Re: [Samba] BackupExec Agent on Samba
On Fri, 18 Jun 2004 17:36 , Tony Whitmore <[EMAIL PROTECTED]> sent: >Kevin Bramblett wrote: >versions have solved the problem.) > >The Unix Agent for BackupExec (available from Veritas' FTP server) is >really independant of Samba. By installing the BackupExec Agent for Unix >(binary only, sadly) on our Linux system (running Debian Stable with a >2.6.6 kernel) the server then appeared in the list of BackupExec Agents >in the program on the NT server. Testing showed that Unix permissions >were saved and restored correctly using the BackupExec Agent - something >that I did not think would happen had the files been restored using Samba. > I _had_ the agent running - and as said above it is samba independent - I have not found a way to just connect to the share - I hear arcserve could care less and connects without a hitch.. >The documentation on Vertias' website suggests that it is still not >possible to do differential backups from a Unix system (presumably >because of the lack of an archive bit. > >To get around this limitation, in the longer term I am looking at using >rsync to backup to either a co-located server or removable hard-drives. > this is how I solved my issue as well - and honestly, doing it this way is much more easier and redundant than tape - especially using a cp -al to make differential changes prior to the rsync! --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com http://www.prupref.com";>Prudentialhttp://www.prupref.com";>Chicago Real Estate > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???
On Fri, 18 Jun 2004 16:08 , Michael Gasch <[EMAIL PROTECTED]> sent: > >> maybe I am missing something here - but why does your master ldap fail so often? >it doesn't - i'm just building the worst case szenario =) > >>I agree with the other poster, the slave LDAPS should be >> (and I would almost move to _need_ to be) read only .. >and now tell me please how the master can replicate his LDAP tree to the >slave to get a 1:1 copy and a backup of my LDAP tree, if it's readonly >?!?!?! becuase you configure your slave to accept changes that are pushed from the master . > >>I am also curious as to why you have a samba server contacting either the PDC/BDC >> ldap servers when it could just be running a replicated LDAP DB itself...which is >> how all the docs say to do it - maybe this is something new with >> 3.xx - not sure, but it alwyas seemed more logical to have all your samba boxes be >> thier own DC in terms of login/user information >if each smbd has it's own ldap instance running (DMs too), i have to >ensure, that all LDAP instances have the same information this is the main point of ldap replication - they do all have the same info - and why you make the slaves readonly >before i can't solve the replication problem (MASTER=dead, changes are >made to SLAVE, MASTER comes back => inconsistency in LDAP trees) in case >of the MASTER dies and information has to be written to one of the >SLAVEs, i won't give each smbd his own passdb backend > >it's my plan to have one PDC, one BDC, x DMs and one LDAP instance on >both DCs > >> If your master does fail - and I mean dead, need to rebuild, etc..I would make one >> of the slaves the write/master get the original MASTER >> back on line, but not in production until you can do a slapcat of the LDAP to it, >> change the everything back to what it needs to be, and have >> your system running again >this is my temporary solution > > >bye --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com http://www.prupref.com";>Prudentialhttp://www.prupref.com";>Chicago Real Estate > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???
On Fri, 18 Jun 2004 15:38 , Michael Gasch <[EMAIL PROTECTED]> sent:
> > Isn't the slave ldap directory suppose to be only read only?
>if it's readonly, slurpd can't update the slave (i've tested it,
>possibly i missed something ?)
>
>the problem is: machines regularly change their passwords and if these
>changes are not done on the master, they're lost, if master comes back
>-> clients can't logon anymore and so on
maybe I am missing something here - but why does your master ldap fail so often? I
agree with the other poster, the slave LDAPS should be
(and I would almost move to _need_ to be) read only .. I am also curious as to why you
have a samba server contacting either the PDC/BDC
ldap servers when it could just be running a replicated LDAP DB itself...which is how
all the docs say to do it - maybe this is something new with
3.xx - not sure, but it alwyas seemed more logical to have all your samba boxes be
thier own DC in terms of login/user information
If your master does fail - and I mean dead, need to rebuild, etc..I would make one of
the slaves the write/master get the original MASTER
back on line, but not in production until you can do a slapcat of the LDAP to it,
change the everything back to what it needs to be, and have
your system running again
but like I said, maybe I am missing something
>
> >I'm having some troubles
> > getting the failover to work
>what problems are you talking about?
>
>these are my config files (/etc/ldap.conf for all machines not included
>but also very important in case of fail-over)
>
># Samba PDC #
># smb.conf
>
>[global]
>
>workgroup = NEVAN
>netbios name = nevanpdc
>server string = NevanPDC on Samba Version: %v
>
>username map = /etc/samba/username.map
>
>log level = 5
>log file = /var/lib/samba/log.%m
>max log size = 1
>
>passdb backend = ldapsam:"ldap://localhost:389
>ldap://nevanbdc.eva.mpg.de:389";
>ldap passwd sync = yes
>ldap suffix = dc=eva,dc=mpg,dc=de
>ldap admin dn = cn=manager,dc=eva,dc=mpg,dc=de
>ldap machine suffix = ou=machines
>ldap user suffix = ou=users
>ldap group suffix = ou=groups
>ldap replication sleep = 2000
>ldap idmap suffix = ou=users
>
>guest ok = no
>guest account = Guest
>
>security = user
>local master = yes
>os level = 65
>domain master = yes
>domain logons = yes
>
>logon path =
>logon home =
>
>encrypt passwords = yes
>socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
>
>wins support = yes
>dns proxy = no
>
>display charset = UTF8
>unix charset = UTF8
>
>[netlogon]
>comment = Network Logon Service
>path = /var/lib/samba/netlogon
>guest ok = yes
>writable = no
>share modes = no
>
>
># slapd.conf
>include /etc/openldap/schema/core.schema
>include /etc/openldap/schema/cosine.schema
>include /etc/openldap/schema/nis.schema
>include /etc/openldap/schema/inetorgperson.schema
>include /etc/openldap/schema/samba.schema
>
>pidfile /var/run/slapd/slapd.pid
>argsfile/var/run/slapd/slapd.args
>loglevel7
>
>databaseldbm
>suffix "dc=eva,dc=mpg,dc=de"
>rootdn "cn=manager,dc=eva,dc=mpg,dc=de"
>
>password-hash {MD5}
>rootpw {MD5}
>
>replogfile /var/lib/ldap/replog
>
>replica host=nevanbdc.eva.mpg.de:389
> binddn=cn=manager,dc=eva,dc=mpg,dc=de
> bindmethod=simple credentials="+"
>
>directory /var/lib/ldap
>index objectClass eq
>index sambaSIDeq
>index uid eq
>index sambaPrimaryGroupSIDeq
>
>lastmod on
>
>access to attrs=userPassword
>by self write
>by * auth
>
>access to *
>by * read
>
>
>
># Samba BDC #
># smb.conf
>
>[global]
>
>workgroup = NEVAN
>netbios name = nevanbdc
>server string = NevanBDC on Samba Version: %v
>
>username map = /etc/samba/username.map
>
>log level = 5
>log file = /var/lib/samba/log.%m
>max log size = 1
>
>passdb backend = ldapsam:"ldap://nevanpdc.eva.mpg.de:389
>ldap://localhost:389";
>ldap passwd sync = yes
>ldap suffix = dc=eva,dc=mpg,dc=de
>ldap admin dn = cn=manager,dc=eva,dc=mpg,dc=de
>ldap machine suffix = ou=machines
>ldap user suffix = ou=users
>ldap group suffix = ou=groups
>ldap replication sleep = 2000
>ldap idmap suffix = ou=users
>
>guest ok = no
>guest account = Guest
>
>security = user
>local master = yes
>os level = 65
>domain master = no
>domain logons = yes
>
>logon path =
>logon home =
>
>encrypt passwords = yes
>socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
>
>wins support = yes
>dns proxy = no
>
>display charset = UTF8
>unix charset = UTF8
>
>[netlogon]
>comment = Network Logon Service
>path = /var/lib/samba/netlogon
>g
Re: [Samba] samba.spec
On Thu, 17 Jun 2004 23:02 , Mark Sarria <[EMAIL PROTECTED]> sent: >I am setting up a SuSe Linux Enterprise 8 server with samba ldap. SuSe comes >with samba 2.*.* rpm. I need to reconfigure samba to add --with-ldapsam, so >I need to remake the rpm, but i don't know where the samba.spec file is in >SuSe. > >Also if any has been successfull setting up SAMBA LDAP, can you please send >me information on how to accomplish this. http://www.mandrakesecure.net/en/docs/samba-pdc.php > >Thank you > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com http://www.prupref.com";>Prudentialhttp://www.prupref.com";>Chicago Real Estate Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: AW: [Samba] Password change problem, Samba 3.0.4
On Thu, 17 Jun 2004 12:02 , Kopmann, Goetz <[EMAIL PROTECTED]> sent: >Hi Sean, > >> smbpasswd >> Old SMB password: >> New SMB password: >> Retype new SMB password: >> machine 127.0.0.1 rejected the password change: Error was : RAP86: The >> specified password is invalid. >> Failed to change password for testuser > >We have exactly the same problem with Samba v2.2.8a. We found out that the >password change process works if you set "unix password sync = no". But >that's not a good solution fo us. Users should be able to log in to Linux >with the same password. no one seems to like our solution, but we turned off _all_ windows->linux linux->windows password changes from the windows/linux session and just made a web page that sets both - it takes a lot of crap out of the equation and also lets us sync our email and web passwords at the same time - just a thought > >I hope there is another solution. > >Götz > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com http://www.prupref.com";>Prudentialhttp://chicago.prupref.com";>Chicago Real Estate Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password
On Wed, 16 Jun 2004 21:30 , Mike <[EMAIL PROTECTED]> sent: >Is there anyway to configure samba so it will not prompt for username or >password? Have you played with the: map to guest and guest user smb.conf settings? as well as make the share public? man smb.conf - it goes into extreme detail around this... >Thanks >Mike >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com http://chicago.prupref.com";>Real Estate Online > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password expiry message - RESOLVED
On Fri, 11 Jun 2004 13:55 , Adam Tauno WIlliams <[EMAIL PROTECTED]> sent: >> >>> pwdLastSet: 1086920093 >> >>> logonTime: 0 >> >>> logoffTime: 0 >> >>> kickoffTime: 0 >> >>> pwdCanChange: 0 >> >>> pwdMustChange: 0 >> RECAP - >> samba controlled domain (2.2.8a) with an LDAP backend. >> Everything was working snazzy, till I changed my password yesterday. Now when I >> log in (win2k server sp4) I get the password will expire >> today message. > >We always had the same issue under 2.2.x. It supports password aging, >force change (sort of), etc... but doesn't actually update all the >attributes. Set the pwdMustChange to some ridiculous value in the >future and, as I recall, the message will go away. Adam - perfect - I added to the password change to change the pwdMustChange value and the message went away - what is strange that it was set to 0, which I would have thought was 'no expiry" = well that was a lot of time put into fixing that..thank you > >Update to 3.0.x where this stuff actually works. --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>Real Estate http://www.prupref.com";>Online Home Search > > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password expiry message -
>On Fri, 11 Jun 2004 05:14 , Craig White [EMAIL PROTECTED]> sent: > >>On Thu, 2004-06-10 at 19:48, McKeever Chris wrote: >>> I have seen many archives about this, but nothing of solid answer for the fix - >>> maybe I havent dug far enough. >>> I am running 2.2.8a with an LDAP backend. I am pretty sure I have it so passwords >>> wont expire, but after changing mine today I am >>> prompted at a WIN2K login that it is about to expire... >>> any idea? >>> >>> shadowLastChange: 11761 >>> shadowMin: -1 >>> shadowMax: 9 >>> shadowWarning: -1 >>> shadowInactive: -1 >>> shadowExpire: -1 >>> shadowFlag: 7100670 >>> >>> pwdLastSet: 1086920093 >>> logonTime: 0 >>> logoffTime: 0 >>> kickoffTime: 0 >>> pwdCanChange: 0 >>> pwdMustChange: 0 >>- >>The password prompts are no doubt a result of local policy and not >>domain policy. > >any one have a suggesiton of which policy? I just changed the MAXIMUM AGE setting it >to 0 and the message still exists. >THanks > RECAP - samba controlled domain (2.2.8a) with an LDAP backend. Everything was working snazzy, till I changed my password yesterday. Now when I log in (win2k server sp4) I get the password will expire today message. samba must be passing some value to windows, which may or may not trigger a local policy to show that message I boosted logging to level 10..however I do not see anything that may flag something like that. What should I look for? I have scoured the web and foundsimilar issues, but with no update as to resolution. thanks --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>Prudential http://www.prupref.com";>Chicago Real Estate Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password expiry message -
On Fri, 11 Jun 2004 05:14 , Craig White <[EMAIL PROTECTED]> sent: >On Thu, 2004-06-10 at 19:48, McKeever Chris wrote: >> I have seen many archives about this, but nothing of solid answer for the fix - >> maybe I havent dug far enough. >> I am running 2.2.8a with an LDAP backend. I am pretty sure I have it so passwords >> wont expire, but after changing mine today I am >> prompted at a WIN2K login that it is about to expire... >> any idea? >> >> shadowLastChange: 11761 >> shadowMin: -1 >> shadowMax: 9 >> shadowWarning: -1 >> shadowInactive: -1 >> shadowExpire: -1 >> shadowFlag: 7100670 >> >> pwdLastSet: 1086920093 >> logonTime: 0 >> logoffTime: 0 >> kickoffTime: 0 >> pwdCanChange: 0 >> pwdMustChange: 0 >- >The password prompts are no doubt a result of local policy and not >domain policy. any one have a suggesiton of which policy? I just changed the MAXIMUM AGE setting it to 0 and the message still exists. THanks > >Craig > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba >--- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>Prudential http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] password expiry message -
I have seen many archives about this, but nothing of solid answer for the fix - maybe I havent dug far enough. I am running 2.2.8a with an LDAP backend. I am pretty sure I have it so passwords wont expire, but after changing mine today I am prompted at a WIN2K login that it is about to expire... any idea? shadowLastChange: 11761 shadowMin: -1 shadowMax: 9 shadowWarning: -1 shadowInactive: -1 shadowExpire: -1 shadowFlag: 7100670 pwdLastSet: 1086920093 logonTime: 0 logoffTime: 0 kickoffTime: 0 pwdCanChange: 0 pwdMustChange: 0 --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap - backup
On Wed, 9 Jun 2004 13:54 , System User <[EMAIL PROTECTED]> sent: >Hi, > >I'm wondering what is the best option to backup the ldap backend of my >samba server without having to bring ldap offline? Until now, I didn't >find a lot of documentation about best practices on this subject. > >Does anybody here have a suggestion? someone else pointed this out - replication. It works great, and gives you a real time snapshot. > >Thank you. > > >Etienne-Hugues Fortin >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Share trash can?
On Tue, 8 Jun 2004 11:55 , Robert Sossomon <[EMAIL PROTECTED]> sent: >Is there a trash can, or a way to add one, so that if a user deletes a >file off the share it just goes away until a nightly purge is done? > kind of - you can make a morning mirror to a different direcory using pointers /samba = data directory /mirror = mirror directory cp -al /samba/* /mirror/* if someone deletes something it still exists in the mirror till you delete the mirror for the next day's mirror - but in essesce, this technique uses so little space that you can have weeks and weeks of DELTA changes files..it is harder to explain than view..for example, I have 6 months of backups tkaing up less than 5% more diskspace than the actual files themselves (this of course is use determined) >Thanks, >Robert > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clients can find printer when
On Sun, 6 Jun 2004 15:34 , Steve Cohen <[EMAIL PROTECTED]> sent: >On Sunday 06 June 2004 11:16 am, fredex wrote: > >> On Sun, Jun 06, 2004 at 10:23:46AM -0500, Steve Cohen wrote: >> > This is REALLY starting to annoy me. I have now set up a Win98 client on >> > the network. Once again I install the proper driver. Once again the >> > Windows system can browse to the printer. Once again, printing appears >> > to the client as if it's happening. Once again nothing comes out of the >> > printer. Once >> >> This is exactly the problem I've had. (Using Samba 3.0.x and Cups). >> someone else suggested making the particular printer in use here set up >> as a RAW print queue in CUPS. Requires editing two cups config files and >> connecting to the web UI for cups and changing the printer queue type to >> raw. Details can be found in the samba documentation on printing with cups. >> > >Hey, thanks, not sure what "printing with cups" documentation you meant, but I >googled and found http://de.samba.org/samba/docs/man/CUPS-printing.html >Was this the doc you were referring to? > >This immediately seems to be getting somewhere. I didn't have >printcap name = cups >in my conf. And putting it there immediately changes the pattern, although >still not success: > >[2004/06/06 13:59:20, 0] printing/print_cups.c:cups_job_submit(655) > Unable to print file to EpsonC82 - I had a lot of issues trying to print to this exact printer via a network configuration...just a thought that it may not be completely a _you_ thing >client-error-document-format-not-supported > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] user and password
On Sun, 06 Jun 2004 13:45 , Mike <[EMAIL PROTECTED]> sent: >How to configure samba so it will not prompt for a username and password >when tring to access a share from windows or linux? >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > you can play around with: map to guest = bad user guest account = agent-guest and also the guest priviledges on the share itself...there is also a config that will allow access for a bas username/password - --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clients can find printer when
On Sat, 5 Jun 2004 23:41 , Steve Cohen <[EMAIL PROTECTED]> sent: >Thanks, Chris: >Now, when I try to print a document from Windows, it goes through all the >pages (spooling, I think) but then an error message pops up indicating that >it failed to print (and of course no print comes out). It won't tell me WHY >it failed to print, just that it failed. (This is more feedback than I got >before, so it's a step forward). so - making the printer local has let you move a little further? IUf anyone on the list can explain the error messages when connecting to a printer via network - that woul dbe most appreciated. this sounds like what I had - just checking here - you are able to browse to a share without any problem - no connection dialoges? nothing out of the ordinary, you can just go start->run->\\server\share and all works here is a copy of a printer config from my smb.conf: [bdc-toshiba550] printer = bdc_toshiba550 printing = cups comment = toshiba_550 - BDC path = /var/spool/samba browseable = yes guest ok = yes writable = no printable = yes print command = lpr.cups -P %p -o raw %s;rm %s lpq command = lpstat.cups -o %p lprm command = cancel.cups %p-%j >> >[Epson] >> >path = /var/spool/samba >> >read only = No >> >hosts allow = 192.168.123 >> >printable = Yes >> >printer name = Epson >> >oplocks = No I notice that you dont define your printer ... I have never actually printed to a printer connected directly to a SAMBA box, only through LPD/IP using cups... can you send a test page VIA the cups interface? > >I do notice that my log.nmbd file contains these messages: > >[2004/06/05 23:05:26, 0] >nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(358) > find_domain_master_name_query_fail: > Unable to find the Domain Master Browser name DARROW335 for the >workgroup DARROW335. > Unable to sync browse lists in this workgroup. > >I get these messages whether the Linux box is or is not the Domain Master >Browser. And I find no configurability of Domain Master Browser at all on >the XP side. I dont think these are contribting to the problem..but when you get things printing, I would work on fixing them..oh - make sure domain master browser is not commented out, but instead set to NO or YES - I has noticed that the uncommented out default in 2.2.8a didnt do as expected.. > >These messages appear every fifteen minutes and are independent of any attempt >to print. None of the other samba logs describe an attempt to print, and >there is nothing in the XP event viewer logs either > >Very frustrating. > >On Saturday 05 June 2004 6:24 pm, McKeever Chris wrote: >> On Sat, 5 Jun 2004 17:05 , Steve Cohen [EMAIL PROTECTED]> sent: >> >I had a working Samba installation on my home network. Then I replaced >> > one printer with another. The new printer is successfully installed on >> > my RedHat 9.0 system on /dev/lp0. It is an Epson C82. From the RedHat >> > system all is well. >> > >> >However, I am unable to print to this printer via Windows XP boxes on my >> >network. Samba is working to the extent that Windows can find these >> > printers via browsing. But that's it. >> > >> >At first, I would get access denied messages under "Status" on Windows' >> >"Printers and Faxes" window. At that time my smb.conf looked like this: >> > >> >[EMAIL PROTECTED] samba]# cat smb.conf >> ># Samba config file created using SWAT >> ># from RAINIER (127.0.0.1) >> ># Date: 2004/06/05 16:09:08 >> > >> ># Global parameters >> >[global] >> >workgroup = DARROW335 >> >server string = samba server >> >security = SHARE >> >encrypt passwords = Yes >> >obey pam restrictions = Yes >> >pam password change = Yes >> >passwd program = /usr/bin/passwd %u >> >passwd chat = *New*password* %n\n *Retype*new*password* %n\n >> >*passwd:*all*authentication*tokens*updated*successfully* >> >username map = /etc/samba/smbusers >> >unix password sync = Yes >> >log level = 3 >> >log file = /var/log/samba/%m.log >> >max log size = 0 >> >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >> >preferred master = Yes >> >domain master = Yes >> >dns proxy = No >> >wins server = 192.168.123.70 >&
Re: [Samba] Clients can find printer when
On Sat, 5 Jun 2004 17:05 , Steve Cohen <[EMAIL PROTECTED]> sent: >I had a working Samba installation on my home network. Then I replaced one >printer with another. The new printer is successfully installed on my RedHat >9.0 system on /dev/lp0. It is an Epson C82. From the RedHat system all is >well. > >However, I am unable to print to this printer via Windows XP boxes on my >network. Samba is working to the extent that Windows can find these printers >via browsing. But that's it. > >At first, I would get access denied messages under "Status" on Windows' >"Printers and Faxes" window. At that time my smb.conf looked like this: > >[EMAIL PROTECTED] samba]# cat smb.conf ># Samba config file created using SWAT ># from RAINIER (127.0.0.1) ># Date: 2004/06/05 16:09:08 > ># Global parameters >[global] >workgroup = DARROW335 >server string = samba server >security = SHARE >encrypt passwords = Yes >obey pam restrictions = Yes >pam password change = Yes >passwd program = /usr/bin/passwd %u >passwd chat = *New*password* %n\n *Retype*new*password* %n\n >*passwd:*all*authentication*tokens*updated*successfully* >username map = /etc/samba/smbusers >unix password sync = Yes >log level = 3 >log file = /var/log/samba/%m.log >max log size = 0 >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >preferred master = Yes >domain master = Yes >dns proxy = No >wins server = 192.168.123.70 >guest ok = Yes >printing = cups > >[homes] >comment = Home Directories >valid users = %S >read only = No >create mask = 0664 >directory mask = 0775 >browseable = No > >[printers] >comment = All Printers >path = /var/spool/samba >printable = Yes >browseable = No > >[Epson] >path = /var/spool/samba >read only = No >hosts allow = 192.168.123 >printable = Yes >printer name = Epson >oplocks = No > >[testshare] >path = /tmp >guest account = ftp >read only = No >hosts allow = 192.168.123.0/255.255.255.0 sorry for the double post - but make sure your host allow is right, you have two different ones within the file (I have never used it) my suggestion, take it out for now, start basic - get it to work and then add from there till you break something or get your desired result. --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts > >After reading some of the documentation, I came upon >"Use Client Driver". This looked reasonable, since I was in fact installing >the driver on the Windows boxes. I added this parameter to the config, >under the "Epson" section, restarted smbd and nmbd and now, I no longer saw >"Access Denied", I saw "Ready", but still, all attempts to print to this >printer from the Windows boxes yielded nothing. And all the auxiliary >functions like "Print Test Page" from Windows timed out. > >Can someone please tell me what I am doing wrong? > >Steve Cohen >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clients can find printer when
On Sat, 5 Jun 2004 17:05 , Steve Cohen <[EMAIL PROTECTED]> sent: >I had a working Samba installation on my home network. Then I replaced one >printer with another. The new printer is successfully installed on my RedHat >9.0 system on /dev/lp0. It is an Epson C82. From the RedHat system all is >well. > >However, I am unable to print to this printer via Windows XP boxes on my >network. Samba is working to the extent that Windows can find these printers >via browsing. But that's it. I have had this issue - and other than a work around, I havent looked into it much more 2 things - make sure that it is set for guest printing and if that doesnt work, try to connect ot it by making a new LOCAL port (add printer -> server properties -> add port -> then use that port when adding the printer IE dont right click on the printer to install it, and dont select network printer) This also handles a stupid little item with network printers not being installed/setup on all user accounts (without some ass-backwards CL utility which fvcks me up all the time) as compared to local printers being available. --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts > >At first, I would get access denied messages under "Status" on Windows' >"Printers and Faxes" window. At that time my smb.conf looked like this: > >[EMAIL PROTECTED] samba]# cat smb.conf ># Samba config file created using SWAT ># from RAINIER (127.0.0.1) ># Date: 2004/06/05 16:09:08 > ># Global parameters >[global] >workgroup = DARROW335 >server string = samba server >security = SHARE >encrypt passwords = Yes >obey pam restrictions = Yes >pam password change = Yes >passwd program = /usr/bin/passwd %u >passwd chat = *New*password* %n\n *Retype*new*password* %n\n >*passwd:*all*authentication*tokens*updated*successfully* >username map = /etc/samba/smbusers >unix password sync = Yes >log level = 3 >log file = /var/log/samba/%m.log >max log size = 0 >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >preferred master = Yes >domain master = Yes >dns proxy = No >wins server = 192.168.123.70 >guest ok = Yes >printing = cups > >[homes] >comment = Home Directories >valid users = %S >read only = No >create mask = 0664 >directory mask = 0775 >browseable = No > >[printers] >comment = All Printers >path = /var/spool/samba >printable = Yes >browseable = No > >[Epson] >path = /var/spool/samba >read only = No >hosts allow = 192.168.123 >printable = Yes >printer name = Epson >oplocks = No > >[testshare] >path = /tmp >guest account = ftp >read only = No >hosts allow = 192.168.123.0/255.255.255.0 > >After reading some of the documentation, I came upon >"Use Client Driver". This looked reasonable, since I was in fact installing >the driver on the Windows boxes. I added this parameter to the config, >under the "Epson" section, restarted smbd and nmbd and now, I no longer saw >"Access Denied", I saw "Ready", but still, all attempts to print to this >printer from the Windows boxes yielded nothing. And all the auxiliary >functions like "Print Test Page" from Windows timed out. > >Can someone please tell me what I am doing wrong? > >Steve Cohen >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] request for slapd.conf
On Sat, 5 Jun 2004 11:56 , abebe lsslp <[EMAIL PROTECTED]> sent: >I just got done reading the Openldap administration guide. LDAP seems to do much more >than I want it to do for right now. Will the quick start guide get me up and running for samba purposes? I was wondering if anybody is willing to post me his/her slpad.conf file so I can compare it with the one I have. Thanks! > in a nutshell - with links for all the info you could ever want - has helped countless people from going insane http://ranger.dnsalias.com/samba-ldap.html --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts >Ambex > > >- >Do you Yahoo!? >Friends. Fun. Try the all-new Yahoo! Messenger >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] transfering users from PDC to print/file server
On Sat, 5 Jun 2004 00:31 , abebe lsslp <[EMAIL PROTECTED]> sent: >I have a Samba PDC server running on Fedora Core. I also have 3 samba print servers >and 1 samba file server setup on RedHat 9 machines. > >How do I make my RedHat file and print servers to get user information from the PDC >so I don't have to set up users on every single server? > >I appreciate your help! > what version of samba are you using? samba 3 has built in (time of install?) LDAP user database replication. Samba pre-3 you need to configure it to handle ldap user database...when you get an ldap controlled samba, the users automagically replicate when change on one system - -- there are numerous posts, sites. projects and threads regarding this - so finidng info similar to your concept should be easy. --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts >Ambex > > >- >Do you Yahoo!? >Friends. Fun. Try the all-new Yahoo! Messenger >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How I get that a host (domain NT) only gives access to a certain user
On Fri, 4 Jun 2004 23:43 , Ricardo Chamorro <[EMAIL PROTECTED]> sent: >How I get that a host (domain NT) only gives access to a certain user. That, for >example, john only has access >to the client IP 192.168.0.11 or, said otherwise, that the host 192.168.0.11 only >give access to the user john. >How could I implement it? >I have looked for in Using Samba and Google, but I have not found anything specific... >It is a domain NT run on Debian Woody knl 2.4.25 with Samba 2.2.8 (setting as domain >master and users security) >and the clients are W95 and 98 with fixed IP. for win98/95 your only bet it to implement POLICIES - they are a pain to do and administer - and you will probably lock yourself out of a machine once or twice before you understand it.. >Regards >Richard >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win98 ==> Samba printing problem
On Fri, 21 May 2004 01:44 , Adina S <[EMAIL PROTECTED]> sent: >I used cups and Adobe drivers. I downloaded the >drivers from www.adobe.com, then a PostScript for HP >(I have that kind of printer), instaled localy the >driver on a win 98 machine, stored the files on the >samba server in /usr/share/cups/drivers and after that >cupaddsmb created the driver, pt it in print$ share, >WIN40/0 directory. >Hope this helps >--- fredex [EMAIL PROTECTED]> wrote: >> Using SAmba 3.0.2 and Cups 1.1.17. >> >> How does one configure a W98 box to print to a samba >> shared printer? >> >> Per my previous postings I can't figure it out, and >> the methods I've >> used on older Sambas don't work. Have you shared the printer out? creating it in cups is the first step, then you need to create it as a samba share. Once you do that, you should be able to connect to the printer \\servername\sambashare that may be too basic of what issue you are experiencing, but I couldnt tell from your request >> >> I've been thru the lengthy discussion in the samba >> with cups documentation, >> which tells how to do it for NT or later, but not >> 9x. >> >> I've posted the smb.conf before, won't put it here, >> for brevity. >> >> I'd appreciate a clue. >> >> Thanks. >> -- >> Fred Smith -- [EMAIL PROTECTED] >> - >> The eyes of the Lord are >> everywhere, >> keeping watch on the wicked and >> the good. >> - Proverbs 15:3 (niv) >> - >> > >> ATTACHMENT part 1.2 application/pgp-signature >> -- >> To unsubscribe from this list go to the following >> URL and read the >> instructions: >http://lists.samba.org/mailman/listinfo/samba > > > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com";>www.prupref.com Prudential Preferred Properties http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate Experts > Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with admin users
On Mon, 15 Dec 2003 12:09 , Luiz Fernando Aguiar Leme <[EMAIL PROTECTED]> sent: >Hi all, > >on my smb.conf, contents the following lines: > >admin users = root claudio roberto >security = server > >when this users save or write files on shared folders, they saves with >root:wheels. > >How do i force this users to save your own user:group and not root:wheels??? > >On the shared folders contents the following lines, for example: > >[publico] > comment = Diretorio publico > path = /usuarios/publico > public = yes > writable = yes > security mask = 770 > create mask = 0770 > force create mode = 770 > force directory mode = 770 > force security mode = 770 > printable = no > >thanks! > not 100% your answer, but for shared folders, you can force the user and group that it is written as, in this case, force it to administrator and domain admins ... does the above scenario only happen with the admin-level users? so standard users save with thier username and default group? --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SOLVED samba - sql server authentication
In my conversion to a samba backend, I changed the services that sql ran under to the machine administrator. This is what caused my attaching to remote fileshares to fail. The jobs need to be set to sa in order to run because of some issue with it not finsing the correct username/group when doing a domain lookup via the job-agent. This is something that 2000 Native Authentication has an issue with as well, so all the how-tos pointed to creating a pre-2000 user group configuration..which I dont think is possible with the samba setip but this work around does the trick thanks On Tue, 9 Dec 2003 23:00 , McKeever Chris <[EMAIL PROTECTED]> sent: > >On Tue, 9 Dec 2003 14:18 , McKeever Chris [EMAIL PROTECTED]> sent: > >>samba 2.2.8a/LDAP backend >>Red Hat 7.3 >>Windows 2000 server, connected to the samba controlled domain >>Sql Server 7.0 >> >> >>It seems that my sql server does not want to run scheduled jobs as a domain user, I >>am needing to do this for a network share that I am >>saving to, otherwise I would just run as SA >> >>Error from sql server: >>The job failed. Unable to determine if the owner (PRUPREF.COM\Administrator) of job >>Transaction Log Backup Job for DB Maintenance >>Plan 'Morning Database Backup' has server access (reason: Could not obtain >>information about Windows NT >>group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)). >> >>I have turned the samba debuglevel up to 10, and I can see where it fails, but I am >>not sure why. Administrator is a proper username, and >it >>logs into the domain no problem. It is almost like the NT password is not correct, >>this happens for any account I use, same error. >>I have marked the failure location below >> >>I am able to log into the machine using the domain accoutn and password no problem >> >>Any ideas? Thanks >>Chris >> >> >>SAMBA LOG: >>[2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302) >> lp_file_list_changed() >> file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Dec 9 >> 13:52:49 2003 >> >>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122) >> ldap_open_connection: starting... >>[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148) >> Initializing connection to ldap.prupref.com on port 389 >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186) >> StartTLS issued: using a TLS connection >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217) >> ldap_open_connection: connection opened >>[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315) >> ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com" >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331) >> ldap_connect_system: succesful connection to the LDAP server >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343) >> ldap_search_one_user: searching >> for:[(&(uid=administrator)(objectclass=sambaAccount))] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [uid] = [administrator] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576) >> Entry found for user: administrator >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [pwdLastSet] = [1068626880] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [logonTime] = [0] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [logoffTime] = [2147483647] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [kickoffTime] = [2147483647] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [pwdCanChange] = [0] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [pwdMustChange] = [2147483647] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) >> get_single_attribute: [cn] = [administrator administrator] >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) >> get_single_attribute: [homeDrive] = [] >>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626) >> homeDrive fell back to >>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) >> get_single_attribute: [smbHome] = [] >>[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183)
Re: [Samba] samba - sql server authentication
On Tue, 9 Dec 2003 14:18 , McKeever Chris [EMAIL PROTECTED]> sent: >samba 2.2.8a/LDAP backend >Red Hat 7.3 >Windows 2000 server, connected to the samba controlled domain >Sql Server 7.0 > > >It seems that my sql server does not want to run scheduled jobs as a domain user, I >am needing to do this for a network share that I am >saving to, otherwise I would just run as SA > >Error from sql server: >The job failed. Unable to determine if the owner (PRUPREF.COM\Administrator) of job >Transaction Log Backup Job for DB Maintenance >Plan 'Morning Database Backup' has server access (reason: Could not obtain >information about Windows NT >group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)). > >I have turned the samba debuglevel up to 10, and I can see where it fails, but I am >not sure why. Administrator is a proper username, and it >logs into the domain no problem. It is almost like the NT password is not correct, >this happens for any account I use, same error. >I have marked the failure location below > >I am able to log into the machine using the domain accoutn and password no problem > >Any ideas? Thanks >Chris > > >SAMBA LOG: >[2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Dec 9 13:52:49 > 2003 > >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122) > ldap_open_connection: starting... >[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148) > Initializing connection to ldap.prupref.com on port 389 >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186) > StartTLS issued: using a TLS connection >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217) > ldap_open_connection: connection opened >[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315) > ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com" >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331) > ldap_connect_system: succesful connection to the LDAP server >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343) > ldap_search_one_user: searching > for:[(&(uid=administrator)(objectclass=sambaAccount))] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [uid] = [administrator] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576) > Entry found for user: administrator >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdLastSet] = [1068626880] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [logonTime] = [0] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [logoffTime] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [kickoffTime] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdCanChange] = [0] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdMustChange] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [cn] = [administrator administrator] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [homeDrive] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626) > homeDrive fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [smbHome] = [] >[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183) > Home server: prupref-ldap >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(635) > smbHome fell back to \\prupref-ldap\administrator >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [scriptPath] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(644) > scriptPath fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [profilePath] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(653) > profilePath fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [description] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [userWorkstations] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [rid] = [98478] >[2003/12/09 14:02:51
[Samba] samba - sql server authentication
samba 2.2.8a/LDAP backend Red Hat 7.3 Windows 2000 server, connected to the samba controlled domain Sql Server 7.0 It seems that my sql server does not want to run scheduled jobs as a domain user, I am needing to do this for a network share that I am saving to, otherwise I would just run as SA Error from sql server: The job failed. Unable to determine if the owner (PRUPREF.COM\Administrator) of job Transaction Log Backup Job for DB Maintenance Plan 'Morning Database Backup' has server access (reason: Could not obtain information about Windows NT group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)). I have turned the samba debuglevel up to 10, and I can see where it fails, but I am not sure why. Administrator is a proper username, and it logs into the domain no problem. It is almost like the NT password is not correct, this happens for any account I use, same error. I have marked the failure location below I am able to log into the machine using the domain accoutn and password no problem Any ideas? Thanks Chris SAMBA LOG: [2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302) lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Dec 9 13:52:49 2003 [2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122) ldap_open_connection: starting... [2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148) Initializing connection to ldap.prupref.com on port 389 [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186) StartTLS issued: using a TLS connection [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217) ldap_open_connection: connection opened [2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315) ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com" [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331) ldap_connect_system: succesful connection to the LDAP server [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343) ldap_search_one_user: searching for:[(&(uid=administrator)(objectclass=sambaAccount))] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [uid] = [administrator] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576) Entry found for user: administrator [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [pwdLastSet] = [1068626880] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [logonTime] = [0] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [logoffTime] = [2147483647] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [kickoffTime] = [2147483647] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [pwdCanChange] = [0] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [pwdMustChange] = [2147483647] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [cn] = [administrator administrator] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) get_single_attribute: [homeDrive] = [] [2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626) homeDrive fell back to [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) get_single_attribute: [smbHome] = [] [2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183) Home server: prupref-ldap [2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(635) smbHome fell back to \\prupref-ldap\administrator [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) get_single_attribute: [scriptPath] = [] [2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(644) scriptPath fell back to [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) get_single_attribute: [profilePath] = [] [2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(653) profilePath fell back to [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) get_single_attribute: [description] = [] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) get_single_attribute: [userWorkstations] = [] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [rid] = [98478] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [primaryGroupID] = [3005] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [lmPassword] = [] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [ntPassword] = ] [2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) get_single_attribute: [acctFlags] = [[UX ]] [2003/12/09 14:02:51, 4] smbd/password.c:sm
Re: [Samba] roaming profiles
On Fri, 5 Dec 2003 10:15 , Alexandru Molodoi <[EMAIL PROTECTED]> sent: >How can you disable roaming profiles in Samba 2.2.7a, so that the >contents of \Documents and Settings\user\ isn't syncronized at every >logon? > in XP you can gpedit.msc and change the profiles to local only. You can also, in samba change/add: logon script = logon path = yes, those = --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Directory Server
On Tue, 2 Dec 2003 17:01 , John H Terpstra <[EMAIL PROTECTED]> sent: >On Tue, 2 Dec 2003, McKeever Chris wrote: > >> John, thanks > >> that is what I suspected, although I think there was an update in aug >> 2003 (maybe it was late and it was 2002).. seemed like they had some >> good initatives going. > >Agreed. do you realise that the success rate for great ideas has not >changed much in 30 years of monitoring: It's still 1 in 52. > >In other words, we should expect 51 failures before we see project that >booms. Therefore - no disappointment, next ... :) > interesting, I wonder though who proclaims the idea as great, the idea originator or those that are observing it. I would imagine (but I probably am wrong) that if an idea is truly great, it would be supported and nutured till fruition by the observers, like Samba and other great initiatives...if the originator claims it great, it may just be a pipe dream with very little real work application --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Directory Server
John, thanks that is what I suspected, although I think there was an update in aug 2003 (maybe it was late and it was 2002).. seemed like they had some good initatives going. thanks On Tue, 2 Dec 2003 05:55 , John H Terpstra <[EMAIL PROTECTED]> sent: >Chris, > >This project went very quiet a long time ago. > >- John T. > > >On Mon, 1 Dec 2003, McKeever Chris wrote: > >> I found the following link: >> http://rhems.sourceforge.net/ >> >> was wondering if anyone knows anything about it. >> --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Directory Server
I found the following link: http://rhems.sourceforge.net/ was wondering if anyone knows anything about it. --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Seeking advice: Backup Exec & Samba shares
On Sat, 29 Nov 2003 19:18 , Bruce Lane <[EMAIL PROTECTED]> sent: >Fellow Samba-shakers, > > I've run into an odd problem, and I'm seeking the advice of anyone who has > implemented Veritas Backup Exec 8.6 or 9.0, on an NT 4.0 server platform, to perform backups of NetBSD 1.6x systems via Samba file shares. Said problem did NOT manifest itself until I tried using Samba 3.0.0. I have jumped back to 2.2.8a, since that's the last version that was known to work, until I can get the issue resolved. > > And the issue is: When I try to browse Samba-produced file shares, it takes > nearly two and a half minutes for the tree to expand. Then, when I try to select one of the branches in the directory tree for backup, I get a Dr. Watson error (an Access Violation exception), an additional error message that the program could not browse the share because the Remote Procedure Call failed, and the Backup Exec master job engine shuts down. I have to restart it before I can do anything else. > I posted about this, as well as opened up a tech-ticket with VERITAS. Recommendations on the list seemed to show that not many are using Backup Exec. VERITAS answer is that you can not connect directly to a Samba share from the BACKUP EXEC explorer, not can you force it by manually typing it (text view). They do have a BE-AGENT for RH7.3. I have used it with little success, seems to like to freeze everything up. After re-reading your message, you _are_ able to connect and backup directly to a Samba share? did you do anything special, for I can not using BE8.5 and RH7.3/Samba2.2.8a My only solution is to rsync it over to the BE server. If you can shed anylight, I would be much appreciative. --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC - Administrator issues
On Fri, 28 Nov 2003 13:56 , Todd Johnson <[EMAIL PROTECTED]> sent: > >Samba PDC is up and running. We are not using roaming profiles. My problem is this. >How do we make the administrator account have administrative priv's locally on the client PC when they login on the DOMAIN? What is happening now is that when the Administrator logs in it just makes a domain accoutn for the Administrator locally but this new account does not have actualy administrator permissions. > >I read about the netgroup tool and its uses but from what I read this is new to 3.0? >We are using smb 2.2.8a. domain admin group = root @domain-admins --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to migrate a complex NT4 network
On Thu, 27 Nov 2003 20:59 , Raphaël Berghmans <[EMAIL PROTECTED]> sent: >On Thu, 2003-11-27 at 20:49, John H Terpstra wrote: >> On Thu, 27 Nov 2003, [ISO-8859-1] Raphaël Berghmans wrote: >> >> > On Thu, 2003-11-27 at 19:55, John H Terpstra wrote: >> > > On Thu, 27 Nov 2003, [ISO-8859-1] Raphaël Berghmans wrote: >> > > >> > > > Hi, >> > > > >> > > > >> > > > We have on a central site a NT4 PDC and a NT4 BDC and on 6 secondary >> > > > sites we have a BDC on each site (the authentication for the >> > > > workstations on those remotes sites occurs on the local BDC and not on >> > > > PDC). >> > > > >> > > > Which could be the best way to migrate this environment to a >> > > > SAMBA-3.0.0/LDAP environment. But we cannot intervene on each 1600 >> > > > workstations. Then the migration has to be the most transparently as >> > > > possible for the users. >> > > >> > > Your configuration is typical of many. The samba-3 migration facility (net >> > > rpc vampire) should work fine. You should be able to run it against the >> > > local BDC - though I have not tested that. >> > >> > Indeed the SAM migration is very simple with vampire. But Samba cannot >> > made realtime synchronization with a NT4 PDC and how to manage the >> > modifications. Made a vampire each time a modification has been done on >> > the PDC is a little bit tricky (with 1600 users, 500 groups and 1700 >> > machines). >> >> We have documented the fact that Samba-3 can not be a BDC to an NT4 PDC. >> Sorry. If yu want to use Samba as a BDC then your PDC must be Samba also. > >I know it's well documented but if I migrate my NT4 PDC to a samba PDC, >I still have some NT4 BDC's and then there is always a synchronization >problem :) > >Then the only ways to do that are : > >First way : Manage a new samba domain and migrate manualy each >workstation > >Second way : Migrate the NT4 PDC to Samba and stop all NT4 BDC's (all >the authentications and profiles managment will be done on the PDC). And >migrate the BDC one by one. (Physicaly It's not possible on the same >time to migrate the PDC and all the BDC's) I just did something like this (to 2.2.8a/LDAP) .. I needed to have both networks set-up simultaneuosly and swap servers one by one as time/resources permitted The trick was, don't make the samba PDC a domain master until A) you need to; B) you are done with NT Some of what I will discuss may not be pertinent to 3.0, but I am sure you can get the idea. I made the Samba PDC, and imported all the users over. I did not grab the NT PDC SID (looking back in retrospect I wish I did, but I was young and naive). One by one I rolled out the REMOTE SAMBA machines. Those were all set to local mater = yes. When I needed to connect a Windows XP to the new Samba domain, I changed the samba PDC to domain master = yes, and the shutdown the NT PDC. Added the machine to the network, changed the Samba PDC back to Domain Master = NO and turned the NT PDC back on. Now this is where I wish I had migrated the NT PDC SID. Then I think I could have just made the LDAP machine accounts, and been done with it. So bottom line, I had both existing at the same time. Granted, I needed to add users to both places, but things could be worse. creating scripts for managing them simultaneous wasnt too bad, and made the conversion that much easier. My user level is about 1/4 of yours, so I dont know how that will correlate. Feel free to ask any questions > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem whit XP PRO client
On 26 Nov 2003 11:19 , Dr Jekyll <[EMAIL PROTECTED]> sent: >Hi. I'm entering in Samba's world and I need help with this. An Nt4.0 >client was upgraded to XP PRO, and Win does not connect to domain >(before upgrade worded fine), windows registry was modificated as samba >howto explains. >This is my smb.conf file of samba v. 2.0.7. >Thanks, thanks, thanks. >Dr Jekyll > Does our machine show up in the smbpasswd (or ldap equiv. backend?) if using ldap, have you run: smbpasswd -w THEPASSWORD it may simply be that you are still on 2.0.7 --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move the samba pdc to new box
On Tue, 25 Nov 2003 14:39 , Ed Holden <[EMAIL PROTECTED]> sent: >Sen, > > > >I actually did this during my testing phase a year ago and it was pretty > >straightforward - a LOT easier than moving the PDC on NT. I just kept > >everything in /etc/samba identical on both machines, and also made sure > >I had all the accounts in /etc/passwd set up identically (this includes > >machine accounts, so it's important). I took the network cable from the > >old box and moved it to the new one, and my clients had no idea anything > >had changed. Granted it was a new system so I only had one test client, > >but I was still mildly impressed with the server's portability. > > I think you also need to play around with the SID if you have windows machines joining the domain. YOu can extract it from the old, and force it on to the new. Just remember to keep it, so you can force it later as well > > > >-Ed > > > >senthil wrote: > > > >> Hi All, > >> > >> I am running samba 2.2xx as a PDC. I am planning to move this PDC to a new > >> and stable box running rh 8.0. Can anyone please advise me how to move the > >> PDC to a new box keeping the same settings like the user accounts and even > >> the unix SID and things like that .. Can any one guide me to some howto > >> which can help me .. ? please .. > >> > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 2.2.8a, XP pro workgroup question.
On Tue, 25 Nov 2003 16:56 , KD7NWG <[EMAIL PROTECTED]> sent: >Gang, >This is my first post here so if I screw up please let me know. > >I run samba 2.2.8a on Solaris at home (UltraUX). >I have several XP pro and win98 clients on this same network >(192.168.1.x). > >I feel that my primary problem is when I try to access the share it is >populating the username field 'Guest' and asking me for a password when >I want this share to be completely open regardless of workgroup or >domain name. > I have had this problem a bunch of times. I _believe_ that it is caused by samba using the username/password and then failing (guest access is only when there is no usernmae/password..does that make sense?)..There is a setting which allows you to fallback to a username if the original username/password pair fails (in the docs this is said 'to cause confusion for sys-admins') I believe if you poke around with 'map to guest' and 'bad password' you should be able to come up with a solution. >>This may or may not be possible, but I'd sure like to know if I can make >this share work, without changing my laptops workgroup/domain name. > >>Here is my smb.conf; >--- ># This is /usr/local/samba/lib/smb.conf > >[global] > netbios name = UltraUX > workgroup = Galvinonline > log level = 2 > log file = /var/adm/log/sambalog > security = share > wins support = yes > hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1 EXCEPT 192.168.1.1 > hosts deny = ALL > >[share] > path = /share/ > browseable = yes > guest ok = yes > public = yes > read only = no > > > >I was under the impression that the settings; 'security = share', >'public = yes', and 'guest ok = yes' in my smb.conf would be all that's >required for this type of access to work but if anybody has any >suggestions or can provide help I'd be greatly appreciative. > >If you have a document containing specific information regarding this >topic I'd love to read it. > >Thanks, >~Nate > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba & rsync
On Tue, 25 Nov 2003 02:19 , John K. <[EMAIL PROTECTED]> sent: > >>I apologize if you already resolved this..I am a bit confused as to why you >>need to connect via samba for rsync. I do something very similar and rsync >>handles >>it all if I have the correct rsync mount points defined in the .conf file > >Thanks for replying chris, > >I don't need samba for rsync per se. We use samba for other reasons. It >would be just convinient. However what is an rync mount point? I should go >read about this. Do you run an rsync deamon? Yes, I run rsync on the linux side and the windows side as a daemon [lets call this the remote side ie where the daemon is run). On the local side I launch rsync through a cron or windows scheduler/.bat file (we will call this the local side) So if I want to rsync files from the linux box to the windows box, I have the daemon running on the remote windows box, in the .conf file you define where the mount point is (not sure if that is the correct terminology): [prupref-1165] path = e:/prupref-1165/ comment = prupref-1165 mirror read only = false use chroot = false (this can be applied to the linux remote side as well if you are going from windows->linux) I can see how going the rsync->smb would be a bit easier, but I had some issues with it. > > >>From: McKeever Chris [EMAIL PROTECTED]> >>Reply-To: [EMAIL PROTECTED] >>To: [EMAIL PROTECTED], "John K." [EMAIL PROTECTED]> >>Subject: Re: [Samba] samba & rsync >>Date: Mon, 24 Nov 2003 20:01:13 -0600 >> >> >> >>On Sun, 23 Nov 2003 22:32 , John K. [EMAIL PROTECTED]> sent: >> >> >If anyone has time to look at this problem I would appreciate it. >> > >> >I think I am looking for a way to increase the "timeout" in samba (in the >> >smb.conf file) >> >for reporting a "down" link or "can't read xyz file". >> > >> >However I am writing to you folks because this problem has come up while >> >using rsync >> > >> > >> > >> >my problem >> >== >> > >> >We have a wan in which links from a central linux machine to a nodes >>which >> >are xp machines >> >from 1 to 5 minutes a night. not very common, but it happens. >> > >> >we are using samba to mount directories on the remote linux machines to >>the >> >local >> >linux server. (we use samba because we also have xp machines in our >>network >> >it is just easier to use this for now). >> > >> >We use rsync nightly to backup remote directories to the local linux >> >server. >> > >> >When one of the outages happes during a backup (rsync operation) either >> >- if I have not set the --timout value in rsync the operation just >> >continues. Rysnc seems >> > not to notice that samba is reporting errors and just copies over I >>assume >> >a bunch of . >> > Of course the file is corrupted. >> >>I apologize if you already resolved this..I am a bit confused as to why you >>need >>to connect via samba for rsync. I do something very similar and rsync >>handles it >>all if I have the correct rsync mount points defined in the .conf file >> >> >> > >> >- if I have set the --timeout value in rsync, in the case of failure >>rsync >> >just drops out. Of course if >> > i set the --timeout value to something like 2 minutes rsync seems to >> >ignore the samba errors and continues. >> > >> >What I would like to do is set a timeout value in samba for reporting >>errors >> >from what seems >> >to be about 30 seconds to something like 6 minutes. Then I could set the >> >--timeout value in rsync to >> >something like 5 minutes. >> > >> >I can't find in man smb.conf anywhere were you can set something like "if >> >you can't connect in 30 seconds" then report an error. >> > >> >> >> >>--- >>Chris McKeever >>If you want to reply directly to me, please use >>cgmckeever--at--prupref---dot---com >>http://www.prupref.com >> >> >> Prudential Preferred Properties www.prupref.com >> > >_ >Share holiday photos without swamping your Inbox. Get MSN Extra Storage >now! http://join.msn.com/\?PAGE=features/es > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba & rsync
On Sun, 23 Nov 2003 22:32 , John K. <[EMAIL PROTECTED]> sent: >If anyone has time to look at this problem I would appreciate it. > >I think I am looking for a way to increase the "timeout" in samba (in the >smb.conf file) >for reporting a "down" link or "can't read xyz file". > >However I am writing to you folks because this problem has come up while >using rsync > > > >my problem >== > >We have a wan in which links from a central linux machine to a nodes which >are xp machines >from 1 to 5 minutes a night. not very common, but it happens. > >we are using samba to mount directories on the remote linux machines to the >local >linux server. (we use samba because we also have xp machines in our network >it is just easier to use this for now). > >We use rsync nightly to backup remote directories to the local linux >server. > >When one of the outages happes during a backup (rsync operation) either >- if I have not set the --timout value in rsync the operation just >continues. Rysnc seems > not to notice that samba is reporting errors and just copies over I assume >a bunch of . > Of course the file is corrupted. I apologize if you already resolved this..I am a bit confused as to why you need to connect via samba for rsync. I do something very similar and rsync handles it all if I have the correct rsync mount points defined in the .conf file > >- if I have set the --timeout value in rsync, in the case of failure rsync >just drops out. Of course if > i set the --timeout value to something like 2 minutes rsync seems to >ignore the samba errors and continues. > >What I would like to do is set a timeout value in samba for reporting errors >from what seems >to be about 30 seconds to something like 6 minutes. Then I could set the >--timeout value in rsync to >something like 5 minutes. > >I can't find in man smb.conf anywhere were you can set something like "if >you can't connect in 30 seconds" then report an error. > --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com http://www.prupref.com Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC + XP: still not solved?
On Fri, 21 Nov 2003 18:45 , Robin Edgar - Tripany <[EMAIL PROTECTED]> sent: >Hi all, > >I've been reading and there's a lot to read but no solution! >I'm using samba 2.2.3a-12.3 for Debian and I seem to have set >everything I can: > >changed the signsecurechannel, sealsecurechannel in the registry to 0 >(and back to 1), > >Changed the policies for autoenrollent and the password encryption >(put that off in samba and in windows and then back on again) > >But ALWAYS do I get the following problem - when I change the settings >in the computer properties samba makes the accounts fine (in passwd, >shadow and smbpasswd), and I get >the welcome to domain screen. When I reboot and try to log in, it can't find the >PDC or it won't accept my logon. When I have a look in the logfile all >it shows is: > >[2003/11/21 18:03:37, 2] smbd/server.c:exit_server(458) > Closing connections >[2003/11/21 18:03:50, 2] lib/access.c:check_access(321) > Allowed connection from (192.168.0.28) >[2003/11/21 18:04:01, 2] smbd/server.c:exit_server(458) > Closing connections >[2003/11/21 18:07:11, 1] smbd/reply.c:reply_sesssetup_and_X(1052) > Username guest is invalid on this system > >(last message after I log into the XP machine instead of the domain). > >I've seen this message a few times, but nowhere is there any real >solution! SOMEONE must have fixed this by now! make sure that you have run smbpasswd -w THELDAPPASSWORD and that you havent changed the machine name since. Can you send your SMB.CONF from the PDC? are you using any LDAP replication to othewr 'semi-bdc' servers? > > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Syncing time for non-Admin logons? - net time \\superserver /set /yes
On Thu, 20 Nov 2003 00:29 , John H Terpstra <[EMAIL PROTECTED]> sent: >On Wed, 19 Nov 2003, Jeff Gardiner wrote: > >> I have in my smb.conf file the following entries: >> time server = yes >> >> and >> >> logon script = startup.bat >> >> Where logon script is as follow: >> >> -start script - >> NET TIME \\SUPERSERVER /SET /YES >> # Here we map network drives to shares on the Samba Server >> >> echo Mapping Network Drives to Samba Server Theremin >> net use s: \\superserver\scratch >> net use r: \\superserver\share >> >> \\virusserver\Antivirus\PCCSRV\AUTOPCC.EXE >> -end script - >> >> The NET TIME command seems to be runable only by the local admin. The >> \\superserver is a Solaris9 box running samba 3.0.1pre3 and also acts as an >> ntp server. >> >> Does anyone have suggestions as to how to have my samba clients update with >> the server? > >Yes. You need to log onto each client as the local machine 'Administrator' >and give each user the privilidge to adjust the system time. Do this in >control panel -> Adminsitrative Tools -> Computer Management -> Local >Security Settings (can't remember details - I'm on a site where I can't >check it now), then locate the right entry so the local registry gets >updated so "Domain Users' get the right to change the system time. > >- John T. >-- >John H Terpstra >Email: [EMAIL PROTECTED] >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > I found this all most annoying myself (permissions and all)...if you can install NTP on a machine within your network, you can use the W32time service to sync (net time /setstp:ntp.yourdomain.com It works just as well, if not better Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3 LDAP/PDC problem - adding WXP account
On Sun, 9 Nov 2003 10:26 , Tarjei Bitustøyl <[EMAIL PROTECTED]> sent: >Ok, additional information: >I am using LDAP as a unix password backend, so I shouldn't be needing the >/etc/passwd for a machine account. >The smbldap-useradd.pl -w script adds an account correctly, and both >posixAccount and sambaSAMAccount is set. When this is done, I get again, >"access is denied" when I try to join the domain, with the valid SID user. >It doesn't seem to join correctly on the operation when it actually creates >the account, however I can see nothing wrong with the account itself. Here >is an auto-created account: (smbldap-useradd.pl -w %u) > >dn: uid=main$,ou=Machines,o=AstarothInc,c=NO >objectClass: top >objectClass: inetOrgPerson >objectClass: posixAccount >cn: main$ >sn: main$ >uid: main$ >uidNumber: 1003 >gidNumber: 553 >homeDirectory: /dev/null >loginShell: /bin/false >description: Computer > >I have all the scripts in place, but manually only the add machine script >works. I don't think I need the others for the operation I am trying, >though. > >The thing is, if I do have an account in /etc/passwd called "main$" when I >try to join, the auto-created ldap entry looks very very different: > >dn: uid=main$,ou=Machines,o=AstarothInc,c=NO >uid: main$ >sambaSID: S-1-5-21-2523409155-1094959098-2360343008-3006 >sambaPrimaryGroupSID: S-1-5-21-2523409155-1094959098-2360343008-1201 >sambaAcctFlags: [W ] >objectClass: sambaSamAccount >objectClass: account > >The error upon joining is still the same, username could not be found; >however, subsequent attempts to join give the error "access is denied." I'm >going nuts. > if this is an XP PRO machine, have you done the signorseal registry hack? >Regards >Tarjei > >- Original Message - >From: "Andrew Bartlett" [EMAIL PROTECTED]> >To: "Tarjei Bitustøyl" [EMAIL PROTECTED]> >Cc: [EMAIL PROTECTED]> >Sent: Sunday, November 09, 2003 10:08 AM >Subject: Re: [Samba] samba 3 LDAP/PDC problem - adding WXP account > >On Sun, 2003-11-09 at 19:40, Tarjei Bitustøyl wrote: >> Hi, >> >> I've finally gotten my LDAP password backend up and running, and finally >figured out the SID 1000/1001 thing for Samba admin. >> However I'm unable to join the workstation to my domain. > >I'm not sure what you mean about the '1000/1001' thing. Root should be >given the special sid '-500' if at all possible, as that is >'administrator'. > >> Using any random user in the WXP dialogue, I get the "Access is Denied" >error. Fair enough. >> Using the user with sambasid and sambagroupsid s-*-1000/s-*-1001, I get >the error "The Username could not be found". This error is probably not >referring to the login user, as that one is validated (I get another error >if I type in a wrong password), so I assume it's the machine account user >that it is looking for. >> >> I have however tried adding the machine account using both LAM and >smbpasswd -a -m, but no difference. >> >> The debug log says everything is successful? >> I'm at a loss. Does anyone have a hint as to what is wrong here? > >Do you have the add user scripts in place? > >Andrew Bartlett > >-- >Andrew Bartlett [EMAIL PROTECTED] >Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] >Student Network Administrator, Hawker College [EMAIL PROTECTED] >http://samba.org http://build.samba.org http://hawkerc.net > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Check whether a unix user is a samba user
On Sun, 9 Nov 2003 13:11 , [EMAIL PROTECTED] sent: >Hello. > >What is the command one should use >to check whether a unix user is a >samba user (that is, its username is >in one of the samba password backends). > >Romildo you can do a grep 'username' /etc/smb/smbpasswd > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba with Domain User accounts
On Fri, 07 Nov 2003 15:08 , anth jaz <[EMAIL PROTECTED]> sent: >I am trying to find an option to M$ file server under Linux. Everything to this point >is M$. Whether anybody goes for it or not, I would like to put the option out there for choice. One of the important necessities is that this doesn't become any more complicated for the EU. As soon as you say Linux to the bosses they think more complex for the user and the users have trouble enough logging in to there computers. I am a Linux newbie trying to become more efficient. At present, I am using RH9, Samba 3, and have security = Domain and have joined the domain successfully. I have a user joe created on the Linux/Samba server and when user joe logs onto his Win2k computer on the NT domain he can access the Samba share I have configured like this: > >[share] >path = /test >public = no >writable = yes >printable = no >valid users = joe jon art >create mask = 0765 > >Unless users "joe, jon, and art" are created on the Linux box, the user gets prompted >for network authentication: > >Connect As: >Password: > >I also have set "password server = *" and I still get promted for authentication. I >enter a vaild domain user account but not one that I have added to the Linux box and it will not take it. I also tried using >"password server = x.x.x.x" where x.x.x.x was PDC and BDC and had the same results. > >I have also set the following: >unix password sync = Yes >passwd program = /usr/bin/passwd %u > >I don't want anybody to have to do this, since they do not have to do this now (all >windoze 2k & NT). There are a lot of users and equally a lot of passwords on the domain and it isn't very efficient to add every user to the Linux box. Is there a way to get around this. Have the Linux server communicate with the PDC or BDC since it is a member of the domain? > >If that is even possible can I then give joe "read only", jon & art "read & write", >and "deny" everybody else access to the "test dir." > > With the 2.2.x version there was windbind, which would communicate with the PDC and pull the user accounts. I believe there is something similiar with 3.0 net vampire (or something to that effect, if not still windbind)... The howto at samba.org (dont have the exact address), is very resourcefull to these types of issues. Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2 -> 3.0.0 upgrade: questions + Internet Connection Wizard / Identities
On Fri, 7 Nov 2003 10:38 , Jeff Jones <[EMAIL PROTECTED]> sent: >> Yes. You should have saved the Domain SID before migration, then restored >> it on Samba-3 using the net utility. That way your clients would have been >> quite happy. > > >Ah, ok. Is there a document explaining how to save and restore the SID? I >saved the contents of /etc/samba before performing the upgrade. Can I still >extract the SID and restore it into my Samba 3? I still have some client >boxes I haven't joined to the new domain. > >Is there any other way, at this point, to allow my domain users write access >to their identities / accounts without them being administrators? A way of >moving forward with my new SID? if you still have the old /etc/samba/secret.tdb file, you can grab the SID out of that. > >Why isn't Windows allowing the users access to their internet settings / >identities, even though they're in the new domain and the users' profiles >have been reloaded from the server? Is there any way to fix it? > >Thanks again, >Jeff > > >- Original Message - >From: "John H Terpstra" [EMAIL PROTECTED]> >To: "Jeferee" [EMAIL PROTECTED]> >Cc: [EMAIL PROTECTED]> >Sent: Friday, November 07, 2003 1:15 AM >Subject: Re: [Samba] Samba 2.2 -> 3.0.0 upgrade: questions + Internet >Connection Wizard / Identities > > >> On Thu, 6 Nov 2003, Jeferee wrote: >> >> > Hello, >> > >> > I just upgraded from Samba 2.2.7 to Samba 3.0.0 on RedHat 9. I did this >> > by uninstalling the 2.2.7 samba RPM's and then applying the Samba 3.0.0 >> > RPM from samba.org, then putting my local changes back into smb.conf. >> > I have also migrated my smb users from smbpasswd to tdbsam with the >> > pdbedit utility as discussed in the HOWTO. >> > >> > It seems I have to rejoin my client boxes (windows 2000 pro) to the >> > domain in order to log in, and then I have to blow away my local users >> > on each client machines to allow the roving profiles to be reloaded at >> > login. >> > >> > Also, I have had to add the following to my smb.conf file to use tdbsam >> > successfully. >> > >> > logon home = \\%L\%U >> > logon path = \\%L\%U\profile >> > >> > I had to do this in order to get the correct string to come up in >> > pdbedit -Lv for the "Home Directory" and "Profile Path" variables (the >> > defaults cuased %N to show in place of the server name) - when I used >> > 'smbpasswd' as the backend pdbedit -Lv showed proper values and things >> > worked OK. >> > >> > I also had to mess around a bit with 'net groupmap' modify/list to get >> > the standard Windows groups to map properly to UNIX groups, as discussed >> > in the HOWTO. These seemed to work fine under 2.2.7. >> > >> > Everything seems to work OK now, except for the following problems. >> > Can anyone tell me what I did wrong upgrading with respect to the >> > following 3 issues: >> > >> > 1) I have to rejoin each client Windows 2000 box to the domain or logins >> > fail (says the client is not in the domain) - did the machines' SIDs >> > change for some reason? Server SID? >> >> Yes. You should have saved the Domain SID before migration, then restored >> it on Samba-3 using the net utility. That way your clients would have been >> quite happy. >> >> > >> > 2) I have to blow away local roving profiles, then log in to get the >> > roving profiles to reload from the server - error says the profile for >> > that user already exists on the server, but has the 'wrong security'. >> > Loads temp settings. SID problem? >> >> Correct. See comment for Q1. >> >> > >> > 3) After rejoining and reloading, regular Domain Users do not have the >> > ability to change their Internet Connection Settings - The "Internet >> > Connection Wizard" icon recreates at each login, and when the user tries >> > to access it, they get an access denied error. Changes to internet >> > settings from IE are not recorded, and it complains about 'no >> > identities'. The users are properly listed in the "Domain Users" group. >> > If I put the user (or Domain Users) in the Admininistrator group on the >> > client boxes, he successfully gets his previously set settings (home >> > page, etc) at login. >> >> Yes. Correct. >> >> > Thank you, and great job on 3.0! >> >> Glad to hear that the documentation was useful. Want to send me any >> updates for it? >> >> Cheers, >> John T. >> -- >> John H Terpstra >> Email: [EMAIL PROTECTED] >> >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba PDC
are you using the root account and password to connect to the domain? > -Original Message- > From: JAVIER BARRACHINA [mailto:[EMAIL PROTECTED] > Sent: Sunday, October 19, 2003 6:49 AM > To: [EMAIL PROTECTED] > Subject: [Samba] Samba PDC > > > I'm trying to config Samba PDC using: The Unofficial Samba HOWTO > > but error apeared: > The following error occurred attempting to join the domain > MYDOMAIN: The > specified network password is not correct > > I tried: > Use Window's Group Policy Editor (gpedit.msc) to make the > following changes > in the Local Computer Policy\ Computer Configuration\ Windows > Settings\ > Security Settings\ Local Policies\ Security Options branch: > Domain member: > Digitally encrypt or sign secure channel data (DISABLE) > andDomain member: > Digitally sign secure channel data when possible (DISABLE) > > but nothing! error!!! > can anyone help me? > tnx a lot! > > _ > Charla con tus amigos en línea mediante MSN Messenger: > http://messenger.yupimsn.com/ > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Download Samba 2.2.8a
I found 2.2.8a under some of the trees here: http://hostopia.samba.org/samba/ftp/Binary_Packages/ I do not know about running a hybrid, I guess it depends on how you are going to implement the replication. If you are just going to use basic rsync/mirror of the passwd and other files, then it probably would work, but if youare going to implement something like ldap, then I wouldnt recommend it. i just got finished with a complete ldap-replicate 2.2.8a system, and it works great > -Original Message- > From: Guess Logi [mailto:[EMAIL PROTECTED] > Sent: Monday, October 13, 2003 9:53 PM > To: [EMAIL PROTECTED] > Subject: [Samba] Download Samba 2.2.8a > > > > I have set up Samba 2.2.8a on Linux as a PDC. Now, I want to > set up BDC/"fail over" on Linux. I have already found some > useful information to configure BDC on Linux eventhough Samba > 2.X officialy doesn't support. > > Does anyone know where can I get Samba 2.2.8a? - I don't see > on samba official website. > OR > Is it okay to have Samba 2.2.8a on PDC and Samba 3.0 on BDC? > Both servers should have to have exact same Samba version.? > > When I said PDC/BDC, it is just window term. Actually both > servers will act as primary/secondary fail over in Linux. > > -Logi > > > > > - > Do you Yahoo!? > The New Yahoo! Shopping - with improved product search > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC - XP Logins - Replication of secrets file
I think I finally have gotten my XP machines to log into the samba controlled domain. Thank you all to have provided feedback and support. I am wondering though if the solution was something that I just glossed over, or if I just solved a portion of the problem. As a recap, I am running samba 2.2.8a compiled with LDAP so I can have replicated authentication. I was able to join the XP machines to the domain without a problem, but I continually got wrong username/password msessages when I would try to login. I finally copied the secrets.tdb file from the PDC machine over to one of the local branch authentication servers. I ran smbpasswd -S -a \\servername against that to populate the domain SID, restarted Samba and I was good to go. Is this just something that I had missed? I only found it by seeing two obscure posts one about machines.sid and the other about changing a server name and re-running smbpasswd. Any feedback would be appreciated so I can put this to rest. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba time server
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Hello, > I'm trying to set up a Linux, rh9, webserver with samba > support, so that > user's can make the pages on their windows boxes and drop > them right on > the server. I'm having one problem, when the user connects > Dreamweaver, > MX version, gives an error about can not determine the server > time. I've > added: > time server = yes > to the global section of my smb.conf file, but this > didn't solve the > issue. I'm not even sure if this is an appropriate question for this > list, so i'm just throwing it out there. Any ideas? > Thanks. > Dave. > I do not think that the time server = yes is what is the issue with DREAMWEAVER. I would suggest figuring out what dreamweaver is trying to do with the time (via the allaire.com support forum) and then relaying that information to this list so we can try to correlate the two. > > The best thing to hit the internet in years - Juno SpeedBand! > Surf the web up to FIVE TIMES FASTER! > Only $14.95/ month - visit www.juno.com to sign up today! > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbpasswd responding slowly
as of today, when I issue the smbpasswd from the CLI, its response time is very poor. I am using samba 2.2.8 with an openldap backend. Prior to today, this was working fine. To my knowledge, nothing has been changed, in fact I am positive of this. This may be off topic now, but it seems like the response time on the server itself is acting goofy. I am kind of at a loss at this. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
