Re: [Samba] BackupExec Agent on Samba

2004-06-18 Thread McKeever Chris

On Fri, 18 Jun 2004 17:36 , Tony Whitmore <[EMAIL PROTECTED]> sent:

>Kevin Bramblett wrote:

>versions have solved the problem.)
>
>The Unix Agent for BackupExec (available from Veritas' FTP server) is 
>really independant of Samba. By installing the BackupExec Agent for Unix 
>(binary only, sadly) on our Linux system (running Debian Stable with a 
>2.6.6 kernel) the server then appeared in the list of BackupExec Agents 
>in the program on the NT server. Testing showed that Unix permissions 
>were saved and restored correctly using the BackupExec Agent - something 
>that I did not think would happen had the files been restored using Samba.
>

I _had_ the agent running - and as said above it is samba independent - I have not 
found a way to just connect to the share - I hear arcserve 
could care less and connects without a hitch..


>The documentation on Vertias' website suggests that it is still not 
>possible to do differential backups from a Unix system (presumably 
>because of the lack of an archive bit.
>
>To get around this limitation, in the longer term I am looking at using 
>rsync to backup to either a co-located server or removable hard-drives.
>

this is how I solved my issue as well - and honestly, doing it this way is much more 
easier and redundant than tape - especially using a cp -al to 
make differential changes prior to the rsync! 


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref.com
http://www.prupref.com";>Prudentialhttp://www.prupref.com";>Chicago Real Estate

>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???

2004-06-18 Thread McKeever Chris


On Fri, 18 Jun 2004 16:08 , Michael Gasch <[EMAIL PROTECTED]> sent:

>
>> maybe I am missing something here - but why does your master ldap fail so often?  
>it doesn't - i'm just building the worst case szenario =)
>
>>I agree with the other poster, the slave LDAPS should be 
>> (and I would almost move to _need_ to be) read only .. 
>and now tell me please how the master can replicate his LDAP tree to the 
>slave to get a 1:1 copy and a backup of my LDAP tree, if it's readonly 
>?!?!?!

becuase you configure your slave to accept changes that are pushed from the master .

>
>>I am also curious as to why you have a samba server contacting either the PDC/BDC 
>> ldap servers when it could just be running a replicated LDAP DB itself...which is 
>> how all the docs say to do it - maybe this is something new 
with 
>> 3.xx - not sure, but it alwyas seemed more logical to have all your samba boxes be 
>> thier own DC in terms of login/user information
>if each smbd has it's own ldap instance running (DMs too), i have to 
>ensure, that all LDAP instances have the same information

this is the main point of ldap replication - they do all have the same info - and why 
you make the slaves readonly


>before i can't solve the replication problem (MASTER=dead, changes are 
>made to SLAVE, MASTER comes back => inconsistency in LDAP trees) in case 
>of the MASTER dies and information has to be written to one of the 
>SLAVEs, i won't give each smbd his own passdb backend
>
>it's my plan to have one PDC, one BDC, x DMs and one LDAP instance on 
>both DCs
>
>> If your master does fail - and I mean dead, need to rebuild, etc..I would make one 
>> of the slaves the write/master get the original MASTER 
>> back on line, but not in production until you can do a slapcat of the LDAP to it, 
>> change the everything back to what it needs to be, and 
have 
>> your system running again
>this is my temporary solution
>
>
>bye

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref.com
http://www.prupref.com";>Prudentialhttp://www.prupref.com";>Chicago Real Estate
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???

2004-06-18 Thread McKeever Chris


On Fri, 18 Jun 2004 15:38 , Michael Gasch <[EMAIL PROTECTED]> sent:

> > Isn't the slave ldap directory suppose to be only read only?
>if it's readonly, slurpd can't update the slave (i've tested it, 
>possibly i missed something ?)
>
>the problem is: machines regularly change their passwords and if these 
>changes are not done on the master, they're lost, if master comes back 
>-> clients can't logon anymore and so on


maybe I am missing something here - but why does your master ldap fail so often?  I 
agree with the other poster, the slave LDAPS should be 
(and I would almost move to _need_ to be) read only .. I am also curious as to why you 
have a samba server contacting either the PDC/BDC 
ldap servers when it could just be running a replicated LDAP DB itself...which is how 
all the docs say to do it - maybe this is something new with 
3.xx - not sure, but it alwyas seemed more logical to have all your samba boxes be 
thier own DC in terms of login/user information

If your master does fail - and I mean dead, need to rebuild, etc..I would make one of 
the slaves the write/master get the original MASTER 
back on line, but not in production until you can do a slapcat of the LDAP to it, 
change the everything back to what it needs to be, and have 
your system running again

but like I said, maybe I am missing something

>
> >I'm having some troubles
> > getting the failover to work
>what problems are you talking about?
>
>these are my config files (/etc/ldap.conf for all machines not included 
>but also very important in case of fail-over)
>
># Samba PDC #
># smb.conf
>
>[global]
>
>workgroup = NEVAN
>netbios name = nevanpdc
>server string = NevanPDC on Samba Version: %v
>
>username map = /etc/samba/username.map
>
>log level = 5
>log file = /var/lib/samba/log.%m
>max log size = 1
>
>passdb backend = ldapsam:"ldap://localhost:389 
>ldap://nevanbdc.eva.mpg.de:389";
>ldap passwd sync = yes
>ldap suffix = dc=eva,dc=mpg,dc=de
>ldap admin dn = cn=manager,dc=eva,dc=mpg,dc=de
>ldap machine suffix = ou=machines
>ldap user suffix  = ou=users
>ldap group suffix = ou=groups
>ldap replication sleep = 2000
>ldap idmap suffix = ou=users
>
>guest ok = no
>guest account = Guest
>
>security = user
>local master = yes
>os level = 65
>domain master = yes
>domain logons = yes
>
>logon path =
>logon home =
>
>encrypt passwords = yes
>socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
>
>wins support = yes
>dns proxy = no
>
>display charset = UTF8
>unix charset = UTF8
>
>[netlogon]
>comment = Network Logon Service
>path = /var/lib/samba/netlogon
>guest ok = yes
>writable = no
>share modes = no
>
>
># slapd.conf
>include /etc/openldap/schema/core.schema
>include /etc/openldap/schema/cosine.schema
>include /etc/openldap/schema/nis.schema
>include /etc/openldap/schema/inetorgperson.schema
>include /etc/openldap/schema/samba.schema
>
>pidfile /var/run/slapd/slapd.pid
>argsfile/var/run/slapd/slapd.args
>loglevel7
>
>databaseldbm
>suffix  "dc=eva,dc=mpg,dc=de"
>rootdn  "cn=manager,dc=eva,dc=mpg,dc=de"
>
>password-hash   {MD5}
>rootpw  {MD5}
>
>replogfile /var/lib/ldap/replog
>
>replica host=nevanbdc.eva.mpg.de:389
> binddn=cn=manager,dc=eva,dc=mpg,dc=de
> bindmethod=simple credentials="+"
>
>directory   /var/lib/ldap
>index   objectClass eq
>index   sambaSIDeq
>index   uid eq
>index   sambaPrimaryGroupSIDeq
>
>lastmod on
>
>access to attrs=userPassword
>by self write
>by * auth
>
>access to *
>by * read
>
>
>
># Samba BDC #
># smb.conf
>
>[global]
>
>workgroup = NEVAN
>netbios name = nevanbdc
>server string = NevanBDC on Samba Version: %v
>
>username map = /etc/samba/username.map
>
>log level = 5
>log file = /var/lib/samba/log.%m
>max log size = 1
>
>passdb backend = ldapsam:"ldap://nevanpdc.eva.mpg.de:389 
>ldap://localhost:389";
>ldap passwd sync = yes
>ldap suffix = dc=eva,dc=mpg,dc=de
>ldap admin dn = cn=manager,dc=eva,dc=mpg,dc=de
>ldap machine suffix = ou=machines
>ldap user suffix  = ou=users
>ldap group suffix = ou=groups
>ldap replication sleep = 2000
>ldap idmap suffix = ou=users
>
>guest ok = no
>guest account = Guest
>
>security = user
>local master = yes
>os level = 65
>domain master = no
>domain logons = yes
>
>logon path =
>logon home =
>
>encrypt passwords = yes
>socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
>
>wins support = yes
>dns proxy = no
>
>display charset = UTF8
>unix charset = UTF8
>
>[netlogon]
>comment = Network Logon Service
>path = /var/lib/samba/netlogon
>g

Re: [Samba] samba.spec

2004-06-18 Thread McKeever Chris


On Thu, 17 Jun 2004 23:02 , Mark Sarria <[EMAIL PROTECTED]> sent:

>I am setting up a SuSe Linux Enterprise 8 server with samba ldap. SuSe comes
>with samba 2.*.* rpm. I need to reconfigure samba to add --with-ldapsam, so
>I need to remake the rpm, but i don't know where the samba.spec file is in
>SuSe.
>
>Also if any has been successfull setting up SAMBA LDAP, can you please send
>me information on how to accomplish this.


http://www.mandrakesecure.net/en/docs/samba-pdc.php

>
>Thank you
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref.com
http://www.prupref.com";>Prudentialhttp://www.prupref.com";>Chicago Real Estate


 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: AW: [Samba] Password change problem, Samba 3.0.4

2004-06-17 Thread McKeever Chris


On Thu, 17 Jun 2004 12:02 , Kopmann, Goetz <[EMAIL PROTECTED]> sent:

>Hi Sean,
>
>> smbpasswd
>> Old SMB password:
>> New SMB password:
>> Retype new SMB password:
>> machine 127.0.0.1 rejected the password change: Error was : RAP86: The
>> specified password is invalid.
>> Failed to change password for testuser
>
>We have exactly the same problem with Samba v2.2.8a. We found out that the
>password change process works if you set "unix password sync = no". But
>that's not a good solution fo us. Users should be able to log in to Linux
>with the same password. 

no one seems to like our solution, but we turned off _all_ windows->linux 
linux->windows password changes from the windows/linux session 
and just made a web page that sets both - it takes a lot of crap out of the equation 
and also lets us sync our email and web passwords at the 
same time - just a thought


>
>I hope there is another solution.
>
>Götz
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref.com
http://www.prupref.com";>Prudentialhttp://chicago.prupref.com";>Chicago Real Estate



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] password

2004-06-16 Thread McKeever Chris


On Wed, 16 Jun 2004 21:30 , Mike <[EMAIL PROTECTED]> sent:

>Is there anyway to configure samba so it will not prompt for username or 
>password?

Have you played with the:
map to guest and guest user smb.conf settings?
as well as make the share public?

man smb.conf - it goes into extreme detail around this...

>Thanks
>Mike
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref.com
http://chicago.prupref.com";>Real Estate Online
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] password expiry message - RESOLVED

2004-06-11 Thread McKeever Chris


On Fri, 11 Jun 2004 13:55 , Adam Tauno WIlliams <[EMAIL PROTECTED]> sent:

>> >>> pwdLastSet: 1086920093
>> >>> logonTime: 0
>> >>> logoffTime: 0
>> >>> kickoffTime: 0
>> >>> pwdCanChange: 0
>> >>> pwdMustChange: 0
>> RECAP - 
>> samba controlled domain (2.2.8a) with an LDAP backend.
>> Everything was working snazzy, till I changed my password yesterday.  Now when I 
>> log in (win2k server sp4) I get the password will expire 
>> today message.
>
>We always had the same issue under 2.2.x.  It supports password aging,
>force change (sort of), etc... but doesn't actually update all the
>attributes.  Set the pwdMustChange to some ridiculous value in the
>future and, as I recall, the message will go away.

Adam - perfect - I added to the password change to change the pwdMustChange value and 
the message went away - 
what is strange that it was set to 0, which I would have thought was 'no expiry" = 
well that was a lot of time put into fixing that..thank you



>
>Update to 3.0.x where this stuff actually works.

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>Real Estate
http://www.prupref.com";>Online Home Search
>
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] password expiry message -

2004-06-11 Thread McKeever Chris
>On Fri, 11 Jun 2004 05:14 , Craig White [EMAIL PROTECTED]> sent:
>
>>On Thu, 2004-06-10 at 19:48, McKeever Chris wrote:
>>> I have seen many archives about this, but nothing of solid answer for the fix - 
>>> maybe I havent dug far enough.
>>> I am running 2.2.8a with an LDAP backend.  I am pretty sure I have it so passwords 
>>> wont expire, but after changing mine today I am 
>>> prompted at a WIN2K login that it is about to expire...
>>> any idea?
>>> 
>>> shadowLastChange: 11761
>>> shadowMin: -1
>>> shadowMax: 9
>>> shadowWarning: -1
>>> shadowInactive: -1
>>> shadowExpire: -1
>>> shadowFlag: 7100670
>>> 
>>> pwdLastSet: 1086920093
>>> logonTime: 0
>>> logoffTime: 0
>>> kickoffTime: 0
>>> pwdCanChange: 0
>>> pwdMustChange: 0
>>-
>>The password prompts are no doubt a result of local policy and not
>>domain policy.
>
>any one have a suggesiton of which policy?  I just changed the MAXIMUM AGE setting it 
>to 0 and the message still exists.
>THanks
>

RECAP - 
samba controlled domain (2.2.8a) with an LDAP backend.
Everything was working snazzy, till I changed my password yesterday.  Now when I log 
in (win2k server sp4) I get the password will expire 
today message.

samba must be passing some value to windows, which may or may not trigger a local 
policy to show that message

I boosted logging to level 10..however I do not see anything that may flag something 
like that.  What should I look for?  I have scoured the 
web and foundsimilar issues, but with no update as to resolution.

thanks


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>Prudential
http://www.prupref.com";>Chicago Real Estate



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] password expiry message -

2004-06-11 Thread McKeever Chris


On Fri, 11 Jun 2004 05:14 , Craig White <[EMAIL PROTECTED]> sent:

>On Thu, 2004-06-10 at 19:48, McKeever Chris wrote:
>> I have seen many archives about this, but nothing of solid answer for the fix - 
>> maybe I havent dug far enough.
>> I am running 2.2.8a with an LDAP backend.  I am pretty sure I have it so passwords 
>> wont expire, but after changing mine today I am 
>> prompted at a WIN2K login that it is about to expire...
>> any idea?
>> 
>> shadowLastChange: 11761
>> shadowMin: -1
>> shadowMax: 9
>> shadowWarning: -1
>> shadowInactive: -1
>> shadowExpire: -1
>> shadowFlag: 7100670
>> 
>> pwdLastSet: 1086920093
>> logonTime: 0
>> logoffTime: 0
>> kickoffTime: 0
>> pwdCanChange: 0
>> pwdMustChange: 0
>-
>The password prompts are no doubt a result of local policy and not
>domain policy.

any one have a suggesiton of which policy?  I just changed the MAXIMUM AGE setting it 
to 0 and the message still exists.
THanks

>
>Craig
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>Prudential
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


[Samba] password expiry message -

2004-06-10 Thread McKeever Chris
I have seen many archives about this, but nothing of solid answer for the fix - maybe 
I havent dug far enough.
I am running 2.2.8a with an LDAP backend.  I am pretty sure I have it so passwords 
wont expire, but after changing mine today I am 
prompted at a WIN2K login that it is about to expire...
any idea?

shadowLastChange: 11761
shadowMin: -1
shadowMax: 9
shadowWarning: -1
shadowInactive: -1
shadowExpire: -1
shadowFlag: 7100670

pwdLastSet: 1086920093
logonTime: 0
logoffTime: 0
kickoffTime: 0
pwdCanChange: 0
pwdMustChange: 0



---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts




 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] smbldap - backup

2004-06-10 Thread McKeever Chris


On Wed, 9 Jun 2004 13:54 , System User <[EMAIL PROTECTED]> sent:

>Hi,
>
>I'm wondering what is the best option to backup the ldap backend of my
>samba server without having to bring ldap offline?  Until now, I didn't
>find a lot of documentation about best practices on this subject.
>
>Does anybody here have a suggestion?

someone else pointed this out - replication.  It works great, and gives you a real 
time snapshot.

>
>Thank you.
>
>
>Etienne-Hugues Fortin
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts

 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Share trash can?

2004-06-08 Thread McKeever Chris


On Tue, 8 Jun 2004 11:55 , Robert Sossomon <[EMAIL PROTECTED]> sent:

>Is there a trash can, or a way to add one, so that if a user deletes a
>file off the share it just goes away until a nightly purge is done?
>


kind of - you can make a morning mirror to a different direcory using pointers

/samba = data directory
/mirror = mirror directory

cp -al /samba/* /mirror/*

if someone deletes something it still exists in the mirror till you delete the mirror 
for the next day's mirror - but in essesce, this technique uses 
so little space that you can have weeks and weeks of DELTA changes files..it is harder 
to explain than view..for example, I have 6 months of 
backups tkaing up less than 5% more diskspace than the actual files themselves (this 
of course is use determined)

>Thanks,
>Robert
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Clients can find printer when

2004-06-06 Thread McKeever Chris


On Sun, 6 Jun 2004 15:34 , Steve Cohen <[EMAIL PROTECTED]> sent:

>On Sunday 06 June 2004 11:16 am, fredex wrote:
>
>> On Sun, Jun 06, 2004 at 10:23:46AM -0500, Steve Cohen wrote:
>> > This is REALLY starting to annoy me.  I have now set up a Win98 client on
>> > the network.  Once again I install the proper driver.  Once again the
>> > Windows system can browse to the printer.  Once again, printing appears
>> > to the client as if it's happening.  Once again nothing comes out of the
>> > printer.  Once
>>
>> This is exactly the problem I've had. (Using Samba 3.0.x and Cups).
>> someone else suggested making the particular printer in use here set up
>> as a RAW print queue in CUPS. Requires editing two cups config files and
>> connecting to the web UI for cups and changing the printer queue type to
>> raw. Details can be found in the samba documentation on printing with cups.
>>
>
>Hey, thanks, not sure what "printing with cups" documentation you meant, but I 
>googled and found http://de.samba.org/samba/docs/man/CUPS-printing.html
>Was this the doc you were referring to?
>
>This immediately seems to be getting somewhere.  I didn't have 
>printcap name = cups
>in my conf.  And putting it there immediately changes the pattern, although 
>still not success:
>
>[2004/06/06 13:59:20, 0] printing/print_cups.c:cups_job_submit(655)
>  Unable to print file to EpsonC82 - 


I had a lot of issues trying to print to this exact printer via a network 
configuration...just a thought that it may not be completely a _you_ thing


>client-error-document-format-not-supported
>
---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] user and password

2004-06-06 Thread McKeever Chris


On Sun, 06 Jun 2004 13:45 , Mike <[EMAIL PROTECTED]> sent:

>How to configure samba so it will not prompt for a username and password 
>when tring to access a share from windows or linux?
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>

you can play around with:

   map to guest = bad user
   guest account = agent-guest

and also the guest priviledges on the share itself...there is also a config that will 
allow access for a bas username/password - 


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts

 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Clients can find printer when

2004-06-06 Thread McKeever Chris


On Sat, 5 Jun 2004 23:41 , Steve Cohen <[EMAIL PROTECTED]> sent:

>Thanks, Chris:

>Now, when I try to print a document from Windows, it goes through all the 
>pages (spooling, I think) but then an error message pops up indicating that 
>it failed to print (and of course no print comes out).  It won't tell me WHY 
>it failed to print, just that it failed.  (This is more feedback than I got 
>before, so it's a step forward).


so - making the printer local has let you move a little further?  IUf anyone on the 
list can explain the error messages when connecting to a 
printer via network - that woul dbe most appreciated.

this sounds like what I had - just checking here - you are able to browse to a share 
without any problem - no connection dialoges? nothing out 
of the ordinary, you can just go start->run->\\server\share and all works

here is a copy of a printer config from my smb.conf:

[bdc-toshiba550]
printer = bdc_toshiba550
printing = cups
comment = toshiba_550 - BDC
path = /var/spool/samba
browseable = yes
guest ok = yes
writable = no
printable = yes
print command = lpr.cups -P %p -o raw %s;rm %s
lpq command = lpstat.cups -o %p
lprm command = cancel.cups %p-%j


>> >[Epson]
>> >path = /var/spool/samba
>> >read only = No
>> >hosts allow = 192.168.123
>> >printable = Yes
>> >printer name = Epson
>> >oplocks = No


I notice that you dont define your printer ... I have never actually printed to a 
printer connected directly to a SAMBA box, only through 
LPD/IP using cups...

can you send a test page VIA the cups interface?



>
>I do notice that my log.nmbd file contains these messages:
>
>[2004/06/05 23:05:26, 0] 
>nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(358)
>  find_domain_master_name_query_fail:
>  Unable to find the Domain Master Browser name DARROW335 for the 
>workgroup DARROW335.
>  Unable to sync browse lists in this workgroup.
>
>I get these messages whether the Linux box is or is not the Domain Master 
>Browser.  And I find no configurability of Domain Master Browser at all on 
>the XP side.

I dont think these are contribting to the problem..but when you get things printing, I 
would work on fixing them..oh - make sure domain 
master browser is not commented out, but instead set to NO or YES - I has noticed that 
the uncommented out default in 2.2.8a didnt do as 
expected..

>
>These messages appear every fifteen minutes and are independent of any attempt 
>to print.  None of the other samba logs describe an attempt to print, and 
>there is nothing in the XP event viewer logs either
>
>Very frustrating.
>
>On Saturday 05 June 2004 6:24 pm, McKeever Chris wrote:
>> On Sat, 5 Jun 2004 17:05 , Steve Cohen [EMAIL PROTECTED]> sent:
>> >I had a working Samba installation on my home network.  Then I replaced
>> > one printer with another.  The new printer is successfully installed on
>> > my RedHat 9.0 system on /dev/lp0.  It is an Epson C82.  From the RedHat
>> > system all is well.
>> >
>> >However, I am unable to print to this printer via Windows XP boxes on my
>> >network.  Samba is working to the extent that Windows can find these
>> > printers via browsing.  But that's it.
>> >
>> >At first, I would get access denied messages under "Status" on Windows'
>> >"Printers and Faxes" window.  At that time my smb.conf looked like this:
>> >
>> >[EMAIL PROTECTED] samba]# cat smb.conf
>> ># Samba config file created using SWAT
>> ># from RAINIER (127.0.0.1)
>> ># Date: 2004/06/05 16:09:08
>> >
>> ># Global parameters
>> >[global]
>> >workgroup = DARROW335
>> >server string = samba server
>> >security = SHARE
>> >encrypt passwords = Yes
>> >obey pam restrictions = Yes
>> >pam password change = Yes
>> >passwd program = /usr/bin/passwd %u
>> >passwd chat = *New*password* %n\n *Retype*new*password* %n\n
>> >*passwd:*all*authentication*tokens*updated*successfully*
>> >username map = /etc/samba/smbusers
>> >unix password sync = Yes
>> >log level = 3
>> >log file = /var/log/samba/%m.log
>> >max log size = 0
>> >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>> >preferred master = Yes
>> >domain master = Yes
>> >dns proxy = No
>> >wins server = 192.168.123.70
>&

Re: [Samba] Clients can find printer when

2004-06-05 Thread McKeever Chris


On Sat, 5 Jun 2004 17:05 , Steve Cohen <[EMAIL PROTECTED]> sent:

>I had a working Samba installation on my home network.  Then I replaced one 
>printer with another.  The new printer is successfully installed on my RedHat  
>9.0 system on /dev/lp0.  It is an Epson C82.  From the RedHat system all is 
>well.
>
>However, I am unable to print to this printer via Windows XP boxes on my 
>network.  Samba is working to the extent that Windows can find these printers 
>via browsing.  But that's it.
>
>At first, I would get access denied messages under "Status" on Windows' 
>"Printers and Faxes" window.  At that time my smb.conf looked like this:
>
>[EMAIL PROTECTED] samba]# cat smb.conf
># Samba config file created using SWAT
># from RAINIER (127.0.0.1)
># Date: 2004/06/05 16:09:08
>
># Global parameters
>[global]
>workgroup = DARROW335
>server string = samba server
>security = SHARE
>encrypt passwords = Yes
>obey pam restrictions = Yes
>pam password change = Yes
>passwd program = /usr/bin/passwd %u
>passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
>*passwd:*all*authentication*tokens*updated*successfully*
>username map = /etc/samba/smbusers
>unix password sync = Yes
>log level = 3
>log file = /var/log/samba/%m.log
>max log size = 0
>socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>preferred master = Yes
>domain master = Yes
>dns proxy = No
>wins server = 192.168.123.70
>guest ok = Yes
>printing = cups
>
>[homes]
>comment = Home Directories
>valid users = %S
>read only = No
>create mask = 0664
>directory mask = 0775
>browseable = No
>
>[printers]
>comment = All Printers
>path = /var/spool/samba
>printable = Yes
>browseable = No
>
>[Epson]
>path = /var/spool/samba
>read only = No
>hosts allow = 192.168.123
>printable = Yes
>printer name = Epson
>oplocks = No
>
>[testshare]
>path = /tmp
>guest account = ftp
>read only = No
>hosts allow = 192.168.123.0/255.255.255.0

sorry for the double post - but make sure your host allow is right, you have two 
different ones within the file (I have never used it) my 
suggestion, take it out for now, start basic - get it to work and then add from there 
till you break something or get your desired result.

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts


>
>After reading some of the documentation, I came upon
>"Use Client Driver".  This looked reasonable, since I was in fact installing 
>the driver on the Windows boxes.  I added this parameter to the config,
>under the "Epson" section, restarted smbd and nmbd and now, I no longer saw 
>"Access Denied", I saw "Ready", but still, all attempts to print to this 
>printer from the Windows boxes yielded nothing.  And all the auxiliary 
>functions like "Print Test Page" from Windows timed out.
>
>Can someone please tell me what I am doing wrong?
>
>Steve Cohen
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Clients can find printer when

2004-06-05 Thread McKeever Chris


On Sat, 5 Jun 2004 17:05 , Steve Cohen <[EMAIL PROTECTED]> sent:

>I had a working Samba installation on my home network.  Then I replaced one 
>printer with another.  The new printer is successfully installed on my RedHat  
>9.0 system on /dev/lp0.  It is an Epson C82.  From the RedHat system all is 
>well.
>
>However, I am unable to print to this printer via Windows XP boxes on my 
>network.  Samba is working to the extent that Windows can find these printers 
>via browsing.  But that's it.

I have had this issue - and other than a work around, I havent looked into it much more

2 things - make sure that it is set for guest printing

and if that doesnt work, try to connect ot it by making a new LOCAL port (add printer 
-> server properties -> add port -> then use that port 
when adding the printer IE dont right click on the printer to install it, and dont 
select network printer)

This also handles a stupid little item with network printers not being installed/setup 
on all user accounts (without some ass-backwards CL utility 
which fvcks me up all the time)  as compared to local printers being available.

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts


>
>At first, I would get access denied messages under "Status" on Windows' 
>"Printers and Faxes" window.  At that time my smb.conf looked like this:
>
>[EMAIL PROTECTED] samba]# cat smb.conf
># Samba config file created using SWAT
># from RAINIER (127.0.0.1)
># Date: 2004/06/05 16:09:08
>
># Global parameters
>[global]
>workgroup = DARROW335
>server string = samba server
>security = SHARE
>encrypt passwords = Yes
>obey pam restrictions = Yes
>pam password change = Yes
>passwd program = /usr/bin/passwd %u
>passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
>*passwd:*all*authentication*tokens*updated*successfully*
>username map = /etc/samba/smbusers
>unix password sync = Yes
>log level = 3
>log file = /var/log/samba/%m.log
>max log size = 0
>socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>preferred master = Yes
>domain master = Yes
>dns proxy = No
>wins server = 192.168.123.70
>guest ok = Yes
>printing = cups
>
>[homes]
>comment = Home Directories
>valid users = %S
>read only = No
>create mask = 0664
>directory mask = 0775
>browseable = No
>
>[printers]
>comment = All Printers
>path = /var/spool/samba
>printable = Yes
>browseable = No
>
>[Epson]
>path = /var/spool/samba
>read only = No
>hosts allow = 192.168.123
>printable = Yes
>printer name = Epson
>oplocks = No
>
>[testshare]
>path = /tmp
>guest account = ftp
>read only = No
>hosts allow = 192.168.123.0/255.255.255.0
>
>After reading some of the documentation, I came upon
>"Use Client Driver".  This looked reasonable, since I was in fact installing 
>the driver on the Windows boxes.  I added this parameter to the config,
>under the "Epson" section, restarted smbd and nmbd and now, I no longer saw 
>"Access Denied", I saw "Ready", but still, all attempts to print to this 
>printer from the Windows boxes yielded nothing.  And all the auxiliary 
>functions like "Print Test Page" from Windows timed out.
>
>Can someone please tell me what I am doing wrong?
>
>Steve Cohen
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] request for slapd.conf

2004-06-05 Thread McKeever Chris


On Sat, 5 Jun 2004 11:56 , abebe lsslp <[EMAIL PROTECTED]> sent:

>I just got done reading the Openldap administration guide. LDAP seems to do much more 
>than I want it to do for right now. Will the quick 
start guide get me up and running for samba purposes? I was wondering if anybody is 
willing to post me his/her slpad.conf file so I can 
compare it with the one I have. Thanks!
> 

in a nutshell - with links for all the info you could ever want - has helped countless 
people from going insane

http://ranger.dnsalias.com/samba-ldap.html

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts


>Ambex
>
>   
>-
>Do you Yahoo!?
>Friends.  Fun. Try the all-new Yahoo! Messenger
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] transfering users from PDC to print/file server

2004-06-05 Thread McKeever Chris


On Sat, 5 Jun 2004 00:31 , abebe lsslp <[EMAIL PROTECTED]> sent:

>I have a Samba PDC server running on Fedora Core. I also have 3 samba print servers 
>and 1 samba file server setup on RedHat 9 machines.
> 
>How do I make my RedHat file and print servers to get user information from the PDC 
>so I don't have to set up users on every single server?
> 
>I appreciate your help!
> 

what version of samba are you using?  samba 3 has built in (time of install?) LDAP 
user database replication.  Samba pre-3 you need to 
configure it to handle ldap user database...when you get an ldap controlled samba, the 
users automagically replicate when change on one 
system - -- there are numerous posts, sites. projects and threads regarding this - so 
finidng info similar to your concept should be easy.


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts

>Ambex 
>
>   
>-
>Do you Yahoo!?
>Friends.  Fun. Try the all-new Yahoo! Messenger
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] How I get that a host (domain NT) only gives access to a certain user

2004-06-04 Thread McKeever Chris


On Fri, 4 Jun 2004 23:43 , Ricardo Chamorro <[EMAIL PROTECTED]> sent:

>How I get that a host (domain NT) only gives access to a certain user. That, for 
>example,  john only has access
>to the client IP 192.168.0.11 or, said otherwise, that the host 192.168.0.11 only 
>give access to the user john.
>How could I implement it?
>I have looked for in Using Samba and Google, but I have not found anything specific...
>It is a domain NT run on Debian Woody knl 2.4.25 with Samba 2.2.8 (setting as domain 
>master and users security)
>and the clients are W95 and 98 with fixed IP.


for win98/95 your only bet it to implement POLICIES - they are a pain to do and 
administer - and you will probably lock yourself out of a 
machine once or twice before you understand it..


>Regards
>Richard
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts

 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Win98 ==> Samba printing problem

2004-06-01 Thread McKeever Chris


On Fri, 21 May 2004 01:44 , Adina S <[EMAIL PROTECTED]> sent:

>I used cups and Adobe drivers. I downloaded the
>drivers from www.adobe.com, then a PostScript for HP
>(I have that kind of printer), instaled localy the
>driver on a win 98 machine, stored the files on the
>samba server in /usr/share/cups/drivers and after that
>cupaddsmb created the driver, pt it in print$ share,
>WIN40/0 directory.  
>Hope this helps
>--- fredex [EMAIL PROTECTED]> wrote:
>> Using SAmba 3.0.2 and Cups 1.1.17.
>> 
>> How does one configure a W98 box to print to a samba
>> shared printer?
>> 
>> Per my previous postings I can't figure it out, and
>> the methods I've
>> used on older Sambas don't work.


Have you shared the printer out?  creating it in cups is the first step, then you need 
to create it as a samba share.  Once you do that, you 
should be able to connect to the printer \\servername\sambashare

that may be too basic of what issue you are experiencing, but I couldnt tell from your 
request



>> 
>> I've been thru the lengthy discussion in the samba
>> with cups documentation,
>> which tells how to do it for NT or later, but not
>> 9x.
>> 
>> I've posted the smb.conf before, won't put it here,
>> for brevity.
>> 
>> I'd appreciate a clue.
>> 
>> Thanks.
>> -- 
>>  Fred Smith -- [EMAIL PROTECTED]
>> -
>>   The eyes of the Lord are
>> everywhere, 
>> keeping watch on the wicked and
>> the good.
>> - Proverbs 15:3 (niv)
>> -
>> 
>
>> ATTACHMENT part 1.2 application/pgp-signature 
>> -- 
>> To unsubscribe from this list go to the following
>> URL and read the
>> instructions: 
>http://lists.samba.org/mailman/listinfo/samba
>
>
>
---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com";>www.prupref.com
Prudential Preferred Properties
http://www.prupref.com";>Chicago and Illinois NorthShore Real Estate 
Experts
>



 Prudential Preferred Properties   www.prupref.com
Success Driven By Results
   Results Driven By Commitment
  Commitment Driven By Integrity
 We Are Prudential Preferred Properties
   
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Problem with admin users

2003-12-15 Thread McKeever Chris


On Mon, 15 Dec 2003 12:09 , Luiz Fernando Aguiar Leme <[EMAIL PROTECTED]> sent:

>Hi all,
>
>on my smb.conf, contents the following lines:
>
>admin users = root claudio roberto
>security = server
>
>when this users save  or write files on shared folders, they saves with
>root:wheels.
>
>How do i force this users to save your own user:group and not root:wheels???
>
>On the shared folders contents the following lines, for example:
>
>[publico]
>   comment = Diretorio publico
>   path = /usuarios/publico
>   public = yes
>   writable = yes
>   security mask = 770
>   create mask = 0770
>   force create mode = 770
>   force directory mode = 770
>   force security mode = 770
>   printable = no
>
>thanks!
>

not 100% your answer, but for shared folders, you can force the user and group that it 
is written as, in this case, force it to administrator and 
domain admins ...

does the above scenario only happen with the admin-level users?  so standard users 
save with thier username and default group?


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com

 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] SOLVED samba - sql server authentication

2003-12-10 Thread McKeever Chris
In my conversion to a samba backend, I changed the services that sql ran under to the 
machine administrator.  This is what caused my 
attaching to remote fileshares to fail.  The jobs need to be set to sa in order to run 
because of some issue with it not finsing the correct 
username/group when doing a domain lookup via the job-agent.  This is something that 
2000 Native Authentication has an issue with as well, 
so all the how-tos pointed to creating a pre-2000 user group configuration..which I 
dont think is possible with the samba setip

but this work around does the trick

thanks


On Tue, 9 Dec 2003 23:00 , McKeever Chris <[EMAIL PROTECTED]> sent:

>
>On Tue, 9 Dec 2003 14:18 , McKeever Chris [EMAIL PROTECTED]> sent:
>
>>samba 2.2.8a/LDAP backend
>>Red Hat 7.3
>>Windows 2000 server, connected to the samba controlled domain
>>Sql Server 7.0
>>
>>
>>It seems that my sql server does not want to run scheduled jobs as a domain user, I 
>>am needing to do this for a network share that I am 
>>saving to, otherwise I would just run as SA
>>
>>Error from sql server:
>>The job failed.  Unable to determine if the owner (PRUPREF.COM\Administrator) of job 
>>Transaction Log Backup Job for DB Maintenance 
>>Plan 'Morning Database Backup' has server access (reason: Could not obtain 
>>information about Windows NT 
>>group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)).
>>
>>I have turned the samba debuglevel up to 10, and I can see where it fails, but I am 
>>not sure why.  Administrator is a proper username, and 
>it 
>>logs into the domain no problem.  It is almost like the NT password is not correct, 
>>this happens for any account I use, same error. 
>>I have marked the failure location below
>>
>>I am able to log into the machine using the domain accoutn and password no problem
>>
>>Any ideas?  Thanks
>>Chris
>>
>>
>>SAMBA LOG:
>>[2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302)
>>  lp_file_list_changed()
>>  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue Dec  9 
>> 13:52:49 2003
>>  
>>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122)
>>  ldap_open_connection: starting...
>>[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148)
>>  Initializing connection to ldap.prupref.com on port 389
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186)
>>  StartTLS issued: using a TLS connection
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217)
>>  ldap_open_connection: connection opened
>>[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315)
>>  ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com"
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331)
>>  ldap_connect_system: succesful connection to the LDAP server
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343)
>>  ldap_search_one_user: searching 
>> for:[(&(uid=administrator)(objectclass=sambaAccount))]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [uid] = [administrator]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576)
>>  Entry found for user: administrator
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [pwdLastSet] = [1068626880]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [logonTime] = [0]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [logoffTime] = [2147483647]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [kickoffTime] = [2147483647]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [pwdCanChange] = [0]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [pwdMustChange] = [2147483647]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>>  get_single_attribute: [cn] = [administrator administrator]
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>>  get_single_attribute: [homeDrive] = []
>>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626)
>>  homeDrive fell back to 
>>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>>  get_single_attribute: [smbHome] = []
>>[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183)

Re: [Samba] samba - sql server authentication

2003-12-09 Thread McKeever Chris

On Tue, 9 Dec 2003 14:18 , McKeever Chris [EMAIL PROTECTED]> sent:

>samba 2.2.8a/LDAP backend
>Red Hat 7.3
>Windows 2000 server, connected to the samba controlled domain
>Sql Server 7.0
>
>
>It seems that my sql server does not want to run scheduled jobs as a domain user, I 
>am needing to do this for a network share that I am 
>saving to, otherwise I would just run as SA
>
>Error from sql server:
>The job failed.  Unable to determine if the owner (PRUPREF.COM\Administrator) of job 
>Transaction Log Backup Job for DB Maintenance 
>Plan 'Morning Database Backup' has server access (reason: Could not obtain 
>information about Windows NT 
>group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)).
>
>I have turned the samba debuglevel up to 10, and I can see where it fails, but I am 
>not sure why.  Administrator is a proper username, and 
it 
>logs into the domain no problem.  It is almost like the NT password is not correct, 
>this happens for any account I use, same error. 
>I have marked the failure location below
>
>I am able to log into the machine using the domain accoutn and password no problem
>
>Any ideas?  Thanks
>Chris
>
>
>SAMBA LOG:
>[2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302)
>  lp_file_list_changed()
>  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue Dec  9 13:52:49 
> 2003
>  
>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122)
>  ldap_open_connection: starting...
>[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148)
>  Initializing connection to ldap.prupref.com on port 389
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186)
>  StartTLS issued: using a TLS connection
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217)
>  ldap_open_connection: connection opened
>[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315)
>  ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com"
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331)
>  ldap_connect_system: succesful connection to the LDAP server
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343)
>  ldap_search_one_user: searching 
> for:[(&(uid=administrator)(objectclass=sambaAccount))]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [uid] = [administrator]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576)
>  Entry found for user: administrator
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [pwdLastSet] = [1068626880]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [logonTime] = [0]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [logoffTime] = [2147483647]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [kickoffTime] = [2147483647]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [pwdCanChange] = [0]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [pwdMustChange] = [2147483647]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [cn] = [administrator administrator]
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>  get_single_attribute: [homeDrive] = []
>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626)
>  homeDrive fell back to 
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>  get_single_attribute: [smbHome] = []
>[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183)
>  Home server: prupref-ldap
>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(635)
>  smbHome fell back to \\prupref-ldap\administrator
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>  get_single_attribute: [scriptPath] = []
>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(644)
>  scriptPath fell back to 
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>  get_single_attribute: [profilePath] = []
>[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(653)
>  profilePath fell back to 
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>  get_single_attribute: [description] = []
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
>  get_single_attribute: [userWorkstations] = []
>[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
>  get_single_attribute: [rid] = [98478]
>[2003/12/09 14:02:51

[Samba] samba - sql server authentication

2003-12-09 Thread McKeever Chris
samba 2.2.8a/LDAP backend
Red Hat 7.3
Windows 2000 server, connected to the samba controlled domain
Sql Server 7.0


It seems that my sql server does not want to run scheduled jobs as a domain user, I am 
needing to do this for a network share that I am 
saving to, otherwise I would just run as SA

Error from sql server:
The job failed.  Unable to determine if the owner (PRUPREF.COM\Administrator) of job 
Transaction Log Backup Job for DB Maintenance 
Plan 'Morning Database Backup' has server access (reason: Could not obtain information 
about Windows NT 
group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)).

I have turned the samba debuglevel up to 10, and I can see where it fails, but I am 
not sure why.  Administrator is a proper username, and it 
logs into the domain no problem.  It is almost like the NT password is not correct, 
this happens for any account I use, same error. 
I have marked the failure location below

I am able to log into the machine using the domain accoutn and password no problem

Any ideas?  Thanks
Chris


SAMBA LOG:
[2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue Dec  9 13:52:49 
2003
  
[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122)
  ldap_open_connection: starting...
[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148)
  Initializing connection to ldap.prupref.com on port 389
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186)
  StartTLS issued: using a TLS connection
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217)
  ldap_open_connection: connection opened
[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315)
  ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com"
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331)
  ldap_connect_system: succesful connection to the LDAP server
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343)
  ldap_search_one_user: searching 
for:[(&(uid=administrator)(objectclass=sambaAccount))]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [uid] = [administrator]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576)
  Entry found for user: administrator
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [pwdLastSet] = [1068626880]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [logonTime] = [0]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [logoffTime] = [2147483647]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [kickoffTime] = [2147483647]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [pwdCanChange] = [0]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [pwdMustChange] = [2147483647]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [cn] = [administrator administrator]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
  get_single_attribute: [homeDrive] = []
[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626)
  homeDrive fell back to 
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
  get_single_attribute: [smbHome] = []
[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183)
  Home server: prupref-ldap
[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(635)
  smbHome fell back to \\prupref-ldap\administrator
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
  get_single_attribute: [scriptPath] = []
[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(644)
  scriptPath fell back to 
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
  get_single_attribute: [profilePath] = []
[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(653)
  profilePath fell back to 
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
  get_single_attribute: [description] = []
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435)
  get_single_attribute: [userWorkstations] = []
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [rid] = [98478]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [primaryGroupID] = [3005]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [lmPassword] = []
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [ntPassword] = ]
[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441)
  get_single_attribute: [acctFlags] = [[UX ]]
[2003/12/09 14:02:51, 4] smbd/password.c:sm

Re: [Samba] roaming profiles

2003-12-05 Thread McKeever Chris


On Fri, 5 Dec 2003 10:15 , Alexandru Molodoi <[EMAIL PROTECTED]> sent:

>How can you disable roaming profiles in Samba 2.2.7a, so that the
>contents of \Documents and Settings\user\ isn't syncronized at every
>logon?
>

in XP you can gpedit.msc and change the profiles to local only.
You can also, in samba change/add:

logon script = 
logon path =

yes, those = 



---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Directory Server

2003-12-02 Thread McKeever Chris


On Tue, 2 Dec 2003 17:01 , John H Terpstra <[EMAIL PROTECTED]> sent:

>On Tue, 2 Dec 2003, McKeever Chris wrote:
>
>> John, thanks
>
>> that is what I suspected, although I think there was an update in aug
>> 2003 (maybe it was late and it was 2002).. seemed like they had some
>> good initatives going.
>
>Agreed. do you realise that the success rate for great ideas has not
>changed much in 30 years of monitoring: It's still 1 in 52.
>
>In other words, we should expect 51 failures before we see project that
>booms. Therefore - no disappointment, next ...  :)
>


interesting, I wonder though who proclaims the idea as great, the idea originator or 
those that are observing it.  I would imagine (but I 
probably am wrong) that if an idea is truly great, it would be supported and nutured 
till fruition by the observers, like Samba and other great 
initiatives...if the originator claims it great, it may just be a pipe dream with very 
little real work application



---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com
>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Directory Server

2003-12-02 Thread McKeever Chris
John, thanks 
that is what I suspected, although I think there was an update in aug 2003 (maybe it 
was late and it was 2002)..
seemed like they had some good initatives going.

thanks

On Tue, 2 Dec 2003 05:55 , John H Terpstra <[EMAIL PROTECTED]> sent:

>Chris,
>
>This project went very quiet a long time ago.
>
>- John T.
>
>
>On Mon, 1 Dec 2003, McKeever Chris wrote:
>
>> I found the following link:
>> http://rhems.sourceforge.net/
>>
>> was wondering if anyone knows anything about it.
>>
---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


[Samba] Directory Server

2003-12-01 Thread McKeever Chris
I found the following link:
http://rhems.sourceforge.net/

was wondering if anyone knows anything about it.  


---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com




 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Seeking advice: Backup Exec & Samba shares

2003-11-30 Thread McKeever Chris


On Sat, 29 Nov 2003 19:18 , Bruce Lane <[EMAIL PROTECTED]> sent:

>Fellow Samba-shakers,
>
>   I've run into an odd problem, and I'm seeking the advice of anyone who has 
> implemented Veritas Backup Exec 8.6 or 9.0, on an NT 4.0 server platform, 
to perform backups of NetBSD 1.6x systems via Samba file shares. Said problem did NOT 
manifest itself until I tried using Samba 3.0.0. I have jumped back to 2.2.8a, 
since that's the last version that was known to work, until I can get the issue 
resolved.
>
>   And the issue is: When I try to browse Samba-produced file shares, it takes 
> nearly two and a half minutes for the tree to expand. Then, when I try to 
select one of the branches in the directory tree for backup, I get a Dr. Watson error 
(an Access Violation exception), an additional error message that the program 
could not browse the share because the Remote Procedure Call failed, and the Backup 
Exec master job engine shuts down. I have to restart it before I can do 
anything else.
>


I posted about this, as well as opened up a tech-ticket with VERITAS.  Recommendations 
on the list seemed to show that not many are using Backup Exec.  VERITAS 
answer is that you can not connect directly to a Samba share from the BACKUP EXEC 
explorer, not can you force it by manually typing it (text view).  They do have a 
BE-AGENT for RH7.3.  I have used it with little success, seems to like to freeze 
everything up.

After re-reading your message, you _are_ able to connect and backup directly to a 
Samba share?  did you do anything special, for I can not using BE8.5 and 
RH7.3/Samba2.2.8a  My only solution is to rsync it over to the BE server.  If you can 
shed anylight, I would be much appreciative.



---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com


 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Samba PDC - Administrator issues

2003-11-28 Thread McKeever Chris
On Fri, 28 Nov 2003 13:56 , Todd Johnson <[EMAIL PROTECTED]> sent:

>
>Samba PDC is up and running. We are not using roaming profiles. My problem is this. 
>How do we make the administrator account have 
administrative priv's locally on the client PC when they login on the DOMAIN? What is 
happening now is that when the Administrator logs in it 
just makes a domain accoutn for the Administrator locally but this new account does 
not have actualy administrator permissions.
>
>I read about the netgroup tool and its uses but from what I read this is new to 3.0? 
>We are using smb 2.2.8a. 


domain admin group = root @domain-admins

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com


 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Re: How to migrate a complex NT4 network

2003-11-27 Thread McKeever Chris


On Thu, 27 Nov 2003 20:59 , Raphaël Berghmans <[EMAIL PROTECTED]> sent:

>On Thu, 2003-11-27 at 20:49, John H Terpstra wrote:
>> On Thu, 27 Nov 2003, [ISO-8859-1] Raphaël Berghmans wrote:
>> 
>> > On Thu, 2003-11-27 at 19:55, John H Terpstra wrote:
>> > > On Thu, 27 Nov 2003, [ISO-8859-1] Raphaël Berghmans wrote:
>> > >
>> > > > Hi,
>> > > >
>> > > >
>> > > > We have on a central site a NT4 PDC and a NT4 BDC and on 6 secondary
>> > > > sites we have a BDC on each site (the authentication for the
>> > > > workstations on those remotes sites occurs on the local BDC and not on
>> > > > PDC).
>> > > >
>> > > > Which could be the best way to migrate this environment to a
>> > > > SAMBA-3.0.0/LDAP environment. But we cannot intervene on each 1600
>> > > > workstations. Then the migration has to be the most transparently as
>> > > > possible for the users.
>> > >
>> > > Your configuration is typical of many. The samba-3 migration facility (net
>> > > rpc vampire) should work fine. You should be able to run it against the
>> > > local BDC - though I have not tested that.
>> >
>> > Indeed the SAM migration is very simple with vampire. But Samba cannot
>> > made realtime synchronization with a NT4 PDC and how to manage the
>> > modifications. Made a vampire each time a modification has been done on
>> > the PDC is a little bit tricky (with 1600 users, 500 groups and 1700
>> > machines).
>> 
>> We have documented the fact that Samba-3 can not be a BDC to an NT4 PDC.
>> Sorry. If yu want to use Samba as a BDC then your PDC must be Samba also.
>
>I know it's well documented but if I migrate my NT4 PDC to a samba PDC,
>I still have some NT4 BDC's and then there is always a synchronization
>problem :)
>
>Then the only ways to do that are :
>
>First way : Manage a new samba domain and migrate manualy each
>workstation
>
>Second way : Migrate the NT4 PDC to Samba and stop all NT4 BDC's (all
>the authentications and profiles managment will be done on the PDC). And
>migrate the BDC one by one. (Physicaly It's not possible on the same
>time to migrate the PDC and all the BDC's)


I just did something like this (to 2.2.8a/LDAP) .. I needed to have both networks 
set-up simultaneuosly and swap servers one by one as 
time/resources permitted

The trick was, don't make the samba PDC a domain master until A) you need to; B) you 
are done with NT

Some of what I will discuss may not be pertinent to 3.0, but I am sure you can get the 
idea.

I made the Samba PDC, and imported all the users over.  I did not grab the NT PDC SID 
(looking back in retrospect I wish I did, but I was 
young and naive).  One by one I rolled out the REMOTE SAMBA machines.  Those were all 
set to local mater = yes.  When I needed to 
connect a Windows XP to the new Samba domain, I changed the samba PDC to domain master 
= yes, and the shutdown the NT PDC.  Added 
the machine to the network, changed the Samba PDC back to Domain Master = NO and 
turned the NT PDC back on.  Now this is where I wish I 
had migrated the NT PDC SID.  Then I think I could have just made the LDAP machine 
accounts, and been done with it.

So bottom line, I had both existing at the same time.  Granted, I needed to add users 
to both places, but things could be worse.  creating 
scripts for managing them simultaneous wasnt too bad, and made the conversion that 
much easier.  My user level is about 1/4 of yours, so I 
dont know how that will correlate.

Feel free to ask any questions

>
---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Problem whit XP PRO client

2003-11-26 Thread McKeever Chris
On 26 Nov 2003 11:19 , Dr Jekyll <[EMAIL PROTECTED]> sent:

>Hi. I'm entering in Samba's world and I need help with this. An Nt4.0
>client was upgraded to XP PRO, and Win does not connect to domain
>(before upgrade worded fine), windows registry was modificated as samba
>howto explains.
>This is my smb.conf file of samba v. 2.0.7. 
>Thanks, thanks, thanks.
>Dr Jekyll
>

Does our machine show up in the smbpasswd (or ldap equiv. backend?)
if using ldap, have you run: smbpasswd -w THEPASSWORD

it may simply be that you are still on 2.0.7

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com

 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] move the samba pdc to new box

2003-11-25 Thread McKeever Chris


On Tue, 25 Nov 2003 14:39 , Ed Holden <[EMAIL PROTECTED]> sent:

>Sen,
>
>
>
>I actually did this during my testing phase a year ago and it was pretty 
>
>straightforward - a LOT easier than moving the PDC on NT.  I just kept 
>
>everything in /etc/samba identical on both machines, and also made sure 
>
>I had all the accounts in /etc/passwd set up identically (this includes 
>
>machine accounts, so it's important).  I took the network cable from the 
>
>old box and moved it to the new one, and my clients had no idea anything 
>
>had changed.  Granted it was a new system so I only had one test client, 
>
>but I was still mildly impressed with the server's portability.
>
>


I think you also need to play around with the SID if you have windows machines joining 
the domain.  YOu can extract it from the old, and force 
it on to the new.  Just remember to keep it, so you can force it later as well

>
>
>
>-Ed
>
>
>
>senthil wrote:
>
>
>
>> Hi All,
>
>> 
>
>> I am running samba 2.2xx as a PDC. I am planning to move this PDC to a new 
>
>> and stable box running rh 8.0. Can anyone please advise me how to move the 
>
>> PDC to a new box keeping the same settings like the user accounts and even 
>
>> the unix SID and things like that .. Can any one guide me to some howto 
>
>> which can help me .. ?  please ..
>
>> 
>
---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com

 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] samba 2.2.8a, XP pro workgroup question.

2003-11-25 Thread McKeever Chris


On Tue, 25 Nov 2003 16:56 , KD7NWG <[EMAIL PROTECTED]> sent:

>Gang,
>This is my first post here so if I screw up please let me know.
>
>I run samba 2.2.8a on Solaris at home (UltraUX).
>I have several XP pro and win98 clients on this same network
>(192.168.1.x).
>
>I feel that my primary problem is when I try to access the share it is
>populating the username field 'Guest' and asking me for a password when
>I want this share to be completely open regardless of workgroup or
>domain name.
>

I have had this problem a bunch of times.  I _believe_ that it is caused by samba 
using the username/password and then failing (guest access 
is only when there is no usernmae/password..does that make sense?)..There is a setting 
which allows you to fallback to a username if the 
original username/password pair fails (in the docs this is said 'to cause confusion 
for sys-admins')  I believe if you poke around with 'map to 
guest' and 'bad password'  you should be able to come up with a solution.


>>This may or may not be possible, but I'd sure like to know if I can make
>this share work, without changing my laptops workgroup/domain name.
>  


>>Here is my smb.conf;
>---
># This is /usr/local/samba/lib/smb.conf
>
>[global]
>   netbios name = UltraUX
>   workgroup = Galvinonline
>   log level = 2
>   log file = /var/adm/log/sambalog
>   security = share
>   wins support = yes
>   hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1 EXCEPT 192.168.1.1
>   hosts deny = ALL
>
>[share]
>   path = /share/
>   browseable = yes
>   guest ok = yes
>   public = yes
>   read only = no
>
>
>
>I was under the impression that the settings; 'security = share',
>'public = yes', and 'guest ok = yes' in my smb.conf would be all that's
>required for this type of access to work but if anybody has any
>suggestions or can provide help I'd be greatly appreciative.
>
>If you have a document containing specific information regarding this
>topic I'd love to read it.
>
>Thanks,
>~Nate
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba

---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com
>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] samba & rsync

2003-11-25 Thread McKeever Chris
On Tue, 25 Nov 2003 02:19 , John K. <[EMAIL PROTECTED]> sent:

>
>>I apologize if you already resolved this..I am a bit confused as to why you 
>>need to connect via samba for rsync.  I do something very similar and rsync 
>>handles
>>it all if I have the correct rsync mount points defined in the .conf file
>
>Thanks for replying chris,
>
>I don't need samba for rsync per se.  We use samba for other reasons.  It 
>would be just convinient.  However what is an rync mount point?  I should go 
>read about this.  Do you run an rsync deamon?


Yes, I run rsync on the linux side and the windows side as a daemon [lets call this 
the remote side ie where the daemon is run).  On the local 
side I launch rsync through a cron or windows scheduler/.bat file (we will call this 
the local side)

So if I want to rsync files from the linux box to the windows box, I have the daemon 
running on the remote windows box, in the .conf file you 
define where the mount point is (not sure if that is the correct terminology):

[prupref-1165]
path = e:/prupref-1165/
comment = prupref-1165 mirror
read only = false
use chroot = false


(this can be applied to the linux remote side as well if you are going from 
windows->linux)

I can see how going the rsync->smb would be a bit easier, but I had some issues with 
it.




>
>
>>From: McKeever Chris [EMAIL PROTECTED]>
>>Reply-To: [EMAIL PROTECTED]
>>To: [EMAIL PROTECTED], "John K." [EMAIL PROTECTED]>
>>Subject: Re: [Samba] samba & rsync
>>Date: Mon, 24 Nov 2003 20:01:13 -0600
>>
>>
>>
>>On Sun, 23 Nov 2003 22:32 , John K. [EMAIL PROTECTED]> sent:
>>
>> >If anyone has time to look at this problem I would appreciate it.
>> >
>> >I think I am looking for a way to increase the "timeout" in samba (in the
>> >smb.conf file)
>> >for reporting a "down" link or "can't read xyz file".
>> >
>> >However I am writing to you folks because this problem has come up while
>> >using rsync
>> >
>> >
>> >
>> >my problem
>> >==
>> >
>> >We have a wan in which links from a central linux machine to a nodes 
>>which
>> >are xp machines
>> >from 1 to 5 minutes a night.  not very common, but it happens.
>> >
>> >we are using samba to mount directories on the remote linux machines to 
>>the
>> >local
>> >linux server.  (we use samba because we also have xp machines in our 
>>network
>> >it is just easier to use this for now).
>> >
>> >We use rsync nightly to backup remote directories to the local linux
>> >server.
>> >
>> >When one of the outages happes during a backup (rsync operation) either
>> >- if I have not set the --timout value in rsync the operation just
>> >continues.  Rysnc seems
>> >  not to notice that samba is reporting errors and just copies over I 
>>assume
>> >a bunch of .
>> >  Of course the file is corrupted.
>>
>>I apologize if you already resolved this..I am a bit confused as to why you 
>>need
>>to connect via samba for rsync.  I do something very similar and rsync 
>>handles it
>>all if I have the correct rsync mount points defined in the .conf file
>>
>>
>> >
>> >- if I have set the --timeout value in rsync, in the case of failure 
>>rsync
>> >just drops out.  Of course if
>> >  i set the --timeout value to something like 2 minutes rsync seems to
>> >ignore the samba errors and continues.
>> >
>> >What I would like to do is set a timeout value in samba for reporting 
>>errors
>> >from what seems
>> >to be about 30 seconds to something like 6 minutes. Then I could set the
>> >--timeout value in rsync to
>> >something like 5 minutes.
>> >
>> >I can't find in man smb.conf anywhere were you can set something like "if
>> >you can't connect in 30 seconds" then report an error.
>> >
>>
>>
>>
>>---
>>Chris McKeever
>>If you want to reply directly to me, please use 
>>cgmckeever--at--prupref---dot---com
>>http://www.prupref.com
>>
>>
>> Prudential Preferred Properties   www.prupref.com
>>
>
>_
>Share holiday photos without swamping your Inbox.  Get MSN Extra Storage 
>now!  http://join.msn.com/\?PAGE=features/es
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] samba & rsync

2003-11-24 Thread McKeever Chris


On Sun, 23 Nov 2003 22:32 , John K. <[EMAIL PROTECTED]> sent:

>If anyone has time to look at this problem I would appreciate it.
>
>I think I am looking for a way to increase the "timeout" in samba (in the 
>smb.conf file)
>for reporting a "down" link or "can't read xyz file".
>
>However I am writing to you folks because this problem has come up while 
>using rsync
>
>
>
>my problem
>==
>
>We have a wan in which links from a central linux machine to a nodes which 
>are xp machines
>from 1 to 5 minutes a night.  not very common, but it happens.
>
>we are using samba to mount directories on the remote linux machines to the 
>local
>linux server.  (we use samba because we also have xp machines in our network 
>it is just easier to use this for now).
>
>We use rsync nightly to backup remote directories to the local linux
>server.
>
>When one of the outages happes during a backup (rsync operation) either
>- if I have not set the --timout value in rsync the operation just 
>continues.  Rysnc seems
>  not to notice that samba is reporting errors and just copies over I assume 
>a bunch of .
>  Of course the file is corrupted.

I apologize if you already resolved this..I am a bit confused as to why you need 
to connect via samba for rsync.  I do something very similar and rsync handles it 
all if I have the correct rsync mount points defined in the .conf file


>
>- if I have set the --timeout value in rsync, in the case of failure rsync 
>just drops out.  Of course if
>  i set the --timeout value to something like 2 minutes rsync seems to 
>ignore the samba errors and continues.
>
>What I would like to do is set a timeout value in samba for reporting errors 
>from what seems
>to be about 30 seconds to something like 6 minutes. Then I could set the 
>--timeout value in rsync to
>something like 5 minutes.
>
>I can't find in man smb.conf anywhere were you can set something like "if 
>you can't connect in 30 seconds" then report an error.
>



---
Chris McKeever
If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
http://www.prupref.com


 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Samba PDC + XP: still not solved?

2003-11-21 Thread McKeever Chris


On Fri, 21 Nov 2003 18:45 , Robin Edgar - Tripany <[EMAIL PROTECTED]> sent:

>Hi all,
>
>I've been reading and there's a lot to read but no solution!
>I'm using samba 2.2.3a-12.3 for Debian and I seem to have set
>everything I can:
>
>changed the signsecurechannel, sealsecurechannel in the registry to 0
>(and back to 1),
>
>Changed the policies for autoenrollent and the password encryption
>(put that off in samba and in windows and then back on again)
>
>But ALWAYS do I get the following problem - when I change the settings
>in the computer properties samba makes the accounts fine (in passwd,
>shadow and smbpasswd), and I get
>the welcome to domain screen. When I reboot and try to log in, it can't find the
>PDC or it won't accept my logon. When I have a look in the logfile all
>it shows is:
>
>[2003/11/21 18:03:37, 2] smbd/server.c:exit_server(458)
>  Closing connections
>[2003/11/21 18:03:50, 2] lib/access.c:check_access(321)
>  Allowed connection from  (192.168.0.28)
>[2003/11/21 18:04:01, 2] smbd/server.c:exit_server(458)
>  Closing connections
>[2003/11/21 18:07:11, 1] smbd/reply.c:reply_sesssetup_and_X(1052)
>  Username guest is invalid on this system
>
>(last message after I log into the XP machine instead of the domain).
>
>I've seen this message a few times, but nowhere is there any real
>solution! SOMEONE must have fixed this by now!


make sure that you have run smbpasswd -w THELDAPPASSWORD 
and that you havent changed the machine name since.

Can you send your SMB.CONF from the PDC?

are you using any LDAP replication to othewr 'semi-bdc' servers?



>
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Syncing time for non-Admin logons? - net time \\superserver /set /yes

2003-11-19 Thread McKeever Chris


On Thu, 20 Nov 2003 00:29 , John H Terpstra <[EMAIL PROTECTED]> sent:

>On Wed, 19 Nov 2003, Jeff Gardiner wrote:
>
>> I have in my smb.conf file the following entries:
>> time server = yes
>>
>> and
>>
>> logon script = startup.bat
>>
>> Where logon script is as follow:
>>
>> -start script -
>> NET TIME \\SUPERSERVER /SET /YES
>> # Here we map network drives to shares on the Samba Server
>>
>> echo Mapping Network Drives to Samba Server Theremin
>> net use s: \\superserver\scratch
>> net use r: \\superserver\share
>>
>> \\virusserver\Antivirus\PCCSRV\AUTOPCC.EXE
>> -end script -
>>
>> The NET TIME command seems to be runable only by the local admin.  The
>> \\superserver is a Solaris9 box running samba 3.0.1pre3 and also acts as an
>> ntp server.
>>
>> Does anyone have suggestions as to how to have my samba clients update with
>> the server?
>
>Yes. You need to log onto each client as the local machine 'Administrator'
>and give each user the privilidge to adjust the system time. Do this in
>control panel -> Adminsitrative Tools -> Computer Management -> Local
>Security Settings (can't remember details - I'm on a site where I can't
>check it now), then locate the right entry so the local registry gets
>updated so "Domain Users' get the right to change the system time.
>
>- John T.
>-- 
>John H Terpstra
>Email: [EMAIL PROTECTED]
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>


I found this all most annoying myself (permissions and all)...if you can install 
NTP on a machine within your network, you can use the W32time service to sync (net 
time /setstp:ntp.yourdomain.com

It works just as well, if not better



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] samba 3 LDAP/PDC problem - adding WXP account

2003-11-09 Thread McKeever Chris


On Sun, 9 Nov 2003 10:26 , Tarjei Bitustøyl <[EMAIL PROTECTED]> sent:

>Ok, additional information:
>I am using LDAP as a unix password backend, so I shouldn't be needing the
>/etc/passwd for a machine account.
>The smbldap-useradd.pl -w script adds an account correctly, and both
>posixAccount and sambaSAMAccount is set. When this is done, I get again,
>"access is denied" when I try to join the domain, with the valid SID user.
>It doesn't seem to join correctly on the operation when it actually creates
>the account, however I can see nothing wrong with the account itself. Here
>is an auto-created account: (smbldap-useradd.pl -w %u)
>
>dn: uid=main$,ou=Machines,o=AstarothInc,c=NO
>objectClass: top
>objectClass: inetOrgPerson
>objectClass: posixAccount
>cn: main$
>sn: main$
>uid: main$
>uidNumber: 1003
>gidNumber: 553
>homeDirectory: /dev/null
>loginShell: /bin/false
>description: Computer
>
>I have all the scripts in place, but manually only the add machine script
>works. I don't think I need the others for the operation I am trying,
>though.
>
>The thing is, if I do have an account in /etc/passwd called "main$" when I
>try to join, the auto-created ldap entry looks very very different:
>
>dn: uid=main$,ou=Machines,o=AstarothInc,c=NO
>uid: main$
>sambaSID: S-1-5-21-2523409155-1094959098-2360343008-3006
>sambaPrimaryGroupSID: S-1-5-21-2523409155-1094959098-2360343008-1201
>sambaAcctFlags: [W  ]
>objectClass: sambaSamAccount
>objectClass: account
>
>The error upon joining is still the same, username could not be found;
>however, subsequent attempts to join give the error "access is denied." I'm
>going nuts.
>


if this is an XP PRO machine, have you done the signorseal registry hack?


>Regards
>Tarjei
>
>- Original Message - 
>From: "Andrew Bartlett" [EMAIL PROTECTED]>
>To: "Tarjei Bitustøyl" [EMAIL PROTECTED]>
>Cc: [EMAIL PROTECTED]>
>Sent: Sunday, November 09, 2003 10:08 AM
>Subject: Re: [Samba] samba 3 LDAP/PDC problem - adding WXP account
>
>On Sun, 2003-11-09 at 19:40, Tarjei Bitustøyl wrote:
>> Hi,
>>
>> I've finally gotten my LDAP password backend up and running, and finally
>figured out the SID 1000/1001 thing for Samba admin.
>> However I'm unable to join the workstation to my domain.
>
>I'm not sure what you mean about the '1000/1001' thing.  Root should be
>given the special sid '-500' if at all possible, as that is
>'administrator'.
>
>> Using any random user in the WXP dialogue, I get the "Access is Denied"
>error. Fair enough.
>> Using the user with sambasid and sambagroupsid s-*-1000/s-*-1001, I get
>the error "The Username could not be found". This error is probably not
>referring to the login user, as that one is validated (I get another error
>if I type in a wrong password), so I assume it's the machine account user
>that it is looking for.
>>
>> I have however tried adding the machine account using both LAM and
>smbpasswd -a -m, but no difference.
>>
>> The debug log says everything is successful?
>> I'm at a loss. Does anyone have a hint as to what is wrong here?
>
>Do you have the add user scripts in place?
>
>Andrew Bartlett
>
>-- 
>Andrew Bartlett [EMAIL PROTECTED]
>Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
>Student Network Administrator, Hawker College   [EMAIL PROTECTED]
>http://samba.org http://build.samba.org http://hawkerc.net
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Check whether a unix user is a samba user

2003-11-09 Thread McKeever Chris


On Sun, 9 Nov 2003 13:11 , [EMAIL PROTECTED] sent:

>Hello.
>
>What is the command one should use
>to check whether a unix user is a
>samba user (that is, its username is
>in one of the samba password backends).
>
>Romildo


you can do a grep 'username' /etc/smb/smbpasswd 



>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Samba with Domain User accounts

2003-11-07 Thread McKeever Chris
On Fri, 07 Nov 2003 15:08 , anth jaz <[EMAIL PROTECTED]> sent:

>I am trying to find an option to M$ file server under Linux. Everything to this point 
>is M$. Whether anybody goes for it or not, I would like to 
put the option out there for choice. One of the important necessities is that this 
doesn't become any more complicated for the EU. As soon as 
you say Linux to the bosses they think more complex for the user and the users have 
trouble enough logging in to there computers. I am a 
Linux newbie trying to become more efficient. At present, I am using RH9, Samba 3, and 
have security = Domain and have joined the domain 
successfully. I have a user joe created on the Linux/Samba server and when user joe 
logs onto his Win2k computer on the NT domain he can 
access the Samba share I have configured like this:
>
>[share]
>path = /test
>public = no
>writable = yes
>printable = no
>valid users = joe jon art
>create mask = 0765
>
>Unless users "joe, jon, and art" are created on the Linux box, the user gets prompted 
>for network authentication:
>
>Connect As:
>Password:
>
>I also have set "password server = *" and I still get promted for authentication. I 
>enter a vaild domain user account but not one that I have 
added to the Linux box and it will not take it. I also tried using 
>"password server = x.x.x.x" where x.x.x.x was PDC and BDC and had the same results.
>
>I have also set the following:
>unix password sync = Yes
>passwd program = /usr/bin/passwd %u
>
>I don't want anybody to have to do this, since they do not have to do this now (all 
>windoze 2k & NT). There are a lot of users and equally a 
lot of passwords on the domain and it isn't very efficient to add every user to the 
Linux box. Is there a way to get around this. Have the Linux 
server communicate with the PDC or BDC since it is a member of the domain? 
>
>If that is even possible can I then give joe "read only", jon & art "read & write", 
>and "deny" everybody else access to the "test dir." 
>
>

With the 2.2.x version there was windbind, which would communicate with the PDC and 
pull the user accounts.  I believe there is something 
similiar with 3.0 net vampire (or something to that effect, if not still windbind)...

The howto at samba.org (dont have the exact address), is very resourcefull to these 
types of issues.





 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


Re: [Samba] Samba 2.2 -> 3.0.0 upgrade: questions + Internet Connection Wizard / Identities

2003-11-07 Thread McKeever Chris


On Fri, 7 Nov 2003 10:38 , Jeff Jones <[EMAIL PROTECTED]> sent:

>> Yes. You should have saved the Domain SID before migration, then restored
>> it on Samba-3 using the net utility. That way your clients would have been
>> quite happy.
>
>
>Ah, ok.  Is there a document explaining how to save and restore the SID?  I
>saved the contents of /etc/samba before performing the upgrade.  Can I still
>extract the SID and restore it into my Samba 3?  I still have some client
>boxes I haven't joined to the new domain.
>
>Is there any other way, at this point, to allow my domain users write access
>to their identities / accounts without them being administrators?  A way of
>moving forward with my new SID?

if you still have the old /etc/samba/secret.tdb file, you can grab the SID out of 
that.


>
>Why isn't Windows allowing the users access to their internet settings /
>identities, even though they're in the new domain and the users' profiles
>have been reloaded from the server?  Is there any way to fix it?
>
>Thanks again,
>Jeff
>
>
>- Original Message - 
>From: "John H Terpstra" [EMAIL PROTECTED]>
>To: "Jeferee" [EMAIL PROTECTED]>
>Cc: [EMAIL PROTECTED]>
>Sent: Friday, November 07, 2003 1:15 AM
>Subject: Re: [Samba] Samba 2.2 -> 3.0.0 upgrade: questions + Internet
>Connection Wizard / Identities
>
>
>> On Thu, 6 Nov 2003, Jeferee wrote:
>>
>> > Hello,
>> >
>> > I just upgraded from Samba 2.2.7 to Samba 3.0.0 on RedHat 9.  I did this
>> > by uninstalling the 2.2.7 samba RPM's and then applying the Samba 3.0.0
>> > RPM from samba.org, then putting my local changes back into smb.conf.
>> > I have also migrated my smb users from smbpasswd to tdbsam with the
>> > pdbedit utility as discussed in the HOWTO.
>> >
>> > It seems I have to rejoin my client boxes (windows 2000 pro) to the
>> > domain in order to log in, and then I have to blow away my local users
>> > on each client machines to allow the roving profiles to be reloaded at
>> > login.
>> >
>> > Also, I have had to add the following to my smb.conf file to use tdbsam
>> > successfully.
>> >
>> > logon home = \\%L\%U
>> > logon path = \\%L\%U\profile
>> >
>> > I had to do this in order to get the correct string to come up in
>> > pdbedit -Lv for the "Home Directory" and "Profile Path" variables (the
>> > defaults cuased %N to show in place of the server name) - when I used
>> > 'smbpasswd' as the backend pdbedit -Lv showed proper values and things
>> > worked OK.
>> >
>> > I also had to mess around a bit with 'net groupmap' modify/list to get
>> > the standard Windows groups to map properly to UNIX groups, as discussed
>> > in the HOWTO.  These seemed to work fine under 2.2.7.
>> >
>> > Everything seems to work OK now, except for the following problems.
>> > Can anyone tell me what I did wrong upgrading with respect to the
>> > following 3 issues:
>> >
>> > 1) I have to rejoin each client Windows 2000 box to the domain or logins
>> > fail (says the client is not in the domain) - did the machines' SIDs
>> > change for some reason?  Server SID?
>>
>> Yes. You should have saved the Domain SID before migration, then restored
>> it on Samba-3 using the net utility. That way your clients would have been
>> quite happy.
>>
>> >
>> > 2) I have to blow away local roving profiles, then log in to get the
>> > roving profiles to reload from the server - error says the profile for
>> > that user already exists on the server, but has the 'wrong security'.
>> > Loads temp settings.  SID problem?
>>
>> Correct. See comment for Q1.
>>
>> >
>> > 3) After rejoining and reloading, regular Domain Users do not have the
>> > ability to change their Internet Connection Settings - The "Internet
>> > Connection Wizard" icon recreates at each login, and when the user tries
>> > to access it, they get an access denied error.  Changes to internet
>> > settings from IE are not recorded, and it complains about 'no
>> > identities'.  The users are properly listed in the "Domain Users" group.
>> > If I put the user (or Domain Users) in the Admininistrator group on the
>> > client boxes, he successfully gets his previously set settings (home
>> > page, etc) at login.
>>
>> Yes. Correct.
>>
>> > Thank you, and great job on 3.0!
>>
>> Glad to hear that the documentation was useful. Want to send me any
>> updates for it?
>>
>> Cheers,
>> John T.
>> -- 
>> John H Terpstra
>> Email: [EMAIL PROTECTED]
>>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>



 Prudential Preferred Properties   www.prupref.com  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


RE: [Samba] Samba PDC

2003-10-19 Thread McKeever, Chris
are you using the root account and password to connect to the domain?

> -Original Message-
> From: JAVIER BARRACHINA [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 19, 2003 6:49 AM
> To: [EMAIL PROTECTED]
> Subject: [Samba] Samba PDC
> 
> 
> I'm trying to config Samba PDC using: The Unofficial Samba HOWTO
> 
> but error apeared:
> The following error occurred attempting to join the domain 
> MYDOMAIN: The 
> specified network password is not correct
> 
> I tried:
> Use Window's Group Policy Editor (gpedit.msc) to make the 
> following changes 
> in the Local Computer Policy\ Computer Configuration\ Windows 
> Settings\ 
> Security Settings\ Local Policies\ Security Options branch: 
> Domain member: 
> Digitally encrypt or sign secure channel data (DISABLE) 
> andDomain member: 
> Digitally sign secure channel data when possible (DISABLE)
> 
> but nothing! error!!!
> can anyone help me?
> tnx a lot!
> 
> _
> Charla con tus amigos en línea mediante MSN Messenger: 
> http://messenger.yupimsn.com/
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


RE: [Samba] Download Samba 2.2.8a

2003-10-15 Thread McKeever, Chris
I found 2.2.8a under some of the trees here:
http://hostopia.samba.org/samba/ftp/Binary_Packages/

I do not know about running a hybrid, I guess it depends on how you are
going to implement the replication.  If you are just going to use basic
rsync/mirror of the passwd and other files, then it probably would work, but
if youare going to implement something like ldap, then I wouldnt recommend
it.

i just got finished with a complete ldap-replicate 2.2.8a system, and it
works great

> -Original Message-
> From: Guess Logi [mailto:[EMAIL PROTECTED]
> Sent: Monday, October 13, 2003 9:53 PM
> To: [EMAIL PROTECTED]
> Subject: [Samba] Download Samba 2.2.8a
> 
> 
> 
> I have set up Samba 2.2.8a on Linux as a PDC. Now, I want to 
> set up BDC/"fail over" on Linux. I have already found some 
> useful information to configure BDC on Linux eventhough Samba 
> 2.X officialy doesn't support.
> 
> Does anyone know where can I get Samba 2.2.8a? - I don't see 
> on samba official website. 
> OR
> Is it okay to have Samba 2.2.8a on PDC and Samba 3.0 on BDC? 
> Both servers should have to have exact same Samba version.?
> 
> When I said PDC/BDC, it is just window term. Actually both 
> servers will act as primary/secondary fail over in Linux.
> 
> -Logi
> 
> 
> 
> 
> -
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


[Samba] Samba PDC - XP Logins - Replication of secrets file

2003-10-15 Thread McKeever, Chris
I think I finally have gotten my XP machines to log into the samba
controlled domain.  Thank you all to have provided feedback and support.

I am wondering though if the solution was something that I just glossed
over, or if I just solved a portion of the problem.

As a recap, I am running samba 2.2.8a compiled with LDAP so I can have
replicated authentication.  I was able to join the XP machines to the domain
without a problem, but I continually got wrong username/password msessages
when I would try to login.

I finally copied the secrets.tdb file from the PDC machine over to one of
the local branch authentication servers.  I ran smbpasswd -S -a \\servername
against that to populate the domain SID, restarted Samba and I was good to
go.

Is this just something that I had missed?  I only found it by seeing two
obscure posts one about machines.sid and the other about changing a server
name and re-running smbpasswd.

Any feedback would be appreciated so I can put this to rest.

Thanks
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


RE: [Samba] samba time server

2003-10-10 Thread McKeever, Chris


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

> 
> Hello,
>   I'm trying to set up a Linux, rh9, webserver with samba 
> support, so that
> user's can make the pages on their windows boxes and drop 
> them right on
> the server. I'm having one problem, when the user connects 
> Dreamweaver,
> MX version, gives an error about can not determine the server 
> time. I've
> added:
> time server = yes
>   to the global section of my smb.conf file, but this 
> didn't solve the
> issue. I'm not even sure if this is an appropriate question for this
> list, so i'm just throwing it out there. Any ideas?
> Thanks.
> Dave.
> 

I do not think that the time server = yes is what is the issue with
DREAMWEAVER.  I would suggest figuring out what dreamweaver is trying to do
with the time (via the allaire.com support forum) and then relaying that
information to this list so we can try to correlate the two.


> 
> The best thing to hit the internet in years - Juno SpeedBand!
> Surf the web up to FIVE TIMES FASTER!
> Only $14.95/ month - visit www.juno.com to sign up today!
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


[Samba] smbpasswd responding slowly

2003-10-08 Thread McKeever, Chris
as of today, when I issue the smbpasswd from the CLI, its response time is
very poor.  I am using samba 2.2.8 with an openldap backend.  Prior to
today, this was working fine.  To my knowledge,  nothing has been changed,
in fact I am positive of this.

This may be off topic now, but it seems like the response time on the server
itself is acting goofy.

I am kind of at a loss at this.

Thanks 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba