samba adds blocks to file without even saving
Greetings, I have encountered a problem with the samba I am running on VMS (v.2.2.8, latest jyc). After opening a stream CRLF text file(with no EOF) in excel(or any other app im guessing) the file is enlarged by 15 blocks. This is _without_ even saving out the file after its opened. When looking at a dump of the resulting file I can see that the additional 15 block is all blank space. Below I have included a dir/full of the file before being opened through samba and afterwards, notice the size change. Is this a bug or can a tweak samba settings to stop this from happening? Thanks. BEFORE LPMV03 dir/full d2-james.dav Directory SAMBA_ROOT:[00.test] D2-JAMES.DAV;1File ID: (10319,4,0) Size: 2369/2376 Owner:[DECNET,QGDEFAULT] Created:29-DEC-2004 15:04:54.78 Revised: 3-MAY-2005 15:02:14.47 (4) Expires:None specified Backup: No backup recorded Effective: None specified Recording: None specified Accessed: None specified Attributes: None specified Modified: None specified Linkcount: 1 File organization: Sequential Shelved state: Online Caching attribute: Writethrough File attributes:Allocation: 2376, Extend: 0, Global buffer count: 0 No version limit Record format: Stream, maximum 0 bytes, longest 0 bytes Record attributes: Carriage return carriage control RMS attributes: None Journaling enabled: None File protection:System:RWED, Owner:RWED, Group:RE, World: Access Cntrl List: None Client attributes: None Total of 1 file, 2369/2376 blocks. AFTER LPMV03 dir/full d2-james.dav Directory SAMBA_ROOT:[00.test] D2-JAMES.DAV;1File ID: (10319,4,0) Size: 2384/2394 Owner:[DECNET,QGDEFAULT] Created:29-DEC-2004 15:04:54.00 Revised: 3-MAY-2005 15:03:53.00 (8) Expires:None specified Backup: No backup recorded Effective: None specified Recording: None specified Accessed: None specified Attributes: None specified Modified: None specified Linkcount: 1 File organization: Sequential Shelved state: Online Caching attribute: Writethrough File attributes:Allocation: 2394, Extend: 0, Global buffer count: 0 No version limit Record format: Stream, maximum 0 bytes, longest 32767 bytes Record attributes: Carriage return carriage control RMS attributes: None Journaling enabled: None File protection:System:RWED, Owner:RWED, Group:RE, World: Access Cntrl List: None Client attributes: None Total of 1 file, 2384/2394 blocks. James Ziller Systems Administrator Quad/Graphics - Q/DS West Allis, Wisconsin [EMAIL PROTECTED] PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
[Samba] Inconsistant AD group authentication
Greetings friends: So heres the problem I've been fighting for the last month to no avail. My samba server is joined to a mixed mode AD domain. I want to set permissions on shares based on AD groups, however only _some_ of the group's members are allowed to access the share when I add their group to valid users. As far as I can tell there are no differences between the AD accounts of group members who can access the share and the members who are denied access. If I add their usernames explicitly to valid users then they can access the share. getent group returns my group and shows all of my users as members. I have ample uid's and gid's reserved for winbind, (10,000-90,000) with only about 30,000 users and under 1000 groups. I have tried using local,global and universal groups - but it makes no difference. Configurations tried that exhibit this problem. Samba 3.0.4 - 3.0.7 Kerberos 1.2.7 - 1.3.5 Redhat 9 What I'm really looking for is for someone to point me in the right direction or give me some kinda of clues to look for. I do not have much access to my company's AD domain so if the problem is suspected to be on the windows side I will need to have specific things in mind to ask one of our AD admins to check. I have already posted all my config's to this list previously, but if theres any information you want please let me know. I would really like to get a functioning samba server out there so we can dump our windows file servers but right now this is impossible! Any help is greatly appreciated! Thanks, James Ziller Systems Administrator Quad/Graphics - Q/DS West Allis, Wisconsin [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winbind being flakey
Im only in 6 windows groups...:/ -Original Message- From: Charles Bueche [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 04, 2004 2:11 PM To: Ziller, James Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Winbind being flakey Hi, you max out the 32 group limit of your UNIX (02-33), and the group you want is over 33. Check how many Windows groups you are in. Charles On Wed, 4 Aug 2004 07:46:22 -0500 Ziller, James [EMAIL PROTECTED] wrote: After some more screwing around with leaving and rejoining the ADS domain I was finally able to access a share with valid users = set to a domain group I was a member of. The _only_ change I made after this was to add yet another group to the valid users on the share and restart samba...after that I could no longer access the share. I removed the additional group, restarted samba and could still not access the share. I then tried adding my domain username to valid users= and it worked fine. So im back in the same boat again, users work, groups don't. Has anyone seen this problem before? Or does anyone have advice for tracking down the root of this problem. I've had this problem with samba 3.0.4 and samba 3.0.5, recently upgraded kerberos from 1.2.7 to 1.3.3 but see no difference. Running winbindd in debug doesn't seem to indicate any problem. Heres the output of winbindd anyway, with debug level 3 after a failed login attempt from windows: [ 2627]: getgrnam QG+TEST rpc: name_to_sid name=TEST name_to_sid [rpc] TEST for domain QG ads: dn_lookup ads: dn_lookup ads: dn_lookup ads: dn_lookup ads: dn_lookup ads lookup_groupmem for sid=S-1-5-21-842925246-1647877149-1417001333-57015 [ 2627]: getgrnam QG+TEST [ 2627]: getgrnam QG+TEST [ 2629]: request interface version [ 2629]: request location of privileged pipe [ 2629]: domain_info [QG.COM] [ 2629]: getpwnam qg+jzillera rpc: name_to_sid name=jzillera name_to_sid [rpc] jzillera for domain QG ads: query_user ads query_user gave JZILLERA [ 2629]: getgroups QG+jzillera sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-29979 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-53735 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-29156 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-55130 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-20629 for domain QG [ 2629]: gid to sid 10002 [ 2629]: gid to sid 10003 [ 2629]: gid to sid 10004 [ 2629]: gid to sid 10005 [ 2629]: gid to sid 10006 [ 2629]: gid to sid 10007 [ 2629]: gid to sid 10008 [ 2629]: gid to sid 10009 [ 2629]: gid to sid 10010 [ 2629]: gid to sid 10011 [ 2629]: gid to sid 10012 [ 2629]: gid to sid 10013 [ 2629]: gid to sid 10014 [ 2629]: gid to sid 10015 [ 2629]: gid to sid 10016 [ 2629]: gid to sid 10017 [ 2629]: gid to sid 10018 [ 2629]: gid to sid 10019 [ 2629]: gid to sid 10020 [ 2629]: gid to sid 10021 [ 2629]: gid to sid 10022 [ 2629]: gid to sid 10023 [ 2629]: gid to sid 10024 [ 2629]: gid to sid 10025 [ 2629]: gid to sid 10026 [ 2629]: gid to sid 10027 [ 2629]: gid to sid 10028 [ 2629]: gid to sid 10029 [ 2629]: gid to sid 10030 [ 2629]: gid to sid 10031 [ 2629]: gid to sid 10032 [ 2629]: gid to sid 10033 [ 2629]: getpwnam QG+jzillera [ 2629]: getgrnam QG+TEST That's it. Again, the output of 'getent group' shows my user as being a member of QG+TEST: QG+TEST:x:1:QG+JZILLERA If you would like anymore info please askthanks! -James -Original Message- From: Ziller, James Sent: Monday, August 02, 2004 4:08 PM To: '[EMAIL PROTECTED]' Subject:Problems w/ winbind and AD group membership Hello friends, I am using samba to join a linux box to an active directory domain to use as a file server. I would like to be able to control access to shares based on AD domain groups. However, even though winbind seems to be seeing the groups fine, samba is not granting access to users who are members of the group. I am able to successfully join the system to the domain and granting access to shares based on Windows usernames works fine. getent group returns: QG+TEST:x:10029:QG+JZILLERA,QG+HPCHEUNGA,QG+FOLIVERA,QG+DDAWSONA,QG +PL YNCHA However an id lookup of my windows username doesn't list me as a group member of QG+TEST.(shouldn't it?) [EMAIL PROTECTED] root]# id qg+jzillera uid=10002(QG+JZILLERA) gid=1(QG+Domain Users) groups=1(QG+Domain Users) System Details: Redhat 9 samba-3.0.5-2 krb5-libs-1.2.7-10 krb5-devel-1.2.7-10 krb5-workstation-1.2.7-10 pam_krb5-1.60-1 [EMAIL PROTECTED] root]# wbinfo -t checking the trust secret via RPC calls succeeded [EMAIL PROTECTED] root]# testparm Load smb config files from /etc/samba/smb.conf Processing section [test] Loaded services file OK. Server role
[Samba] Winbind being flakey
After some more screwing around with leaving and rejoining the ADS domain I was finally able to access a share with valid users = set to a domain group I was a member of. The _only_ change I made after this was to add yet another group to the valid users on the share and restart samba...after that I could no longer access the share. I removed the additional group, restarted samba and could still not access the share. I then tried adding my domain username to valid users= and it worked fine. So im back in the same boat again, users work, groups don't. Has anyone seen this problem before? Or does anyone have advice for tracking down the root of this problem. I've had this problem with samba 3.0.4 and samba 3.0.5, recently upgraded kerberos from 1.2.7 to 1.3.3 but see no difference. Running winbindd in debug doesn't seem to indicate any problem. Heres the output of winbindd anyway, with debug level 3 after a failed login attempt from windows: [ 2627]: getgrnam QG+TEST rpc: name_to_sid name=TEST name_to_sid [rpc] TEST for domain QG ads: dn_lookup ads: dn_lookup ads: dn_lookup ads: dn_lookup ads: dn_lookup ads lookup_groupmem for sid=S-1-5-21-842925246-1647877149-1417001333-57015 [ 2627]: getgrnam QG+TEST [ 2627]: getgrnam QG+TEST [ 2629]: request interface version [ 2629]: request location of privileged pipe [ 2629]: domain_info [QG.COM] [ 2629]: getpwnam qg+jzillera rpc: name_to_sid name=jzillera name_to_sid [rpc] jzillera for domain QG ads: query_user ads query_user gave JZILLERA [ 2629]: getgroups QG+jzillera sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-29979 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-53735 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-29156 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-55130 for domain QG sid_to_name [rpc] S-1-5-21-842925246-1647877149-1417001333-20629 for domain QG [ 2629]: gid to sid 10002 [ 2629]: gid to sid 10003 [ 2629]: gid to sid 10004 [ 2629]: gid to sid 10005 [ 2629]: gid to sid 10006 [ 2629]: gid to sid 10007 [ 2629]: gid to sid 10008 [ 2629]: gid to sid 10009 [ 2629]: gid to sid 10010 [ 2629]: gid to sid 10011 [ 2629]: gid to sid 10012 [ 2629]: gid to sid 10013 [ 2629]: gid to sid 10014 [ 2629]: gid to sid 10015 [ 2629]: gid to sid 10016 [ 2629]: gid to sid 10017 [ 2629]: gid to sid 10018 [ 2629]: gid to sid 10019 [ 2629]: gid to sid 10020 [ 2629]: gid to sid 10021 [ 2629]: gid to sid 10022 [ 2629]: gid to sid 10023 [ 2629]: gid to sid 10024 [ 2629]: gid to sid 10025 [ 2629]: gid to sid 10026 [ 2629]: gid to sid 10027 [ 2629]: gid to sid 10028 [ 2629]: gid to sid 10029 [ 2629]: gid to sid 10030 [ 2629]: gid to sid 10031 [ 2629]: gid to sid 10032 [ 2629]: gid to sid 10033 [ 2629]: getpwnam QG+jzillera [ 2629]: getgrnam QG+TEST That's it. Again, the output of 'getent group' shows my user as being a member of QG+TEST: QG+TEST:x:1:QG+JZILLERA If you would like anymore info please askthanks! -James -Original Message- From: Ziller, James Sent: Monday, August 02, 2004 4:08 PM To: '[EMAIL PROTECTED]' Subject: Problems w/ winbind and AD group membership Hello friends, I am using samba to join a linux box to an active directory domain to use as a file server. I would like to be able to control access to shares based on AD domain groups. However, even though winbind seems to be seeing the groups fine, samba is not granting access to users who are members of the group. I am able to successfully join the system to the domain and granting access to shares based on Windows usernames works fine. getent group returns: QG+TEST:x:10029:QG+JZILLERA,QG+HPCHEUNGA,QG+FOLIVERA,QG+DDAWSONA,QG+PL YNCHA However an id lookup of my windows username doesn't list me as a group member of QG+TEST.(shouldn't it?) [EMAIL PROTECTED] root]# id qg+jzillera uid=10002(QG+JZILLERA) gid=1(QG+Domain Users) groups=1(QG+Domain Users) System Details: Redhat 9 samba-3.0.5-2 krb5-libs-1.2.7-10 krb5-devel-1.2.7-10 krb5-workstation-1.2.7-10 pam_krb5-1.60-1 [EMAIL PROTECTED] root]# wbinfo -t checking the trust secret via RPC calls succeeded [EMAIL PROTECTED] root]# testparm Load smb config files from /etc/samba/smb.conf Processing section [test] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = QG realm = QG.COM server string = Samba Server security = ADS obey pam restrictions = Yes password server = wadc2 log file = /var/log/samba/log.%m max log size = 50 load printers = No printcap name = /etc/printcap local master = No domain master = No dns proxy = No wins support = Yes idmap uid = 1-3 idmap gid = 1-3 winbind
RE: [Samba] Problems w/ winbind and AD group membership
I just checked...my user is only a member of 6 groups...so this doesn't appear to be my problem. I have also tried using the group Domain Users with no luck. -james -Original Message- From: Charles Bueche [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 04, 2004 7:57 AM To: Ziller, James Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Problems w/ winbind and AD group membership Hi, I have the same problem when a user is member of more than 16 windows groups, the list returned by winbind is greater than the max of 16 in Solaris (can be brought to 32 when you accept to break NFS9 (or 32 in linux IIRC). If the group you check is in the first 16, it works. In the place I made this setup, users are members of 30-80 windows groups. I know it's dumb, but I can't fix it. I ended up using preexec and preexec close and check for group membership using LDAP. Ugly, isn't it ? Charles On Mon, 2 Aug 2004 16:08:28 -0500 Ziller, James [EMAIL PROTECTED] wrote: Hello friends, I am using samba to join a linux box to an active directory domain to use as a file server. I would like to be able to control access to shares based on AD domain groups. However, even though winbind seems to be seeing the groups fine, samba is not granting access to users who are members of the group. I am able to successfully join the system to the domain and granting access to shares based on Windows usernames works fine. getent group returns: QG+TEST:x:10029:QG+JZILLERA,QG+HPCHEUNGA,QG+FOLIVERA,QG+DDAWSONA,QG+P LYN CHA However an id lookup of my windows username doesn't list me as a group member of QG+TEST.(shouldn't it?) [EMAIL PROTECTED] root]# id qg+jzillera uid=10002(QG+JZILLERA) gid=1(QG+Domain Users) groups=1(QG+Domain Users) System Details: Redhat 9 samba-3.0.5-2 krb5-libs-1.2.7-10 krb5-devel-1.2.7-10 krb5-workstation-1.2.7-10 pam_krb5-1.60-1 [EMAIL PROTECTED] root]# wbinfo -t checking the trust secret via RPC calls succeeded [EMAIL PROTECTED] root]# testparm Load smb config files from /etc/samba/smb.conf Processing section [test] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = QG realm = QG.COM server string = Samba Server security = ADS obey pam restrictions = Yes password server = wadc2 log file = /var/log/samba/log.%m max log size = 50 load printers = No printcap name = /etc/printcap local master = No domain master = No dns proxy = No wins support = Yes idmap uid = 1-3 idmap gid = 1-3 winbind separator = + (tried with # and \ as well) winbind use default domain = Yes (tried with No) [test] comment = testing path = /mnt/qdsfsl01/resources/testing valid users = @QG+TEST write list = @QG+TEST Winbind logs show nothing that indicates any error, even when run with debug level 3. Ive been beating myself over the head with this problem for months...any help or suggestions would be greatly appreciated. Thanks! James Ziller Systems Administrator Quad/Graphics - Q/DS West Allis, Wisconsin [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Charles Bueche [EMAIL PROTECTED] sand, snow, wave, wind and net -surfer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problems w/ winbind and AD group membership
Thanks for the reply. I installed MIT kerberos 1.3.1 andand rejoined the domain. Still cant access the share based on domain groups. My nsswitch.conf file looks like : passwd: files winbind ldap shadow: files ldap group: files winbind ldap I have also tried swapping around the order. -James -Original Message- From: Paul Gienger [mailto:[EMAIL PROTECTED] Sent: Monday, August 02, 2004 4:13 PM To: Ziller, James Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Problems w/ winbind and AD group membership What does your nsswitch.conf file look like? Also, there's the issue of your krb libraries. I believe it's been stated that you need to be using MIT krb = 1.3. Ziller, James wrote: Hello friends, I am using samba to join a linux box to an active directory domain to use as a file server. I would like to be able to control access to shares based on AD domain groups. However, even though winbind seems to be seeing the groups fine, samba is not granting access to users who are members of the group. I am able to successfully join the system to the domain and granting access to shares based on Windows usernames works fine. getent group returns: QG+TEST:x:10029:QG+JZILLERA,QG+HPCHEUNGA,QG+FOLIVERA,QG+DDAWSONA,QG+PLY QG+N CHA However an id lookup of my windows username doesn't list me as a group member of QG+TEST.(shouldn't it?) [EMAIL PROTECTED] root]# id qg+jzillera uid=10002(QG+JZILLERA) gid=1(QG+Domain Users) groups=1(QG+Domain Users) System Details: Redhat 9 samba-3.0.5-2 krb5-libs-1.2.7-10 krb5-devel-1.2.7-10 krb5-workstation-1.2.7-10 pam_krb5-1.60-1 [EMAIL PROTECTED] root]# wbinfo -t checking the trust secret via RPC calls succeeded [EMAIL PROTECTED] root]# testparm Load smb config files from /etc/samba/smb.conf Processing section [test] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = QG realm = QG.COM server string = Samba Server security = ADS obey pam restrictions = Yes password server = wadc2 log file = /var/log/samba/log.%m max log size = 50 load printers = No printcap name = /etc/printcap local master = No domain master = No dns proxy = No wins support = Yes idmap uid = 1-3 idmap gid = 1-3 winbind separator = + (tried with # and \ as well) winbind use default domain = Yes (tried with No) [test] comment = testing path = /mnt/qdsfsl01/resources/testing valid users = @QG+TEST write list = @QG+TEST Winbind logs show nothing that indicates any error, even when run with debug level 3. Ive been beating myself over the head with this problem for months...any help or suggestions would be greatly appreciated. Thanks! James Ziller Systems Administrator Quad/Graphics - Q/DS West Allis, Wisconsin [EMAIL PROTECTED] -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problems w/ winbind and AD group membership
Are you able to access the shares when you add your windows username to valid users = in smb.conf? That part works fine for me, its only when I use groups in valid users = that it doesn't work. Ive gone through the docs dozens of times already rechecking everything and cannot get this to work. Btw, Im using redhat 9. I've also tried security = domain but have the same problem. -James -Original Message- From: Mat Allgood [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 03, 2004 10:09 AM To: Ziller, James Subject: Re: [Samba] Problems w/ winbind and AD group membership From what I can scrape together, you really need to be using MIT libkrb = 1.3.3. I'm working on the same thing and am running into the same problem. Access Denied on access to the shares. What distro are you using? I'm using debian stable and unfortunatly there is no libkrb 1.3.3, so I will have to compile from scratch. In the mean time the way I'm working around it is to set security = domain. I know this isn't perfect but it does get me access till I can get a few minutes to compile up libkrb 1.3.3. On Tue, 3 Aug 2004 08:49:35 -0500, Ziller, James [EMAIL PROTECTED] wrote: Thanks for the reply. I installed MIT kerberos 1.3.1 andand rejoined the domain. Still cant access the share based on domain groups. My nsswitch.conf file looks like : passwd: files winbind ldap shadow: files ldap group: files winbind ldap I have also tried swapping around the order. -James -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems w/ winbind and AD group membership
Hello friends, I am using samba to join a linux box to an active directory domain to use as a file server. I would like to be able to control access to shares based on AD domain groups. However, even though winbind seems to be seeing the groups fine, samba is not granting access to users who are members of the group. I am able to successfully join the system to the domain and granting access to shares based on Windows usernames works fine. getent group returns: QG+TEST:x:10029:QG+JZILLERA,QG+HPCHEUNGA,QG+FOLIVERA,QG+DDAWSONA,QG+PLYN CHA However an id lookup of my windows username doesn't list me as a group member of QG+TEST.(shouldn't it?) [EMAIL PROTECTED] root]# id qg+jzillera uid=10002(QG+JZILLERA) gid=1(QG+Domain Users) groups=1(QG+Domain Users) System Details: Redhat 9 samba-3.0.5-2 krb5-libs-1.2.7-10 krb5-devel-1.2.7-10 krb5-workstation-1.2.7-10 pam_krb5-1.60-1 [EMAIL PROTECTED] root]# wbinfo -t checking the trust secret via RPC calls succeeded [EMAIL PROTECTED] root]# testparm Load smb config files from /etc/samba/smb.conf Processing section [test] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = QG realm = QG.COM server string = Samba Server security = ADS obey pam restrictions = Yes password server = wadc2 log file = /var/log/samba/log.%m max log size = 50 load printers = No printcap name = /etc/printcap local master = No domain master = No dns proxy = No wins support = Yes idmap uid = 1-3 idmap gid = 1-3 winbind separator = + (tried with # and \ as well) winbind use default domain = Yes (tried with No) [test] comment = testing path = /mnt/qdsfsl01/resources/testing valid users = @QG+TEST write list = @QG+TEST Winbind logs show nothing that indicates any error, even when run with debug level 3. Ive been beating myself over the head with this problem for months...any help or suggestions would be greatly appreciated. Thanks! James Ziller Systems Administrator Quad/Graphics - Q/DS West Allis, Wisconsin [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba