Re: [Samba] objectClass:posixAccount missing
On Fri, Aug 30, 2013 at 08:14:56PM +0200, steve wrote: > > Hi, How about this for an idea, get the OP to create a VM on Mageia, > > install Ubuntu 12.04 or Centos 6.4 in it and then compile samba 4 on the > > VM. Then setup winbind or nslcd or sssd on it, once this is working the > > OP can work out to get the setup to run on Mageia himself. > > > > RFowlanf > > Yep. +1 for the Ubuntu vm. We go for a git master because you can add > rfc2307 via samba-tool. Aim: To produce a Samba4 stand alone DC with a > single user. getent passwd user returns his rfc2307 from the directory. > Any takers? This is what my test setup is running now, however, it's using the Sernet packages, not source. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 10:45:28PM +0100, Rowland Penny wrote: > If you want my opinion, this is just another example of why not to use > winbind, if you can wait until tomorrow , I will send you an howto on sssd > on Ubuntu 12.04 Something like this? http://linuxcostablanca.blogspot.com/2013/04/sssd-in-samba-40.html That's about the most verbose thing Google seems to come up with. I'll wait as long as it takes, this is all just initial testing... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 11:36:26PM +0200, steve wrote: > Amazing;) Amazing all right. I have a headache :) > You'd lose control over uidNumber, gidNumber and you wouldn't be able to > specify your own home directories and login shells. It's also a > nightmare if you add a second DC. So if I plan on using this for Windows clients ONLY, uidNumber, gidNumber, homedirs and shells shouldn't really be a problem to me. Key word being shouldn't? Not being able to add a backup DC WOULD be a problem, however. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 11:19:26PM +0200, steve wrote: > Similar to what I had when I used winbind, except the * range was lower > than the range we wanted. Try something like 3000-3500 and 3501-4 > perhaps? Like this? idmap config *:backend = tdb idmap config *:range = 3000-3500 idmap config NWLTECH:backend = ad idmap config NWLTECH:schema_mode = rfc2307 idmap config NWLTECH:range = 3501-4 That makes no difference. Still no results. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote: >OK, that seems like it should work, I had the winbind ad backend >working, but found it difficult to setup so jumped ship to sssd >The idmap setup I used was: >idmap config *:backend = tdb >idmap config *:range = 1100-2000 >idmap config DOMAIN:backend = ad >idmap config DOMAIN:schema_mode = rfc2307 >idmap config DOMAIN:range = 1-310 >As you can see the number ranges are the opposite way round to what you >have i.e. config*:range is lower than DOMAIN:range >You could also try (as a test) changing backend = ad to backend = rid, >this will ignore the rfc2307 bit but will test the connect to the AD >server. >Rowland Changing the above ranges made no difference. However, changing backend = rid gets me: root@srv2:~# getent passwd administrator administrator:*:10005:1013:Administrator:/home/Administrator:/bin/sh root@srv2:~# id user1 uid=1(user1) gid=1013(domain users) groups=1013(domain users),70002(BUILTIN\users) root@srv2:~# id user2 uid=10001(user2) gid=1013(domain users) groups=1013(domain users),70002(BUILTIN\users) That seems to be working perfectly. What would I be losing without rfc2307 (please excuse the ignorance)? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 08:59:47PM +0100, Rowland Penny wrote: >/etc/nsswitch.conf setup correctly? passwd: compat winbind group: compat winbind shadow: compat -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 10:27:36PM +0200, steve wrote: > Can you post smb.conf on SRV2? > Steve Certainly: [global] workgroup = NWLTECH security = ADS realm = NWLTECH.ORG encrypt passwords = yes idmap config *:backend = tdb idmap config *:range = 70001-8 idmap config NWLTECH:backend = ad idmap config NWLTECH:schema_mode = rfc2307 idmap config NWLTECH:range = 500-4 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind troubles
On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote: >Have you tried 'getent passwd username' >Rowland root@srv2:~# getent passwd Administrator root@srv2:~# getent passwd user1 root@srv2:~# getent passwd user2 root@srv2:~# getent passwd user3 No results. They are all there though: root@srv2:~# wbinfo -u administrator krbtgt guest user1 user2 user3 Verified the uidNumber was set as well on the DC: # ldbsearch --url=/var/lib/samba/private/sam.ldb cn=user1|grep uidNumber uidNumber: 1 # ldbsearch --url=/var/lib/samba/private/sam.ldb cn=user1|grep gid gidNumber: 1 # ldbsearch --url=/var/lib/samba/private/sam.ldb cn=user2|grep uidNumber uidNumber: 10001 # ldbsearch --url=/var/lib/samba/private/sam.ldb cn=user2|grep gid gidNumber: 1 etc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind troubles
I've rolled 2 virtual servers running Ubuntu 12.04 LTS and have installed the SerNet packages. SRV1 has the AD setup and SRV2 is a member server. I've followed the wiki for both servers to the letter, and winbind still refuses to grab info on the member server. I rolled the provision with --use-rfc2307, added a bunch of users with samba-tool. I then manually created a group and made sure it had valid gid. I then did the same with the 3 users, made sure their primary group was set, and they had valid UIDs. All 3 users have UIDs of 1, 10001, and 10002. The single group has a GID of 1 and all 3 users are a member. I joined the domain fine, everything appears correct in DNS, and the SRV2 member server shows up in ADUC under Computers. Both smb.conf files match exactly (except for the domain names) the config file examples in the wiki articles. wbinfo -u and wbinfo -g both work and pull the proper users/groups. However, when I run getent passwd all I get is local users. I checked and re-checked libnss_winbind.so with ldconfig -v, and that is there as well. What the heck could I be missing? I've followed everything to the letter. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
On Wed, Jul 17, 2013 at 12:31:54PM +0200, Ali Bendriss wrote: >The last time I was having this kind of error, it was because I haven't >setup the gid number for the primary group for each users (domain >users). > >I ended changing the gid of domain users for something high (the >default for provision is 100) so my idmap range for idmap_ad doesn't >have to go as lower as 100. And then I gave all the users the new >configured gid number. > >it may be useful to run net cache flush on the member server while >doing the test. > >you set idmap config NWLTECH:range = 500-4 > >but the default gid for domain user is 100 so I think that you need to >change it (see above) or adapt your range. The last thing it has to be is something with Arch Linux. I removed all their samba packages and rolled from source and it does the EXACT same thing. I then fired up a quick and dirty Ubuntu LTS VM, installed some samba 4.0.6 packages from a PPA, and it worked. First try. I didn't even have to set uid/gid numbers for the users. getent passwd displays all domain users and: $ id testuser3 uid=70009(testuser3) gid=70001(domain users) groups=70001(domain users),70012(BUILTIN\users) grabs all the info properly and gives them proper uid/gid as per the ranges in smb.conf. I guess I'll rework everything with Ubuntu, although I'm not overly crazy about using older packages. But if it works, whom am I to argue? I don't know what else could possibly be wrong with Arch. Do users created still need a uid/gid added in the UNIX Attributes tab? Thanks a ton to everyone that offered help, I really appreciate the effort. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
On Tue, Jul 16, 2013 at 08:45:15PM +0200, Marc Muehlfeld wrote: > Did you clean up the tdb files on your member server? I could imagine, that > Samba mixes the old and new domain in it's idmap cache. If it's a new > installation and nothing important in the member servers registry (like > print server printer settings), just remove the whole samba installation, > 'make install' again and rejoin. Well now I am out of ideas. I hosed both setups and started from scratch. Redid the provision with the proper rfc2307 added, and I have created test users and assigned them UIDs in ADUC. I can create groups and give them GIDs as well. I rejoined the member server, I can list all users, but I still get no results from id on the member server. What the heck could I be missing? Does the ADC server need special idmap config/ranges, etc as well? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
On Tue, Jul 16, 2013 at 01:16:02PM -0400, Matthew Daubenspeck wrote: > On Tue, Jul 16, 2013 at 05:22:14PM +0100, Rowland Penny wrote: > >Yes, you can use ADUC but you need to have provisioned samba4 with > >--use-rfc2307 > >You can also add the uidNumber & gidNumber with an ldif and ldapmodify > >or ldbmodify. Have a look here: > >[1]http://linuxcostablanca.blogspot.com.es/2012/02/samba-4-posix-domain > >-user.html > >Without the uidNumber & gidNumber, using the ad backend, Winbind will > >not display any users, with uidNumber & gidNumber, Winbind will only > >display the users & groups that have them. > >If you do not want to enter the uidNumber etc, have a look at sssd, > >this will do all that Winbind does without all the hassle. > >Rowland > > That must be the problem. The wiki had no mention of provisioning with > --use-rfc2307. I'll redo that and try again. I re provisioned the whole works, rejoined the member server. Now in ADUC I can see the NIS domain name and UID, as well is being part of a primary group (after I created one). It works perfectly on the DC server, but still nothing seems to propagate to the member server. DC: # id testuser uid=10001(NWLTECH\testuser) gid=100(users) groups=100(users) Member: # id testuser id: testuser: no such user I've turned the log level to 3, and the only error I see is: [2013/07/16 14:37:05.757568, 1] ../source3/winbindd/idmap_ad.c:653(idmap_ad_sids_to_unixids) Could not get unix ID for SID S-1-5-21-1953420892-2023128348-2744795462-513 And the SIDs change as I query for different users... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
On Tue, Jul 16, 2013 at 05:22:14PM +0100, Rowland Penny wrote: >Yes, you can use ADUC but you need to have provisioned samba4 with >--use-rfc2307 >You can also add the uidNumber & gidNumber with an ldif and ldapmodify >or ldbmodify. Have a look here: >[1]http://linuxcostablanca.blogspot.com.es/2012/02/samba-4-posix-domain >-user.html >Without the uidNumber & gidNumber, using the ad backend, Winbind will >not display any users, with uidNumber & gidNumber, Winbind will only >display the users & groups that have them. >If you do not want to enter the uidNumber etc, have a look at sssd, >this will do all that Winbind does without all the hassle. >Rowland That must be the problem. The wiki had no mention of provisioning with --use-rfc2307. I'll redo that and try again. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
On Tue, Jul 16, 2013 at 04:42:48PM +0100, Rowland Penny wrote: >Hi, Have you given your users & groups a uidNumber and/or gidNumber on >the server? >Rowland Is that something that has to be done with ADUC? I have added all the test users with samba-tool. This is all on the server: # wbinfo -n testuser S-1-5-21-2599942137-598557555-1723227496-1110 SID_USER (1) # wbinfo -S S-1-5-21-2599942137-598557555-1723227496-1110 328 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] New ADC configuration
On Mon, Jul 15, 2013 at 09:19:48PM +0200, Marc Muehlfeld wrote: > If you have multiple DCs, then the domain group/user/etc. stuff is > automatically on each DC (directory replication). Member servers are getting > the xID information from the DCs. And for that you need an Idmap > configuration. > > For your member servers, I recommend to use backend AD and retrieve the xIDs > from AD. Then you can edit the unix user/group information directly from > ADUC, with all other account data. An example is in the HowTo: > https://wiki.samba.org/index.php/Samba4/Domain_Member#Setting_up_a_basic_smb.conf > Also then your user/groups have the same xIDs on all members. It looks like I am close. I followed the wiki, replacing the necessary items and started smbd, nmbd, and winbindd. The net ads join initially failed with some DNS issues, I fixed those, and the join succeeded. Here is what works: # wbinfo -p Ping to winbindd succeeded # wbinfo -u administrator testuser1 testuser krbtgt guest Newly added users appear as well, after the winbind cache time is up. # wbinfo -g allowed rodc password replication group enterprise read-only domain controllers denied rodc password replication group read-only domain controllers group policy creator owners ... However, I can't seem to get getent or id working. # id administrator id: administrator: no such user # id testuser1 id: testuser1: no such user However, if I create a temporary local user, then it seems to work # id testuser1 uid=1002(testuser1) gid=1002(testuser1) groups=1002(testuser1),4294967295,70002(BUILTIN\users) Here is nsswitch.conf # Begin /etc/nsswitch.conf passwd: files winbind group: files winbind What could I be missing? Here is smb.conf on the member server: [global] workgroup = NWLTECH security = ADS realm = NWLTECH.ORG encrypt passwords = yes log level = 3 idmap config *:backend = tdb idmap config *:range = 70001-8 idmap config NWLTECH:backend = ad idmap config NWLTECH:schema_mode = rfc2307 idmap config NWLTECH:range = 500-4 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes [share1] path = /home/samba/share1 read only = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] New ADC configuration
I am in the process of moving our single Samba 3.x servers to a new 4.x AD server setup, with member servers. I have the Main ADC installed and running perfectly, machines can join with no problems. Seriously, it couldn't honestly be any easier, thanks for the Samba4 Wiki. It saved me a ton of time and stress. I'm working next on getting several test member servers working as well, and I'm a little confused with the config. According to the Samba AD DC HOWTO on the wiki, it really doesn't have anything in the config about the "idmap config" stuff. When adding member servers, does the idmap config options only go on the member servers, or does it have to have to be on the ADC as well? Do all member servers have the same ranges, or must they all be different? Thanks for your time. -- Matthew Daubenspeck Gentoo Linux i686 Intel(R) Xeon(R) CPU L5520 @ 2.27GHz 14:13:06 up 55 days, 3:44, 4 users, load average: 0.00, 0.05, 0.10 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Win XP printing and 3.x
Our main print server is currently running samba 3.5.9 and serving quite a bunch of printers to WinXP, Win7, and OSX clients. When I attempted to upgrade to 3.6.8, none of the printers appear on the WinXP clients. Win7 and OSX continue to work fine. I noticed the initial 3.6.0 release notes showed that the Spoolss code was "completely overhauled and refactored." Do I have to do anything special to upgrade to 3.6.x? XP clients can no longer see printers after the upgrade. Thanks. -- Matthew Daubenspeck -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbd PANIC at privileges
I've had a lprng/samba print server for (literally) years that has just worked perfectly. Everything is setup with full guest printing, mainly to make our lives here a little easier. I had to migrate the machine from one physical server to another and I just basically copied the lprng printcap and smb.conf file to the new server, restarted the services, and everything seems to be working. However, I get a TON of the following messages: Oct 19 15:05:23 hal smbd[5216]: [2011/10/19 15:05:23.518393, 0] lib/privileges.c:67(get_privileges) Oct 19 15:05:23 hal smbd[5216]: PANIC: assert failed at lib/privileges.c(67): data.dsize == sizeof( SE_PRIV ) Oct 19 15:05:41 hal smbd[5223]: [2011/10/19 15:05:41.347537, 0] lib/privileges.c:67(get_privileges) Oct 19 15:05:41 hal smbd[5223]: PANIC: assert failed at lib/privileges.c(67): data.dsize == sizeof( SE_PRIV ) Any ideas? I googled and couldn't really find anything that didn't just consist of source code pushes and stuff, nothing that helps troubleshoot. I'm using samba 3.5.9, however, an upgrade to samba-3.6.0 didn't make a difference, other then break some XP printing, etc. -- Matthew Daubenspeck Gentoo Linux i686 Intel(R) Xeon(R) CPU 5130 @ 2.00GHz 15:03:40 up 104 days, 2:18, 4 users, load average: 0.23, 0.24, 0.19 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] OSX and Office documents
I am using Samba Version 3.6.0 from the Arch Linux samba 3.6.0-8 and started to have problems with Max OSX Lion clients. I only have a few, and the OSX clients are the only ones not working. I have a very simple samba setup using security = user and a single [home] (not the [homes]) share. Here is the config: [home] nt acl support = no path = /home/samba/home writable = yes guest ok = no browsable = yes create mask = 770 force create mode = 770 force security mode = 770 force directory mode = 770 directory mask = 770 valid users = @home hide dot files = yes hide unreadable = yes Windows and Linux (cifs) clients all work fine. OSX clients cannot seem to open any Word or Excel files. When I try to open a file, I get the following error: "Word cannot open this document. The document might be in use, the document might not be a valid Word document, or the file name might contain invalid characters (for example \,/). (test.doc)" The samba setup must be fine, since other files (PDF, JPG, PNG, etc) all work fine, it's just Word and Excel. Any ideas what I have screwed up? The Mac clients are using Word/Excel 2011. Thanks. -- Matthew Daubenspeck Gentoo Linux i686 Intel(R) Xeon(R) CPU 5130 @ 2.00GHz 14:43:39 up 53 days, 1:58, 3 users, load average: 0.00, 0.05, 0.09 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba replacing novell
On Wed, Nov 24, 2010 at 02:52:36PM +0200, Petre Bandac wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I have found a workaround by installing a terminal server and having the > app work within the lan - browsing the database is ok, only when > printing to the local printer it takes about 30-40 sec > > however, I would like to find out what is the cause for this behaviour > > as shown by testparm, wins is enabled > > I will try to enter the machine in /etc/hosts and see if I get some > improvement Is the Novell client still installed? I have had MAJOR slowdowns when initially browsing anything on Samba, be it printers or shares, when the Novell client is still installed and functional. I've posted a couple of messages to list, but never really found the solution. If I remove the Novell client, or use a machine without it, browsing Samba is super quick and there are no issues. As soon as that client is installed, I notice the slowdown... -- Matthew Daubenspeck http://oddprocess.org Gentoo Linux i686 Intel(R) Xeon(R) CPU 5130 @ 2.00GHz 08:27:53 up 34 days, 16:16, 4 users, load average: 0.10, 0.05, 0.01 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Strange share behavior
I am using Samba 3.5.0 on Arch Linux. I have security = user and am looking to create a new server with a lot of different shares as well as the [homes] share. So far my testing is making me pull my hair out... If I create shares with certain users, everything works fine. However, I see that if I connect to the \\server, the user will see all shares. >From some google work, I can't see any way to limit that. I would prefer to only show shares that the user has access too, but I don't believe it is possible. To remedy this, I tried to create a share called "share". Then create subdirectories under that using UNIX groups. I am using a group sticky bit in conjunction with create mask = 770 to keep the perms straight. Here is the share: [share] nt acl support = no path = /home/samba/share writable = yes guest ok = no browsable = yes create mask = 770 directory mask = 770 inherit permissions = yes valid users = @share hide dot files = yes hide unreadable = yes Hide unreadable works great, users cannot see any directories that they do not have access to. However, they can still create folders in the root of the share (/home/samba/share). I've even changed the perms of that directory to 000, and still users can create directories there. Am I missing something? I guess if I have to manually create a share for each share I need, I can do that. However, I would prefer users to only see the shares they have access to... -- Matthew Daubenspeck http://oddprocess.org Gentoo Linux i686 Intel(R) Xeon(R) CPU L5420 @ 2.50GHz 09:18:58 up 132 days, 22:45, 3 users, load average: 0.31, 0.16, 0.06 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Slow connection and browsing
On Fri, Jul 03, 2009 at 07:41:12AM -0400, Charles Marcus wrote: > > Now, if I remove the Novell client completely, things work _perfectly_. > > I can browse and connect, disconnect, reconnect, the works, all at > > normal speed. > > A shot in the dark, but there was a bug reported on the NOD32 forums > dealing specificalyy with Novell Clients... > > So, maybe this is an AV issue? I have no AntiVirus software on the client PCs -- Matthew Daubenspeck http://oddprocess.org Gentoo Linux i686 Intel(R) Xeon(R) CPU L5420 @ 2.50GHz 09:42:53 up 39 days, 19:36, 5 users, load average: 0.15, 0.08, 0.01 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Slow connection and browsing
I have tried this with a bunch of different versions of Samba, starting somewhere in the 3.0.1 series. I am currently running 3.0.34 on several Gentoo servers, all showing the same problem. I am almost positive it is not a Samba issue, but I was just hoping that someone may have experienced it and knows if there is a solution. When I have the current Novell Netware client installed on XP machines, any initial browsing or opening of connected Samba drives is painfully slow. Slow as in 20-30 seconds. The hourglass appears and things just seem to lock for that time. Then, magically, things start working normally. Once I browse or connect to the server, it works perfectly for a $foo amount of time. If I step away, come back and try to read a drive, browsing it then comes to a halt and freezes again. Now, if I remove the Novell client completely, things work _perfectly_. I can browse and connect, disconnect, reconnect, the works, all at normal speed. I know the simple answer is that it is "something with the client," but I was wondering if anyone had any better insight. It's making my life miserable :) -- Matthew Daubenspeck Gentoo Linux i686 Intel(R) Xeon(R) CPU L5420 @ 2.50GHz 15:11:47 up 36 days, 1:05, 5 users, load average: 0.06, 0.04, 0.00 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Print only server
On Tue, Nov 25, 2008 at 10:43:28AM +0900, Michael Heydon wrote: > Have you loaded the drivers onto the server or just set up the printer on > the client and loaded the drivers there? > > If you load the drivers onto the client then the client will try to talk to > the printer slightly differently than if it pulls the drivers from the > server, the result is something like what you describe. > > The quick solution is "use client drivers = yes", the proper solution is to > load the drivers onto the server. I am trying to load the drivers via my WinXP workstation but all the options listed to add drivers is greyed out. I am assuming this is the case because I cannot connect as root (or any other user) due to the face that since I wanted a complete open system, I had to use security = share , correct? Whenever I have that set, windows will not prompt me for a password and if I try to connect via net use, it continues to say that the password or user is incorrect. I would like to skip the "use client drivers = yes" for obvious reasons of not having to have printer disks or drivers all over the place, plus making it easy to add printers for my staff. Is there no easy way to have an open ended system but still have the ability to upload drivers to the samba server? -- Matthew Daubenspeck http://oddprocess.org Gentoo Linux i686 Intel(R) Xeon(R) CPU L5420 @ 2.50GHz 22:15:56 up 6 days, 5:36, 4 users, load average: 0.00, 0.00, 0.00 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Print only server
I currently have a 95% Novell Network network that continues to have constant printing issues. Enough Novell bashing, here lies the problem. I am trying to migrate all of our printers over to a samba print server, but in several of my tests I have come up with problems. I will attach my smb.conf at the end for those of you that wish to see it. I am using lprng as the printing backend because all of our printers are HP JetDirect that support PS. I didn't see the need of all of the extra cups nonsense when I have used lprng locally with multiple workstations and never needed to have anything converted. If you suggest stopping with lprng and trying everything over with cups, I'll stop right now and do that. I basically have a brand new samba server installed and working. I have a test lprng printer installed and everything prints, lists, and works fine from a console. I have tried adding the single printer to samba before using [printers] to make sure everything works. Basically can't get queue listings. I have the printer being displayed properly on an XP client, but once the printer is installed and opened I get a "printer on server Access denied, unable to connect." I can still print just fine, but I cannot list jobs, pause printing, or purge documents. I have turned up the log level to 3 and I can't seem to locate an error: [2008/11/24 10:29:16, 3] printing/print_generic.c:print_run_command(69) Running the command `lpq -P'techlaser'' gave 0 [2008/11/24 10:29:16, 3] printing/printing.c:print_queue_update_internal(1152) print_queue_update_internal: 0 jobs in queue for techlaser That's in the main smbd log, however in the clients log I see: [2008/11/24 10:28:36, 3] rpc_server/srv_spoolss_nt.c:_spoolss_open_printer_ex(1691) access DENIED for printer open I have gone so far as setting all of the print spools as 777 (which made me shiver) and I got the same result. I am basically looking for a complete open printing system without the need of any username/passwords to make client installation easier. Where should I start? -- Matthew Daubenspeck -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Opening shares very slow
The first time I connect to any shares on my 3.0.31 Samba setup, it takes 20-30 seconds to open the share. Once it is opened, things run normally with no problems. If I leave the machine and return, the first time I open the drive it does the same. I have tested it with several XP clients. If I use an OSX client or Linux, I never see this problem. I am using a fairly stripped down smb.conf: [global] netbios name = BEEBLEBROX workgroup = NWLSD log file = /var/log/samba/log.%m max log size = 100 security = user load printers = No hosts allow = 172.17., 127. smb ports = 139 [distfiles] nt acl support = no path = /home/distfiles writable = yes guest ok = no browsable = no valid users = @distfiles create mask = 0755 directory mask = 0755 That is just an example of a share, but it is basically setup the same for all other shares. Any suggestions? I believe it started around 3.0.25 and has continued to happen since. -- Matthew Daubenspeck http://oddprocess.org Gentoo Linux x86_64 Dual Core AMD Opteron(tm) Processor 165 12:43:41 up 277 days, 3:31, 3 users, load average: 0.00, 0.00, 0.00 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd batch mode
On Fri, Jun 09, 2006 at 05:09:13PM -0500, Craig Jackson wrote:
> Hi,
>
> I need to create a large number of users in the smbpasswd file.Is there a way
> to do this without having to type passwords? I need a batch mode. Using Samba
> 3.
# cat importusers.sh
#!/bin/bash
datafile=userdata
line_count=`cat $datafile | wc -l`
filesystem="/dev/sda1"
for data in `seq $line_count`
do
read data
username=`echo $data | awk -F" " '{print $1}'`
password=`echo $data | awk -F" " '{print $2}'`
/usr/sbin/adduser -m -s /bin/false -p $password $username
(echo $password; echo $password) | /usr/bin/smbpasswd -s -a $username
/usr/sbin/setquota -u $username 0 1048576 0 0 -a $filesystem
/bin/chmod 700 /home/$username
done < "$datafile"
# cat userdata
user1 password1
user2 password2
etc etc
Take out or add as necessary :)
--
Matthew Daubenspeck
http://www.oddprocess.org
Gentoo Linux 2.6.15-gentoo-r5 x86_64 Dual Core AMD Opteron(tm) Processor 165
19:13:22 up 29 days, 3:57, 1 user, load average: 0.07, 0.08, 0.08
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error in logs
I am running a very basic fileserver with samba 3.0.15pre2. It works very well except I am getting a ton of errors on WinXP SP2 clients only. Is there any way to disable the logging of this? Log: [2005/05/04 08:22:02, 0] lib/util_sock.c:get_peer_addr(1150) getpeername failed. Error was Transport endpoint is not connected [2005/05/04 08:22:02, 0] lib/access.c:check_access(328) [2005/05/04 08:22:02, 0] lib/util_sock.c:get_peer_addr(1150) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2005/05/04 08:22:02, 1] smbd/process.c:process_smb(1095) [2005/05/04 08:22:02, 0] lib/util_sock.c:get_peer_addr(1150) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2005/05/04 08:22:02, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2005/05/04 08:22:02, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 5 bytes to socket 5: ERRNO = Connection reset by peer [2005/05/04 08:22:02, 0] lib/util_sock.c:send_smb(647) Error writing 5 bytes to client. -1. (Connection reset by peer) Thanks. -- Matthew Daubenspeck http://www.oddprocess.org 08:28:22 up 1 day, 20:32, 1 user, load average: 0.04, 0.03, 0.03 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Win2k Client and Samba server Domain
After a lot of searching and some frustration, I finally got a Windows 2000 Pro. client joining my test Samba 3.0.2a domain. My only question is with the automatic user addition. After the client joined the domain, the machinename$ was added to /etc/passwd. Is this necessary? I am looking into migrating an 800+ client network to samba, which will probably mean a very large /etc/passwd file. :) I hate to sound stupid, but is this the only way to get a Win2k box to join a Samba domain? -- Matthew Daubenspeck http://www.oddprocess.org 18:41:10 up 56 days, 9:51, 1 user, load average: 0.00, 0.00, 0.00 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Win98 Print queue will not empty
I am having issues with Samba printing using lprng and Win98 clients. The jobs print just fine, but the last completed job always remains in the Win98 printer queue until it is either manually deleted, or another job comes along. Any ideas on how to change this? I am using Samba Version 3.0.2a. In globals, I have: printing = lprng printcap name = lprng load printers = yes And the printer is: [techlaser] path = /tmp guest ok = no browsable = yes writeable = no printable = yes printer name = techlaser -- Matthew Daubenspeck http://www.oddprocess.org 09:52:49 up 42 days, 1:07, 1 user, load average: 0.08, 0.03, 0.00 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Quota question
What do you use as a script? On Wed, Feb 11, 2004 at 08:59:51AM +0100, Collen wrote: > i know, just make a script and link it with > dfree command =
Re: [Samba] Re: school PDC questions
On Tue, Feb 10, 2004 at 09:05:23AM +1100, Andrew Bartlett wrote: > Get used to writing and running Net::LDAP perl scripts. Then it's a > simple matter of parsing the text dump from your student admin system. > > My site is just Samba+LDAP, plus a lot of local scripts. > > If generating passwords for your students, the Crypt::SmbHash module is > very useful. > > Andrew Bartlett Is LDAP a must in this example? Wouldn't it be just as easy to create local accounts? -- :wq! Matthew Daubenspeck http://www.oddprocess.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] New install version question
I am planning on a mid-sized migration from Novell Netware to Samba. The server will eventually have about 400 concurrent logins with mainly shared home directories and printers. I am setting up a test server now, and was wondering what version of Samba I should start with. I see that a lot of linux distros still have 2.2.8 as the "stable" version to use [2.2.3 for Debian]. Is it "safe" to try a 3.x version, or should I stick with 2.2.8? Are there any specifics that 3.x will give me over 2.2.8? Thanks in advance. -- :wq! Matthew Daubenspeck http://www.oddprocess.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ghosting Linux Partitions.
On Tue, Mar 18, 2003 at 09:17:24AM -0500, Kevin Smith wrote: > I was thinking of putting a slightly bigger HD on my Linux server and would > like to know the easiest way. > I know that ghost works well on FAT32 partitions, but does it work on Ext3 > partitions too? > Id rather not reinstall if I don't have to, so any and all suggestions are > appreciated. This is a bit OT, but I have used Ghost with ext2 partitions with no problems whatsoever. I'm not sure if ext3 is supported or not. However, if you run Lilo, you must boot back into the system with some sort of Lilo bootdisk and run lilo to pick up the changes. Grub, on the other hand, works without having to do anything. -- :wq! Matthew Daubenspeck http://www.oddprocess.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Am I getting the best performance?
On Fri, Mar 14, 2003 at 06:49:07PM +, John H Terpstra wrote: > > All my server file systems are ext3. > > Good results then. Try ext2fs. Should ext2 perform better then ext3? -- :wq! Matthew Daubenspeck http://www.oddprocess.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Small/Medium Samba Install
I am currently researching the possibility of slowly moving an existing Novell network [with all Windows clients except mine :)] to something Linux based. I have about 900 clients that would be slowly migrated if this whole thing is feasible. The version of NetWare we are using now is no longer "officially supported" from Novell, so it is becoming more and more difficult to successfully make newer hardware work with the old software. Out of the 900 users, there are probably about 200 actual "power users" that would be doing all their work (intense graphic plublications) directly from the server, and the remaining do basic file sharing, and mostly just have a login for authentication. Lastly, I would need the Samba server to spool print jobs from the clients and send them to HP JetDirect printers... Is this something feasible with Samba? The next question would be the user administration setup. I know in a perfect world, LDAP would probably be best. After some preliminary research, LDAP kind of makes my head spin... But Rome wasn't built in a day either... I started googling some possibilities, but haven't come up with a whole lot to point me in a direction. Is anyone using something similar, that can point me in a few specific directions? Thanks for the help -- :wq! Matthew Daubenspeck http://www.oddprocess.org pgp0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
