Re: [Samba] Windows 7 Samba 3.5.5 and IPC$

2010-10-06 Thread Vasiliy Ozerov 
The problem was in max protocol option in smb.conf, after I comment it
all works.

On 6 October 2010 15:00, Vasiliy Ozerov  wrote:
> Good day.
>
> I have a problem with connecting Samba 3.5.5 and Windows 7. First of
> all I have added DomainCompatibilityMode and DNSNameResolutionRequired
> to windows registry. After that i tried to connect windows to samba
> domain, but without any results. And some time ago I see, that I can't
> access Samba shares with right login and password. Windows 7
> diagnostik says that It can't find \\spider\IPC$.. Spider is netbios
> name of my PDC. Here is smb.conf and log file:
>
> smb.conf:
>
> [global]
>        dos charset = cp866
>        unix charset = koi8-r
>        display charset = koi8-r
>        workgroup = TEACHERS
>        server string = Documents
>        password server = 192.168.1.250
>        passdb backend = ldapsam:ldap://192.168.1.250/
>        lanman auth = Yes
>        client NTLMv2 auth = Yes
>        log level = 3
>        log file = /var/log/samba/log.%m
>        max log size = 500
>        max protocol = SMB2
>        time server = Yes
>        add user script = /usr/sbin/smbldap-useradd -m "%u"
>        add group script = /usr/sbin/smbldap-groupadd -p "%g"
>        add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
>        delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
>        set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
>        add machine script = /usr/sbin/smbldap-useradd -w "%u"
>        logon script = all.bat
>        logon path = \\%L\Profiles\%U\%m\%a
>        logon drive = Z:
>        logon home = \\%L\Profiles\%U\%m\%a
>        domain logons = Yes
>        os level = 128
>        preferred master = Yes
>        domain master = Yes
>        dns proxy = No
>        wins proxy = Yes
>        wins support = Yes
>        ldap admin dn = "cn=config"
>        ldap delete dn = Yes
>        ldap group suffix = ou=groups
>        ldap machine suffix = ou=computers
>        ldap passwd sync = yes
>        ldap suffix = dc=spider,dc=teachers
>        ldap ssl = no
>        ldap user suffix = ou=people
>        admin users = fr33man
>        hosts allow = 192.168.1., 192.168.3., 127.
>
> [homes]
>        comment = Home Directories
>        read only = No
>        browseable = No
>
> [netlogon]
>        comment = Network Logon Service
>        path = /etc/samba/netlogon/
>        guest ok = Yes
>        browseable = No
>
> [Profiles]
>        path = /data/home
>        read only = No
>        create mask = 0600
>        directory mask = 0700
>        guest ok = Yes
>        browseable = No
>
> [data]
>        comment = Dump of files
>        path = /data/data
>        invalid users = @Internet
>        read list = @People, @wheel
>        write list = @People, @wheel
>        read only = No
>        create mask = 0666
>        directory mask = 0777
>        guest ok = Yes
>        vfs objects = full_audit
>        full_audit:priority = notice
>        full_audit:facility = local5
>        full_audit:success = connect disconnect opendir mkdir rmdir
> closedir open close read pread write pwrite sendfile rename unlink
> chmod fchmod chown fchown chdir ftruncate lock symlink readlink link
> mknod realpath
>        full_audit:failure = none
>        full_audit:prefix = %u|%I
>
> [Progs]
>        comment = Dump of files
>        path = /data/tst
>        invalid users = @Internet
>        read list = @People, @wheel, admin
>        write list = fr33man, slv, admin, ram_zes, allienzuzweit
>        create mask = 0664
>        directory mask = 0775
>        guest ok = Yes
>
> [IPC$]
>        hosts allow = 192.168.1.0/24, 127.0.0.0/8
>        available = No
>
>
>
> log.cab-312-test1 (windows 7 machine):
>
> [2010/10/06 14:52:15.293125,  3] smbd/uid.c:429(push_conn_ctx)
>  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2010/10/06 14:52:15.293145,  3] smbd/sec_ctx.c:310(set_sec_ctx)
>  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2010/10/06 14:52:15.293177,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
>  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2010/10/06 14:52:15.293213,  3] smbd/sec_ctx.c:310(set_sec_ctx)
>  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
> [2010/10/06 14:52:15.293263,  3] smbd/service.c:1070(make_connection_snum)
>  cab-312-test1 (:::192.168.1.192) connect to service IPC$
> initially as user fr33man (uid=0, gid=10001) (pid 27949)
> [2010/10/06 14:52:15.293291,  3] smbd/sec_ctx.c:310(set_sec_ctx)
>  

[Samba] Windows 7 Samba 3.5.5 and IPC$

2010-10-06 Thread Vasiliy Ozerov 
Good day.

I have a problem with connecting Samba 3.5.5 and Windows 7. First of
all I have added DomainCompatibilityMode and DNSNameResolutionRequired
to windows registry. After that i tried to connect windows to samba
domain, but without any results. And some time ago I see, that I can't
access Samba shares with right login and password. Windows 7
diagnostik says that It can't find \\spider\IPC$.. Spider is netbios
name of my PDC. Here is smb.conf and log file:

smb.conf:

[global]
dos charset = cp866
unix charset = koi8-r
display charset = koi8-r
workgroup = TEACHERS
server string = Documents
password server = 192.168.1.250
passdb backend = ldapsam:ldap://192.168.1.250/
lanman auth = Yes
client NTLMv2 auth = Yes
log level = 3
log file = /var/log/samba/log.%m
max log size = 500
max protocol = SMB2
time server = Yes
add user script = /usr/sbin/smbldap-useradd -m "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = all.bat
logon path = \\%L\Profiles\%U\%m\%a
logon drive = Z:
logon home = \\%L\Profiles\%U\%m\%a
domain logons = Yes
os level = 128
preferred master = Yes
domain master = Yes
dns proxy = No
wins proxy = Yes
wins support = Yes
ldap admin dn = "cn=config"
ldap delete dn = Yes
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap passwd sync = yes
ldap suffix = dc=spider,dc=teachers
ldap ssl = no
ldap user suffix = ou=people
admin users = fr33man
hosts allow = 192.168.1., 192.168.3., 127.

[homes]
comment = Home Directories
read only = No
browseable = No

[netlogon]
comment = Network Logon Service
path = /etc/samba/netlogon/
guest ok = Yes
browseable = No

[Profiles]
path = /data/home
read only = No
create mask = 0600
directory mask = 0700
guest ok = Yes
browseable = No

[data]
comment = Dump of files
path = /data/data
invalid users = @Internet
read list = @People, @wheel
write list = @People, @wheel
read only = No
create mask = 0666
directory mask = 0777
guest ok = Yes
vfs objects = full_audit
full_audit:priority = notice
full_audit:facility = local5
full_audit:success = connect disconnect opendir mkdir rmdir
closedir open close read pread write pwrite sendfile rename unlink
chmod fchmod chown fchown chdir ftruncate lock symlink readlink link
mknod realpath
full_audit:failure = none
full_audit:prefix = %u|%I

[Progs]
comment = Dump of files
path = /data/tst
invalid users = @Internet
read list = @People, @wheel, admin
write list = fr33man, slv, admin, ram_zes, allienzuzweit
create mask = 0664
directory mask = 0775
guest ok = Yes

[IPC$]
hosts allow = 192.168.1.0/24, 127.0.0.0/8
available = No



log.cab-312-test1 (windows 7 machine):

[2010/10/06 14:52:15.293125,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.293145,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.293177,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.293213,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.293263,  3] smbd/service.c:1070(make_connection_snum)
  cab-312-test1 (:::192.168.1.192) connect to service IPC$
initially as user fr33man (uid=0, gid=10001) (pid 27949)
[2010/10/06 14:52:15.293291,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.294862,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.294992,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 10001) : sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295016,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(14027) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.295036,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295070,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.295115,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 10001) : sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295139,  3] smbd