Re: [Samba] Samba 3.0 build with ADS support on Solaris 9
Hi Jagga, I have been having a similar problem building samba 3.0.22 with ADS for solaris 9. I have tried following instructions from http://lists.samba.org/archive/samba/2006-May/120930.html but still get errors when smbd is converting from foreground to daemon mode - it just hangs. My current workaround is to build without ADS support and treat samba server as an NT4 server (the ADS domain is a mixed mode domain) so join with net rpc join ... etc and then use a usermap to map domain users onto local users as needed. Domain PDCs and BDCs are password server. However this is only a stop gap until samba + ADS build is sorted out so if anyone has any ideas on what is happening or what to do I would really appreciate the help. Cheers, Neil Jagga Soorma wrote: Hey Guys, I have trying to build Samba 3.0 with ADS support on Solaris 9. This is how I am trying to configure samba: ./configure --prefix=/usr/local/samba \ --with-ldap \ --enable-static \ --with-ads \ --with-krb5 \ --with-libiconv \ --with-automount I have set the LD_LIBRARY_PATH: export LD_LIBRARY_PATH="/opt/sfw/lib:/usr/local/lib:/usr/lib" ls /opt/sfw/lib liblber.a liblber.so.2 libldap.la libldap_r.so libldap.so liblber.laliblber.so.2.0.122libldap_r.a libldap_r.so.2libldap.so.2 liblber.solibldap.a libldap_r.la libldap_r.so.2.0.122 libldap.so.2.0.122 The error I am receiving when I run the configure is: ..snip checking for lber.h... yes checking for ber_scanf in -llber... no checking for ldap_init in -lldap... no checking for ldap_set_rebind_proc... no checking whether ldap_set_rebind_proc takes 3 arguments... 3 configure: error: libldap is needed for LDAP support Any ideas what I am missing? Libldap seems to be there so how come configure is not seeing it? Any suggestions or comments would be grately appreciated. Thanks, -Jagga \ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3.0.22 on solaris9 does not start as daemon
I'm trying to start smbd (samba 3.0.22) as daemon (smbd -D --configfile=/etc/smb.conf) on solaris 9 sparc with current recommended patches but the smbd process never returns from trying to become a daemon. Samba was built with ldap, (heimdal) kerberos and active directory support using gcc 3.3.2 from sunfreeware. Solaris 9 is a new install on a development machine with production patches. The build was based on notes in http://lists.samba.org/archive/samba/2006-May/120930.html except that the heimdal version is 0.7.2 and no configure patch was applied (to heimdal configure). Other software versions: openldap is 2.3.20 bison-1.34-sol7-sparc-local m4-1.4.2-sol9-sparc-local make-3.80-sol9-sparc-local db-4.2.52.NC-sol9-sparc-local binutils-2.11.2-sol8-sparc-local flex-2.5.31-sol9-sparc-local Also disabled solaris 9 ld and gssapi samba 3.0.22 (from samba.org) nmbd starts and runs as a daemon without error. The log output from smbd -D --configfile=/etc/smb.conf and smbd -F --configfile=/etc/smb.conf is identical. The daemon version of the logout is below. Can anyone suggest where to look next to resolve this? The eventual objective is to run samba as a member server in an AD mixed mode domain. Thanks, Neil -- email: [EMAIL PROTECTED] [2006/06/01 14:12:44, 0] smbd/server.c:main(805) smbd version 3.0.22 started. Copyright Andrew Tridgell and the Samba Team 1992-2006 [2006/06/01 14:12:44, 5] lib/debug.c:debug_dump_status(368) INFO: Current debug levels: all: True/30 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 [2006/06/01 14:12:44, 2] param/loadparm.c:do_section(3671) Processing section "[homes]" [2006/06/01 14:12:44, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 0 for homes [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2483) hash_a_service: creating tdb servicehash [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 0 for service name homes doing parameter comment = Home Directories doing parameter valid users = %S doing parameter read only = No doing parameter browseable = No [2006/06/01 14:12:44, 4] param/loadparm.c:lp_load(4230) pm_process() returned Yes [2006/06/01 14:12:44, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 1 for IPC$ [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 1 for service name IPC$ [2006/06/01 14:12:44, 3] param/loadparm.c:lp_add_ipc(2580) adding IPC service [2006/06/01 14:12:44, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 2 for ADMIN$ [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 2 for service name ADMIN$ [2006/06/01 14:12:44, 3] param/loadparm.c:lp_add_ipc(2580) adding IPC service [2006/06/01 14:12:44, 10] param/loadparm.c:set_server_role(4163) set_server_role: role = ROLE_DOMAIN_MEMBER [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ASCII [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ASCII [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset 646 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset 646 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ISO-8859-1 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ISO
[samba] 3.0.22 on solaris9 does not start as daemon
I'm trying to start smbd (samba 3.0.22) as daemon (smbd -D --configfile=/etc/smb.conf) on solaris 9 sparc with current recommended patches but the smbd process never returns from trying to become a daemon. Samba was built with ldap, (heimdal) kerberos and active directory support using gcc 3.3.2 from sunfreeware. Solaris 9 is a new install on a development machine with production patches. The build was based on notes in http://lists.samba.org/archive/samba/2006-May/120930.html except that the heimdal version is 0.7.2 and no configure patch was applied (to heimdal configure). Other software versions: openldap is 2.3.20 bison-1.34-sol7-sparc-local m4-1.4.2-sol9-sparc-local make-3.80-sol9-sparc-local db-4.2.52.NC-sol9-sparc-local binutils-2.11.2-sol8-sparc-local flex-2.5.31-sol9-sparc-local Also disabled solaris 9 ld and gssapi samba 3.0.22 (from samba.org) nmbd starts and runs as a daemon without error. The log output from smbd -D --configfile=/etc/smb.conf and smbd -F --configfile=/etc/smb.conf is identical. The daemon version of the logout is below. Can anyone suggest where to look next to resolve this? The eventual objective is to run samba as a member server in an AD mixed mode domain. Thanks, Neil -- email: [EMAIL PROTECTED] [2006/06/01 14:12:44, 0] smbd/server.c:main(805) smbd version 3.0.22 started. Copyright Andrew Tridgell and the Samba Team 1992-2006 [2006/06/01 14:12:44, 5] lib/debug.c:debug_dump_status(368) INFO: Current debug levels: all: True/30 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 [2006/06/01 14:12:44, 2] param/loadparm.c:do_section(3671) Processing section "[homes]" [2006/06/01 14:12:44, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 0 for homes [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2483) hash_a_service: creating tdb servicehash [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 0 for service name homes doing parameter comment = Home Directories doing parameter valid users = %S doing parameter read only = No doing parameter browseable = No [2006/06/01 14:12:44, 4] param/loadparm.c:lp_load(4230) pm_process() returned Yes [2006/06/01 14:12:44, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 1 for IPC$ [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 1 for service name IPC$ [2006/06/01 14:12:44, 3] param/loadparm.c:lp_add_ipc(2580) adding IPC service [2006/06/01 14:12:44, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 2 for ADMIN$ [2006/06/01 14:12:44, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 2 for service name ADMIN$ [2006/06/01 14:12:44, 3] param/loadparm.c:lp_add_ipc(2580) adding IPC service [2006/06/01 14:12:44, 10] param/loadparm.c:set_server_role(4163) set_server_role: role = ROLE_DOMAIN_MEMBER [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16LE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16BE [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-8 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ASCII [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ASCII [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset 646 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset 646 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ISO-8859-1 [2006/06/01 14:12:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset
Re: [Samba] Domain Admins
Golden Butler wrote: Hi, I'm trying to set up one of my users to be a domain admin. I have unix/ldap group called "domainadm" with "user1" a member of the group. When I run "net groupmap list" I get the following: Domain Admins (S-1-5-21-186220259-3826000728-3192352269-7033) -> domainadm But when I go to log in to the domain with "user1" on a winxp machine, the user isn't able to make administrative changes to the computer. Is there something I'm doing wrong? - Delamatrix SLES9-SP3 Samba 3.0.20b Openldap I think you may need to check the rid you have used for the Domain Admins group. According to http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html this is one of the well known rids which must be maintained for correct functioning of the NT groups systems. You have a rid of 7033 and I think it should be 512. Neil -- email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help
ibrahim bazarwala wrote: > Hi! > I am using samba server.I am running windows client as well as linux > server.Due to some problem I have to format my windows xp client.Before > formatting I can easily share the resources between windows xp and linux.To > access the windows share from linux I just have to do this: > mount -t smbfs -o username=ibrahim,password=ibrahim //192.168.0.168/ibrahim > /mnt/share > I couldn copy and paste easily from linux to windows and vice > versa.After > formatting windows pc the above command does not work.It shows this output > 10168: Session request to 192.168.0.168 failed (called name not present) > I guess you need to check all the obvious things such as that you have actually created a share on your windows machine that is named "ibrahim". Neil -- email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: vscan-clamav.conf]
Hi Rodrigo, I don't have any file types listed for the "exclude file types" option so no example :( but in the docs it says that this should be a semi-colon (;) separated list of mime types. Mime types usually have a format which is / (e.g. application/pdf). If you go to http://www.iana.org/assignments/media-types you can see a pretty comprehensive list of mime types. I hope this helps. Neil On 11/3/05, Rodrigo Noroaldo de Castro Fernandes < [EMAIL PROTECTED]> wrote: > > Hi Mister Neil, > > A agree with you, "vscan-clamav.conf" is very simple to configure. I > had some difficulty to set the parameter "exclude file types". I'd like > to have one example from this parameter. Do you have one? > > Brazilian Regards > Rodrigo > > Neil Muller wrote: > > Can you explain your problem with vscan ... I have vscan running with > > samba 3.0.20 on SUSE SLES9 with about 60 users and it was very easy to > > setup and configure. > > > > Neil > > > > On 11/2/05, *David Collier-Brown* <[EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>> wrote: > > > > [Mis-posted to the development list --dave] > > > > Anyone on the samba user list know this? I don't use > > clam (or PCs (:-)) > > > > --dave > > -- > > David Collier-Brown, | Always do right. This will gratify > > Sun Microsystems, Toronto | some people and astonish the rest > > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > | -- Mark Twain > > (416) 263-5733 (x65733) | > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: vscan-clamav.conf]
Can you explain your problem with vscan ... I have vscan running with samba 3.0.20 on SUSE SLES9 with about 60 users and it was very easy to setup and configure. Neil On 11/2/05, David Collier-Brown <[EMAIL PROTECTED]> wrote: > > [Mis-posted to the development list --dave] > > Anyone on the samba user list know this? I don't use > clam (or PCs (:-)) > > --dave > -- > David Collier-Brown, | Always do right. This will gratify > Sun Microsystems, Toronto | some people and astonish the rest > [EMAIL PROTECTED] | -- Mark Twain > (416) 263-5733 (x65733) | > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] domain admins group in samba 3.0.7 question
I have a samba 3.0.7 pdc (suse 9.2 pro) and want to automatically add the ntadmins group to the local administrators group on each domain member workstation. The mydomain/Domain Admins group seems to be added automatically to the Administrators group on the local workstation but I can't find a way to either map or directly create members of this group. I have looked a the "net groupmap add ..." command but it seems to require an existing windows pdc. What am I missing? The pdc seems to work ok as I can add/remove machines to/from the domain and can logon to the domain using samba users. Any help will be appreciated. Neil -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Change hostname from "localhost"
Hi Bjorn, The lmhosts files is used by windows to resolve netbios names into ip addresses so I guess that Samba uses it for the same thing with the proviso that the names have to conform to the rules for netbios names ... otherwise it is very similar to the hosts file. On the systems I configure I usually have samba acting as a wins server and resolve netbios names from dns so my lmhosts file just contains 127.0.0.1 localhost In hosts files there is often an additional name on each line which provides an alternate name for the machine at the specified address such as 127.0.0.1 localhost.localdomain localhost which allows you to use any of these elements as synonym for 127.0.0.1 (or whatever address is on the line). You can also use this feature to block ads etc. Google for netbios name rules, hosts file and lmhosts file for more info. Glad you got it all working. Cheers, Neil Bjørn Næsby Nielsen wrote: "Neil Muller" <[EMAIL PROTECTED]> skrev i en meddelelse news:[EMAIL PROTECTED] In your hosts file try 192.168.1.11 poweredge poweredge Neil Hi Neil, and thanks. I've done this adjustsment (and then some), and it has finally started working. Phew. So it seems the LMHOSTS file used by Samba is a kind of "backup" for the actual hosts file? Why the need for two, almost identical files? (I am trying to get to grips with the basics of Samba, but couldn't find any info on this) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Change hostname from "localhost"
Bjørn Næsby Nielsen wrote: OK I have tried what seems like every possible method, but the bloody thing just won't work. So I am asking for help from this list... I have set up RH7.3, using the out-of-the-box SMB configuration, having added only the name of my workgroup, and uncommented the allowed range of IP adresses (which match our LAN network's 192.168.1 ). The problem is, that when I use a PC to connect to my linux box, the hostname of my Samba Server is "localhost" which of course isn't acceptable since it already exist. I would like it to be "poweredge", and have tried changing the network host configuration accordingly, but I am uncertain how it should be done. This is how my host configuration looks like on the machine acting as Samba Server : IP Hostname Alias 127.0.0.1 localhost.localdomainlocalhost 192.168.1.11localhost poweredge In your hosts file try 192.168.1.11 poweredge poweredge Neil -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP
Have you checked out the combined samba howto at http://www.samba.org/samba/docs/ Neil Quoting [EMAIL PROTECTED]: > Hi, > > Can somebody point me in the direction of some documents about how to use > Windows XP Pro and log into a Samba domain? > > Thanks > > Steve > > > > > Disclaimer > > This e-mail and any files transmitted with it are intended for the use of > the individual or entity to whom they are addressed. This communication may > contain information which may be privileged. If you are not the intended > recipient, you are advised that you have received this e-mail in error and > that any use, dissemination, forwarding, printing or copying of this email > is prohibited. If you received this e-mail in error, please contact the > sender and, in any event, delete the material from your system immediately. > > E-mail may be susceptible to data corruption, interception and unauthorised > amendment, and no liability is accepted for any such corruption, > interception or amendment, or the consequences thereof. No liability or > responsibility is accepted for viruses - it is your responsibility to scan > attachments (if any). > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinXP failing to join PDC
Quoting "Simon A. F. Lund" <[EMAIL PROTECTED]>: > > Hello people! > > I have set up samba guided by "The Unoffical Samba HOWTO, by David Lechnyr". > But for the last 3 hours i have been banging my head into the wall. So i ask > for youre help! > The problem is that the WinXP clients fails to join the domain with the error > message: > FROM WINXP: "The specified network password is not correct" > FROM LOG: "[2003/01/29 23:27:03, 0] smbd/service.c:make_connection(563) > Can't become connected user!" > I run FreeBSD 4.7 and ive added the users by: vipw and smbpasswd -a USERNAME, > and added the machine accounts the same way but with $ in the /etc/passwd and > -m on smbpasswd. > > Any ideas? > > cheers > > safl > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > I've just finished setting up a samba (2.2.7) hosted domain with WinXP Pro workstations and had no problems. The samba server is an AMD cpu running RH7.3. I followed the procedures set out in the combined samba docs at http://au1.samba.org.samba/docs/Samba-HOWTO-Collection.pdf and had no problems. The only additional step was to apply the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters\requiresignorseal fix and set it to 0 to the registry on each XP workstation you want in the domain. Make sure that root is a samba user (doesn't need the same password as for root on the server) and when asked for a domain admin to add the workstation to the domain use root with the samba password. XP Home cannot join a domain. Hope this helps. Neil email: [EMAIL PROTECTED] - This mail sent through IMP: http://horde.org/imp/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba compiled version to rpm package
In the location where you unpacked samba change to samba-2.2.4/packaging/RedHat directory and there is a makerpms.sh script. Just execute bash makerpms.sh and the work is done for you. If you run Mandrake there is a similar directory and script for it as well. There are also spec files for SuSE which I think will let you build rpms but I've never tried this :) Neil Quoting LAUTIER Sabrina <[EMAIL PROTECTED]>: > Hi ! > > I'm runing a linux redhat 7.2 box with samba 2.2.4. > I've downloaded the samba source in order to install it with the > needed compilation options (--with-smbwrapper --with-automount > --with-smbmount --with-pam ...). > Samba is now up and running but I would like to build an rpm with this > compiled version. > > Any idea of how to transform this samba compiled version to a rpm > package ? > > Thanks. > > Sabrina > > - > Powered by Alinto (http://www.alinto.net) > for lavache.com (http://www.lavacheautomatique.com) > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba as PDC with w2k clients
The machine trust account has to be created for both linux and samba without a password or home directory and will have a null shell. Doing it manually as root use (note: dollar signs ($) are important - samba uses the $ sign to identify that it is a machine trust account)... root# /usr/sbin/useradd -g 100 -d /dev/null -c "machine nickname" -s /bin/false machine_name$ root# passwd -l machine_name$ root# smbpasswd -a -m machine_name Also make root a samba user and set your "domain admin group = root". When you add the w2k machine to the samba domain use root and your samba root password as the user account to authorise joining the domain. Instead of manually adding the machine trust account as above you should be able to have samba create them for you (more secure than manual version above) by adding the following to your smb.conf global section... add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /dev/false -M %u Neil Sam Barasch wrote: > Dear plugbert, > > try using this command > > smbpasswd -a -m machine1$ > > Double check that the machine name has a $ at the end of it in > /etc/passwd. > > -Sam > > > > At 06:19 AM 5/21/2002 -0700, plug bert wrote: > >> Hello! >> >>A good day to you all. i'm trying to set up >> samba(2.2.3a, right out of the rh7.3 cds) as a PDC. >> i've already read through the Samba-howto collection, >> and am confident that i've put in all the necessary >> samba options. >> >> /etc/samba/smb.conf: >> >> [global] >> netbios name = pdc1 >> workgroup = testing >> security = user >> domain logon = yes >> domain master = yes >> local master = yes >> domain admin group=@admins >> encrypt passwords = yes >> smb passwd file = /etc/samba/smbpasswd >> unix password sync = yes >> pam password change = yes >> logon script = logon.bat >> >> [netlogon] >> path = /home/netlogon >> writable = no >> write list = @admins >> >> i have also created the necessary machine and user >> accounts in /etc/passwd and /etc/samba/smbpasswd: >> >> useradd machine1$ >> smbpasswd -a -m machine1 >> >> >>However, i keep getting this error in log.smbd >> whenever i try to add my 2k pro client: >> >> rpc_server/src_samr.c: api_samr_set_userinfo(670) >> api_samr_set_userinfo: Unable to unmarshall >> SAMR_Q_SET_USERINFO >> >> passdb/pdb_smbpasswd.c: pdb_getsampwrid(1416) >> unable to open passdb database >> >>Any suggestions as to the cause of the problem? >> Thanks in advance. >> >> >> >> >> >> >> >> __ >> Do You Yahoo!? >> LAUNCH - Your Yahoo! Music Experience >> http://launch.yahoo.com >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: http://lists.samba.org/mailman/listinfo/samba > > > -- Neologix Pty Ltd ABN 89 080 124 965 www:http://www.neologix.net email: [EMAIL PROTECTED] mob:0408 977 976 office: +61 2 6287 5900 fax:+61 2 6287 6911 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] just curious..!!!
Check your case sensitivity settings, workgroup name and encrypted password settings plus create your smbpasswd file (I've never had much luck with plaintext passwords). Also what type of security did you specify? Did you restart samba? Have you tried mapping a drive to one of the samba shares that your user has access to? This will still work even if the machines don't have the same workgroup but you won't see the machine in the network neighbourhood. Did you create a unix user with the same userid as your windows user? Neil Quoting Azri <[EMAIL PROTECTED]>: > Hi somebody there, > > I want to connect two PC's. One is using win98 and the other one was > running > red hat 7.2. I have to configured smb.conf. But nothing happen. I still > can't > connect the pc together. I am trying to connect via the same LAN. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba encrypt passwd
<...snip...> > >cat /etc/passwd | mksmbpasswd.sh > smbpasswd This creates an smbpasswd file with blank passwords for each user. You also need to do: smbpasswd for each user to create the actual password used by samba. Finally make sure the smbpasswd file is in the location where samba is looking for it, check your smb.conf. Neil --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba option for users to have admin rights for theirmachine
Access rights on a w2k workstation are completely separate from access rights within a domain; similarly users in a domain are completely different (in MS terms) from users on a W2K workstation. If your users are logging on to a domain then they will have user accounts within the domain and when you look at the users on a w2k box you will see something like \\ as the fully qualified user name (may be 2 leading slashes ie \\ or mayeb none I forget which - just don't hang me forthis lapse :-) ). A user defined for the local machine will have a similar fully qualified user name but the 'domain' will be the name of the local machine. To give a domain user administrator privileges on the local workstation you will have to add that (fully qualified) domain user to the administrators group on the local machine. Log on as the local machine administrator (I'm assuming you don't have a domain user with administrator privileges on the local machine as yet), open the control panel and click the "Users and Passwords" icon. This will list all the users for the local machine. Click the 'Add' button and then click the "Browse" button. On my workstations this brings up a dialog pointing out that you don't have acess to browse the domain and asks for the username and password of someone who does; so enter the username and password of the user that you used to join the workstation to your samba domain. Now you can browse through a list of domain users and add them as users with (Administrator) rights on the local machine by adding them to the local machine's administrator group. Neil Bilal Dar,5726133 wrote: >Hi, >I want to know something, i configured samba and its working fine so far. But i was >told by boss that the user of a machine should hav administrative rights for their >own machine. I have no idea how to do this and i cant find it in documentation as >well. Kindly if anyone knows about it do letme know. > >Thanks > >Regards, >Dar. >Bilal Dar, >e-mail: [EMAIL PROTECTED] > > >-- >Go Net > >The right way to go ... > >http://www.go.net.pk > > > > > > -- Neologix Pty Ltd ABN 89 080 124 965 www:http://www.neologix.net email: [EMAIL PROTECTED] mob:0408 977 976 office: +61 2 6287 5900 fax:+61 2 6287 6911 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't join Samba PDC from Win2k
I forgot to add that to join the domain from w2k I didn't use the wizard.
Instead I went to the properties button on the system->identity notebook page
and clicked the domain radio button, typed in the domain I wanted the machine to
join and then clicked the ok button. W2K prompts for some machine information
and then a userid and pasword of someone authorised to join the machine to the
domain. This is where I entered root and the root password. Everthing worked
fine after that.
Neil
Quoting Neil Muller <[EMAIL PROTECTED]>:
>
> I went through exactly the same thing over the weekend and after help
> from this
> list I got it all working. What I had to do was add settings for domain
> admin
> group and domain admin users to my smb.conf global section (both items
> were set
> to root) and I also made root a samba user. If you have done all this
> and its
> still not working make sure the machine trust account is being created
> correctly
> (check smbpasswd and /etc/passwd for entries with your w2k machine name
> with a $
> appended.
>
> Neil
>
>
>
>
>
> Quoting Brian Lavender <[EMAIL PROTECTED]>:
>
> > I am trying to make my Samba server act as a domain controller, but
> I
> > can't join the domain. When I go into Windows 2k and I right click
> the
> > computer, the properties button, and try to make it a part of the
> > domain,
> > it asks me for a user account, and a password. I am not sure what
> user
> > account to type in here. What user account do I type in?
> >
> > Below is my smb.conf file. I followed the howto from
> >
> > ftp://us6.samba.org/pub/samba/docs/htmldocs/Samba-PDC-HOWTO.html
> >
> > and you can see where I put the adduser in my global configuration
> so
> > a machine is added automatically.
> >
> > # from linux.local (127.0.0.2)
> > # Date: 2002/05/18 21:55:34
> >
> > # Global parameters
> > [global]
> > netbios name = DASERVER
> > workgroup = CHEDDAR
> > map to guest = Bad User
> > socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
> > character set = ISO8859-15
> >
> > os level = 64
> > preferred master = yes
> > domain master = yes
> > local master = yes
> >
> > security = user
> >
> > encrypt passwords = Yes
> >
> > domain logons = yes
> >
> > logon path = \\%N\profiles\%u
> >
> > logon drive = H:
> > logon home = "\\%N\%U"
> >
> > logon script = logon.cmd
> >
> > printing = lprng
> > veto files = /*.eml/*.nws/riched20.dll/*.{*}/
> >
> > add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> /bin/false
> > -M %u
> >
> >
> > [homes]
> > comment = Home Directories
> > read only = No
> > create mask = 0640
> > directory mask = 0750
> > browseable = No
> >
> > [printers]
> > comment = All Printers
> > path = /var/tmp
> > create mask = 0600
> > printable = Yes
> > browseable = No
> >
> > ;DOMAIN SPECIFIC INFO
> > [netlogon]
> > comment = NETLOGON service
> > path = /home/netlogon
> > read only = yes
> > write list = ntadmin
> >
> > [profiles]
> > path = /home/profiles
> > read only = no
> > create mask = 0600
> > directory mask = 0700
> >
> >
> >
> > --
> > Brian Lavender
> > http://www.brie.com/brian/
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
>
> ---
> Neil Muller
> Neologix Pty Ltd
> http://www.neologix.net
> PO Box 3183, Weston Creek, ACT, 2611, Australia
> email: [EMAIL PROTECTED]
> voice: +61 2 62875900fax: +61 2 62875911
> mob: +61 408 977 976
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
---
Neil Muller
Neologix Pty Ltd
http://www.neologix.net
PO Box 3183, Weston Creek, ACT, 2611, Australia
email: [EMAIL PROTECTED]
voice: +61 2 62875900fax: +61 2 62875911
mob: +61 408 977 976
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't join Samba PDC from Win2k
I went through exactly the same thing over the weekend and after help from this
list I got it all working. What I had to do was add settings for domain admin
group and domain admin users to my smb.conf global section (both items were set
to root) and I also made root a samba user. If you have done all this and its
still not working make sure the machine trust account is being created correctly
(check smbpasswd and /etc/passwd for entries with your w2k machine name with a $
appended.
Neil
Quoting Brian Lavender <[EMAIL PROTECTED]>:
> I am trying to make my Samba server act as a domain controller, but I
> can't join the domain. When I go into Windows 2k and I right click the
> computer, the properties button, and try to make it a part of the
> domain,
> it asks me for a user account, and a password. I am not sure what user
> account to type in here. What user account do I type in?
>
> Below is my smb.conf file. I followed the howto from
>
> ftp://us6.samba.org/pub/samba/docs/htmldocs/Samba-PDC-HOWTO.html
>
> and you can see where I put the adduser in my global configuration so
> a machine is added automatically.
>
> # from linux.local (127.0.0.2)
> # Date: 2002/05/18 21:55:34
>
> # Global parameters
> [global]
> netbios name = DASERVER
> workgroup = CHEDDAR
> map to guest = Bad User
> socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
> character set = ISO8859-15
>
> os level = 64
> preferred master = yes
> domain master = yes
> local master = yes
>
> security = user
>
> encrypt passwords = Yes
>
> domain logons = yes
>
> logon path = \\%N\profiles\%u
>
> logon drive = H:
> logon home = "\\%N\%U"
>
> logon script = logon.cmd
>
> printing = lprng
> veto files = /*.eml/*.nws/riched20.dll/*.{*}/
>
> add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false
> -M %u
>
>
> [homes]
> comment = Home Directories
> read only = No
> create mask = 0640
> directory mask = 0750
> browseable = No
>
> [printers]
> comment = All Printers
> path = /var/tmp
> create mask = 0600
> printable = Yes
> browseable = No
>
> ;DOMAIN SPECIFIC INFO
> [netlogon]
> comment = NETLOGON service
> path = /home/netlogon
> read only = yes
> write list = ntadmin
>
> [profiles]
> path = /home/profiles
> read only = no
> create mask = 0600
> directory mask = 0700
>
>
>
> --
> Brian Lavender
> http://www.brie.com/brian/
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
---
Neil Muller
Neologix Pty Ltd
http://www.neologix.net
PO Box 3183, Weston Creek, ACT, 2611, Australia
email: [EMAIL PROTECTED]
voice: +61 2 62875900fax: +61 2 62875911
mob: +61 408 977 976
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Queries on samba with roaming profiles
Have you got a "login path" entry in your smb.conf? For w2k it seems you need login path and a profiles share in smb.conf. I also had to make the directory named in my profiles section writeable by all. The entries in my smb.conf file are: [global] . . logon path = \\%N\profiles\%U . . [profiles] path = /usr/local/samba/profiles read only = no create mask = 0600 directory mask = 0766 browseable = yes Neil Quoting Hardi Gunawan <[EMAIL PROTECTED]>: > I've some queries on Samba, hope that someone in the mailing list can > help me > :) > > 1) I've Samba PDC with W2k workstation (w2kwks). When I login into > w2kwks, it > created a folder with my username in C:\Documents and Settings directory > > (which I think is the roaming profile directory?) > > 2) When I configure Outlook 2000 on the w2kwks (for imap), it > automatically > create a Personal Folder in C:\Documents and Settings\username\Local > Settings. But seems that the Local Settings directory is not roaming > (even > though it's inside the c:\Documents and Settings\username directory)? > > 3) When I logout and login as another user, I can see the previous > user's > folder in C:\Documents and Settings (I can't open it though). Is this > > normal? I thought it should get deleted when the user logout? > > There must be something wrong with the way I setup Samba PDC.. :( > > Thank you. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > --- Neil Muller Neologix Pty Ltd http://www.neologix.net PO Box 3183, Weston Creek, ACT, 2611, Australia email: [EMAIL PROTECTED] voice: +61 2 62875900fax: +61 2 62875911 mob: +61 408 977 976 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] re: joining a w2k machine to a samba domain
Because the replies to my question came direct to my email and not through the list I thought others with the same problem might benefit if I summarised the way in which I solved the problem of adding a w2k workstation to a domain managed by a samba pdc. (1) make sure your samba is up to date. I actually used samba 2.2.3a but am about to upgrade to 2.2.4 (2) read the docs on the samba.org site, in particular the combined howtos in pdf format (3) set up and test your smb.conf using testparm. I actually did it in 3 stages (the final stage was based on the help I received from the email replies to my original posting) (4) stage 1: set up your initial smb.conf and make sure samba is working for your W9x environment (5) stage 2: (a) configure your smb.conf as per the model supplied in the combined howtos mentioned above (b) create the machine trust account referred to in the docs. I did this manually but the docs also show how this can be done by samba itself which is the recommended approach (c) read the man pages for smb.conf several times and add in all the bits that you've missed above in particular add in settings in the global area of smb.conf for 'domain admin group = root' and 'domain admin users = root' (6) stage 3: (a) check out http://de.samba.org/samba/ftp/docs/htmldocs/samba-pdc-faq.html http://de.samba.org/samba/ftp/docs/htmldocs/samba-pdc-howto.html (b) make root a samba user (yeah I know I was stupid not to have thought of this first but we can't all be perfect) (7) login to your w2k box as administrator and add the box to your new (NT4) domain. When prompted for a domain user with permission to add the w2k machine enter your root userid and password. Reboot the w2k box when prompted and login to your samba domain in the usual way. Hope someone else finds this useful. Neil -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: joining a w2k machine to a samba domain
Thanks to everyone who replied. I've got it all working now, including the roaming profiles. Neil -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] joining a w2k machine to a samba domain
I hope someone has some ideas on this problem I've hitting against since yesterday afternoon. I've set up a samba server (samba 2.2.3a on RH7.2) as a PDC as per the combined samba howto docs. I have no problem joining Win9x machines to the domain but cannot add a w2k machine to the domain. It always fails with the message (on the W2K worksation): login failure: unknown user name or bad password I have atached my smb.conf file. The way in which I am trying to add the w2k computer to the domain: (1) manually created the machine trust account on samba server (2) created a user (ntadmin) whose primary group is root on samba server (3) configured smb.conf (see attached) as per the example in the samba docs (4) clean install of W2K with workgroup WORKGROUP (W2K machine name is ZAPHOD) (5) boot W2K machine and login as the administrator (6) open system properties in the control panel, go 'network identification' and click 'properties' (7) click the 'Domain' radio button and type name of domain (OFFICE) then click OK (8) in the 'Domain Username and Password' dialog I enter ntadmin as user and the ntadmin password I then get the error message shown above. If I look in /var/log/samba/zaphod.log I get the following message.. . . [2002/05/19 12:50:44, 0] passdb/pdb_smbpasswd.c:pdb_getsampwrid(1416) unable to open passdb database . . This message seems to be independent of whether or not I have the "obey pam restrictions" option set to yes or no. My pam file for samba is also attached in case it is relevant. Any help on this will be really welcome. Neil email: [EMAIL PROTECTED] #%PAM-1.0 auth required /lib/security/pam_smbpass.so nodelay accountrequired /lib/security/pam_pwdb.so audit nodelay sessionrequired /lib/security/pam_pwdb.so nodelay password required /lib/security/pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf #=== Global Settings = [global] workgroup = OFFICE netbios name = DENT server string = Samba Server hosts allow = 192.168.1. 127. printcap name = /etc/printcap load printers = yes printing = lprng log file = /var/log/samba/%m.log max log size = 500 security = user password level = 8 username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote announce = 192.168.1.255 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon script = logon.bat logon path = \\%N\profiles\%U logon home = \\%L\%U\.profiles logon drive = H: wins support = yes wins proxy = yes dns proxy = yes preserve case = yes short preserve case = yes default case = lower case sensitive = no # Share Definitions == [homes] comment = Home Directories writable = yes valid users = %S browseable = yes [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon write list = ntadmin [profiles] path = /usr/local/samba/profiles read only = no create mask = 0600 directory mask = 0700 browseable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = yes writable = no printable = yes public = yes #
