[Samba] Upgrading Question...
Hi All, I'm running portupgrade on samba (FreeBSD box) and came across something I don't recall seeing when I initially installed it last year... lqqq configuration options k x x x Please select desired options: x x lqqk x x x [ ] syslog With syslog support x x x x [ ] ssl With ssl supportx x x x [ ] ldap With LDAP2 support x x x x [ ] nocups Without CUPSx x x x [ ] acl With ACL supportx x x x [ ] utmp With UTMP support x x x x [ ] msdfsWith MSDFS support x x x x [ ] quotaWith Quota support x x x x [ ] recycle With Recycle Binx x x x [ ] auditWith Audit x x x x [ ] winbind With Winbindx x x x [ ] wbauth With Winbind Auth Challenge x x x mqqj x tqqu x[ OK ] Cancel x mqqj I think I know what most of these do, but just to be safe how can I confirm what my current install is/was? This is an in-use machine, so I want the upgrade to be as smooth as possible... PS. I'm going from 'samba-2.2.6.p2_1' to 'samba-2.2.8a'... TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Domains/Workgroups (again sigh)
Hi All, After a couple of months break (and running only a single instance of SAMBA) I once again need to try and get two simultaneous instances of SAMBA running on the same machine, each serving up a different domain/workgroup. Here's the scoop: one machine, with dual NICs, the first one is on 192.168.1 (students) and the second one is on 192.168.2 (staff). Here's the diff on the conf files, smb.conf.students & smb.conf.staff: -su-2.05b# diff smb.conf.students smb.conf.staff 3c3workgroup = STAFF 5,7c5,7 hosts allow = 192.168.2. 127. >interfaces = 192.168.2.200/24 >pid directory = /var/run Here's my startup script: > -su-2.05b# more /etc/startsamba > #!/usr/local/bin/bash > > /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf.staff > /usr/local/sbin/nmbd -D -s /usr/local/etc/smb.conf.staff > > /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf.students > /usr/local/sbin/nmbd -D -s /usr/local/etc/smb.conf.students If I comment out the staff launch, the student domain works as expected. When I try to launch the staff one though, neither works, but there's no errors in the log files... - Should I bump up the logging level? - Do I need to add a piddir directive at launch time as well as having it in the .conf file? It's 2.2.6pre2 (built from ports on FreeBSD 4.7-Stable). I know there's 2.2.7 but really don't want to risk breaking what's working, as this box is live and can't afford to go down. But... if someone knows for certain tht this was broken in 2.2.6 or something, that would help big time. TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Password woes...
Hi Again, > it's fairly easy to keep the passwords in sync... > just set up samba to change the unix passwords with the "unix password > chat" stuff in smb.conf Okay, I see that this stuff is defaulted to being configured when I testparm so that's cool... > use pam_smbpass to make pam update the samba password when the unix > password is updated. Ahhh.. How do I do this part? The docs seems to refer to a pam configuration file that I can't find in the same location. I'm using FreeBSD 4.7, but all the docs seems to assume Linux :( > you can script add the users with smbpasswd -a but they'll all have to > set their own passwords. Based on what you said above though, shouldn't I be able to port over the BSD master.passwd file (this works for the UNIX side of things) and then using pam_smbpass sync things up? There's a few hundred users... > you must have been using unencrypted passwords... yeah, back then we were using mostly 95 machines, so I went with plain text. > I strongly suggest using encrypted passwords but i think it is still > possible to use unencrypted passwords (and no smbpasswd) with 2.2.7 > I'm not sure about that, and I don't know how to do it. Yes, I'm using encrypted ones with the current configuration, and it works, except that I need to manually add users with the smbpasswd command right now. So, all I need is the details on syncing the UNIX passwd with SAMBA via pam_smbpass. I was really hoping to get the box installed today so that the students were using it tomorrow, but if I can't get this figured out, I'll be eating crow until I can. Any further help would be most appreciated. Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Password woes...
Hi All, Moving up from 2.0.7 to 2.2.6 is taking it's toll, but I'm getting there... Right now I'm stuck on the smbpasswd stuff. With 2.0.7 I don't maintain one (AFAIK). All users have UNIX accounts on the old machine, and I'm porting over the passwd file to this new one. I have no idea what their passwords are, and up till now, they simply change their UNIX passwd and SAMBA happily uses it. Why can't I, or how do I do this with 2.2.6? TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA doesn't like me anymore :(
Hi All, Okay, SAMBA officially doesn't like me or something. Here's the poop: - Brand-new FreeBSD 4.7 box - SAMBA 2.2.6pre2 (built from the ports tree) - I have dual NICs, one on 192.168.1 (students) the other on 192.168.2 (staff) - I need two operational workgroups "STUDENTS" & "STAFF" each tied to their own interface. - This machine needs to do all the authentication stuff, dunno if that requires it to be a PDC (strictly Win9X machines), and if you can run two PDC's... Yesterday morning I had it launching two seperate instances of smbd and nmbd at the same time, one for workgroup "STAFF" the other for "STUDENTS". I started adding more features to smb.conf.staff and smb.conf.students and somewhere along the way I broke it. I can no longer start up two instances anymore :( This is now desperate for me, I need to swap out the old 2.0.* server this weekend. One major reason for the upgrade is the dual workgroup setup as it wasn't supported in 2.0.* . I've even gone back to bare bones conf files, but apparently that wasn't what caused it to stop working in the first place I guess. The problem is that it seems to be ignoring the --pidfile directive :( Here's my startsamba script: #!/usr/local/bin/bash /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf.staff /usr/local/sbin/nmbd -D -s /usr/local/etc/smb.conf.staff /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf.students --pidfile /var/run2/smbd.pid /usr/local/sbin/nmbd -D -s /usr/local/etc/smb.conf.students --pidfile /var/run2/smbd.pid The first set places the .pid files in /var/run which has drwxr-xr-x 3 rootwheel so I created /var/run2 with the same permissions. Again, this worked for the better part of a day yesterday... My (now) minimal conf files are: > [global] >workgroup = STAFF >hosts allow = 192.168.2 127. >interfaces = 192.168.2.200/24 > > [homes] >comment = "Home Directory of %u" >guest ok = no >read only = no >browseable = no >writeable = yes Only difference is the workgroup = STUDENTS and the IP stuff for their .conf file. log.smbd reads: > [2002/11/22 10:58:09, 0] smbd/server.c:main(707) > smbd version 2.2.6pre2 started. > Copyright Andrew Tridgell and the Samba Team 1992-2002 > [2002/11/22 10:58:09, 0] smbd/server.c:main(707) > smbd version 2.2.6pre2 started. > Copyright Andrew Tridgell and the Samba Team 1992-2002 > [2002/11/22 10:58:09, 0] lib/pidfile.c:pidfile_create(86) > ERROR: smbd is already running. File /var/run/smbd.pid exists and process id 406 >is running. log.nmbd reads: > [2002/11/22 10:58:09, 0] nmbd/nmbd.c:main(794) > Netbios nameserver version 2.2.6pre2 started. > Copyright Andrew Tridgell and the Samba Team 1994-2002 > [2002/11/22 10:58:09, 0] nmbd/nmbd.c:main(794) > Netbios nameserver version 2.2.6pre2 started. > Copyright Andrew Tridgell and the Samba Team 1994-2002 > [2002/11/22 10:58:09, 0] lib/pidfile.c:pidfile_create(86) > ERROR: nmbd is already running. File /var/run/nmbd.pid exists and process id 408 >is running. So obviously for some reason it's now ignoring the --pidfile directive and trying to dump it into the default locaction of /var/run ... Again, I had these two running simultaneously yesterday, but when I was stumped with the trust stuff (moving up from 2.0.* which as I recall didn't have them) I must have done something stupid to break it :( help? Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba is broadcasting other network shares...
Hi, > Have you tried the "Interface" option in the smb.conf? > > That's how I keep Samba from broadcasting to the Internet on my > Router/FTP server that is running Samba to upload files to the FTP > folders from the LAN. I set the line to only look at the Internal IP > subnet and things are fine. Yeah, but I need SAMBA to use both interfaces, so they're both added to the interfaces line. This server is acting as the PDC and machines from both networks need to connect to it. I just don't want them browsing the other network's shares. Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba is broadcasting other network shares...
Hi All, I have a new samba configuration (2.2.6 FreeBSD 4.7), and the machine has dual NICs, one is for the student network, the other is for the staff. They're both working fine except for one major pain. In Network Neighborhood, they can see each other. It doesn't appear that they are able to access the shares on the other LAN, but I need to remove them somehow. Basically, some machines are using peer-peer (printing and a little local file sharing), and I don't want them seeing the other network. They're physically on seperate LANs, the only common link in the chain is the actual SAMBA daemon, so I must assume that it's trying to be helpful and broadcasting the peer shares across the two networks. Any way to stop this? I tried running multiple copies of smbd and nmbd, and thought I had it working, but then it failed all of a sudden and wouldn't come back :( Ideally They'd each log into seperate workgroups, but the --pidfile directive is failing for some reason. TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pam authentication failing...
Hi Again, Dunno what all I did now, but I turned back on encrypted passwords as stated as being needed in Samba-HOWTO-Collection.html from the docs section of the SAMBA site. (primarily the "Configuring the Samba Domain Controller" sub-section) Now I'm getting: > [2002/11/20 15:41:10, 2] smbd/reply.c:reply_sesssetup_and_X(982) > Defaulting to Lanman password for steve > [2002/11/20 15:41:10, 1] smbd/password.c:pass_check_smb(552) > Account for user 'steve' was disabled. > [2002/11/20 15:41:10, 1] smbd/reply.c:reply_sesssetup_and_X(998) > Rejecting user 'steve': authentication failed > [2002/11/20 15:41:10, 2] smbd/server.c:exit_server(461) > Closing connections All I want is for SAMBA to use the user's password from the main FreeBSD passwd file... After it actually works, I'd like the users to either change their UNIX password, or via windows, the two need to be in sync. Here's my smb.conf (be gentle): > [global] >netbios name = fileserver >workgroup = STAFF >server string = fileserver >hosts allow = 192.168.2. 127. >load printers = yes >log level = 2 >log file = /var/log/log.%m >max log size = 500 >security = user >socket options = TCP_NODELAY >interfaces = 192.168.2.200/24 >domain master = yes >preferred master = yes >local master = yes >domain logons = yes >logon script = staffconnect.bat >dns proxy = no >time server = yes >os level = 64 >encrypt passwords = yes >logon drive = H: >logon home = \\fileserver\%u > > [homes] >comment = "Home Directory of %u" >guest ok = no >read only = no >browseable = no >writeable = yes > > [netlogon] >comment = Network Logon Service >path = /home/logon >guest ok = yes >writeable = no >share modes = no > > [printers] >comment = All Printers >path = /var/spool/samba >browseable = no >guest ok = no >writeable = no >printable = yes > > [public] >comment = "Public Share" >path = /home/public >read only = yes >printable = no TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] pam authentication failing...
Hi All, Brand new box, running FreeBSD 4.7 and 2.2.6 of SAMBA. I keep getting the following when a legit user attempts to login: > [2002/11/20 11:15:46, 0] passdb/pampass.c:smb_pam_passcheck(827) > smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User steve ! > [2002/11/20 11:15:46, 0] passdb/pampass.c:smb_pam_passcheck(827) > smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User steve ! The machine is 98 (with the registry mod for plain text), and smb.conf has: encrypt passwords = no I know I must have missed something, just can't find it, too little sleep probably :( TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Ports Recommended?
Hi All, I finally got a completely new box (Multiple Domains Thread from last month) and have just done a fresh FreeBSD 4.7 install. I used to use a source tarball, but am wondering if there's any reason to not use the ports tree. TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple Domains?
Hi, > > > Downloading the latest now. > > > > Okay, now for the scary part. This machine is live, and in use all day every > > day. Anything I should know about upgrading from 2.0.7 to 2.2.5? > > Wait until later tonight for 2.2.6 :-) :) Have now downloaded 2.2.6, thanx. > Seriously, an upgrade from 2.0.7 to 2.2.6 should not be > taken lightly. How big of a server and number of clietns > are we talking about? It's the fileserver for a school, lab has 24 machines, and there's another dozen scattered around the school. There's only a couple hundred users all told. I'm not really doing anything special, I have a printer hung off the server, each user has their own file share, and there are two public shares. I run a connect.bat script, and that's it. If they had the budget, I'd be completely building a new server then swap them into place, but I'm stuck with what I've got :( > > Does SAMBA rely on anything outside it's own directory? I want to make > > a couple of tarballs so I can "go back" if needed. > > tar up /usr/local/samba and you should be ok. Thanx. Wish me luck. Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple Domains?
> Downloading the latest now. Okay, now for the scary part. This machine is live, and in use all day every day. Anything I should know about upgrading from 2.0.7 to 2.2.5? I always like having a backup plan in place before something major like this. Does SAMBA rely on anything outside it's own directory? I want to make a couple of tarballs so I can "go back" if needed. TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple Domains?
Hi, > > And I can't see any way to tell nmb to place the second .pid file elsewhere. > > See the "pid directory" parameter (or is it pidfile directory?) Okay, lightbulb went off, I'm still at 2.0.7, reading the docs online, I see that this was added to 2.2.4 Downloading the latest now. Thanx Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple Domains?
Hi Again, A bunch of people contacted me telling me to start up a second copy of SAMBA, but unfortunately, no one seems to know how to do it? When I try to launch a second copy of smb and nmb with pointers to the new smb.conf file, I get: >[2002/08/27 18:37:20, 0] lib/pidfile.c:pidfile_create(86) > ERROR: nmbd is already running. File /usr/local/samba/var/locks/nmbd.pid exist >s and process id 39187 is running. >[2002/08/27 18:41:14, 0] nmbd/nmbd.c:sig_term(65) > Got SIGTERM: going down... And I can't see any way to tell nmb to place the second .pid file elsewhere. Do I need to recompile a second copy of samba, using /usr/local/samba2 as the directory or something? TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Multiple Domains?
Hi, > Wouldn't it be easier to keep you BSD box as your PDC, have staff and students login >on to that one domain and have logon scripts if you need to do anything cleaver?? I definitely want to keep the BSD box as the PDC, but need the seperate workgroups, as there is some peer sharing going on with the staff and I don't want there to be any possibility of the students taking a peek in there. That's also why I run two seperate LANs (no packet sniffing). Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple Domains?
Hi, > To accomplish that task you will have to run multiple Samba instances > (one per Domain/group). Network aliases are your friends. You can create > aliases on each NIC and bind Samba instances to separate aliases on the > same network. This was one of the things I tried previously, but got errors like: >[2002/08/27 18:37:20, 0] lib/pidfile.c:pidfile_create(86) > ERROR: nmbd is already running. File /usr/local/samba/var/locks/nmbd.pid exist >s and process id 39187 is running. >[2002/08/27 18:41:14, 0] nmbd/nmbd.c:sig_term(65) > Got SIGTERM: going down... I shouldn't need to use Network aliases I believe, unless I'm missing something, please let me know if they're needed though. I can't seem to get into samba.org right now, is there a flag to tell nmbd to place it's .pid file in another location? Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Domains?
Hi All, I just joined this list, and I'm looking for some help. I've been running a Samba server for a few years now, and it's been doing everything I've asked it too, but I'm hitting a wall trying to implement something new. Google searches aren't turning up too much, except to indicate that other people have done what I want, but I haven't gotten much responses when I tried to contact them :( The few vague instructions I turned up in my searches seem to fail... I need to make my current Samba server (one FreebSD box) serve up multiple domains. I added a second NIC for the second network, and all the TCP/IP stuff is configured and working properly. Whenever I try to add stuff for a second domain though, the whole thing (Samba) fails so I've undone everything to keep the current status. Here's the scoop on the Network: Two completely seperate LANs, one on 192.168.1 and the other on 192.168.2 The students are all on .1, and the staff is on .2 The students currently log into the "STUDENTS" workgroup with no problem. As the staff has increased, we now need the staff to log into a workgroup themselves. I have two choices: 1) re-configure the current server (preferred) 2) build a duplicate LAN out of spare parts and start from scratch I'm more than happy to do either, I just want to know if someone has indeed gotten a single Samba box to server up multiple domains at the same time. TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba