Re: [Samba] Re: Security=user half as fast as share. Why?
Try this, it sped mine up quite a bit: in globals, socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 IPTOS_LOWDELAY IPTOS_THROUGHPUT Do a man on smb.conf for an explanation of what they do to speed things up. [EMAIL PROTECTED] wrote: samba1.20.cdunham at spamgourmet.com escreveu: I'm running Suse 9.2 (kernel 2.6.8-24) with Samba 3.0.20b When I use security=user, my read/write performance is less than half the peformance with security=share. Why? There are no other changes, but performance is never better than half the speed. This happens with WinXP, Win2K and Win98 clients, so I don't think the client configuration is the problem. Network is gigabit, with Intel Pro/1000 adapters. Did you setup the socket options? security = share has five extra steps to check the user, perhaps it could be a delay from the backend (LDAP or winbind). Kind regards, I'm not sure what you mean by socket options. My smb.conf is shown below. I'm not using LDAP or winbind. No domain, just a workgroup. My smb.conf file is: [global] workgroup = MYWORKGROUP netbios name = SERVER1 wins support = yes domain master = yes local master = yes preferred master = yes os level = 65 map to guest = Bad User restrict anonymous = no server signing = Auto [test] comment = test path = /home/users read only = no guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SWAT not accessible from remote sites
only_from = 127.0.0.1 It looks like this option is only allowing users to access swat from the localhost (127.0.0.1). You will need to change this option. Kenny Sanders wrote: Hello, I am not able to access SWAT from any other host besides the one running the SWAT daemon. No firewall blocking access on either side. # netstat -lnt | grep 901 tcp0 0 0.0.0.0:901 0.0.0.0:* LISTEN works fine connecting from localhost using: lynx localhost:901 Unavailable using public IP on a remote host.. i.e. going into Firefox and http://1.2.3.4:901 SWAT is configured through xinetd: # cat /etc/xinetd.d/swat # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { disable = no port= 901 socket_type = stream wait= no only_from = 127.0.0.1 user= root server = /usr/sbin/swat log_on_failure += USERID } TIA, Kenny Sanders -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] What's a preferred linux distribution for my needs...
If you want the best, most up to date, easiest to manage and most widely used distro (that is free anyways) , use CentOS. Latest version is 4.2 and available here: http://centos.org Christian Tylko wrote: I've gone through samba.org and have tried to go through the samba archives (but there are too many posts and too little time) to get an answer. I would like to set up samba for simple file sharing (non-domain) using an un-attended PC; i.e. I want the PC to be able to turn on or recover from a power failure and load and run samba without any manual intervention whatsoever. Could someone please suggest an appropriate, simple and compact linux distribution I could use? I think that once I have that running properly samba should be relatively simple for the config I need. A number of years ago I had a linux box running as a NAT router.the whole thing ran off a floppy disk. Obviously this box would have one or more large HD's so it can boot off one of the HD's.it's the simplicity I'm looking for. Any chance there's a pre-packaged linux distribution with samba ready to install? Many thanks for any help. Chris T -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Overloaded samba server. Is it a bug?
First of all, why run SuSe when CentOS is free, runs faster and is more up to date? I have basically the same setup you have except our system is a quad xeon system and CentOS runs flawlessly 24/7. We used to experiment with SuSe but it is not good for a corporate environment. Just a heads up as I have been doing this for 17 years and CentOS is the cream of the crop for the money. Martin Scandroli wrote: Experts, We've just migrated from samba 2.2.8a to samba 3.0.20b in a very large corporate environment. Everything was really fine in our lab, but we began experiment serious load problems on the productive servers the morning after the procedure took place. I'll try (briefly) to describe the characteristics of the scenario: Resources: Old Environment: Hardware: Dell PowerEdge 2650 Intel Xeon Processor 2 GB Ram Raid 5 (via perc raid controller) on 10k scsi disks Software: SuSE Linux Enterprise Server 8 Samba 2.2.8a Servers cups printing service openldap2 as backend (with replicas all over the country, about 3000 objects in the tree) HeartBeat as high availability Service Everything was charming here!! New Environment Hardware: Dell PowerEdge 2850 Servers 2 Intel Xeon 3.2 GHz (HT i think... i see 4 of them) Processors 4 GB Ram Raid 5 (via Perc raid controller) on 15k scsi disks Software SuSE Linux Enterprise Server 9 Samba 3.0.20b Servers cups printing service Novell eDirectory 8.7.3.4 as backend (Very distributed too, about 4000 objects in the tree) HeartBeat as high availability Service drbd to keep samba configuracion replicated among the cluster nodes. Problems we're having (or had, just as a usefull comment): eDirectory turned out to be much slower than openldap2 when responding to nss_ldap queries (i mean about 7 or 8 times slower) so queries asking for members of large groups (i.e: groups with about 1500 users and above) were usually terminated with an RPC timeout Everything started to work when we added the ldapsam:trusted=yes parameter. It dramatically reduced the response times and affected queries began to work. The implementation of this feature produced some other problems (we've found workarrounds but i'll comment them just to provide some feedback). 1) The samba server used to die seconds after it was started. Something about the nobody user and it's primary group prevented it from working in a proper manner. We solved this inconvinient by adding de user nobody and it's corresponding primary group to the backend. 2) Root user was no longer recognized, (we still trying to figure out why, the user's been added to the tree, but nothing changed) so we used the new role based administration provided by samba 3 as a workarround (SeMachinAccount...), and no more troubles about it. 3)THIS ISSUE IS KILLING US!!! Something happens in a determined moment of the day (rush hour). Everything is running smoothly (0.3 - 0.4 of load average) when the load start to grow indefinitely!!. It raises from 0.3 to 50 in a matter of seconds!, and it keeps growing till the server dies. We couldn't find the reason of this, but it happens in a two hors interval. Before and after this interval, there are no errors of any kind. I'll paste some log errors (just the ones i saw). I don't think they're the cause of our problems, buy you're the experts. Any clue? do you need me to gather some kind of information? any DoS bug reported for this samba version? Any help will be highly appreciated Regards, Martin -- from /var/log/messages Oct 25 04:34:15 srvsmb01 smbd[2961]: [2005/10/25 04:34:15, 0] lib/util_sock.c:send_smb(762) Oct 25 04:34:15 srvsmb01 smbd[2961]: Error writing 4 bytes to client. -1. (Connection reset by peer) Oct 25 04:40:36 srvsmb01 smbd[2983]: [2005/10/25 04:40:36, 0] lib/util_sock.c:get_peer_addr(1222) Oct 25 04:40:36 srvsmb01 smbd[2983]: getpeername failed. Error was Transport endpoint is not connected Oct 25 04:40:36 srvsmb01 smbd[2983]: [2005/10/25 04:40:36, 0] lib/util_sock.c:write_data(554) Oct 25 04:40:36 srvsmb01 smbd[2983]: write_data: write failure in writing to client 167.252.104.98. Error Connection reset by peer (this happens very often) From /var/log/samba/log.nmbd tdb(unnamed): tdb_open_ex: /var/lib/samba/unexpected.tdb (2059,2959) is already open in this process [2005/10/26 04:17:01, 2] tdb/tdbutil.c:tdb_log(767) tdb(unnamed): tdb_open_ex: /var/lib/samba/unexpected.tdb (2059,2959) is already open in this process [2005/10/26 04:17:01, 2] tdb/tdbutil.c:tdb_log(767) tdb(unnamed): tdb_open_ex: /var/lib/samba/unexpected.tdb (2059,2959) is already open in this process [2005/10/26
[Samba] Specified network password is not correct
I am having trouble connecting to a Centos 4.1 machine. I have the following installed: samba-common-3.0.10-1.4E samba-3.0.10-1.4E.2 samba-client-3.0.10-1.4E samba-swat-3.0.10-1.4E.2 Currently running: smbd nmbd winbind My smb.conf is as follows: # Global parameters [global] preferred master = No domain master = No wins support = Yes encrypt passwords = yes remote announce = 192.168.1.255/soupx smb passwd file = /etc/samba/smbpasswd [homes] read only = No [test] comment = test share path = /u/sambausers valid users = operator I have one user in /etc/samba/smbpasswd: operator:11:8880F85FF03EAF3B944E2DF489A880E4:E337E31AA4C614B2895AD684A51156DF:[U ]:LCT-435FE36C: I am in the process of switching an old 386 machine for a dual xeon machine. On the old 386, running: samba-2.2.5-10 samba-common-2.2.5-10 samba-client-2.2.5-10 samba-swat-2.2.5-10 I can connect to the 386 with any windows, linux, mac. When I try to connect to the new machine running samba 3.0.10 from unix, i connect fine: [EMAIL PROTECTED] temp]# smbclient //soupx/test -W LINUX-SOUP -U operator added interface ip=192.168.1.208 bcast=192.168.1.255 nmask=255.255.255.0 Got a positive name query response from 192.168.1.9 ( 192.168.1.9 ) Password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.10-1.4E.2] smb: \ dir . D0 Mon Sep 26 15:27:14 2005 .. D0 Mon Oct 10 05:11:02 2005 stores D0 Sat Oct 22 06:02:08 2005 npd D0 Fri Jul 29 08:51:38 2005 legal D0 Tue Sep 23 15:22:20 2003 . When I try to connect from any windows machine, I get: net use z: \\soupx\test Enter the user name for 'soupx' : operator Enter the password for soupx: System error 86 has occured. The specified network password is not correct. ... I used smbpasswd -a operator and set the password (which works from a linux machine) In /var/log/samba/smbd.log I see: [2005/10/26 13:48:21, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 13:48:28, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/26 13:48:28, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/26 13:48:28, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego I can connect to a public share on this machine without a password. Any idea what is wrong? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Specified network password is not correct
I had the firewall off but now turned it on. I modified the firewall on the box and added the following: iptables -I INPUT 1 -p tcp --dport 139 -j ACCEPT iptables -I INPUT 1 -p tcp --dport 445 -j DROP (to stop the getpeername failed error) apparently XP tries to connect to port 445 first then port 139 causing errors. Now I am getting in /var/log/samba/smbd.log: [2005/10/26 14:17:49, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 14:17:55, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 14:18:19, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 14:18:24, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego In Windows, trying to connect now gives: Logon failure: unknown user name or bad password. As operator/operator is the correct user/pass, not sure what else is going wrong. My previous setup on the 386 machine with samba 2.x serves 400 users and has been working for years. Something must have changed in samba 3.x. I tried to copy over the smb.conf from the 2.x machine but that will not work either. Merle Reine wrote: I am having trouble connecting to a Centos 4.1 machine. I have the following installed: samba-common-3.0.10-1.4E samba-3.0.10-1.4E.2 samba-client-3.0.10-1.4E samba-swat-3.0.10-1.4E.2 Currently running: smbd nmbd winbind My smb.conf is as follows: # Global parameters [global] preferred master = No domain master = No wins support = Yes encrypt passwords = yes remote announce = 192.168.1.255/soupx smb passwd file = /etc/samba/smbpasswd [homes] read only = No [test] comment = test share path = /u/sambausers valid users = operator I have one user in /etc/samba/smbpasswd: operator:11:8880F85FF03EAF3B944E2DF489A880E4:E337E31AA4C614B2895AD684A51156DF:[U ]:LCT-435FE36C: I am in the process of switching an old 386 machine for a dual xeon machine. On the old 386, running: samba-2.2.5-10 samba-common-2.2.5-10 samba-client-2.2.5-10 samba-swat-2.2.5-10 I can connect to the 386 with any windows, linux, mac. When I try to connect to the new machine running samba 3.0.10 from unix, i connect fine: [EMAIL PROTECTED] temp]# smbclient //soupx/test -W LINUX-SOUP -U operator added interface ip=192.168.1.208 bcast=192.168.1.255 nmask=255.255.255.0 Got a positive name query response from 192.168.1.9 ( 192.168.1.9 ) Password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.10-1.4E.2] smb: \ dir . D0 Mon Sep 26 15:27:14 2005 .. D0 Mon Oct 10 05:11:02 2005 stores D0 Sat Oct 22 06:02:08 2005 npd D0 Fri Jul 29 08:51:38 2005 legal D0 Tue Sep 23 15:22:20 2003 . When I try to connect from any windows machine, I get: net use z: \\soupx\test Enter the user name for 'soupx' : operator Enter the password for soupx: System error 86 has occured. The specified network password is not correct. ... I used smbpasswd -a operator and set the password (which works from a linux machine) In /var/log/samba/smbd.log I see: [2005/10/26 13:48:21, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 13:48:28, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/26 13:48:28, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/26 13:48:28, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego I can connect to a public share on this machine without a password. Any idea what is wrong? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Specified network password is not correct
Every article I read says to drop port 445. If I do not, I get my log file filled up with errors about getpeername failed. Even with no firewall at all, I still get the password incorrect problem so it seems to be not related. Any other ideas? Thomas M. Skeren III wrote: Merle Reine wrote: I had the firewall off but now turned it on. I modified the firewall on the box and added the following: Why? Samba 3 listens for smb calls on 445. iptables -I INPUT 1 -p tcp --dport 139 -j ACCEPT iptables -I INPUT 1 -p tcp --dport 445 -j DROP (to stop the getpeername failed error) apparently XP tries to connect to port 445 first then port 139 causing errors. Now I am getting in /var/log/samba/smbd.log: [2005/10/26 14:17:49, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 14:17:55, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 14:18:19, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 14:18:24, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego In Windows, trying to connect now gives: Logon failure: unknown user name or bad password. As operator/operator is the correct user/pass, not sure what else is going wrong. My previous setup on the 386 machine with samba 2.x serves 400 users and has been working for years. Something must have changed in samba 3.x. I tried to copy over the smb.conf from the 2.x machine but that will not work either. Merle Reine wrote: I am having trouble connecting to a Centos 4.1 machine. I have the following installed: samba-common-3.0.10-1.4E samba-3.0.10-1.4E.2 samba-client-3.0.10-1.4E samba-swat-3.0.10-1.4E.2 Currently running: smbd nmbd winbind My smb.conf is as follows: # Global parameters [global] preferred master = No domain master = No wins support = Yes encrypt passwords = yes remote announce = 192.168.1.255/soupx smb passwd file = /etc/samba/smbpasswd [homes] read only = No [test] comment = test share path = /u/sambausers valid users = operator I have one user in /etc/samba/smbpasswd: operator:11:8880F85FF03EAF3B944E2DF489A880E4:E337E31AA4C614B2895AD684A51156DF:[U ]:LCT-435FE36C: I am in the process of switching an old 386 machine for a dual xeon machine. On the old 386, running: samba-2.2.5-10 samba-common-2.2.5-10 samba-client-2.2.5-10 samba-swat-2.2.5-10 I can connect to the 386 with any windows, linux, mac. When I try to connect to the new machine running samba 3.0.10 from unix, i connect fine: [EMAIL PROTECTED] temp]# smbclient //soupx/test -W LINUX-SOUP -U operator added interface ip=192.168.1.208 bcast=192.168.1.255 nmask=255.255.255.0 Got a positive name query response from 192.168.1.9 ( 192.168.1.9 ) Password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.10-1.4E.2] smb: \ dir . D0 Mon Sep 26 15:27:14 2005 .. D0 Mon Oct 10 05:11:02 2005 stores D0 Sat Oct 22 06:02:08 2005 npd D0 Fri Jul 29 08:51:38 2005 legal D0 Tue Sep 23 15:22:20 2003 . When I try to connect from any windows machine, I get: net use z: \\soupx\test Enter the user name for 'soupx' : operator Enter the password for soupx: System error 86 has occured. The specified network password is not correct. ... I used smbpasswd -a operator and set the password (which works from a linux machine) In /var/log/samba/smbd.log I see: [2005/10/26 13:48:21, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego [2005/10/26 13:48:28, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/10/26 13:48:28, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer [2005/10/26 13:48:28, 1] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(593) Unknown packet in reply_sesssetup_and_X_spnego I can connect to a public share on this machine without a password. Any idea what is wrong? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] changing unix password with samba
Thanks for all your suggestions. I finally figured it out by running smbpasswd as a non root user. It then syncs the unix password. We are a linux only shop and not a windows machine to be found anywhere. The web script I found to change the smbpasswd via the web can be downloaded here: http://www.unicom.com/sw/web-chpass/ Worked like a charm and requires oldpasswd and new passwd. By the way, why are any of you still using windows? Linux is free, faster, more secure, more stable, blah, blah, blah. Just my 2 cents. Thanks again. -Original Message- From: rruegner [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 18, 2004 11:59 AM To: Merle Reine; [EMAIL PROTECTED] Subject: Re: [Samba] changing unix password with samba Hi, depending on your setup ( Ldap or tdbsamsmbpasswd ) there are different ways, the idea of the webfrontend is one way but sync passwords with pam modules the other so the users can change there passwords with cntrl - alt delete like it is usual in windows, i got it to work with ldap too. ( windows gives failure messages but the password got really changed ) Best Regards - Original Message - From: Merle Reine [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 18, 2004 4:00 AM Subject: [Samba] changing unix password with samba I am running RedHat 9 and samba. I need to be able to set one password for each user and sync them with ssh, web, unix password. i.e. When I change samba pass, it changes unix, ftp, etc. Is this possible with samba? I saw that it is if you are running windows and then you can change the unix pass via samba. Is this possible when running linux. I just want to easily administer my users. I have a web cgi script to change the unix password which can be modifed to change samba pass. This would allow users to change all their passwords in one place. Any help is much appreciated. Merle -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] changing unix password with samba
I am running RedHat 9 and samba. I need to be able to set one password for each user and sync them with ssh, web, unix password. i.e. When I change samba pass, it changes unix, ftp, etc. Is this possible with samba? I saw that it is if you are running windows and then you can change the unix pass via samba. Is this possible when running linux. I just want to easily administer my users. I have a web cgi script to change the unix password which can be modifed to change samba pass. This would allow users to change all their passwords in one place. Any help is much appreciated. Merle -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba