Re: [Samba] Intermittent Connection Please help
Den 23-03-2010 07:35, dhon skrev: Good Day Samba Gurus, I have installed Ubuntu 9.10 Server Samba. My win9x users client always had intermittent connection. Help is greatly appreciated. Mabuhay Samba + Ubuntu!!! Dear dhon May I suggest that You add /persistent:on when You use net use *NET USE* Connects or disconnects your computer from a shared resource or displays information about your connections. *[devicename | *] [\\computername\sharename[\volume] [password | *]] [/USER:[domainname\]username] [/USER:[dotted domain name\]username] [/USER:[usern...@dotted domain name] [/SMARTCARD] [/SAVECRED] [[/DELETE] | [/PERSISTENT:{YES | NO}]] NET USE {devicename | *} [password | *] /HOME NET USE [/PERSISTENT:{YES | NO}]* Best Regards Rune -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Vs LDAP (Active Directory)
Den 23-03-2010 12:58, balamurugan.thangam...@verizon.com skrev: Dear friends, I have Solaris 10 box and samba running on the box. I have created a share called /tmp and it is working fine I do have LDAP server (Windows Active Directory). Is there a way I can access the share /tmp only for certain users? I searched google and did not find any document other than troubleshooting tips. Can you guys help me? I have root access on my Solaris Box and LDAP server is out of my control and I cannot do anything with my LDAP server. I have LDAP parameters Thanks Baluchen Dear Thangamani You could use valid users which can control access based on usernames and groups example here valid users = @SCHEMMER\Acct, @SHEMMER\Domain Admins, user2, tmpuser -- Bedste Hilsner/Best Regards Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7 + Samba 3.4.5 locking problem
for download: http://almosthappy.de/duhLd6Tm1GQoC3j0YyiJ637IS/capture.fast http://almosthappy.de/duhLd6Tm1GQoC3j0YyiJ637IS/capture.slow (These were captured with Samba 3.4.3.) Here is some more output of my configuration: $ uname -a Linux server 2.6.26-2-amd64 #1 SMP Thu Feb 11 00:59:32 UTC 2010 x86_64 GNU/Linux $ testparm.samba3 Load smb config files from /etc/samba/smb.conf Processing section [homes] Processing section [netlogon] Processing section [DocExpert] Processing section [profiles] Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions [global] workgroup = PRAXIS server string = %h server interfaces = eth0, lo bind interfaces only = Yes obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes log level = 2 locking:10 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = Yes max open files = 1 load printers = No printcap name = /dev/null disable spoolss = Yes add machine script = /usr/sbin/useradd -g machines -c %u machine account -d /var/lib/samba -s /bin/false %u logon script = logon.cmd logon path = \\%N\profiles\%U logon drive = P: domain logons = Yes os level = 255 preferred master = Yes domain master = Yes panic action = /usr/share/samba/panic-action %d hosts allow = 10.121.1.1/24, 127. hosts deny = ALL printing = bsd print command = lpr -r -P'%p' %s lpq command = lpq -P'%p' lprm command = lprm -P'%p' %j [homes] comment = Home Directories valid users = %S read only = No create mask = 0700 directory mask = 0700 browseable = No browsable = No [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = Yes [DocExpert] comment = Doc Expert path = /home/samba/docexpert read only = No create mask = 0660 force create mode = 0660 directory mask = 0770 force directory mode = 0770 [profiles] comment = Network Profiles Share path = /home/samba/profiles read only = No create mask = 0600 directory mask = 0700 hide files = /desktop.ini/outlook*.lnk/*Briefcase*/ store dos attributes = Yes browseable = No browsable = No Dear Lars A few years ago i had a similarly problem, unfortunately I don't have the config file. You might want to look into oplocks, but be aware of your dataintegrity. http://www.samba.org/samba/docs/using_samba/ch08.html http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/locking.html#id2616906 -- Best Regards Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon Script Via Group
Please take a look here http://lists.samba.org/archive/samba/2004-February/079796.html -- Venlig Hilsen Rune TønnesenQuoting Jeff L [EMAIL PROTECTED]: Hello, In order to use Samba and migrate our Windows domain we need to be able to map users to a drive based on the Unix groups they are a member of. IE: If user is a member of finance, map drive f:\ finance If user is a a member of domainusers, run logon script logon.bat I tried placing differnet logon scripts in a directory named after the groupname and using the %g variable in Samba but it did not work. It only looks up the FIRST group ignoring the rest. Please let us know a easy way to do this. Thanks = New York Film Academy Study Abroad Filmmaking Acting. London, Paris, Florence, USA. http://a8-asy.a8ww.net/a8-ads/adftrclick?redirectid=160d32aa7f559fb3e9e7cf46485a3294 -- Powered by Outblaze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] nmbd Hogging CPU on Mac OSX (10.5.4)
Mark Jackson skrev: Hi All, Firstly, I know this is a MacOS X issue and not sure if you guys can help, but I'm really hoping you can since I don't appear to be getting any joy elsewhere. Running OSX 10.5.4 and recently (last week) nmbd is hogging the CPU. I know this is a part of the Samba server on OSX, hence the post to this mail-list. When I disconnect from the network, nmbd goes away and doesn't hog the CPU. Reconnect, within a minute it comes back. Happens on both Wired and Wireless connections. I don't have filesharing enabled within OSX. Checked the logs in /var/logs/samba/log.nmbd and the last entries are below. My Mac is on my corporate network which is 99% Windows, if that matters...? Any thoughts or comments appreciated as this is getting quite frustrating now. Thanks, Mark [2008/08/21 09:09:28, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/lib/util_tdb.c:tdb_log(662) tdb(/private/var/samba/gencache.tdb): tdb_rec_read bad magic 0xd9fee666 at offset=2592 [2008/08/21 09:09:33, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/lib/util_tdb.c:tdb_log(662) tdb(/private/var/samba/gencache.tdb): tdb_rec_read bad magic 0xd9fee666 at offset=2592 [2008/08/21 09:09:33, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/lib/util_tdb.c:tdb_log(662) tdb(/private/var/samba/gencache.tdb): tdb_rec_read bad magic 0xd9fee666 at offset=2592 [2008/08/21 09:09:33, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/lib/util_tdb.c:tdb_log(662) tdb(/private/var/samba/gencache.tdb): tdb_rec_read bad magic 0xd9fee666 at offset=2592 [2008/08/21 09:09:34, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351) find_domain_master_name_query_fail: Unable to find the Domain Master Browser name WORKGROUP1b for the workgroup WORKGROUP. Unable to sync browse lists in this workgroup. [2008/08/21 09:09:34, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351) find_domain_master_name_query_fail: Unable to find the Domain Master Browser name WORKGROUP1b for the workgroup WORKGROUP. Unable to sync browse lists in this workgroup. [2008/08/21 09:24:43, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351) find_domain_master_name_query_fail: Unable to find the Domain Master Browser name WORKGROUP1b for the workgroup WORKGROUP. Unable to sync browse lists in this workgroup. [2008/08/21 09:24:43, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351) find_domain_master_name_query_fail: Unable to find the Domain Master Browser name WORKGROUP1b for the workgroup WORKGROUP. Unable to sync browse lists in this workgroup. [2008/08/21 09:29:54, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/lib/util_tdb.c:tdb_log(662) tdb(/private/var/samba/gencache.tdb): remove_from_freelist: not on list at off=8736 [2008/08/21 09:29:54, 0, pid=118] /SourceCache/samba/samba-187.4/samba/source/lib/util_tdb.c:tdb_log(662) tdb(/private/var/samba/gencache.tdb): tdb_free: left free failed at 8736 [2008/08/21 09:39:29, 0] /SourceCache/samba/samba-187.4/samba/source/nmbd/nmbd.c:main(695) Netbios nameserver version 3.0.25b-apple started. Copyright Andrew Tridgell and the Samba Team 1992-2007 [2008/08/21 09:51:34, 0] /SourceCache/samba/samba-187.4/samba/source/nmbd/nmbd.c:main(695) Netbios nameserver version 3.0.25b-apple started. Copyright Andrew Tridgell and the Samba Team 1992-2007 It looks like a problem with nameresolution It says it can't find the browsemaster for workgroup WORKGROUP Is your mac os x box member of windows domain? please take a look at http://oreilly.com/catalog/samba/chapter/book/ch07_03.html Cheers Rune -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba on Virtual Machines
Hi Joseph It sounds more like a vmware problem. How is the network configurated on your vmware machine? Best Regards Rune Tønnesen Den 5/5/2008, skrev Mervini, Joseph A [EMAIL PROTECTED]: Hi, We have deployed Samba on VMware (ESX) on IBM Bladecenter H. I am having a serious problem with Samba related to Window client access. I can mount the samba share with no problem whatsoever and see all the files that exist within that share. However, when I try to open/write/copy/get properties on any file in either direction the operation stalls and eventually I will get a message similar to Cannot copy file: The specified network name is no longer available. on the Windows client. We are running stock RHEL5 workstatiom with most packages installed (sound/telephony excluded). Our samba security is set to domain but this has also been tested with security set to user. I have an identical samba server (except IP/hostname, etc.) on a standalone blade that works flawlessly. I have scoured the web looking for answers but have come up empty. Has anyone on this list ever had a similar problem that might be able to share some insight? Thanks in advance. -- Joe Mervini Scientific Applications and User Support Sandia National Laboratories Department 09326 MS-0823 PO Box 5800 Albuquerque, NM 87120 (505) 844.6770 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] freeRADIUS + krb5 + samba + AD
Hangjun He skrev: Hi, We are using freeRADIUS 1.1.6. + samba 3.0.1 + krb5-1.3.2 talk to active-directory(win2k3). Followed by: http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO Now it can work. But there are multiple domains in active-directory. Can samba or krb5 support mutiple domains? How to configure krb5.conf and smb.conf can let it support multiple domains? Thanks. John - 雅虎邮箱传递新年祝福,个性贺卡送亲朋! You can try to look at http://www.zeroshell.net/eng/ they have a working solution. for freeradius kerberos and Active directory with multiple trusts -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining Domain Problem only with XP SP2
. -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP always see folder with read-only attribute set
Dear all, I've got a linux server running samba-3.0.10 with some windows xp and windows 2k clients. My config is something like: [global] server string = aroprod workgroup = WORKGROUP hosts allow = 192.168.0. 127. security = share load printers = yes printing = cups printcap name = cups prefered master = yes os level = 65 read only = no [publica] path = /sis/publica/ read only = No guest ok = Yes nt acl support = No force user = sis force group = sis May I suggest this [publica] path = /sis/publica/ public = yes # only guest = yes writable = yes force user = sis force group = sis This should solve your problem as samba by default set a share as read only and you need to set them to writable, hence read only = No is not equal to writable = yes. -- Venlig Hilsen/Best Regards Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP always see folder with read-only attribute set
Chris Smith skrev: On Friday 11 January 2008, Chris Smith wrote: instead of writable or writable. SHould be writeable or writable. Sorry I was wrong about that. Back to the problem from http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html try this Users Cannot Write to a Public Share The following complaint has frequently been voiced on the Samba mailing list: We are facing some troubles with file/directory permissions. I can log on the domain as admin user (root), and there's a public share on which everyone needs to have permission to create/modify files, but only root can change the file, no one else can. We need to constantly go to the server to *|chgrp -R users *|* and *|chown -R nobody *|* to allow other users to change the file. Here is one way the problem can be solved: 1. Go to the top of the directory that is shared. 2. Set the ownership to whatever public user and group you want |$ |find `directory_name' -type d -exec chown user:group {}\; |$ |find `directory_name' -type d -exec chmod 2775 {}\; |$ |find `directory_name' -type f -exec chmod 0775 {}\; |$ |find `directory_name' -type f -exec chown user:group {}\; Note The above will set the |SGID bit| on all directories. Read your UNIX/Linux man page on what that does. This ensures that all files and directories that are created in the directory tree will be owned by the current user and will be owned by the group that owns the directory in which it is created. 3. Directory is /|/foodbar|/: |$ |*|chown jack:engr /foodbar|* Note This is the same as doing: |$ |*|chown jack /foodbar|* |$ |*|chgrp engr /foodbar|* 4. Now type: |$ |*|chmod 2775 /foodbar|* |$ |*|ls -al /foodbar/..|* You should see: drwxrwsr-x 2 jack engr48 2003-02-04 09:55 foodbar 5. Now type: |$ |*|su - jill|* |$ |*|cd /foodbar|* |$ |*|touch Afile|* |$ |*|ls -al|* You should see that the file |Afile| created by Jill will have ownership and permissions of Jack, as follows: -rw-r--r-- 1 jill engr 0 2007-01-18 19:41 Afile 6. If the user that must have write permission in the directory is not a member of the group /engr/ set in the |smb.conf| entry for the share: /|force group = engr|/ -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP problem
Hello to you I've had the same problem on my old suse linux enterprise server 9, shutdown due to powerissue. I got the same errors from workstations (windows XP). My problem was that corruption of openldaps databasefiles (Berkeley) had occured. I've solved my problem by using the openldap database recovery tools to do a manual recover. http://www.google.co.uk/search?hl=enq=openldap+recovermeta= Secondly some journaled filesystems aren't good at recovering corrupted files like berkeley databases due powerfailure. This problem occur if you enable use of diskcache on your harddrive without a UPS, get one for your one safety and jobsecurity, it just have to be big enough to shutdown the server in a prober way. -- Rune Tønnesen Venlig Hilsen/Best Regards Hello, I have a problem with my PDC server. It runs samba + openLDAP. It used to work fine. The machine was stopped today because of a power supply failure, and since it was restarted i have problems connecting to the domain. - The ldap data was restored from a ldif file, the ldap seems to work fine. when i type ldapsearch -x I see the contents of the ldap data. - When I try : smbclient -L \\pdc -U tleost it asks for my password, and i see the samba shares. - I tried, as root, on the pdc: smbpasswd -w which was successful. ... anyway, i cannot connect from my windows clients. I get an error message telling me the pdc is not available. Here is a log i get (/var/log/samba/devel2.log) - [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2008/01/06 15:17:45, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2008/01/06 15:17:45, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2008/01/06 15:17:45, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2008/01/06 15:17:45, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: Invite [2008/01/06 15:17:45, 4] lib/substitute.c:automount_server(323) Home server: servpdc [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2008/01/06 15:17:45, 1] auth/auth_util.c:make_server_info_sam(822) User Invite in passdb, but getpwnam() fails! [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2008/01/06 15:17:45, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2008/01/06 15:17:45, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1300) ldapsam_getsampwnam: Unable to locate user [] count=0 [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2008/01/06 15:17:45, 3] auth/auth_sam.c:check_sam_security(244) check_sam_security: Couldn't find user '' in passdb file. [2008/01/06 15:17:45, 3] auth/auth_winbind.c:check_winbind_security(80) check_winbind_security: Not using winbind, requested domain [COMPANY] was for this SAM. [2008/01/06 15:17:45, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [] - [] FAILED with error NT_STATUS_NO_SUCH_USER [2008/01/06 15:17:45, 3] smbd/process.c:timeout_processing(1336) timeout_processing: End of file from client (client has disconnected). [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2008/01/06 15:17:45, 2] smbd/server.c:exit_server(571) Closing connections [2008/01/06 15:17:45, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2008/01/06 15:17:45, 3] smbd/connection.c:yield_connection(76) yield_connection: tdb_delete for name failed with error Record does not exist. [2008/01/06 15:17:45, 3] smbd/server.c:exit_server(614) Any help would be much appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help removing many users
How many users do you have? -- Rune Tønnesen Venlig Hilsen/Best Regards -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 It would be a smart thing to do, but I had problems with it last time I tried. It seems that it would randomly stop authenticating people beyond a certain point in the file. I didn't get a chance to try this again. In any case, HP will not support tdbsam (I'm using CIFS/9000, but this question was relevant to Samba in any case) as the recommendation from Samba Team is not to use it for over 250 users. Oddly enough, they did not say that they wouldn't support smbpasswd. In any case, I'm hoping that a serious trim on that file will give me the breathing room I need to look at LDAP. Rune Tønnesen wrote: Hi Ryan Why don't you migrate your smbpasswd file to tdb? This could be done pdbedit -i smbpasswd:/etc/samba/smbpasswd -e tdbsam:/etc/samba/smbpasswd.tdb in smb.conf change passdb backend to passdb backend = tdbsam:/etc/samba/smbpasswd.tdb voila - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHgYXgmb+gadEcsb4RAgqpAKCvhC4dssUIj17OZy827q8olrCUXgCgkc/N KrTHA0ZZAnoxZZkiij/YdD8= =mwED -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP problem
[EMAIL PROTECTED] skrev: Selon Rune Tønnesen [EMAIL PROTECTED]: I've solved my problem by using the openldap database recovery tools to do a manual recover. http://www.google.co.uk/search?hl=enq=openldap+recovermeta= You're right, this works. I managed to repair my database, thanks to you. My ldap runs as it was before the 'crash'. Unfortunately it is still impossible to connect from a window station. By the way, my ldap manager is 'Manager'; I noticed that I have no entry for Manager when I perform a ldapsearch. Is it normal? The LDAP problem: There should be a manager account, which is also defined in the /etc/openldap/slapd.conf otherwise you need to create one. The manager account is used to add accounts for users and workstation to the ldap database. The connection problem: Have you tried to turnoff all the workstations restart samba and see whether they still won't connect? E.g. try add a computer to the domain and see whether this is possible or not. Has the output from the logs changed since ldap got up and running? is there any erros when smb and nmb is restartet e.g. like can't bind to ldap. -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help removing many users
Hi Ryan Why don't you migrate your smbpasswd file to tdb? This could be done pdbedit -i smbpasswd:/etc/samba/smbpasswd -e tdbsam:/etc/samba/smbpasswd.tdb in smb.conf change passdb backend to passdb backend = tdbsam:/etc/samba/smbpasswd.tdb voila -- Rune Tønnesen Venlig Hilsen/Best Regards -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Eggleston wrote: On Fri, 04 Jan 2008, Ryan Novosielski might have said: Can anyone brighter than me think of an easy way to remove MANY users from an smbpasswd file (I have a list of users that can be removed, some of which may already be missing, some of which may be present)? I cannot use smbpasswd -x in a loop. Is there some easy way to do this? I'm aware that you cannot use smbpasswd in a loop creating the accounts because you have to type in the password, but removing the accounts? What's the issue with using smbpasswd in a loop to remove the accounts? I actually thought of something that will work for this, but the background of my situation is that my smbpasswd file has gotten too large. It has gotten so large that it actually cannot be changed because it is always locked for reading (too many clients, too large a file). Therefore, I currently cannot change the file so smbpasswd -x fails. What I'm trying now, that is working but is painfully slow, is copying the smbpasswd file elsewhere and acting on the copy with smbpasswd -c and -x. It will probably run half a day to remove thousands of people, but we'll see. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHfqfFmb+gadEcsb4RAtI+AJ4isi2gFAAIHkhqJjOTvfx6B35iZwCgsHvs geidnzAVXiJaqFlqlPH+fqw= =R66o -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Odd, slow Windows XP client download behavior
Now I don't know what else to try to get my WinXP to communicate correctly with the samba server, do you have any suggestions? Kind regards, Chris Dear Chris With Realteks networkscard there have been reported problems, with use of the driver provided by microsoft update. You might improve your networkspeed on your XP computer be using the driver provided by the manufacturer of your NIC. -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Single Sign On, authentication, and Windows XP Home
Matt Lozier skrev: Hello, I have a small (medium?) sized network of about 30 XP machines. About 2/3 of these machines are running Home Ed. while the other 1/3 are running Professional Ed. I currently have two samba shares, and I'm using 'user' security. I want to implement single sign on, some way, somehow. I've considered: NIS and LDAP, but I can't get the NIS pGina plugin to work with my NIS server, and LDAP seems like a beast to setup, though I'm willing to go for it if it means that I'll be able to get SSO working. Does any one have any suggestions / recommendations? Thanks, Matt What applications do you want sso for? You might be interested in Mandriva directory server http://mds.mandriva.org/wiki/Documentation -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC: Windows xp sp2 reboots when login onto domain
Jose Manuel D. Mendinueta skrev: In the lab I was working we had 10 computers, and the same thing. When the Samba PDC and the computers were installed, all was fine. The computers of the lab were updated regularly, and everything is working fine. The problem is with a new network I am installing in other company. I think that the problem could be related with only newly installed computers, or maybe related with profile creation: I mean, with SP2 msgina.dll, if the profile is not in the server, the client crashes (as no file is created in the Samba server profile folder for the user). Anyway, I am astonished because I think this is an important problem that should happen with XP SP2 installations, and it seems only a few people is suffering it. Maybe there could be some others factors involved, but I used vanilla Xp SP2 windows intallations. Cheers, Mendi Hi Jose It sounds a bit wierd, that your comnputers crashes if the user profile does not exist. Usually missing profiles are created on the client when you logon and is copied to the server when you log off. Have you done anything to the resigtry on your clients? Check http://www.auditmypc.com/process/msgina.asp -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Keeping samba off the internet
John G Walker skrev: But one thing: where do I find the name resolve order param? It seems to be in the right order for me, but I don't like having things work just be chance. I'll feel happier if I know I can fix things if they go wrong, this should do # /etc/host.conf - resolver configuration file # # Please read the manual page host.conf(5) for more information. # # # The following option is only used by binaries linked against # libc4 or libc5. This line should be in sync with the hosts # option in /etc/nsswitch.conf. # order hosts, bind # # The following options are used by the resolver library: # multi on -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd running amok
Bernd Schubert skrev: Hi, on a customer system samba/winbindd is used for windows and unix authentication. I just tuned searches of the ldap backend to speedup by factor 20-200 and slapd now doesn't seem to be the bottleneck anymore. Don't know how well the windows authentication now works, since this is presently done by the heartbeat failover server. However, simply starting 'mc' as root makes winbindd running amok and I have no idea what actually happens. I know this is ancient version 3.0.22, but upgrading without knowing regressions is not so easy and so far we have no idea how to properly test it first. Below are 'strace -f mc' logs and winbindd logs. The ldap database has about 5 entries. Any help is greately appreciated! Thanks in advance, Bernd Any idea whats going on? I think its cycling through every of the ~5 entries in the ldap database, but what for? Thanks, Bernd Hi Bernd mc (Midnight Commander) most likely caches usernames and groups. mc needs the usernames when tje user wants to change ownership of files and directories. You can properly get the same winbindd reaction from getent passwd -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba, ldap changing password
Hi Adam Try usermin http://www.webmin.com/usermin.html -- Rune Tønnesen Venlig Hilsen/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista client / Linux server - high browsing latency
Jay L. T. Cornwall skrev: Jay L. T. Cornwall wrote: Though I don't have any authentication issues I went ahead and changed this setting anyway. Browsing is fast again! I'm not sure if this is permanent (or why that setting would make any difference) - but let's see how long it lasts. Yeah, it's fallen back to high latency browsing after a reboot. Can't reproduce that fix either. Hi Jay Reboot of the Vista pc or your samba box. I've got a few questions about your smb.conf os level = ? wins support = ? master browser = ? Regards Rune -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista client / Linux server - high browsing latency
Hi Jay Ah, sorry, I should have been clearer. Reboot of the Vista client back into Vista. An XP Pro installation on the same client has no problem with performance. Do you map the drive using the samba servers computername or it's IP-address master browser = ? my bad it is not called master browser. Master Browser is just the role the server gets. Try these settings domain master = Yes local master = Yes preferred master = Yes os level = 65 wins support = yes If you want you can try these too. socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista client / Linux server - high browsing latency
Jay L. T. Cornwall skrev: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rune Tønnesen wrote: Reboot of the Vista pc or your samba box. Ah, sorry, I should have been clearer. Reboot of the Vista client back into Vista. An XP Pro installation on the same client has no problem with performance. I've got a few questions about your smb.conf Whole thing's here if you're curious: http://www.esuna.co.uk/~jay/misc/smb.conf os level = ? Default, I haven't set it. wins support = ? wins support = no master browser = ? Not sure I see that setting? Default I guess. I'm not sure these are entirely relevant to the problem, however. In my original post I noted that the share is mapped to a drive - I appreciate that true network browsing generally doesn't perform great so I avoid that route by mounting the share. By browsing performance, I just mean the speed of listing directories and files on the mapped drive. - -- Jay L. T. Cornwall, http://www.esuna.co.uk/~jay/ PhD Student Imperial College London -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGa+9ioHnC75cy2zgRAnYEAJ9J5TycqP9SU/wusKkGzHPagiyejwCgkHSE rK/+YZ0A008DiefiUNQSJnU= =4ye1 -END PGP SIGNATURE- To get the right authentication protocol try these settingws client lanman auth = no client ntlmv2 auth = yes I took it from here. http://www.tek-tips.com/viewthread.cfm?qid=1349504page=1 -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista client / Linux server - high browsing latency
Jay L. T. Cornwall skrev: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have the following system set up: Server: Ubuntu 7.04, Samba 3.0.24, http://www.esuna.co.uk/~jay/misc/smb.conf Client: Vista Ultimate 64-bit, NetBIOS over TCP/IP disabled, LMHOSTS lookup disabled. Share mapped to drive Z:. Up until a few days ago this was working fine. Read/write transfer rates of over 20MB/s onto a RAID-1 array, speedy browsing. But yesterday I noticed a drop in browsing latency; there's now a short but noticeable delay before directory listings appear. Cygwin's ls (which I assume was inefficient to begin with, but quite usable) takes 9 seconds to list a small directory. Curiously, *read/write throughput hasn't changed* - it's still 20MB/s. Latency also seems normal if I reboot into an XP Professional installation, or access the share from my Vista Business 32-bit laptop on the same network. The problem briefly seemed to fix itself yesterday after I tweaked the configuration file a bit, but returned to poor performance later in the day; possibly after a reboot but I don't recall. I've upped the log level and can't see any obvious errors in log.smbd or in log.(host). Observing traffic with tcpdump turns up nothing obvious - the exchange goes on for longer but the difference in per-packet latency isn't visible (Samba sure sends a *lot* of packets to list a directory). Any ideas what I could do to trace this problem? Thanks, - -- Jay L. T. Cornwall, http://www.esuna.co.uk/~jay/ PhD Student Imperial College London -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGao07oHnC75cy2zgRAkyzAJ98b197bLi6pVjPxrIo1zi0wo0z3QCdHRjj u76kid/jRRM8Oj4Uoiy86IY= =xDVi -END PGP SIGNATURE- Which one of your computer is master browse? -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming profiles on demand?
Dear Andres Andreas Paulick skrev: Hello Samba-world, We are planning to upgrade our network incl. clients and server. So there are then exclusive Win XPSP2-Systems and one single Samba-3 Server on Linux. In the past,ocassionly there are network issues (dying switch, broken cable, uncooperative NICs, you all know the list :) ) so there are some chances to FU a roaming profile, if used.Usual, we dont need them because any user has his own PC. More: if I give them roaming profiles, the uers complain about the long start time, because they dont want to delete one single holliday picture in BMP-style for the desktop background, and because of the long shutdown time, they simply switch off their machines,... (you know this type of users). :( This kind of Users are known to exist ;-) The easiests way to cut login time to something users can cope with, is to redirect the documents folder, this can be done by applying a registryfile from the login script. I can post my litle trick if you want it. This also makes backup a lot easier to have profiles and documents a central place. Results: My users profiles are around 5 MB pr. user logintime is low (10-15 sec) The second thing to do is to use poledit to limit the size of the profile, this way the login time is kept low. But there is a nice-to-have feature: An user can switch to another machine and take his own settings to this machine (this needs roaming profile) because of broken machine or holliday substition. So I want to have local profiles on client systems, and from time to time roaming profiles. Are there a way to realise this? If I see this correct, I (or better: the user) only have to do: -copy the User Profile from C: to the server. -local log out on the current machine -log in to the domain on his new machine. in return, he has to -log out of the domain from his actual used machine -domain log in on his main PC (to copy the actual profile to this machine) -log out from the Domain -local log in on the machine Have I forgotten some point? Is this possible? How can I do this? It can be done if the user has to identical accounts one on the local computer and one on the server, and he/she must keep the passwords in sync and there might be problems with users permissions. This seems a bit complicated, See easier solutions above Best Regards Rune -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming profiles on demand?
Salatiel Filho skrev: On 5/29/07, *Rune Tønnesen* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Dear Andres Andreas Paulick skrev: Hello Samba-world, We are planning to upgrade our network incl. clients and server. So there are then exclusive Win XPSP2-Systems and one single Samba-3 Server on Linux. In the past,ocassionly there are network issues (dying switch, broken cable, uncooperative NICs, you all know the list :) ) so there are some chances to FU a roaming profile, if used.Usual, we dont need them because any user has his own PC. More: if I give them roaming profiles, the uers complain about the long start time, because they dont want to delete one single holliday picture in BMP-style for the desktop background, and because of the long shutdown time, they simply switch off their machines,... (you know this type of users). :( This kind of Users are known to exist ;-) The easiests way to cut login time to something users can cope with, is to redirect the documents folder, this can be done by applying a registryfile from the login script. I can post my litle trick if you want it. Please Rune , post your trick :) I tried to attach the files, but recieved and error about illegal attachment from a gmail.com server, so I've put them on a website. Here is 3 links: The sample logon file http://www.tonnesen.org/~rune/logon.bat The registry extracts http://www.tonnesen.org/~rune/userfolder.reg http://www.tonnesen.org/~rune/usershellfolder.reg You should be able edit the files, using a simple editor like vim or notepad from windows, to suit your needs. Another way to get to the same results is here (this is written from my memory): Prerequisite: working samba server as domain controller and roaming profiles enabled. 1. Initial changes We use the possibility to change which folder My Documents points to. 1.1 From a windows workstation login in as a ordinary samba user. Change where the My Documents folder points by right clicking and choose where, you want your users to save their documents, this must a location that is the same for every user i.e. \\servername\homes\Documents or i.e. p:\Documents Click OK 1.2 Now we check it works Save something in the My Documents folder. On the Samba server check that files are created in the users folder. i.e. use a ssh client to check this 1.2.1 logout and login again 1.2.2 Check that My Documents still points to the right place, by right clicking on it. 2. Export the registry settings 2.1 open the registry editor Start - Run type regedit 2.1.1 User Shell Folders Goto HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders File - Export the registry key, so you get the contents of [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders], to a file i.e. userhellfolder.reg 2.1.2 Shell Folders Goto HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders File - Export the registry key, so you get the contents of [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders], to a file i.e. shellfolder.reg 2.1.3 Check the files Open the files using a editor i.e. notepad and check the contents, remove anything unnecessary One of them will contain data in hex ignore it or remove it, I usually ignore the hex, We primarily wants a working system, beauty comes seconf. 3. Applying this to all users 3.1 Copy the files to your netlogon share, It can be a good idea to give root write access to your [netlogon] share, that would this easier. 3.2 check that ordinary users have read access to the files. correct this with chmod +r *.reg 3.3 edit your logon file. add this regedit /s \\server\netlogon\userfolder.reg regedit /s \\server\netlogon\usershellfolder.reg regedit /s silently applies a registry files to the registry, since we only apply to the HKEY_CURRENT_USER section (the current user login) we will not have problems with access rights. 4 check it works before you celebrate. 4.1 Login from a useraccount different from the one used under 1 and 2. 4.2 Check My Documents by right clicking and what directory that My Documents points to. 4.3 Celebrate just a litlle bit 4.4 Move your users documents You have to move all your users Documentfolders out of their profiles to a separate directory i.e. Documents in their homefolder. This can be done from a preexec script or by hand, anything under 50 users I would suggest you do it by hand to keep things simple. When you move your users Documents, then please make sure the folders have the right owner afterwards. This can be done from a root preexec script Please give some feedback sorry about typos, english is not my motherthoung /Rune -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org
Re: [Samba] individual printer setup samba 3.2.5
Dave skrev: Hello, I'm running samba 3.2.5. I've got two printers only one of which i want the network to see. In my smb.conf global section i have: load printers = no printing = cups printcap name = cups and my printer definition: [printername] comment = network printer path = /var/spool/samba browsable = no guest ok = no writable = no printable = yes and in my network neighborhood the printer doesn't show up. If i change the name of that share to [printers] and the load printers option to yes setting up all printers to be visible the printers show up. Can i only see this one printer? Thanks. Dave. Dear Dave The easiest way is to use the default printer setup. Then use the following examples that i have from this url http://www.collaborium.org/onsite/benin/lectures/simone/samba-printing.html To create a private personal printer add the section: [privateprn] comment = pc1 private printer path = /var/spool/samba printer = printer1 public = no writable = no printable = yes valid users = pc1 To create a group accessible printer add the section: [groupprn] comment = guest user group printer path = /var/spool/samba printer = printer1 public = no writable = no printable = yes valid users = @guest -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune Tønnesen Venlig Hilsen/Best Regards I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] cannot start smbd on AIX 5.3
William Jojo skrev: Ben, Original message Date: Wed, 2 May 2007 16:11:18 -0700 From: BURRUEL, BENJAMIN D \(ATTSI\) [EMAIL PROTECTED] Subject: [Samba] cannot start smbd on AIX 5.3 To: samba@lists.samba.org Help please. I am in the process of configuring Samba 3.0.14a onto 4 AIX 5.3 systems. It seems to be working OK on 3 of the 4, but on the last one, I cannot start smbd. nmbd seems to start fine. The smb.conf file matches the other servers except that the server name is changed. Here's the error showing up on the log.smbd file. [2007/05/02 15:19:47, 0] smbd/server.c:main(835) standard input is not a socket, assuming -D option [2007/05/02 15:19:47, 0] lib/util_sock.c:open_socket_in(708) bind failed on port 139 socket_addr = 0.0.0.0. Error = Address already in use I'm hoping someone with network experience has seen this kind of error and can point me in the right direction to resolve. I did a netstat -a | grep 139 but didn't see anything using port 139. what is the result of lsof -i what is the result of netstat -an | grep 13 How does the global section looks like in your smb.conf? have you any running from inet.d or similar that might interfere? -- Rune Tønnesen Bedste Hilsner/Best Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: R: [Samba] duplicate group in NET GROUPMAP LIST
Hi Gianluca Do you have more than one password backend e.g. both smbpasswd and tdbsam or ldapsam ? -- Rune Tønnesen Venlig Hilsen/Best Regards -Messaggio originale- Da: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] conto di John H Terpstra Inviato: mercoledì 2 maggio 2007 14.07 A: samba@lists.samba.org Oggetto: Re: [Samba] duplicate group in NET GROUPMAP LIST On Wednesday 02 May 2007 04:58, Gianluca Culot wrote: Hi List I'm experiencing a strange behaviour on my samba server the group Domain Users (and other builtin groups from my AD servers) appear to have a duplicated SID here is the output of mail# net groupmap list System Operators (S-1-5-32-549) - -1 Domain Guests (S-1-5-21-531635747-2076120898-3807014553-514) - -1 Replicators (S-1-5-32-552) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-2801) - users Guests (S-1-5-32-546) - -1 BUILTIN (S-1-5-21-531635747-2076120898-3807014553-2001) - 500 Domain Guests (S-1-5-21-531635747-2076120898-3807014553-132069) - nobody Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-3001) - 1000 Domain Admins (S-1-5-21-531635747-2076120898-3807014553-1001) - wheel Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) - -1 Domain Admins (S-1-5-21-531635747-2076120898-3807014553-512) - -1 and in /var/log/messages May 2 11:00:05 mail winbindd[23804]: [2007/05/02 11:00:05, 0] sam/idmap_rid.c:rid_idmap_get_id_from_sid(476) May 2 11:00:05 mail winbindd[23804]: rid_idmap_get_id_from_sid: no suitable range available for sid: S-1-5-32-549 which appear to be a group in BUILTIN group from AD server the strange fact is the Domain Users appear to have a TWO sids Domain Users (S-1-5-21-531635747-2076120898-3807014553-2801) Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) The first appear to be correctly mapped to the local users group the latter has no mapping (-1) that's to me appeares really odd Can somebody explain me this old fact ? My actual Samba server (with smtp, pop3, wibind, sshd, apache21) works perefctly and every user can authenticate correctly on every service with his/her own AD domain user and password Any Hint? PLEASE !?! Execute net groupmap cleanup then reset your mappings. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Looks loke net groupmap cleanup has no effect on my system here is the copy of action from my terminal mail# /home net groupmap delete ntgroup=domain users Sucessfully removed domain users from the mapping db mail# /home net groupmap list System Operators (S-1-5-32-549) - -1 Domain Guests (S-1-5-21-531635747-2076120898-3807014553-514) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 BUILTIN (S-1-5-21-531635747-2076120898-3807014553-2001) - 500 Domain Guests (S-1-5-21-531635747-2076120898-3807014553-132069) - nobody Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-3001) - 1000 Domain Admins (S-1-5-21-531635747-2076120898-3807014553-1001) - wheel Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) - -1 Domain Admins (S-1-5-21-531635747-2076120898-3807014553-512) - -1 mail# /home net groupmap cleanup Group Domain Guests is not mapped Group Domain Users is not mapped Group Domain Admins is not mapped mail# /home net groupmap add ntgroup=Domain Users unixgroup=users type=b No rid or sid specified, choosing algorithmic mapping Successfully added group Domain Users to the mapping db mail# /home net groupmap list System Operators (S-1-5-32-549) - -1 Domain Guests (S-1-5-21-531635747-2076120898-3807014553-514) - -1 Replicators (S-1-5-32-552) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-2801) - users Guests (S-1-5-32-546) - -1 BUILTIN (S-1-5-21-531635747-2076120898-3807014553-2001) - 500 Domain Guests (S-1-5-21-531635747-2076120898-3807014553-132069) - nobody Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-3001) - 1000 Domain Admins (S-1-5-21-531635747-2076120898-3807014553-1001) - wheel Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) - -1
Re: [Samba] Scan shares for music/video files?
Dear Michael You can use find it is a good unix tool To get a list of files in the home dir ending on mp3 use find /home -name *.mp3 -print To delete files in the home dir ending on mp3 find /home -name *.mp3 -delete search google for find examples linux and you will get plenty -- Rune Tønnesen Venlig Hilsen/Best Regards Can anyone suggest a good linux-based method of scanning samba shares for the presence of music and/or video files? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vampire and Capital Letters
Simon Faulkner skrev: I find Linux to be a nightmare if usernames have capital letters. Some old Windows PDCs that we are vampiring have usernames with capital letters. AFAIK you can't change a windows username Is there a way of telling the vampire to make all usernames lowercase as it imports them? Can I use pdbedit or any other tool to make them lowercase? At the moment I am changing /etc/passwd and the rest in vi then binary editing passdb.tdb to make them lower case - ugh! What do other folks do? TIA Sim Hi Simon If its is possible to wampire with smbpasswd backend then here is a shotcut to get things done or be inspired. I've not used wampire myself. If you can not do wampire with smbpasswd backend then you might be able to export your tdbsam to smbpasswd using /pdbedit -i tdbsam -e smbpasswd. / 1. Use smbpasswd as the first password backend, /passdb backend = smbpasswd:/etc/samba/smbpasswd tdbsam:/etc/samba/passdb.tdb/ because then you get the usernames into a testfile. 2. Do the wampire trick 3. /cat /etc/samba/smbpasswd | tr '[:upper:]' '[:lower:]' /etc/samba/lc-smbpasswd/ 4. change /passdb backend = smbpasswd:/etc/samba/smbpasswd tdbsam:/etc/samba/passdb.tdb/ TO /passdb backend = smbpasswd:/etc/samba/lc-smbpasswd tdbsam:/etc/samba/passdb.tdb/ 5. run /pdbedit -i smbpasswd -e tdbsam/ to export the content of smbpasswd and then import it to tdbsam 6. remove lc-smbpasswd from /passdb backend = smbpasswd:/etc/samba/lc-smbpasswd tdbsam:/etc/samba/passdb.tdb/ so you get /passdb backend = tdbsam:/etc/samba/passdb.tdb/ 7. run pdbedit -Lv to check things are working ok the tr program is the trick in this case, som perl scripts might be able to do the same lowercase conversion -- Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Active Directory integration without NSS support
Does your system supports kerberos? Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen P. L. skrev: Hi, My embedded linux system doesn't support NSS. Is there a way to configure Samba/winbind to work with Windows 2003 Active Directory without using NSS? I can successfully join an AD domain, but AD users can't access the Samba shares. Thanks, Sam Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains. http://farechase.yahoo.com/promo-generic-14795097 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mode 0x1b4 errors in logs, unable to save Word documents
Hi Adam A possible solution is to use max disk size, but to be honest it is long shoot. max disk size This global option specifies an illusory limit, in megabytes, for each share that Samba is offering. It only affects how much disk space Samba reports the share as having and does not prevent more disk space from actually being available for use. You would typically set this option to prevent clients with older operating systems—or running buggy applications—from being confused by large disk spaces. For example, some older Windows applications become confused when they encounter a share larger than 1 gigabyte. To work around this problem, max disk size can be set as follows: [global] max disk size = 1000 It seems that there is some problem related to acl, what kind of filesystem do you use? Is your samba version compiled with acl support? You might have to take a look at smb.conf about acl. e.g. try to disable acl for the a directory and see what happens Best Regards Rune Tønnesen Adam Nielsen skrev: Hi all, Our users have started to complain that some of the time they're unable to save Word documents to our Samba drive - Word tells them the disk is full. I had a look at the logs, and there are a lot of weird Function not implemented errors. These have been there for a while, but the Operation not permitted ones seem new. Nothing on the server has changed. What's this mode 0x1b4? This is with Samba 3.0.21rc2 - does anyone know if these issues have been changed in a newer release? I wonder whether it's possible to silently fail here to stop Word from giving a disk full error message. Any ideas? Many thanks, Adam. Jan 22 16:54:53 aquila smbd_audit[12156]: open Human Ethics/Document Generation/Source.doc (fd 36) Jan 22 16:54:53 aquila smbd_audit[12156]: open Human Ethics/Document Generation/~WRD2200.tmp (fd 37) Jan 22 16:54:53 aquila smbd_audit[12156]: close fd 37 Jan 22 16:54:53 aquila smbd_audit[12156]: open Human Ethics/Document Generation/~WRD2200.tmp (fd 37) for writing Jan 22 16:54:53 aquila smbd_audit[12156]: chmod_acl Human Ethics/Document Generation/~WRD2200.tmp mode 0x1b4 failed: Function not implemented Jan 22 16:54:53 aquila smbd_audit[12156]: chmod Human Ethics/Document Generation/~WRD2200.tmp mode 0x1b4 failed: Operation not permitted -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mac OS X and AD
David A. Toth skrev: I have a question about integrating MAc OS X and Windows 2003 AD Domain. Getting the machine to join the doamin is easy. But when I try to map the home drives, I can see them but not access them. There was a note that implied this is due to sending encrypted vs non-encrypted with samba and that Win 2K3 server SP1 broke that. It says to disable kerberos authentication on the Windows side. Is that the case or is there a fix for Samba that re-enables this feature. Sorry I don't have the version of Samba it is using but just wondering if anyone on the list can point me in the right direction. Thanks! Known issue with mac os x (using samba 3.0.14) If you want it to work you will have to disable encrypted communication on the windows server. Windows Server 2003 Authentication By deafult Windows Server 2003 will try to encrypt everything sent to and from it. With this enabled you will not be able to log in to the share from your Mac. To fix this there are a couple of options. Case 1, your server is nothing more than a regular file server. In this case open up regedit (Start Run regedit {return}), and navigate to HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ LanManServer \ Parameter \ RequireSecuritySignature, and set it's value to 0. Case 2, your server is also a Domain Controller. In which case you need to open the DC's Security Policy (Administrative Tools Domain Controller Security Policy). Navigate to Local Policies Secuiry Options, and disable Microsoft network server: Digitally sign communications (always) Microsoft network server: Digitally sign communications (if client agrees). Reboot your sever, and you should be good to go. -- Best Regards Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC as wins server
Hi Toni Do you have a DNS server? if not that might help you a lot. Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen On Oct 04, 2006 10:27 AM, Toni Casueps [EMAIL PROTECTED] wrote: We have a Samba server which acts mainly as file server, but we want it to resolve host names for local machines. I have written some IP-hostname lines both in /etc/hosts and /etc/samba/lmhosts, and I have wins support = yes in smb.conf, but then from a Windows client I try to ping one of those hosts and it can't resolve the address. I have tried some combinations of name resolve order and setting dns proxy to yes, but it's the same (now I left dns proxy to no again). I can't see in the logs that another host is making itself the WINS server (that happened some time ago but now it doesn't) It resolves addresses of other hosts that appear in the Windows Network neighborhood and the address of the server from a Windows client, but there are other machines in the network that don't appear there (Linux machines that don't use the Samba server or even printers) I don't know if this is important, but netstat in the server says that port 1512 is not listening. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allow creating files but not deleting
Hi` Do you have acl enabled? Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen The paradox is now fully established that the utmost abstractions are the true weapons with which to control our thought of concrete facts. -A.N. Whitehead On Sep 12, 2006 11:47 AM, Toni Casueps [EMAIL PROTECTED] wrote: I need to create a directory where a user can create and work with files but not delete them. Other users can do anything in that directory. I have a recycle bin set up but I must make it impossible to delete the files. I have tried setting the sticky bit on the directory, and the delete readonly option of smb.conf to no, but the user can always delete the files ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.22 smbd/oplock.c:oplock_timeout_handler
Dmitry Melekhov skrev: Hello! Our users created very large excel file - about 60 Mb, then when they want to open it from samba share, they can't. I see in log: [2006/07/26 12:33:20, 0] smbd/oplock.c:oplock_timeout_handler(366) Oplock break failed for file file.xls -- replying anyway Could you tell me what can I do to solve this problem? btw, there are no problems in network, looks like file is too large and timeout is because of it's size... just an idea too a solution could be to use fake oplocks. What is the config for that share where the large xls file is stored? -- Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] CUPS via SMB with per-user credentials?
Jonathan Anderson skrev: I have a multi-user Linux box in a mostly Windows NT/2000 shop. The office printer is available only via SMB (hosted by a Win2000 box) and access is restricted to valid users in the local NT domain. There is no global or print user/password. I saw this post from 2003... any action since then? I'm in a similar boat, but a little bit worse: in my lab, we have to pay for printing, and I don't want everybody's. How can I let individual users connect to SMB-shared printers (not under my administrative control) using their own uname/passwd? #!/jon Hi Jonathan Do You have ipp printing installed on your windows server? If so you should be able to use the windows server as ipp server specified in /etc/cups/client.conf -- Venlig Hilsen (Best Regards) stud. med. Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Automatic Software Installs via Policies
Paul Henry skrev: Hi all, Are these still the best ways to automate software installs and updates via a Samba/LDAP Domain? http://marc.theaimsgroup.com/?l=sambam=111598734205575w=2 Thanks, Paul. you can try altiris too http://www.altiris.com/ -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] windows 98 logon script
vinayan K P skrev: Hi all, Hope some could help me out with my problem. The following is part of my smb.conf. logon drive = Q: logon path = \\%L\profiles\%U logon home = \\%L\%U logon script = scripts/%g.bat I have a groupname.bat file for each group and that basically maps each users home directory and a common directory of that group. Bellow is a script for group ma and name of the script is ma.bat. net use q: /home net use r: \\server1\ma For windows 2000 and XP clients, the drives 'q' and 'r' gets mapped and can access through my Computer. Windows98 clients says bad command or file name when it executes the same batch file when system starts up and the drives does not get mapped. But if run a batch file with the same content (as mentioned above) after a 98 client is up, the drives gets mapped. Could someone tell me, is there a way with which I can make the windows98 clients run the logon script when the system connetcs the samba PDC, instead of running net use commands or a batch file that contains a net use commands after the windows 98 system is up. Vinayan K P Hi change logon script = scripts/%g.bat to logon script = scripts\%g.bat because windows 9x does not understand / as a dir limiter, which 2k,xp does. -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba and roaming profile
Another method is the use of hide files in either global or you profile share. hide files = /desktop.ini/ Steve A skrev: In the roaming profile, delete the file: Start Menu\Programs\Startup\desktop.ini Steve :) -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot copy back profile
Thanks Jerry. That worked perfectly... but now I've got a _privacy_ issue: all users are able to read and write in each other's profiles. The problem is that currently, if a user testuser starts \\PDC, he finds two shares, the Printers/Faxes and himself, a share called testuser. If he selects this share, he finds *all* the user home directories, and can go into the profile folder and do whatever they want. To ensure that I have all the profiles belonging to smbadmin:Domain Users I use ``force user = smbadmin'' in the profile share section. Is there a way to avoid this behavior? Thanks! -- Sensei [EMAIL PROTECTED] The optimist thinks this is the best of all possible worlds. The pessimist fears it is true. [J. Robert Oppenheimer] --To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba First of all do you have a separate profile share? If not then make one. This way each user will have a separate folder for his/her profile that only he/her has access to. i.e. [global] logon path = \\%logonserver%\profiles\%U [profiles] create mode = 0600 directory mode = 0700 path = /home/samba/profiles/ profile acls = yes read only = no writable = yes if you have a profile share, then please check ownership to see hos access to what. -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] sometimes, roaming profile is not found
Hi Is offline files disabled or enabled? Enabled offline files can sometimes cause problems. Venlig Hilsen (Best Regards) Rune Tønnesen [EMAIL PROTECTED] skrev: Hi, I use samba 3.0.22 on Debian Sarge as PDC for windows XP SP1 and SP2. Sometimes, users get the message Windows cannot found the roaming profile on server so user will get a default profile. (sorry, it's not the official message, I had to translate, because I get the message in french) This error comes only if user log in quickly after the boot. If they wait a little (15/30 seconds) they didn't get the message. When they get this error, I tell them just to close their session, and re open it. And it works fin, they didn't get any error message. At first I think it was an ACLs problem, but it works if user wait a few seconds before login. So I think this problem deals with something about a netbios refresh or windows is not fully ready when it display the login screen. Is there a workaround for this problem, like delaying the login screen with a nice registry key, or perhaps it cames from my samba configuration ? Thank you. Here's my smb.conf : # - # Global parameters # - [global] dos charset = 850 unix charset = ISO8859-1 workgroup = elb-lyon netbios name = server02 server string = server02.elb-lyon os level = 65 domain logons = Yes domain master = Yes local master = Yes preferred master = Yes wins support = Yes obey pam restrictions = Yes passdb backend = tdbsam, guest passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* passwd chat debug = Yes pam password change = Yes unix password sync = Yes syslog = 0 log level = 2 # log level max = 10 log file = /var/log/samba/log.%m max log size = 25600 dns proxy = No panic action = /usr/share/samba/panic-action %d invalid users = root2 # paramètres samba utilisateur par defaut logon drive = P: logon home = \\server02\%U logon path = \\server02\profiles\%U logon script = %U.cmd # gestion des comptes posix automatique # Gestion des comptes POSIX add machine script = /usr/sbin/useradd -g sambamachines -c Machine -d /dev/null -s /bin/false '%u' add user script = /usr/sbin/useradd -g sambausers -c Utilisateur -d /dev/null -s /bin/false '%u' add group script = /usr/sbin/groupadd '%g' add user to group script = /usr/bin/gpasswd -a '%u' '%g' delete user script = /usr/sbin/userdel -r '%u' delete group script = /usr/sbin/groupdel '%g' delete user from group script = /usr/bin/gpasswd -d '%u' '%g' set primary group script = /usr/sbin/usermod -g '%g' '%u' veto files = /lost+found/ .recycle/ aquota.user/ aquota.group/ guest account = guest hosts allow = 192.168.0. 127. # - # Necessaire Domaine # - [homes] path = /mnt/SAN01/vd3_home2/home2/%u comment = Home Directories valid users = %S guest ok = No writable = Yes create mask = 0700 directory mask = 0700 browseable = No [netlogon] path = /mnt/SAN01/vd3_home2/netlogon comment = Partage NetLogon valid users = @sambausers @sambaguests root guest ok = No read only = Yes browseable = No [profiles] path = /mnt/SAN01/vd3_home2/profiles comment = Profils utilisateurs valid users = @sambausers @sambaguests root guest ok = No writable = Yes create mode = 0700 browseable = No # - # Imprimantes # - [printers] path = /tmp comment = All printers valid users = @sambausers guest ok = No create mask = 0700 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers # - # Partages # - [vd1_echange] path = /mnt/SAN01/vd1_echange valid users = root @sambaadmins @sambaguests @User_Standard guest ok = No writable = Yes create mask = 0770 directory mask = 0770 browseable = yes inherit acls = yes
Re: [Samba] Samba and MS SMS 2003
Hi Yes there is other software managementsolutions that does not require a windows server. altiris http://www.altiris.com/ it is worth the money and have a free trial OSS http://www.wpkg.org/ i really like because of it is small memory footprint and it support other formats than msi there is another tool called http://unattended.sourceforge.net/ it is meant for unattended windows + software install, but not software management. Venlig Hilsen (Best Regards) Rune Tønnesen Brian May skrev: Brian == Brian May [EMAIL PROTECTED] writes: Brian 2. I noticed that Windows XP isn't one of the listed Brian required operating systems for Microsoft SMS 2003. So Brian either what I am trying to do is not possible :-( or the Brian Microsoft documentation is wrong (very possible IMHO). Hello, Are there any solutions that will allow remote management of software installed on Windows domain clients that doesn't require Windows 2003 server? I thought this would be a common situation, but maybe I am mistaken. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC with 2 NICs problem
Roy McMorran skrev: Hello Samba List, I'm running a Samba 3.0.22 PDC on Solaris 9. Things got a bit peculiar when I added a 2nd network interface. The two subnets are a primary network that carries all the client traffic and a tape-backup/admin network that is not accessible to any clients, ie. aaa.bbb.ccc.241 - bge0 - primary network (address suppressed) 192.168.254.254 - bge1 - admin/backup network I've configured Samba (I think) to ignore the admin network... socket address = aaa.bbb.ccc.241 interfaces = bge0 lo0 bind interfaces only = true hosts allow = aaa.bbb.ccc. , 127. However, some devices are getting the notion that there is a PDC at 192.168.254.254 and are trying to contact it (which of course they cannot). For instance (this is a NetApp that is a domain member): grunthos cifs testdc ... Testing all Primary Domain Controllers found 2 unique addresses Fri May 12 09:56:55 EDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Found 2 BDC addresses through WINS. Fri May 12 09:56:55 EDT [auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Found 2 PDC addresses through WINS. found PDC TRILLIAN at aaa.bbb.ccc.241 Not able to communicate with PDC 192.168.254.254 trying 192.168.254.254...Fri May 12 09:57:07 EDT [auth.dc.GetDCName.failed:error]: AUTH: Error 0x0 while trying to get Domain Controller name for 192.168.254.254: Timed out waiting for reply. ... I'd expect it to find only aaa.bbb.ccc.241 - Any idea what am I missing here? The PDC is also the WINS server, in case that matters. Thanks, Hi Roy My best guess is that this is subnet browsing issue. Since enhanced browsing is enabled by default try to disable it in [Global] section enhanced browsing = no -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb.conf for MS-Access and MS-Excell Files
daniel arjona skrev: I have a file server running with Samba over Debian Sarge 3.1 R1. This File server store MDB and XLS files. Could anybody give me an optimal setup for my samba server (smb.conf). Actually, the performance is very poor. Thanks, Daniel Arjona Net Admin GENCO Distribution Systems http://www.genco.com/ 8740 Robert Fulton Dr Columbia, MD 21046 Ph: 410-872-0875 X12 Fax: 410-872-0877 [EMAIL PROTECTED] What is your smb.conf for the [global] section and for the particular [share]? -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win2k clients won't rejoin Samba PDC domain, Remote Procedure Call Failed?
is also already added) plfc-03$:505::7A43E23FE67585145CD2F799BE224F21:[UW ]:LCT-443B8092: (this is the win2k machine that I disconnected and tried to reconnect) plfc-06$:520:::[DW ]:LCT-: (this is a new win2k machine that I've tried to add today) plfc-02$:522:::[DW ]:LCT-: I've read loads on the net about Samba 2 having serious windows 2000 issues, but not much about Samba 3, if anyone has *any* idea what my problem might be, even if you don't have a clue and just have some suggestions or want to know what my smbpasswd file looks like or whatever, please, I'd really appriciate hearing from you all! Thanks, Matthew Hall Hi Matthew Rejoining machines to a domain can be tricky at best. I've had the same problem so here is my solution based on trial an error. 1. the disjoined machine should joined to a workgroup with another name e.g. workgroup 2. reboot the now totally disjoined machine. This way it should drop all connections to your domainserver 3. rejoin the disjoined machine 4. login as root and remove all old user profiles. Now it should work. -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permissions for share
Hi Chris chmod -R 770 /network/rit/lab/ritstaff this will give the owner and group full access to files and dirs recursively you check this site for further info http://www.computerhope.com/unix/uchmod.htm Chris Boyd skrev: Ok so what permissions do I need to run on the existing files/directories? ie chmod ? -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-LDAP Roaming Profiles
mallapadi niranjan skrev: Hi all I have a samba 3.0.21c with OpenLDAP 2.3.19 as Primary Domain Controller. I would like to enable Roaming Profiles per user basis , not for all users. below is my smb.conf , [global] workgroup = mydomain.com http://msdpl.com/ netbios name = mydomain passdb backend = ldapsam:ldap://mydomain.com server string = Domain Controller hosts allow = 192.168.128. 192.168.129. 192.168.130. 127. security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth0, lo printing = cups disable spoolss = Yes printcap name = cups max print jobs = 100 enable privileges = yes password level = 8 username level = 8 bind interfaces only = yes local master = Yes os level = 65 domain master = yes preferred master = yes null passwords = no hide unreadable = yes hide dot files = yes domain logons = yes logon script = %u.bat logon path = logon drive = X: logon home = \\mydomain\%U wins support = yes name resolve order = wins lmhosts host bcast dns proxy = no time server = yes log file = /var/log/samba/%m.log max log size = 50 nt acl support = yes ldap passwd sync = yes add user script = /usr/local/sbin/smbldap-useradd -m %u delete user script = /usr/local/sbin/smbldap-userdel %u add machine script = /usr/local/sbin/smbldap-useradd -w %m add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' ldap delete dn = Yes ldap ssl = no ldap suffix = dc=msdpl,dc=com ldap admin dn = cn=manager,dc=msdpl,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap timeout = 50 idmap backend = ldap:ldap://mydomain.com idmap uid = 1-2 idmap gid = 1-2 check password script = /usr/local/bin/crackcheck -s map acl inherit = yes winbind use default domain = yes template shell = /bin/false # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /usr/local/samba-3c/lib/netlogon/scripts guest ok = yes browseable = yes write list = root [profiles] Comment = Profile Shares path=/profiles browseable=yes writeable = yes create mode = 0600 directory mode = 0700 In the above configuration. I have not given any netbios logon path ie logon path = and for users whom i want to enable roaming profiles i have modified through smbldap-usermod command ie i have given smbldap-usermod -F \\mydomain\profiles\username username 1)using the above said configuration. Roaming profiles for that particular user is not getting enabled. 2) suppose i edit my above smb.conf and write logon path=\\mydomain\profiles\%U and enable roaming profile for the intended user through smbldap-usermod, then roaming profile is getting enable, but the problem is , in /profile directory (which is profile share) all the user who logon to the domain, a directory is created by their username. 3) for the user's who i have manually enabled roaming profile, their roaming profile works perfectly in windows 2003 and windows Xp, ie if they create any new folder or shortcut , it gets reflected in the server profile directory,but the same user when logon in windows 2000 professional, it's not working ie, what ever is in the server profile it gets loaded but if any modification is done, it does not reflect in server. 4) my query is should we enable logon path = \\mypdc\profiles\%u in server. if i leave it blank and edit manually per user through smbldap-usermod will it work. what is the correct method of enable per user roaming profile for samba with LDAP backend Please guide me Regards Niranjan Hi Niranjan My suggestion to your problem would be Mandatory profile as default for all users which mean you specify the profile directory in smb.conf check http://caad.ar.vtu.lt/samba/docs/man/Samba-HOWTO-Collection/ProfileMgmt.html#id2628723 logon path=\\mydomain\profiles\mandatory # you would have to use fake perms by doing so they download their profile from \\mydomain\profiles\mandatory For the few choosen you change logon path in their account using smbldap-usermod to \\mydomain\profiles\%U -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Weird XP synchronisation issue. Using old cached IP?
Paul Smith skrev: First, a little background: I successfully migrated the samba PDC funtionality from an old Suse machine to a new debian-based one. The old machine was named PHOENIX and had an ip address of 10.10.10.4. The new one has the same name but is on 10.10.10.14. Everything is working just fine with this new domain (authentication, adding users, computers, printing etc), except for one laptop. Since the domain changeover I've assigned the old 10.10.10.4 IP address to a machine running MS Project Server 2003 which works just fine. Now, the issue: When the XP-based laptop attempts to synchronise its offline files it prompts me for a username/password, but the server name in the login dialog is PROJECTSRV - the name of the ProjectServer at 10.10.10.4. I have tried to rectify this by bringing down the ProjectServer, adding an ip eth0.alias to the samba PDC of 10.10.10.4 and synchronising the laptop. This worked fine. However, when I remove this ip alias and bring the ProjectServer back online, the synchronisation error occurs again. I've searched the registry on this laptop for 10.10.10.4 and PROJECTSRV but have found nothing. Has this happened to anyone before? How can I reset the laptop's synchronisation configuration to only want to synchronise with PHOENIX? Thanks Paul If none of that work, then disable offline files. -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Logging Off Windows XP
Berlin Brown skrev: Whenever I log-off of windows xp. I dont lose my mapped drive connection but I get an error message stating an invalid password. I enter the exact same password for the reconnect but it wont stay. It is not a problem just strange that I have to enter my password everytime even though I set it through the mapped drive settings. Anyone seen this before? Hi Berlin If you disable off line files in XP then you should be Okay. Folder Options - Off line Files - Uncheck off line files -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to run application from share
have to be win2003 or one of the server grade OS's. cheers, jerry = I live in a Reply-to-All world. --- Samba--- http://www.samba.org Centeris --- http://www.centeris.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEO6KhIR7qMdg1EfYRAvSEAJ48ZmU6sFsReWLw6ybQjSCBP/MYKACgyZEW 5w2WbEkFWo08GPJ4TUtx+Kw= =jjxq -END PGP SIGNATURE- - This email message is intended only for the addressee(s) and contains information that may be confidential and/or copyrighted. If you are not the intended recipient please notify the sender by reply email and immediately delete this email. Use, disclosure or reproduction of this email by anyone other than the intended recipient(s) is strictly prohibited. USIT has scanned this email for viruses and dangerous content and believes it to be clean. However, virus scanning is ultimately the responsibility of the recipient. - Hi Chris Does the app use a database in a file? e.g. a access database og Borland database? try to put this in the share in smb.conf it worked for me with my borland database engine apps. veto oplock files = /*.LCK/*.lck/*.net/*.NET/*.*db/*.*DB/ oplocks = No level2 oplocks = No strict locking = No -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] full access to the home dirs as Admin in Windows
Martin Miethe skrev: Hello Mailinglist, I got Samba running and also have a Win2K Server being part of the domain. I run the the backups to a USB device which is connected on the Windows Server. When I login to the Windows Server as Administrator I need full access (like root) to all the Samba shares on the Linuxbox. The share is defined as follows. smb.conf: [backup] comment = Backup Directory - all this needs to be saved path = /var/lib/samba/shares writeable = no browsable = no valid users = @it-admin I can access the /home Dir but have no access rights to enter /home/user_xxx when being loged in as Administrator on the Windows server (this is my problem). The smbusers file looks as follows: root = Administrator administrator The rights of the home dirs are set to drwx--x--x Thanks a lot and best regards Martin Hi Martin When you log in as root on the server, do you have access to the directoories then? -- Venlig Hilsen (Best Regards) Rune Tønnesen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba