Re: [Samba] SAMBA implementation for DOS ?
Zitat von czezz cz...@o2.pl: Hello Samba users, I use FreeDOS with MS Client to map a network drive. However MS Client is a memory hog and prevents me to run all applications I need. Therefore I would like to ask here is there SAMBA implementation for DOS ? What do you mean by that? You're looking for a SMB-Client implementation? Samba is a SMB/CIFS Server... regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Replacing Win2000 DC with Samba4 - Success!
Zitat von Andrew Bartlett abart...@samba.org: On Wed, 2013-05-01 at 14:42 +, Lukas Gradl wrote: Hi! Did you record the details of why this didn't work? While I've expressed some hesitation at Windows 2000 support here previously, the one exception to that is for this kind of migration. This has worked in the past - indeed, the script has a special case in it to do a password change the way Windows 2000 will accept. Sorry - i didn't record all the steps. I posted some questions to this list - they should be in the archives. We had some problems with replication and i think with LDAP - but I don't remember all the problems we had and where I found the W2k-does-not-work-information... regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Replacing Win2000 DC with Samba4 - Success!
Hi! Just wanted to share a little success story: We where asked to replace a Win2000 DC deployed by another company which is'nt existing any more. As our focus is software development on linux we wanted to deploy a Samba-server instead of Windows. So after some trial and error and a lot of reading and asking (many thanks to all that tried to help!) in mailing-lists and forums we managed to do the migration in several steps: Samba4 is not able to migrate from Win2000 directly - we think this problem is not sufficiently addressed in the docs and in the wiki. So our first attempts to do so did not succeed. Next step was to set up a Win2012R2 Server (the trial version is enough, no need to activate) and move over from Win2k to Win2012. How to do that is documented in the MS-Docs. Upgrade the Win2k ldap-schemes, add win2012 to domain, demote win2k, done. Then we installed Samba4 and promoted it as an additional DC to the domain. This worked quite well, only little problems syncing the dns-Server. But I'm not shure if that was a problem with Samba4 but with our a little special bind9-setup instead - so no reason to worry about this in this mailing list. After that we discovered that Win2012 can not be easyly removed from the domain - there seem to be some (known) Problems regarding demotion of Win2012 from a samba-domain. So we had to manually remove the win2012-Server from the domain. That was (including some tests) app. an hour of work - so no problem. As an addtional benefit over a direct migration from win2k to samba4 we could use the same name as the win2k-DC for the samba-server. so no need to change scripts using shares with the servername in it or desktop-shortcuts on the client machines! The whole task (without copying the data stored on the fileserver) for replacing a single Win2k DC with Samba4 serving 25 Clients needed app. 10 Hours including a lot of research in the mailing lists and taking several snapshots of the (virtualized) Servers involved to prevent dataloss. Thanks to all involved for the perfect work! Regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Remove Win2008R2 from Domain, remove missing DC from domain
Hi! I'm almost done with a migration from Win2k to Samba4. To get this going I had to install a Win2008R2 Server as an intermediate server, now I want to get rid of it. I found a bug that Win2008R2 can not be demoted from Samba Domain - so I think I've to remove it somehow else. But I couldn't find anything about that in the docs and on google. So anyone out there with a little help on that topic? regars Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Printer drivers
Zitat von Fabian von Romberg fromberg...@hotmail.com: Hi, is it possible to have printer driver on samba and when the user wants to use a particular printer can install the drivers automatically from samba? Thanks in advance and regards, Fabian Do you mean like this: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Point_and_Print_Drivers regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migrating Win2000 PDC to Samba4 AD
Zitat von fe...@epepm.cupet.cu: Hi! We want to replace an old Win2000 Server (PDC). As we've already some Samba4 AD-Controllers up and running we would like to migrate to that setup. I think this is what you're looking for: https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC Felix. Thanks for all that helped - afaik the join of the domain worked, the servers will see each other, I can see the samba4-server in Domain Controllers tab in AD. Two problem still exist: How to move the DNS-Server from the Win2k-DC to the Samba4-Server? Ideally to a bind9-installation on the samba4-Server? When provisioning samba4 with a new domain I get the Bind9 config templates which work quite well. But on joining the exitent Win2k-Domain I didn't get these... And when running samba-tool drs showrepl the INBOUND NEIGHBORS and OUTBOUND NEIGHBORS are both empty - otherwise the output seems to look ok. Is this ok? Perhaps someone is able to help me over that last things. regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Migrating Win2000 PDC to Samba4 AD
Hi! We want to replace an old Win2000 Server (PDC). As we've already some Samba4 AD-Controllers up and running we would like to migrate to that setup. Unfortunatly we're not really good at Windows-Stuff - our main Focus ist Linux. So perhaps someone could point as to a good (and ideally painless :-)) way to migrate. So the current setup is: A single Win2000 PDC used mainly as File- and Printserver on some ancient Hardware. Clients run WinXP and Win7. What we want to achieve: A Samba4 AD server offering File- and Printservices on new Hardware. (Later on we add another Samba4 Server in the same AD which we've already done on another Installation, so no problem here) What we consider as possibly helpful things we have available: A Windows 2003 License and a Win2008R2 License which is currently unused. All new hardware is virtualized, so it's no problem to setup some additional server as intermediate step if necessary. So, any Windows-Guru available that can help us with that task and without having to recreate the whole Windows domain with all it's users and rejoining and reconfiguring all client-PCs? regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migrating Win2000 PDC to Samba4 AD
Zitat von fe...@epepm.cupet.cu: Hi! We want to replace an old Win2000 Server (PDC). As we've already some Samba4 AD-Controllers up and running we would like to migrate to that setup. Unfortunatly we're not really good at Windows-Stuff - our main Focus ist Linux. So perhaps someone could point as to a good (and ideally painless :-)) way to migrate. So the current setup is: A single Win2000 PDC used mainly as File- and Printserver on some ancient Hardware. Clients run WinXP and Win7. What we want to achieve: A Samba4 AD server offering File- and Printservices on new Hardware. (Later on we add another Samba4 Server in the same AD which we've already done on another Installation, so no problem here) What we consider as possibly helpful things we have available: A Windows 2003 License and a Win2008R2 License which is currently unused. All new hardware is virtualized, so it's no problem to setup some additional server as intermediate step if necessary. So, any Windows-Guru available that can help us with that task and without having to recreate the whole Windows domain with all it's users and rejoining and reconfiguring all client-PCs? I think this is what you're looking for: https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC Felix. Felix, Thanks for your response. This is for joining to an existing AD-Controller. Does this work for Win2000 as well? As I said - we're not really good at Windows stuff and thought Win2000 is not Active Directory but the old PDC/BDC scheme. The Server shows The Computer is a Domain-Controller when checking in My Computer/Properties/Network. Does that mean this is an AD-Controller? Regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to set ACLs with Samba4 AD?
Zitat von Lee Allen l...@leecallen.com: I apologize if this is very beginner/basic. In my defense, I can't get the Samba4 documentation to compile on my system, and I can't find the man pages online (a pointer to them would be extremely helpful). And in general, I am having difficulty sorting through the documentation on the wiki because much of it is clearly pre-Samba4 and therefore obsolete, or at least questionable. It's hard to know what is relevant. Most of the posts I see here seem to be much better informed than I am. I would love to know how they obtained their knowledge. So here is my question: I am running Samba4 as an AD and file server. How do I define ACLs for the samba shares, for domain users groups? These users and groups are not defined on the underlying OS (CentOS 6.3). It seems the answer is to do it via the underlying filesystem, but how is that possible when the domain users groups are not defined in the OS? I see samba-tool has some ACL get/set capability. Is that the answer? Or is there some special magic to get CentOS to control file access by referring to the Samba4 AD? Many thanks in advance for any help. And I would be very grateful for pointers to Samba4 introductory or background material (I have used the HOW-TOs extensively). I second that - it took me some time to learn that after setting acls by write user for years I can now use the Windows tools. So perhaps someone could add a few lines about setting acls in the howto? regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 AD Groups Problem
OK, after some other hours of surfing through the net I stubled accross the needed information: It looks like to try setting ACLs in smb.conf like it was done on Samba3 is obsolete in Samba4. You do everything by setting the ACLs on the share by Windows-GUI. [testshare] Comment = Test share path = /space/testshare read only = No is all you need to specify in smb.conf... regards Lukas Zitat von Lukas Gradl samba@ssn.at: Hi! I created a Samba4 Demo Server to test AD functionality. Basically it's a Debian Wheezy machine with a manually compiled Samba4 (smbstatus -V: Version 4.1.0pre1-GIT-051a1a9) according to https://wiki.samba.org/index.php/Samba4/HOWTO but adjusted the paths to a more debian way. I can Manage the Server with the Windows Domain Utilities, add users, add groups, add Machines and so on. I created some printers and managed to set up Point and Print Drivers using print$. So I think the Server basically works as expected. Now I'm trying to set up a share which can be read by everyone and written by Domain Admins only. I can see the share on my server as well as a file created in there on the linux command line, but I'm not able to enable write Permission for Domain Admins. I created a directory on the server /space/testshare and did a chmod 777 /space/testshare to be shure there's no problem on the linux file system. When I set read only = no on the share I can create a file there without any problem. But setting read only = yes and write list = @TEST\Domain Admins doesn't work - I get access denied on the windows host, despite I'm logged on as TEST\Administrator Some additional information: root@samba:~# smbstatus -V == Version 4.1.0pre1-GIT-051a1a9 root@samba:~# wbinfo -u === Administrator Guest krbtgt dns-samba testuser root@samba:~# wbinfo -g === Enterprise Read-Only Domain Controllers Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Schema Admins Enterprise Admins Group Policy Creator Owners Read-Only Domain Controllers DnsUpdateProxy Testgroup root@samba:~# cat /etc/samba/smb.conf = # Global parameters [global] workgroup = TEST server string = realm = TEST.LOCAL netbios name = SAMBA server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate log level = 3 [netlogon] path = /var/lib/samba/sysvol/test.local/scripts read only = No [sysvol] path = /var/lib/samba/sysvol read only = No [printers] comment = Printer path = /var/spool/samba/spool browseable = Yes read only = No printable = Yes [print$] path = /var/spool/samba/driver read only = No [testshare] Comment = Test share path = /space/testshare read only = Yes write list = @TEST\Domain Admins Any help what to do next? regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 AD Groups Problem
Hi! I created a Samba4 Demo Server to test AD functionality. Basically it's a Debian Wheezy machine with a manually compiled Samba4 (smbstatus -V: Version 4.1.0pre1-GIT-051a1a9) according to https://wiki.samba.org/index.php/Samba4/HOWTO but adjusted the paths to a more debian way. I can Manage the Server with the Windows Domain Utilities, add users, add groups, add Machines and so on. I created some printers and managed to set up Point and Print Drivers using print$. So I think the Server basically works as expected. Now I'm trying to set up a share which can be read by everyone and written by Domain Admins only. I can see the share on my server as well as a file created in there on the linux command line, but I'm not able to enable write Permission for Domain Admins. I created a directory on the server /space/testshare and did a chmod 777 /space/testshare to be shure there's no problem on the linux file system. When I set read only = no on the share I can create a file there without any problem. But setting read only = yes and write list = @TEST\Domain Admins doesn't work - I get access denied on the windows host, despite I'm logged on as TEST\Administrator Some additional information: root@samba:~# smbstatus -V == Version 4.1.0pre1-GIT-051a1a9 root@samba:~# wbinfo -u === Administrator Guest krbtgt dns-samba testuser root@samba:~# wbinfo -g === Enterprise Read-Only Domain Controllers Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Schema Admins Enterprise Admins Group Policy Creator Owners Read-Only Domain Controllers DnsUpdateProxy Testgroup root@samba:~# cat /etc/samba/smb.conf = # Global parameters [global] workgroup = TEST server string = realm = TEST.LOCAL netbios name = SAMBA server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate log level = 3 [netlogon] path = /var/lib/samba/sysvol/test.local/scripts read only = No [sysvol] path = /var/lib/samba/sysvol read only = No [printers] comment = Printer path = /var/spool/samba/spool browseable = Yes read only = No printable = Yes [print$] path = /var/spool/samba/driver read only = No [testshare] Comment = Test share path = /space/testshare read only = Yes write list = @TEST\Domain Admins Any help what to do next? regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 AD Groups Problem
Zitat von Nishant Sharma codemarau...@gmail.com: Hi Lukas, On Monday 14 January 2013 07:48 PM, Lukas Gradl wrote: there without any problem. But setting read only = yes and write list = @TEST\Domain Admins doesn't work - I get access denied on the windows host, despite I'm logged on as TEST\Administrator [testshare] Comment = Test share path = /space/testshare read only = Yes write list = @TEST\Domain Admins Change it to: write list = @Domain Admins,TEST\Administrators,administrator With the same result. I tried several combinations with the @ before and after the , with and without the TEST\ in Front - no result. regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 AD Groups Problem
Zitat von Nishant Sharma codemarau...@gmail.com: Hi Lukas, On Monday 14 January 2013 07:48 PM, Lukas Gradl wrote: there without any problem. But setting read only = yes and write list = @TEST\Domain Admins doesn't work - I get access denied on the windows host, despite I'm logged on as TEST\Administrator [testshare] Comment = Test share path = /space/testshare read only = Yes write list = @TEST\Domain Admins Change it to: write list = @Domain Admins,TEST\Administrators,administrator OK, little correction: I tried: write list = @Domain Admins,@TEST\Administrators (notice the additional @ before TEST\Administrators) This worked for users in the Administrators group. Added adminstrator then the administrator User itself can access the share. But @TEST\Domain Admins doesn't work... Additionaly I discovered that the Point and Print share works for the Administrator allone. Another User out of the Domain Admins Group is not allowed to add a printer driver. regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 AD Groups Problem
Zitat von Nishant Sharma codemarau...@gmail.com: Sorry for the top post, my mobile is old world's! What about public = yes guest = yes browseable = yes Which would make the share world writeable afaik. But that's not what I want - i want it writeable by Domain Admins only. Regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 AD Groups Problem
Zitat von Bob Miller b...@computerisms.ca: On Mon, 2013-01-14 at 16:26 +, Lukas Gradl wrote: Zitat von Nishant Sharma codemarau...@gmail.com: Hi Lukas, On Monday 14 January 2013 07:48 PM, Lukas Gradl wrote: there without any problem. But setting read only = yes and write list = @TEST\Domain Admins doesn't work - I get access denied on the windows host, despite I'm logged on as TEST\Administrator [testshare] Comment = Test share path = /space/testshare read only = Yes write list = @TEST\Domain Admins Change it to: write list = @Domain Admins,TEST\Administrators,administrator With the same result. I tried several combinations with the @ before and after the , with and without the TEST\ in Front - no result. Maybe this is stating the obvious, but did you make sure the actual file system permissions are correct? (ie chgrp -R Domain Admins /home/testshare) As written in the original post: I did a chmod 777 /home/testshare. So file system permissions should not be the problem. Additionally i can write through samba when I do a read only = no - so file system should be ok... But I want to write as a Domain Admins group member only... regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Prevent smbd from consulting winbindd
Am 25.01.2012 09:58, schrieb Victor Sudakov: Volker Lendecke wrote: Colleagues, please respond. Have I asked something too unconventional or something too trivial? idmap backend = nss ?? Its man page is very scarce. Is it supposed to work at all? Do you have any experience with it? root@fs02-sibptus:~# id zimaev uid=3237(zimaev) gid=2000(user) groups=2000(user),2012(budget),3134(pto),2011(ntd) root@fs02-sibptus:~# wbinfo -n zimaev S-1-5-21-839522115-2139871995-725345543-1618 User (1) root@fs02-sibptus:~# wbinfo -i zimaev Could not get info for user zimaev root@fs02-sibptus:~# what gives? what do you have in smb.conf defined for security? (general portion of smb.conf) Greetz, L. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Prevent smbd from consulting winbindd
Am 25.01.2012 11:49, schrieb Victor Sudakov: Lukas wrote: Colleagues, please respond. Have I asked something too unconventional or something too trivial? idmap backend = nss ?? Its man page is very scarce. Is it supposed to work at all? Do you have any experience with it? root@fs02-sibptus:~# id zimaev uid=3237(zimaev) gid=2000(user) groups=2000(user),2012(budget),3134(pto),2011(ntd) root@fs02-sibptus:~# wbinfo -n zimaev S-1-5-21-839522115-2139871995-725345543-1618 User (1) root@fs02-sibptus:~# wbinfo -i zimaev Could not get info for user zimaev root@fs02-sibptus:~# what gives? what do you have in smb.conf defined for security? (general portion of smb.conf) [global] workgroup = SIBPTUS wins server = 10.14.134.1 10.14.134.4 security = domain idmap backend = nss idmap uid = 1000-199 idmap gid = 1000-199 template shell = /bin/bash winbind use default domain = Yes allow trusted domains = Yes To me it seems, since you have security = domain, samba will try to authenticate4 always to the domain controller. Therefore: wbinfo -i zimaev will not return something valid, unless you prepend the user with the domain (wbinfo -i DOMAIN\zimaev don't forget to map the backslash with a second one DOMAIN\\zimaev) :-) More about how that works with the security: http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#SECURITY The idmap backend = nss just tells samba, where to store the mapping informations from AD- versus *nix-Users. that's about what I know of... :) hope it can hint you to where you'd like to go ... L. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] winbind only for ntlm_auth
Hi, On the local machine I have running samba (3.5.6) as PDC for Windows XP using the LDAP backend. This works great; however, for one service running on the *same* machine I need ntlm_auth for SSO and therefore winbind. I do *not* need winbind for NSS etc. since all users are resolved by plain LDAP anyway. ONLY to get ntlm_auth working! I just installed winbind and it works - more or less. However, I get tons of messages like idmap_alloc module tdb/passdb/nss already registered! Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration idmap will be unable to map foreign SIDs: NT_STATUS_UNSUCCESSFUL ERROR: Initialization failed for alloc backend, deferred! See the whole log output: http://pastebin.com/VinKqZHk The whole smb.conf can be found here: http://pastebin.com/BR0s6EyR In my opinion I should not need any further options, however, it seems that winbind is expecting some. Can anybody tell me what I am missing? Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Oplocks
On Mon, Jul 19, 2010 at 05:20:50PM +0200, Volker Lendecke wrote: Right. Then it's a bug. You might contact your RPM provider for support of this old Samba version. Is Samba 3.3.8 also too old? It suffers from the same problem. -- Lukáš Hejtmánek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Oplocks
Hello, I'm using the Samba server 3.0.33 that exports volume from a GPFS. The GPFS strongly dislikes unlinking files that are locked (resulting in permission denied) using fcntl F_SETLEASE. It seems that the Samba *sometimes* tries to unlink a file that is oplocked. Why? Is this a bug? Why it does not happen always but only sometimes? I have strace logs showing: Wrong case: 8711 14:57:50.765677 open(Y_odloz/D8/D8_03_Ivet_98/06aa6459-a011-40f8-bfb1-25d15e7ada61, O_RDWR|O_CREAT|O_EXCL, 0744) = 121 8711 14:57:50.766030 fstat(121, {st_dev=makedev(0, 23), st_ino=3079419, st_mode=S_IFREG|0744, st_nlink=1, st_uid=40022, st_gid=400, st_blksize=262144, st_blocks=0, st_size=0, st_atime=2010/07/13-14:57:50, st_mtime=2010/07/13-14:57:50, st_ctime=2010/07/13-14:57:50}) = 0 8711 14:57:50.766129 fcntl(12, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=8260, len=1}) = 0 8711 14:57:50.766214 fcntl(121, F_SETSIG, 0x23) = 0 8711 14:57:50.766275 fcntl(121, F_SETLEASE, 0x1) = 0 [...] 8711 14:57:50.789570 stat(Y_odloz/D8/D8_03_Ivet_98/06aa6459-a011-40f8-bfb1-25d15e7ada61, {st_dev=makedev(0, 23), st_ino=3079419, st_mode=S_IFREG|0744, st_nlink=1, st_uid=40022, st_gid=400, st_blksize=262144, st_blocks=0, st_size=0, st_atime=2010/07/13-14:57:50, st_mtime=2010/07/13-14:57:50, st_ctime=2010/07/13-14:57:50}) = 0 8711 14:57:50.789685 unlink(Y_odloz/D8/D8_03_Ivet_98/06aa6459-a011-40f8-bfb1-25d15e7ada61) = -1 EACCES (Permission denied) [...] 8711 14:58:20.785599 fcntl(121, F_SETSIG, 0x23) = 0 8711 14:58:20.785660 fcntl(121, F_SETLEASE, 0x2) = 0 8711 14:58:20.785736 close(121)= 0 Correct case: 8711 15:02:01.279971 open(Y_odloz/D8/D8_03_Ivet_98/0720d2bf-8619-4ecb-a2eb-d2b806941539, O_RDWR|O_CREAT|O_EXCL, 0744) = 166 8711 15:02:01.333073 fstat(166, {st_dev=makedev(0, 23), st_ino=3164278, st_mode=S_IFREG|0744, st_nlink=1, st_uid=40022, st_gid=400, st_blksize=262144, st_blocks=0, st_size=0, st_atime=2010/07/13-15:02:01, st_mtime=2010/07/13-15:02:01, st_ctime=2010/07/13-15:02:01}) = 0 8711 15:02:01.333221 fcntl(12, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=24956, len=1}) = 0 8711 15:02:01.09 fcntl(166, F_SETSIG, 0x23) = 0 8711 15:02:01.71 fcntl(166, F_SETLEASE, 0x1) = 0 [...] 8711 15:02:01.424660 fcntl(166, F_SETSIG, 0x23) = 0 8711 15:02:01.424734 fcntl(166, F_SETLEASE, 0x2) = 0 [...] 8711 15:02:01.513181 stat(Y_odloz/D8/D8_03_Ivet_98/0720d2bf-8619-4ecb-a2eb-d2b806941539, {st_dev=makedev(0, 23), st_ino=3164278, st_mode=S_IFREG|0744, st_nlink=1, st_uid=40022, st_gid=400, st_blksize=262144, st_blocks=0, st_size=0, st_atime=2010/07/13-15:02:01, st_mtime=2010/07/13-15:02:01, st_ctime=2010/07/13-15:02:01}) = 0 8711 15:02:01.513393 unlink(Y_odloz/D8/D8_03_Ivet_98/0720d2bf-8619-4ecb-a2eb-d2b806941539) = 0 [...] 8711 15:02:01.514906 fcntl(12, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=24956, len=1}) = 0 8711 15:02:01.515005 close(166)= 0 -- Lukáš Hejtmánek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Oplocks
On Mon, Jul 19, 2010 at 03:40:32PM +0200, Volker Lendecke wrote: You're sure that you are not exporting the same file space via two different nodes simultaneously? In theory, what you describe should not happen, at least not with current Samba. I'm not sure about ancient 3.0.33, but with current Samba this can only happen if you run Samba on the same file system from two different nodes. This is an invalid configuration, you need to use the clustered Samba with ctdb for that. I have only one samba server for a GPFS volume so I should not need clustered Samba. Am I right? -- Lukáš Hejtmánek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Backup files from Windows application
Hello, I'm using sama 3.0.24 on linux machine that serves a share for a windows client. When editing a file on samba, using MS Word I can see there are severals (probably) backup files. ls looks like this: Dotaznik1.doc ~$taznik1.doc ~WRD.tmp ~WRD0001.tmp ~WRD0002.tmp ~WRD0003.tmp ~WRD0004.tmp These files do not disappear after I quit the Word. This does not happen if I edit the files locally, the backup files are created but deleted after application quits. Is it something samba related? the share looks like: [uvt] comment = UVT For testing browseable = yes writable = yes path = /mnt/export2/smb/UVT guest ok = no create mask = 0644 directory mask = 0755 public = yes valid users = some users -- Lukáš Hejtmánek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] UNIX accounts needed for machine accounts?
Hi, I have the following problem: My structure is stored in LDAP that way: dc=example,dc=com + ou=groups | + cn=Account Operators | + ... + ou=machines | + uid=workstation1$ | + uid=workstation2$ | + ... + ou=users + ou=int | + uid=user1 | + uid=user2 | + ... + ou=ext + uid=user3 + uid=user4 + ... ... Only internal users (in ou=int) branch have the samba object classes and should be available on internal servers. Therefore I set the in the libnss-ldap the search scope for the users to ou=int,ou=users,dc=example,dc=com. But this also means that the machine accounts are not available on the UNIX server. Is this necessary? Does it cause any problems? If yes, is there a solution for that (except putting the machine accounts into the ou=int branch)? Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UNIX accounts needed for machine accounts?
Ralf Hornik Mailings wrote: Lukas Haase lukasha...@gmx.at wrote: Is this necessary? Does it cause any problems? Only the samba DC must be able to access the machine objects. So if you plan to reduce the scope on your PDC, machine autentication, or joining a machine to domain will allways fail. On client side I can't see problems so far... Hi, Thanks for your reply. Actually this is exactly whats the problem: On the PDC I want NOT to have the external users in the system! Is there any good solution for that? It would be great if libnss-ldap would support users from different trees (than I could take ou=int,ou=users AND ou=machines) but I guess this is not possible... Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UNIX accounts needed for machine accounts?
Ralf Hornik Mailings schrieb: Ralf Hornik Mailings r...@best.homeunix.org schrieb: then point libnss on your samba related machines to ou=int,dc=domain,dc=com and any other machines to dc=domain,dc=com. Sorry, I made a mistake. Point your samba related machines to ou=int,dc=domain,dc=com and your none samba related machines to ou=ext,dc=domain,dc=com Yes I thought about that but unfortunately this would imply to completely put the internal and the external stuff in a separate tree. But the idea about my design (ou={int,ext},ou=users,...) is that * On internal servers I just use ou=int,ou=users,... that only internal users are in the system * And on the external servers (Mail and Web) I want to have the internal ones *and* the external ones so I just take the whole ou=users,... as base. Complicated... Maybe I could use aliases to point the machines branch into the ou=int branch? But I have no experiences with aliases etc. Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UNIX accounts needed for machine accounts?
Ralf Hornik Mailings schrieb: Lukas Haase lukasha...@gmx.at wrote: Maybe I could use aliases to point the machines branch into the ou=int branch? But I have no experiences with aliases etc. Why don't you simply move the ou=machines into your ou=int? None samba related users do not need machine accounts. Yes I think that is the one solution. But the reason why I did not yet do it is simple: Because the machine Accounts are not users! Look again at my tree: dc=example,dc=com + ou=groups | + cn=Account Operators | + ... + ou=machines | + uid=workstation1$ | + uid=workstation2$ | + ... + ou=users + ou=int | + uid=user1 | + uid=user2 | + ... + ou=ext + uid=user3 + uid=user4 + ... ... So I would need to move the machines tree into the users tree what is semantically not correct. But maybe the one solution? Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UNIX accounts needed for machine accounts?
Ralf Hornik Mailings schrieb: Lukas Haase lukasha...@gmx.at schreibte: Yes I think that is the one solution. But the reason why I did not yet do it is simple: Because the machine Accounts are not users! Machine accounts are very well users! ;-) Respective samba users. So by design they have to reside your samba containers. However you can seperate them by name (as in my suggestion of your LDAP design) but getent will (and should) always find them. Yes. Are you familiar with LDAP? I created an alias now: ou=machines,ou=int,ou=users,dc=example,dc=com -- ou=machines,dc=example,dc=com That works really good on the fly ... if I enable dereference aliases in my LDAP browser I there is even no difference. libnss-ldap seems to support dereferencing aliases. So it should work...BUT is this a good idea or is it better to move the machines there instead of linking? Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UNIX accounts needed for machine accounts?
Lukas Haase schrieb: Ralf Hornik Mailings schrieb: Lukas Haase lukasha...@gmx.at schreibte: Yes I think that is the one solution. But the reason why I did not yet do it is simple: Because the machine Accounts are not users! Machine accounts are very well users! ;-) Respective samba users. So by design they have to reside your samba containers. However you can seperate them by name (as in my suggestion of your LDAP design) but getent will (and should) always find them. Yes. Are you familiar with LDAP? I created an alias now: ou=machines,ou=int,ou=users,dc=example,dc=com -- ou=machines,dc=example,dc=com That works really good on the fly ... if I enable dereference aliases in my LDAP browser I there is even no difference. libnss-ldap seems to support dereferencing aliases. So it should work...BUT is this a good idea or is it better to move the machines there instead of linking? Sorry to quote myself...but I think that would have another big advantage: I would only need to dereference the aliases on the PDC machine and nowhere other I would have the ugly machine accounts in the system :) Regards, Luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba authentication
Hello, I wonder whether there is a way to authenticate samba against NTLM2 enabled radius server without using encrypt passwords = no. I really have no other option than this. My situation is as follows. I have an organization that runs Microsoft Windows Server 2003 which is used as AD. This AD shares passwords with many information systems in our organisation and I would like to use these passwords also for samba users. Administrators of AD disagree to add my samba server to their AD. No way here. They agree to export LDAP (without passwords), Kerberos or Radius and possibly other services but not AD itself. Is there a way to authenticate my samba against their authentication service? If there is no way per-se, would it be possible to modify windbindd to authenticate via NTLM2 against the Radius server instead of AD? -- Lukáš Hejtmánek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba authentication
On Tue, Aug 18, 2009 at 04:24:31PM -0400, Robert Freeman-Day wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Have you tried putting the following line in the [global] section of your smb.conf file? client ntlmv2 auth = yes and what should I put there if I want to authenticate with radius server and not with ADS? -- Lukáš Hejtmánek -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] VFS recycle force user
Hi, i tried Samba 3.4.0 but with same result:( I created a new bug #6549 where i put also my log file with debug level 10 Lukas On Thu, 9 Jul 2009, Jeremy Allison wrote: On Tue, Jul 07, 2009 at 03:47:31PM +0200, dese...@linuxbox.cz wrote: i have problem with share with parametr force user Here i my settings of VFS modul recycle vfs object = recycle recycle:repository = .recycle/%u recycle:maxsize = 5000 recycle:exclude = *.tmp *.temp *.o *.obj ~$* recycle:exclude_dir = sdileni/*/profile* tmp temp cache recycle:versions = yes recycle:touch = yes recycle:keeptree = yes and this is my share [my_share] path = /home/sdileni/instalace comment = software, instalace force group = smbgroup force user = smbuser public = yes If i delete some file from this share, then samba make directory .recycle/smbuser. But in older version (for example Samba 3.3.0) samba maked directory .recycle/real_user - and this i need! It's possible? I must have something new in configuration or is this new behavior of samba? I think this is a side effect of the change that went into 3.4.0pre1. From the changelog : Changes since 3.4.0pre1 --- o Jeremy Allison * BUG 6291: Fix 'force user'. The recycle code uses a substitution of conn-server_info-unix_name for the %u parameter, and this is not (correctly) set to the forced username on connect (which is required for force user to work correctly. The real user name is lost after authentication, which is what you've asked for. The previous (3.3.0) behavior was probably a side effect of force user not being correct in that release. I think in the latest Samba 3.3.6 it would behave the same. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] VFS recycle force user
No, i use at first time samba 3.3.6 and here was this problem. then i tried samba 3.4.0. but with same problem (and before any time i tried samba 3.3.3 and in this version was also this problem). Last version what i use without this problem is 3.0.30 But i dont know if this problem is new behavior or is it bug or if i must have something new in configuration or...? So...my problem is: - i have sharing with parameter force user and i use VFS module recycle - after connecting to share and delete some files, so samba maked directory .recycle/$force_user, but i need directory .recycle/$real_user thanks, Lukas On Mon, 13 Jul 2009, Norberto Bensa wrote: On Mon, Jul 13, 2009 at 9:06 AM, Lukas Deseyvedese...@linuxbox.cz wrote: Hi, i tried Samba 3.4.0 but with same result:( From what I understand, Jeremy says you should downgrade to 3.3.6 to restore the behavior you want. -- S pozdravem - Bc. Lukas DESEYVE LinuxBox.cz, s.r.o. 28. rijna 168, 709 01 Ostrava tel.: +420 596 603 142 fax: +420 596 603 143 mobil: +420 737 238 658 www.linuxbox.cz mobil servis: +420 737 238 656 email servis: ser...@linuxbox.cz - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] VFS recycle force user (fwd)
Hi, have you some idea? Lukas -- Forwarded message -- Date: Wed, 8 Jul 2009 08:27:53 +0200 From: dese...@linuxbox.cz To: Dale Schroeder d...@briannassaladdressing.com Cc: samba@lists.samba.org Subject: Re: [Samba] VFS recycle force user I tried both - recycle:repository = .recycle/%U and also recycle:repository = .recycle/%u But with same result - samba maked directory .recycle/force_user :( L. --- Re: [Samba] VFS recycle force user[IMAGE] Try recycle:repository = .recycle/%U That changes service user to session user. Dale dese...@linuxbox.cz wrote: Hi, i have problem with share with parametr force user Here i my settings of VFS modul recycle vfs object = recycle recycle:repository = .recycle/%u recycle:maxsize = 5000 recycle:exclude = *.tmp *.temp *.o *.obj ~$* recycle:exclude_dir = sdileni/*/profile* tmp temp cache recycle:versions = yes recycle:touch = yes recycle:keeptree = yes and this is my share [my_share] path = /home/sdileni/instalace comment = software, instalace force group = smbgroup force user = smbuser public = yes If i delete some file from this share, then samba make directory .recycle/smbuser. But in older version (for example Samba 3.3.0) samba maked directory .recycle/real_user - and this i need! It's possible? I must have something new in configuration or is this new behavior of samba? thanks, Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] VFS recycle force user
I tried both - recycle:repository = .recycle/%U and also recycle:repository = .recycle/%u But with same result - samba maked directory .recycle/force_user :( L. On Tue, 7 Jul 2009, Dale Schroeder wrote: Try recycle:repository = .recycle/%U That changes service user to session user. Dale dese...@linuxbox.cz wrote: Hi, i have problem with share with parametr force user Here i my settings of VFS modul recycle vfs object = recycle recycle:repository = .recycle/%u recycle:maxsize = 5000 recycle:exclude = *.tmp *.temp *.o *.obj ~$* recycle:exclude_dir = sdileni/*/profile* tmp temp cache recycle:versions = yes recycle:touch = yes recycle:keeptree = yes and this is my share [my_share] path = /home/sdileni/instalace comment = software, instalace force group = smbgroup force user = smbuser public = yes If i delete some file from this share, then samba make directory .recycle/smbuser. But in older version (for example Samba 3.3.0) samba maked directory .recycle/real_user - and this i need! It's possible? I must have something new in configuration or is this new behavior of samba? thanks, Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.3.x - The system cannot log you in due to the following error: Procedure number is out of range
after update from samba 3.0.30 to 3.3.3. i can't login to windowsXP machines (SP2, SP3) with some user's accounts i got already these error message: The system cannot log you in due to the following error: Procedure number is out of range with some user's accounts all works right, but with some accounts is these error. My configuration is now same as before the update, and before the update all account works fine. Know you where is the problem? thanks, Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Limit winbind to a certain Domain
Hi all, I've been using Samba v.3.0.24 (the version included in current Debian etch) and have now upgraded to latest Samba (3.2.4). In both versions i have the same problem: I'm using Samba as a domain member in a domain, let's say C.B.A (with C being the short name for this domain). There are other domains in the tree, like D.B.A and E.B.A. Now I set up kerberos, joined the domain, all went smoothly, but when I test it with wbinfo -u or -g, it fetches me all user accounts (or groups) not just from C.B.A but from all the domains in the tree - and half of the time this will run in some sort of a timeout, since die PDCs for the other domains are connected over a somewhat slow line. *If* it succeeds I can see a lot of lines like D.B.A/username - not what I want. A wbinfo --domain=C -u does exactly what i want to be the default operation. Now i tried setting allow trusted domains = no in smb.conf, but this seems to have no effect. Using google I found several postings etc. saying that allow trusted domains has been removed somewhere around 3.0.24, that was the reason I upgraded (I hoped this would have been re-enabled). So how do I archive this with Samba 3.2.4 or 3.0.24? 3.0.24 would be even nicer than 3.2.4 since this would mean that I could use the package manager to keep Samba up-to-date (or what debian considers to be up-to-date ;-)) Thanks in advance! Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems with create and directory mode if mounted
Volker Lendecke wrote: On Tue, Sep 23, 2008 at 03:36:21PM +0200, Lukas Grässlin wrote: I have a problem: I set up samba on my home server to share some files. In my smb.conf I set to the shares directory mode = 0775 and create mode = 0664. So new files will have 664 permissions and new dirs 775 permissions. If I access to the smb shares over my file explorer and create files an dirs, they get the permissions on the server I set in the smb.conf. So it works! Now the problem: If I mount the share and create there files and dirs, they _DO NOT_ get the permissions on the server they should have (The perimssions I set in the smb.conf) My mount command: mount -t cifs -o username=user,password=pass,iocharset=utf8 //home-server/share /share (mount -t smbfs doesn't work) I hope you're able to understand my (probably) english ;-) You're seeing cifs/samba unix extension. The client determines the mask according to the local umask. If you really don't want this, try unix extensions = no. Volker Hm, unix extensions = no doesn't really work. Maybe I do something wrong? The main problem ist that I habe three Samba Users on the Server. And if userA creates a file, which has the rights rw-r--r-- userB can't edit this file, but he should be able to do. Thats my problem. So I need e.g. that new files automatically get the rights I set in my smb.conf. And that's not the case if I mount the share. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with create and directory mode if mounted
Good evening, I have a problem: I set up samba on my home server to share some files. In my smb.conf I set to the shares directory mode = 0775 and create mode = 0664. So new files will have 664 permissions and new dirs 775 permissions. If I access to the smb shares over my file explorer and create files an dirs, they get the permissions on the server I set in the smb.conf. So it works! Now the problem: If I mount the share and create there files and dirs, they _DO NOT_ get the permissions on the server they should have (The perimssions I set in the smb.conf) My mount command: mount -t cifs -o username=user,password=pass,iocharset=utf8 //home-server/share /share (mount -t smbfs doesn't work) I hope you're able to understand my (probably) english ;-) With kind regards, Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
directory caching
Hi, Whenever I access a file from a PC, the directory is cached and if I subsequently add a directory or a file the PC won't see the new structure. Is there a way to change that? Thanks, Lukas PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
[Samba] Re: my serwer hngs :(
Yes I can't login even from keybord. This machine was working with redhat 8.0 for 2 years. It could be something with disk because i have to change one of system disk lately:( Mayby you know how to test hard disk or scsi controler ? I have maxtor 36 GB and Adaptec 7.9 Controler Thx for your answer Morty Edward Luck wrote: When you say it hangs up, do you mean you can't even login at the keyboard? If so, this is highly unlikely to be a Samba problem, and much more likely to be some wierd hardware issue, like a busted NIC or stuffed memory. On 1/5/06, lukas [EMAIL PROTECTED] wrote: Heloo My server hangs up :((machine not only samba) I've upgrated my system. Now it is Gentoo 2005.1 - K 2.6.14 - Samba 3.0.20b Everything works exelent and much more faster now but sometimes it hangs up. The last hang up was when I have loged one user on w98 :( to domain. Only strange thing that I've found in logs are : : [2006/01/05 07:59:13, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981) Jan 5 07:59:13 localhost smbd[7048]: Attempt to bind using schannel without successful serverauth2 Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/access.c:check_access(328) Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: Denied connection from (0.0.0.0) Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: Connection denied from 0.0.0.0 Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:write_data(554) Jan 5 08:01:06 localhost smbd[7061]: write_data: write failure in writing to client 172.17.70.36. Error Connection reset by peer Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:send_smb(762) Jan 5 08:01:06 localhost smbd[7061]: Error writing 5 bytes to client. -1. (Connection reset by peer) Jan 5 08:01:06 localhost smbd[7062]: [2006/01/05 08:01:06, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981) Jan 5 08:01:06 localhost smbd[7062]: Attempt to bind using schannel without successful serverauth2 Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:06:07 localhost smbd[7070]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/access.c:check_access(328) Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:06:07 localhost smbd[7070]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:06:07 localhost smbd[7070]: Denied connection from (0.0.0.0) I don't know what to do :( my smb conf [global] log file = /var/log/samba/%m.log load printers = no smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain master = yes bind interfaces only = Yes hosts deny = ALL hosts allow = 172.17.70.0/24 127. interfaces = eth0 lo hosts allow = 172.17.70. encrypt passwords = yes passwd program = /usr/bin/passwd %u max disk size = 51200 dns proxy = no server string = zefirek netbios name = zefirek printing = cups logon script = %U.bat message command = winpopup unix password sync = Yes local master = yes workgroup = ztisze os level = 90 printcap name = cups security = user max log size = 5000 pam password change = yes domain logons = yes restrict anonymous = true dos charset = CP852 unix charset = ISO8859-2 preserve case = yes read raw = yes write raw = yes getwd cache = yes #write cache size = 65536 debug level = 1 debug timestamp = no timestamp logs = true dos file times = yes passdb backend = smbpasswd #ldap server = localhost #ldap port = 0 #Czas time server = yes and so on Thx for all answers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Keep flying, and stay shiny. -- To unsubscribe from this list go
[Samba] my serwer hngs :(
Heloo My server hangs up :((machine not only samba) I've upgrated my system. Now it is Gentoo 2005.1 - K 2.6.14 - Samba 3.0.20b Everything works exelent and much more faster now but sometimes it hangs up. The last hang up was when I have loged one user on w98 :( to domain. Only strange thing that I've found in logs are : : [2006/01/05 07:59:13, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981) Jan 5 07:59:13 localhost smbd[7048]: Attempt to bind using schannel without successful serverauth2 Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/access.c:check_access(328) Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: Denied connection from (0.0.0.0) Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: Connection denied from 0.0.0.0 Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:write_data(554) Jan 5 08:01:06 localhost smbd[7061]: write_data: write failure in writing to client 172.17.70.36. Error Connection reset by peer Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:send_smb(762) Jan 5 08:01:06 localhost smbd[7061]: Error writing 5 bytes to client. -1. (Connection reset by peer) Jan 5 08:01:06 localhost smbd[7062]: [2006/01/05 08:01:06, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981) Jan 5 08:01:06 localhost smbd[7062]: Attempt to bind using schannel without successful serverauth2 Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:06:07 localhost smbd[7070]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/access.c:check_access(328) Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:06:07 localhost smbd[7070]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:06:07 localhost smbd[7070]: Denied connection from (0.0.0.0) I don't know what to do :( my smb conf [global] log file = /var/log/samba/%m.log load printers = no smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain master = yes bind interfaces only = Yes hosts deny = ALL hosts allow = 172.17.70.0/24 127. interfaces = eth0 lo hosts allow = 172.17.70. encrypt passwords = yes passwd program = /usr/bin/passwd %u max disk size = 51200 dns proxy = no server string = zefirek netbios name = zefirek printing = cups logon script = %U.bat message command = winpopup unix password sync = Yes local master = yes workgroup = ztisze os level = 90 printcap name = cups security = user max log size = 5000 pam password change = yes domain logons = yes restrict anonymous = true dos charset = CP852 unix charset = ISO8859-2 preserve case = yes read raw = yes write raw = yes getwd cache = yes #write cache size = 65536 debug level = 1 debug timestamp = no timestamp logs = true dos file times = yes passdb backend = smbpasswd #ldap server = localhost #ldap port = 0 #Czas time server = yes and so on Thx for all answers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: RE my serwer hngs :(
[EMAIL PROTECTED] wrote: network card maybe What to check ifconfig shows nothing wrong :( I have Intel 1G ethernet card. Thankyou Morty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba - corrupt files after application crash
Hi, I have Samba server and Windows machine. On that machine is 3d MAX studio. everything is fine, until that 3d max crashes. The file, it used, is then unusable. I dont know why :( Before samba there was som windows server and it survived the crash without any consequences. Please, what shall i set up? Where can i look for more information? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Migrating Samba -- Parallel Installation
Dear all, accept my apologies for re-sending my email but I do: Lukas Ruf [EMAIL PROTECTED] [2005-05-02 18:50]: for migrating Samba, I would like to install the latest Samba Server on a new server machine in parallel to the operational one. My questions: - Is there the risk of corrupting data if two machines work on the same (NFS-shared) data? - If so, what is the recommended way of upgrading/migrating samba? - If no, is there anything in particular I need to take care of? Thanks in advance for any help! Gruss, Lukas -- Lukas Ruf http://www.lpr.ch | Raw IP http://www.rawip.org | Style http://email.rawip.org | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Migrating Samba -- Parallel Installation
John, thanks for the answer! John H Terpstra [EMAIL PROTECTED] [2005-05-03 11:37]: On Tuesday 03 May 2005 03:26, Lukas Ruf wrote: for migrating Samba, I would like to install the latest Samba Server on a new server machine in parallel to the operational one. My questions: - Is there the risk of corrupting data if two machines work on the same (NFS-shared) data? So long as the NFS server and clients support locking (NFS lockd) the risk is low. Assuming people are accessing data either by the old or by the new samba server but data is not accessed simultaneously from both intentionally by the user, can't the risk be reduced to zero? - If so, what is the recommended way of upgrading/migrating samba? See chapter 8 of the book Samba-3 by Example. You can obtain this book from: http://www.samba.org/samba/docs/Samba-Guide.pdf I will! Thanks! No problems, but please be patient - this is a user supported list and all responses are voluntary. I know! Thanks. Gruss, Lukas -- Lukas Ruf http://www.lpr.ch | Raw IP http://www.rawip.org | Style http://email.rawip.org | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Migrating Samba
Dear all, for migrating Samba, I would like to install the latest Samba Server on a new server machine in parallel to the operational one. My questions: - Is there the risk of corrupting data if two machines work on the same (NFS-shared) data? - If so, what is the recommended way of upgrading/migrating samba? - If no, is there anything in particular I need to take care of? Thanks in advance for any help! Gruss, Lukas -- Lukas Ruf http://www.lpr.ch | Raw IP http://www.rawip.org | Style http://email.rawip.org | -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] win host is not able to connect
hi list, ill using samba with pam an mysql with the following smb.conf: [global] log file = /var/log/samba/log.%m log level = 10 syslog = 10 workgroup = Workgroup server string = samba file services at WORKGROUP-NAME security = User #must be set to 'no' to use PAM encrypt passwords = No # update encrypted = No allow trusted domains = Yes [samba] path = /home/samba valid users = root,user1 writeable = Yes = now, i can auth with `smbclient -L localhost -U user1 -W WORKGROUP` without any problems and pam is working fine. But when i try to connect with a windows machine (same workgroup and user) the host is not able to connect to that server. only when i set encrypt passwords = Yes but in that case samba did not use the pam auth, only the own smbdpassdb. Do i have to set another config option to? thanks luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] lanman,nt pass vs. mysqlpass
hi list i´ll use samba with pdb_mysql, but i´ve to use an existing DB where the Password for the users are stored with the mysql password encyption like: UPDATE `user` SET `password` = PASSWORD( 'quick' ) WHERE `uid` = '1'; Is there a way to tell samba to use this encryption rather than nt or lanmann? thx.luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pam auth with mysql
hi list, since, days i´m trying to auth. samba users with pam using mysql without any result this is my /etc/pam.d/samba: [EMAIL PROTECTED] common-auth [EMAIL PROTECTED] common-account [EMAIL PROTECTED] common-session auth requiredpam_mysql.so user=root passwd=** db=samba table=users usercolumn=login passwdcolumn=password crypt=1 account requiredpam_mysql.so user=root passwd=** db=samba table=users usercolumn=login passwdcolumn=password crypt=1 password requiredpam_mysql.so user=root passwd=** db=samba table=users usercolumn=login passwdcolumn=password crypt=1 session requiredpam_mysql.so user=root passwd=** db=samba table=users usercolumn=login passwdcolumn=password crypt=1 i see that pam is doing the right mysq_query SELECT password FROM users WHERE login='root' but i alwas getting a an error: session setup failed: NT_STATUS_LOGON_FAILURE without the mysql_auth in pam samba is working fine. isn´t a solution for this? thx luke -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Dropouts
Hello I just want to ask you if you solve the problem with a drops I have the same problem and im totaly frustrated.. HELP PLEASE :- Lukas VECHET MARK DISTRI s.r.o. Na Flore 2/1302 143 00 PRAHA 4 CZECH REPUBLIC phone : +420 244 401 993-6 fax : +420 244 402 041 email : [EMAIL PROTECTED] mobil : +420 602 127 082 --- Odchoz zprva neobsahuje viry. Zkontrolovno antivirovm systmem AVG (http://www.grisoft.cz). Verze: 6.0.719 / Virov bze: 475 - datum vydn: 12.7.2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logon script question
Hi list I'm wondering if it and how it is possible to add printers to a workstation with a logon script like mounting shares. I can't find anything about this on the inetnet so is this possible? regards lm -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] add machine script problem
Hello I set up a Samba 3 PDC with ldap backend. I created an script that adds machine accounts. First it adds the machine account to /etc/passwd and then it creates the user in ldap with smbpasswd -a -m machine. If I run the script by hand, it works and the account has been added. After that I can join the domain without any problems. Now I want to make this machine account creation on the fly. So I added the script to smb.conf as add user script = /path/to/createmachineaccount.sh. If I try to join a domain with a workstation that hasn't any account, the script creates the machine account but on error occurs that I can't log in because the account doesn't exist. After that if I try to join again, the logon process works because it found the machine account. So I have to join every workstation twice, first for user creation and second for joining the domain. Why doesn't this work in one step? On our old samba 2.2.8a PDC with ldap backend, the whole things worked with the same machine add script. I welcome any suggestions. best regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] add machine script problem
Beast wrote: * Lukas Meyer [EMAIL PROTECTED] nulis: Hello I set up a Samba 3 PDC with ldap backend. I created an script that adds machine accounts. First it adds the machine account to /etc/passwd and then it creates the user in ldap with smbpasswd -a -m machine. If I run the script by hand, it works and the account has been added. After that I can join the domain without any problems. Now I want to make this machine account creation on the fly. So I added the script to smb.conf as add user script = /path/to/createmachineaccount.sh. If I try to join a domain with a workstation that hasn't any account, the script creates the machine account but on error occurs that I can't log in because the account doesn't exist. After that if I try to join again, the logon process works because it found the machine account. IMO it was because samba can not 'see' changes in ldap. You have to set sleep time in add machine script? btw, why not putting posix account in ldap directory intead of file? --beast Hello I added a sleep time to the add machine script but there's no success. How do you mean putting a posix account in ldap instead of file? If I add a posix account to the machine-account, what file won't I need? regards lm -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3 ldap pdc
Craig White wrote: On Thu, 2004-03-11 at 00:51, Lukas Meyer wrote: Hi list! I set up a new Samba 3 PDC with ldap backend. In our network, there already exists an old samba 2.2.8 PDC with ldap backend. Now I have two PDC named DOMAIN1 and DOMAIN2. Because in our network, there are a lot of windows NT4 and W2k workstations that are loggin on to DOMAIN1, I don't want to join every workstation to DOMAIN2. Is it possible to shut down DOMAIN1, and configure the new PDC DOMAIN2 as DOMAIN1 so the workstations don't have to join again btw wouldn't get new profiles? I migrated all workstation and user accounts to the new one, so every workstation and user has also access to the new PDC. Or exists any other method of migrating to the new PDC? The big problem is that I want to keep the profiles of every user. I am a bit surprised by this question since it would seem that someone that has already set up LDAP on both samba 2.2x 3 has a pretty good working knowledge of the differences in schema/attributes of the two and could probably slapcat their LDAP from the 2.2x version (machine accounts) - find replace fix the changes and import them into the LDAP store for 3.0.x Obviously the DOMAIN NAME, localSID, GID's etc will differ and those must also be fixed. There is a section about conversion from 2.2x to 3.0.x in the how-to Craig Hi Craig I think you miss understood me. I still migrated the ldap entries and group entries. But I have the problem with the profiles. I don't want to use roaming profiles so If I join a workstation to the new DOMAIN, there will be created a new profile and I want to keep them. So I've got the idea of shutting down DOMAIN1 and configure the new samba 3 domain to DOMAIN1 and the workstations won't recognize if the PDC is the old samba2 or the new one. Or are there any profile migration scripts or anything else? regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] weird home share problem
Hi list During my samba3 pdc ldap backend set up I encountered a new problem. I configured in smb.conf the mounting of the home share as followed: logon path =# I don't want roaming profiles logon drive = H: logon home = \\homeserver\%u logon script = logon.bat [homes] comment = Home dirs valid users = %S read only = No browseable = No Well after logging in it executes the login.bat or the defined one in ldap tree and mounts the \\server\user to H:. Now it works perfectly but the weird thing is, after logging in, I log out and log in again, and the home share isn't there. I restart the workstation and log in again and it isn't still there. But if I log off or shut down the workstation and wait approximate 5 minutes, the home share appears after the login process. It looks like there is a timeout or something else. The other strange thing is, that sometimes, the logon script won't be executed. Are there any problems between the logon script in the smb.conf and the one stored in ldap tree? Best regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3 ldap pdc
Hi list! I set up a new Samba 3 PDC with ldap backend. In our network, there already exists an old samba 2.2.8 PDC with ldap backend. Now I have two PDC named DOMAIN1 and DOMAIN2. Because in our network, there are a lot of windows NT4 and W2k workstations that are loggin on to DOMAIN1, I don't want to join every workstation to DOMAIN2. Is it possible to shut down DOMAIN1, and configure the new PDC DOMAIN2 as DOMAIN1 so the workstations don't have to join again btw wouldn't get new profiles? I migrated all workstation and user accounts to the new one, so every workstation and user has also access to the new PDC. Or exists any other method of migrating to the new PDC? The big problem is that I want to keep the profiles of every user. best regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba3 smbpasswd search filter
Hi list I set up a samba 3 PDC with ldap authentification. Now i have some troubles concerning the machine account creation on the fly while joining the domain. I'm using the smbldap-tools 8.4 for user creation. According to the smbldap-tools howto and the samba3-ldap howto: http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html, the ordinary way of creating a machine account is: /path/to/smbldap-tools/smbldap-useradd -w machinename$ That works without any problem but I can't join the domain. Now I could find the problem why it won't work. If I call smbpasswd to change the machines password in debug mode. I can see that this script has this search filter for ldap entries: ((uid=machinename$)(objectclass=sambaSamAccount)) However the entry that was done by the smbldap-useradd -w hasn't any objectclass sambaSamAccount. And as i thought after adding a sambaSamAccount objectclass to this machine account, I could join the domain. So where's the fault? I think the machine account don't need any objectclass sambaSamAccount so I have to change the search filter for smbpasswd or samba? And how to do this? I really welcome any suggestions best regards Lukas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and Roaming Profiles
Hi there I've got a question concerning samba and roaming profiles. Is it possible to enable roaming profiles only for specific users? For example that I can enable Roaming Profiles for user1 and user2 but not for user3 and user4. Best regards lukas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RE: SPAM
Now that I also get about 150-200(!) Messages of 156KB Mails each day about half an hour(!) after my first posting to this list for the first time in my life I must admit that there IS something terribly wrong. Fact is that I subscribed to the list half a year ago. I also subscribed to OpenLDAP-, Courier-, and other mailing lists. I posted to these lists and I posted many times in the usenet some years ago. I agree that it is not the FAULT of the Samba team who runs this list, but the CAUSE of this behaviour may be due to the fact that the address of a subscriber is presented to the usenet (it is very likely). Maybe the exposure of an E-Mail link on the world wide web is also a potential cause for getting SPAM. The following script elegantly solves this issue, for example: script language=JavaScript !-- var prefix = foo; document.write(a title=\Send E-Mail\ href=\mailto:; + prefix + @bar.com\); document.write(prefix + [AT]bar.com/a); //-- /script Think. ;) -- Best regards, Bernhard Lukas Pericom Communication Consulting GmbH 1060 Wien, Mariahilfer Strasse 47/5/5 Tel. 01 585 64 90 - 63 Fax. 01 585 64 90 - 33 Web. www.pericom.at -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 versus Samba TNG
Just a small question before I dare to install Samba TNG: Is there any functionality in the latest Samba TNG (I think 0.3.2) which is *not* implemented in Samba 3.0? TIA! :) -- Best regards, Bernhard Lukas Pericom Communication Consulting GmbH 1060 Wien, Mariahilfer Strasse 47/1/3 Tel. 01 585 49 72 - 42 Fax. 01 585 49 72 - 33 Web. www.pericom.at -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba