIBYTE_NAMES cAddressAnswerLimit : 0 dwRecursionRetry : 3 dwRecursionTimeout : 8 dwMaxCacheTtl : 86400 dwDsPollingInterval : 180 dwScavengingInterval : 0 dwDefaultRefreshInterval : 168 dwDefaultNoRefreshInterval : 168 fAutoReverseZones : FALSE fAutoCacheUpdate : FALSE fRecurseAfterForwarding : FALSE fForwardDelegations : TRUE fNoRecursion : FALSE fSecureResponses : FALSE fRoundRobin : TRUE fLocalNetPriority : FALSE fBindSecondaries : FALSE fWriteAuthorityNs : FALSE fStrictFileParsing : FALSE fLooseWildcarding : FALSE fDefaultAgingState : FALSE dwRpcStructureVersion : 0x2 aipLogFilter : [] pwszLogFilePath : None pszDomainName : office.local pszForestName : office.local pszDomainDirectoryPartition : DC=DomainDnsZones,DC=office,DC=local pszForestDirectoryPartition : DC=ForestDnsZones,DC=office,DC=local dwLocalNetPriorityNetMask : 0xff dwLastScavengeTime : 0 dwEventLogLevel : 4 dwLogFileMaxSize : 0 dwDsForestVersion : 0 dwDsDomainVersion : 0 dwDsDsaVersion : 4 fReadOnlyDC : FALSE De : Innocent Yevide inye...@yahoo.fr À : Michael Hildenbrand michael.hildenbr...@visualimg.de Cc : samba@lists.samba.org samba@lists.samba.org Envoyé le : Vendredi 16 novembre 2012 14h32 Objet : Re: [Samba] Additional Zones with Samba4 DNS Hi, yes I use internal DNS not bind. how do you want me to check the DNS? I am able to resolve host normally, when a new client join the domain the DNS is updated properly as well. yes the the machine running the DNS tool is properly logged in the domain with domain Administrator username. When I try to connect, it just says it cannot connect to DNS server. but when I try to monitor/test that DNS server with dns tool, I see that reverse dns is working, but simple dns test fails. Best Regards, Innocent. De : Michael Hildenbrand michael.hildenbr...@visualimg.de À : samba@lists.samba.org Envoyé le : Vendredi 16 novembre 2012 10h21 Objet : Re: [Samba] Additional Zones with Samba4 DNS Hi, config file smb.conf is quite unimportant for DNS. Do you use internal Samba DNS, not bind, and did you check your DNS ? Is your user who uses the DNS tool from MS in the domain and in the domain logged on? Without a logged on Domain User with Admin Rights your are not able to connect to the DNS Server. What error message do you get? Von: Innocent Yevide [mailto:inye...@yahoo.fr] Gesendet: Donnerstag, 15. November 2012 23:39 An: Michael Hildenbrand Betreff: Re: [Samba] Additional Zones with Samba4 DNS Hi Michael, I also have samba4 rc5 installed but cannot connect to the internal dns with MS DNS tool. could u please share your config file with me? perhaps I am missing something. Regards, Inno. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 documentation
Hi José, I also asked this question and never got an answer. Assuming you are using the rc4, you can find xml documentation in the source: samba-4.0.0rc4/docs-xml/manpages you can also find something in other folders inside samba-4.0.0rc4/docs-xml like: samba-4.0.0rc4/docs-xml/smbdotconf Best Regards, Inno. De : José Neto josenetod...@gmail.com À : Andrew Bartlett abart...@samba.org Cc : samba@lists.samba.org Envoyé le : Dimanche 11 novembre 2012 6h09 Objet : Re: [Samba] samba4 documentation Not this. I'm talking about man pages. Thanks. 2012/11/10 Andrew Bartlett abart...@samba.org On Thu, 2012-11-08 at 21:15 -0300, José Neto wrote: Where is the samb4 (nice typo) documentation? Sorry about the question, but I can't find samba4 docs anywhere. Someone, please, help me. Thanks! https://wiki.samba.org/index.php/Samba4/HOWTO -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4-rc4 Internal DNS ACL sync problem
Hi Kai, before i submit trace, this is what I have for server role = active directory domain controller Best Regards, Inno. De : Kai Blin k...@samba.org À : Innocent Yevide inye...@yahoo.fr Cc : samba@lists.samba.org samba@lists.samba.org Envoyé le : Vendredi 9 novembre 2012 1h57 Objet : Re: [Samba] Samba4-rc4 Internal DNS ACL sync problem On 2012-11-08 18:27, Innocent Yevide wrote: Hi, I am trying to connect to samba4 internal DNS server from Win7 using DNS manager. but I cannot connect to it; however I am able to connect to the same on windows server. Can you please get a network trace of this? (https://wiki.samba.org/index.php/Capture_Packets) the samba4 dns is however working fine. I can resolve hosts properly. It looks to me like the dns server is working and the dnsserver RPC service is causing trouble. do I need may be to configure anything, or set server role parameter to something? What is your server role set to? Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4-rc4 Internal DNS ACL sync problem
Hello, I am trying to connect to samba4 internal DNS server from Win7 using DNS manager. but I cannot connect to it; however I am able to connect to the same on windows server. the samba4 dns is however working fine. I can resolve hosts properly. do I need may be to configure anything, or set server role parameter to something? My second issue is: I am trying to synchronize a folder (including acl) from windows server to samba4 share but during synchronization I get this: smbd[23810]: [2012/11/07 17:42:26.786486, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smbd[23810]: smb_acl_to_posix: ACL group:314:rwx smbd[23810]: user:root:rwx smbd[23810]: group::rwx smbd[23810]: group:314:rwx smbd[23810]: other::rwx smbd[23810]: group:wheel:rwx smbd[23810]: user::rwx smbd[23810]: group:300:r-x smbd[23810]: mask::rwx smbd[23810]: is invalid for set (No such file or directory) smbd[23810]: [2012/11/07 17:42:26.925905, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) [- rest is omitted ] is this error known to anyone? Best Regards, Innocent. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4-rc4 Internal DNS ACL sync problem
Hello, I am trying to connect to samba4 internal DNS server from Win7 using DNS manager. but I cannot connect to it; however I am able to connect to the same on windows server. the samba4 dns is however working fine. I can resolve hosts properly. do I need may be to configure anything, or set server role parameter to something? My second issue is: I am trying to synchronize a folder (including acl) from windows server to samba4 share but during synchronization I get this: smbd[23810]: [2012/11/07 17:42:26.786486, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smbd[23810]: smb_acl_to_posix: ACL group:314:rwx smbd[23810]: user:root:rwx smbd[23810]: group::rwx smbd[23810]: group:314:rwx smbd[23810]: other::rwx smbd[23810]: group:wheel:rwx smbd[23810]: user::rwx smbd[23810]: group:300:r-x smbd[23810]: mask::rwx smbd[23810]: is invalid for set (No such file or directory) smbd[23810]: [2012/11/07 17:42:26.925905, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) [- rest is omitted ] is this error known to anyone? Best Regards, Innocent. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Migrating from windows server 2003 to SAMBA4
Hello, I have an existing basic DC configured on windows server 2003, and would like to move/migrate it to Samba4. Is that possible, if so, could anyone tell me way to do it? Thanks beforehand. Inno. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migrating from windows server 2003 to SAMBA4
Thanks Gémes 2012-11-02 15:30 keltezéssel, Innocent Yevide írta: Hello, I have an existing basic DC configured on windows server 2003, and would like to move/migrate it to Samba4. Is that possible, if so, could anyone tell me way to do it? Thanks beforehand. Inno. 1. Join samba4 with samba-tool domain join ... 2. ensure that the directory is replicated 3. copy the sysvol share from win2k3 to samba4 4. run samba-tool ntacl sysvolreset on the samba4 box 5.-1000. Test test test 1001. If you are satisfied with how samba4 is working you can launch dcpromo on win2k3 in order to demote it. Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Compiling samba4 hangs at [1815/3978] Compiling librpc/ndr/ndr_basic.c
Strange, as I used centos 6.3 32 bit but have no this problem. I did several times recompile and it was ok. have you done make clean before recompiling may be? De : Andrew Bartlett abart...@samba.org À : Mario Codeniera mario.codeni...@gmail.com Cc : samba@lists.samba.org Envoyé le : Jeudi 25 octobre 2012 5h40 Objet : Re: [Samba] Compiling samba4 hangs at [1815/3978] Compiling librpc/ndr/ndr_basic.c On Thu, 2012-10-25 at 14:31 +1300, Mario Codeniera wrote: Hi, It was the same thing that I encountered it will stop on that librpc/ndr/ndr_basic.c in which I posted before. But using a 64bit CentOS 6.3, no problems encountered as I tried it as I curious with the problems, but in 32 bit it will hang up in which the server currently running and can't upgrade to 64bit as of the moment. Another observation when RC3 was released, it compiled smoothly without any problems encountered. After which you can't recompile it, unless if you reinstall the CentOS (which I did, just to test it). That's why I didn't delete my compiled samba4. My assumptions there is an incompatibility issues (not sure with it), but why it works when RC3 was released? I also bit confused of this unusual problem. Without wiping the OS, does the problem happen if you build in a new tree? Does removing the ccache package help? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Compiling samba4 hangs at [1815/3978] Compiling librpc/ndr/ndr_basic.c
Hi, do you have kernel-devel installed? this what you have means you have some missing library installed in your centos. De : Edward Ashley n...@redmonkeysoftware.com À : samba@lists.samba.org Envoyé le : Mercredi 24 octobre 2012 12h24 Objet : [Samba] Compiling samba4 hangs at [1815/3978] Compiling librpc/ndr/ndr_basic.c Hi, I have tried both RC4 and samba-master from the repository but I can't seem to get samba4 to compile. I have rebuilt the OS (Centos 6.3) from scratch, applied all updates and followed the samba4 howto but I am still having the same issue. I get: # make WAF_MAKE=1 ./buildtools/bin/waf build Waf: Entering directory `/opt/samba-master/bin' Selected embedded Heimdal build [ 133/3978] Generating VERSION [ 168/3978] Generating smbd/build_options.c [1815/3978] Compiling librpc/ndr/ndr_basic.c As previously suggested I have run make V=1 and make V=2 with the following output: # make V=1 WAF_MAKE=1 ./buildtools/bin/waf build Waf: Entering directory `/opt/samba-master/bin' Selected embedded Heimdal build [ 133/3978] Generating VERSION [ 168/3978] Generating smbd/build_options.c [1815/3978] Compiling librpc/ndr/ndr_basic.c 17:03:55 runner /usr/bin/gcc -DDEVELOPER -DDEBUG_PASSWORD -fPIC -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -g -Wshadow -Werror=strict-prototypes -Wstrict-prototypes -Werror=pointer-arith -Wpointer-arith -Wcast-align -Werror=write-strings -Wwrite-strings -Werror-implicit-function-declaration -Wformat=2 -Wno-format-y2k -Wmissing-prototypes -fno-common -Werror=address -Wcast-qual -Werror=format -DSTATIC_ndr_MODULES=NULL -DSTATIC_ndr_MODULES_PROTO -MD -Idefault/librpc -I../librpc -Idefault/include/public -I../include/public -Idefault/source4 -I../source4 -Idefault/lib -I../lib -Idefault/source4/lib -I../source4/lib -Idefault/source4/include -I../source4/include -Idefault/include -I../include -Idefault/lib/replace -I../lib/replace -Idefault -I.. -Idefault/lib/socket_wrapper -I../lib/socket_wrapper -Idefault/lib/talloc -I../lib/talloc -Idefault/lib/util/charset -I../lib/util/charset -Idefault/lib/crypto -I../lib/crypto -Idefault/libcli/util -I../libcli/util -Idefault/lib/nss_wrapper -I../lib/nss_wrapper -Idefault/lib/uid_wrapper -I../lib/uid_wrapper -Idefault/dynconfig -I../dynconfig -I/ -I/usr/local/include -D_SAMBA_BUILD_=4 -DHAVE_CONFIG_H=1 -D_GNU_SOURCE=1 -D_XOPEN_SOURCE_EXTENDED=1 ../librpc/ndr/ndr_basic.c -c -o default/librpc/ndr/ndr_basic_156.o # make V=2 WAF_MAKE=1 ./buildtools/bin/waf build Waf: Entering directory `/opt/samba-master/bin' Selected embedded Heimdal build [ 133/3978] Generating VERSION [ 168/3978] Generating smbd/build_options.c [1815/3978] Compiling librpc/ndr/ndr_basic.c 17:05:01 runner /usr/bin/gcc -DDEVELOPER -DDEBUG_PASSWORD -fPIC -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -g -Wshadow -Werror=strict-prototypes -Wstrict-prototypes -Werror=pointer-arith -Wpointer-arith -Wcast-align -Werror=write-strings -Wwrite-strings -Werror-implicit-function-declaration -Wformat=2 -Wno-format-y2k -Wmissing-prototypes -fno-common -Werror=address -Wcast-qual -Werror=format -DSTATIC_ndr_MODULES=NULL -DSTATIC_ndr_MODULES_PROTO -MD -Idefault/librpc -I../librpc -Idefault/include/public -I../include/public -Idefault/source4 -I../source4 -Idefault/lib -I../lib -Idefault/source4/lib -I../source4/lib -Idefault/source4/include -I../source4/include -Idefault/include -I../include -Idefault/lib/replace -I../lib/replace -Idefault -I.. -Idefault/lib/socket_wrapper -I../lib/socket_wrapper -Idefault/lib/talloc -I../lib/talloc -Idefault/lib/util/charset -I../lib/util/charset -Idefault/lib/crypto -I../lib/crypto -Idefault/libcli/util -I../libcli/util -Idefault/lib/nss_wrapper -I../lib/nss_wrapper -Idefault/lib/uid_wrapper -I../lib/uid_wrapper -Idefault/dynconfig -I../dynconfig -I/ -I/usr/local/include -D_SAMBA_BUILD_=4 -DHAVE_CONFIG_H=1 -D_GNU_SOURCE=1 -D_XOPEN_SOURCE_EXTENDED=1 ../librpc/ndr/ndr_basic.c -c -o default/librpc/ndr/ndr_basic_156.o When running the commands directly I get: #/usr/bin/gcc -DDEVELOPER -DDEBUG_PASSWORD -fPIC -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -g -Wshadow -Werror=strict-prototypes -Wstrict-prototypes -Werror=pointer-arith -Wpointer-arith -Wcast-align -Werror=write-strings -Wwrite-strings -Werror-implicit-function-declaration -Wformat=2 -Wno-format-y2k -Wmissing-prototypes -fno-common -Werror=address -Wcast-qual -Werror=format -DSTATIC_ndr_MODULES=NULL -DSTATIC_ndr_MODULES_PROTO -MD -Idefault/librpc -I../librpc -Idefault/include/public -I../include/public -Idefault/source4 -I../source4 -Idefault/lib -I../lib -Idefault/source4/lib -I../source4/lib -Idefault/source4/include -I../source4/include -Idefault/include -I../include -Idefault/lib/replace -I../lib/replace -Idefault -I.. -Idefault/lib/socket_wrapper -I../lib/socket_wrapper -Idefault/lib/talloc -I../lib/talloc -Idefault/lib/util/charset -I../lib/util/charset -Idefault/lib/crypto -I../lib/crypto -Idefault/libcli/util -I../libcli/util
Re: [Samba] about samba 4 rc2
Hi, I skept this step, the dns was internal. just make sure you have proper forwarder in your smb.conf at the end. Best Regards, Inno. De : Amaury Viera Hernández avhernan...@uci.cu À : samba@lists.samba.org Envoyé le : Vendredi 12 octobre 2012 20h37 Objet : [Samba] about samba 4 rc2 Hello, I'm testing samba 4 rc2. I have created the domain without troubles using the command: /usr/local/samba/bin/samba-tool domain provision \ --realm=samdom.example.com --domain=SAMDOM \ --adminpass='p4$$word' --server-role=dc All is good, but in the step 7 Configure DNS(according to the samba4/howto(http://wiki.samba.org/index.php/Samba4/HOWTO)) i can not find the file /usr/local/samba/private/named.conf the provision step is not creating this file can you help me please? I don't speak english, Please, apologize for my language, Regards, Amaury. 10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS INFORMATICAS... CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION http://www.uci.cu http://www.facebook.com/universidad.uci http://www.flickr.com/photos/universidad_uci -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 - setting acl rwx but getting r-x
Hello, I am having problem setting permission on shared folder: the folder is datasamba/common and after I set full permission for a user itester (317) and also tester (318), I could see that it is only granting r-x to those users. but I could see from the default permissions that they have rwx. getfacl /datasamba/common # file: datasamba/common # owner: root # group: users # flags: sst user::rwx user:root:rwx group::--- group:wheel:r-x group:users:--- group:308:r-x group:317:r-x group:318:r-x mask::rwx other::--- default:user::rwx default:user:root:rwx default:group::--- default:group:wheel:rwx default:group:users:--- default:group:308:r-x default:group:317:rwx default:group:318:rwx default:mask::rwx default:other::--- wbinfo -i itester OFFICEDOM\itester:*:317:100:Innocent Tester:/home/OFFICEDOM/itester:/bin/bash wbinfo -i tester OFFICEDOM\tester:*:318:100:Tester Ramjet:/home/OFFICEDOM/tester:/bin/bash wbinfo -g Enterprise Read-Only Domain Controllers Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Schema Admins Enterprise Admins Group Policy Creator Owners Read-Only Domain Controllers DnsUpdateProxy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] SAMBA4 - setting acl rwx but getting r-x
Hello, I am having problem setting permission on shared folder: the folder is datasamba/common and after I set full permission for a user itester (317) and also tester (318), I could see that it is only granting r-x to those users. but I could see from the default permissions that they have rwx. Have anyone this problem before? I am not able to send more details as my email get's back to me. but it can be seen at https://bugzilla.samba.org/show_bug.cgi?id=9284 Thanks beforehand Inno. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 - setting acl rwx but getting r-x
Hi Steve, Thanks for answering. This is what I did for the time being. but it means anytime I will grant write permission to a user on shared folder (from windows), I will have come to Linux and run the below command. I was wondering may be I missed something to configure, or it is a bug. Best Regards, Inno. De : steve st...@steve-ss.com À : samba@lists.samba.org Envoyé le : Jeudi 11 octobre 2012 22h28 Objet : Re: [Samba] samba4 - setting acl rwx but getting r-x On 11/10/12 20:13, Innocent Yevide wrote: Hello, I am having problem setting permission on shared folder: the folder is datasamba/common and after I set full permission for a user itester (317) and also tester (318), I could see that it is only granting r-x to those users. but I could see from the default permissions that they have rwx. 317 and 318 seem to be a groups. How about: setfacl -m g:317:rwx /datasamba/common Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] SAMBA4 POSIX ACL not working
Hello, does any one succeed to share acl with samba4? I installed the new release of samba4 from git. and trying to apply acl on shared folders from win7 but it is just not functionning: for instance I just created the folder foldertest and trying to set permission deny on everyone and it gives trhe below error: [2012/10/10 03:19:56.221168, 0] ../source3/smbd/posix_acls.c:1898(add_current_ace_to_acl) add_current_ace_to_acl: malformed ACL in file ACL ! Deny entry after Allow entry. Failing to set on file foldertest. also whatever I do I only get the below errors? [2012/10/10 02:39:22.008985, 0] ../source3/smbd/posix_acls.c:1898(add_current_ace_to_acl) add_current_ace_to_acl: malformed ACL in file ACL ! Deny entry after Allow entry. Failing to set on file test. [2012/10/10 02:41:47.861209, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:317:rwx user:root:rwx group:users:--- mask::rwx is invalid for set (Success) [2012/10/10 02:42:01.876497, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:317:rwx user:root:rwx group:users:--- mask::rwx is invalid for set (Success) [2012/10/10 02:52:51.475171, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:317:r-x user:root:rwx group:users:--- mask::rwx is invalid for set (Success) [2012/10/10 02:53:59.949092, 0] ../source3/modules/vfs_posixacl.c:351(smb_acl_to_posix) smb_acl_to_posix: ACL group:users:--- other::--- user::rwx group::--- group:317:r-x user:root:rwx group:users:--- group:318:r-x mask::rwx is invalid for set (No such file or directory) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Having problem with Samba Internal DNS
Hello All,
I've just installed the new samba 4 from git. the version is: Version
4.1.0pre1-GIT-8287938
My system is centos 6.3.
I was following the Samba4/HOWTO, but when I reach the Testing/Debugging
Dynamic DNS Updates level, and run /usr/local/samba/sbin/samba_dnsupdate
--verbose --all-names, it failed with:
; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Calling nsupdate for SRV _gc._tcp.default-first-site-name._sites.officedom.rak
ramoffice.officedom.rak 3268
Outgoing update query:
;; -HEADER- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.default-first-site-name._sites.officedom.rak. 900 IN SRV 0 100 3268
ramoffice.officedom.rak.
; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Failed update of 21 entries
furthermore, after my installation, I've noticed some missing files like:
/usr/local/samba/private/dns.keytab
/usr/local/samba/private/dns
/usr/local/samba/private/dns/${MYREALM}.zone
samba4.te
do anyone know why I do not have those files in my installation directories?
Thanks beforehand,
Inno.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Having problem with Samba Internal DNS
I have managed to make it work.
De : Innocent Yevide inye...@yahoo.fr
À : samba@lists.samba.org samba@lists.samba.org
Envoyé le : Dimanche 7 octobre 2012 14h27
Objet : [Samba] Having problem with Samba Internal DNS
Hello All,
I've just installed the new samba 4 from git. the version is: Version
4.1.0pre1-GIT-8287938
My system is centos 6.3.
I was following the Samba4/HOWTO, but when I reach the Testing/Debugging
Dynamic DNS Updates level, and run /usr/local/samba/sbin/samba_dnsupdate
--verbose --all-names, it failed with:
; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Calling nsupdate for SRV _gc._tcp.default-first-site-name._sites.officedom.rak
ramoffice.officedom.rak 3268
Outgoing update query:
;; -HEADER- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.default-first-site-name._sites.officedom.rak. 900 IN SRV 0 100 3268
ramoffice.officedom.rak.
; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Failed update of 21 entries
furthermore, after my installation, I've noticed some missing files like:
/usr/local/samba/private/dns.keytab
/usr/local/samba/private/dns
/usr/local/samba/private/dns/${MYREALM}.zone
samba4.te
do anyone know why I do not have those files in my installation directories?
Thanks beforehand,
Inno.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
