Re: [Samba] Samba & SIDs
El sáb, 19-11-2005 a las 23:32 +, Julian Pilfold-Bagwell escribió: > Hi all, > > I need help to clear a bit of confusion regarding SIDs on Samba servers. > > I had my PDC collapse on Thursday which wasn't too much of a problem as I had > everything backed up but I'm now in the position that I have a mismatched > Domain SID. If I run net getlocalsid I get the sid for the server (called > smb0) and net get local sid returns the sid for the Domain. > > I need to recover the original domain SID but setlocalsid changes the SID for > the machine. As it is, people can log onto the domain but I can't set up any > new accounts or change user details with smbldap-tools. > > Any help appreciated, > > Cheers, > > Jools Hi: Similar problem here ( migration of machine/SO and upgrade to latest version ) some days ago. My 2 euro cents: Stop samba services Under a controlled environment backup /etc/samba and /var/lib/samba ( or your distro /var/ ) Delete all tdb posible files in both places, better delete all /var// files . Only mantain config ones Without start samba sevices change the SID using net setlocalSID SID-1-2... For me, this changed both SID, machine and samba domain to desired one. If things goes bad, you can revert to 1st situation restoring /etc/samba and /var/ HTH Regards __ Renovamos el Correo Yahoo! Nuevos servicios, m�s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Weird problems with printing
El jue, 10-11-2005 a las 14:02 +, Michael Keightley escribió: > I removed all roaming profiles before migrating, there aren't many people on > this office. Most people have laptops here and login to the local machine > (same username and password as on the domain). They can't add printers > either, > even when they are local admins. It wants print drivers. > Feels like a permissions problem. Could be not having rights to access to the networked drivers? You can be admin in your local machine, but if the driver is stored in the network and you don't have rights to access there... > > Where is the netlogon.bat file stored? > > Michael > > You informed it: (...) guest ok = no writable = yes [netlogon] comment = Network Logon Service path = /home/samba_shark/%a/netlogon <-- here, from your smb.conf guest ok = yes writeable = no share modes = no (...) HTH -- David Ballester Montolio GNU/Linux user #206389 GNU/Linux - Unices Sysadmin Oracle DBA SAP-BC Kern Pharma - Grupo Indukern www.kernpharma.com skype: david.ballester "In this day and age, computer systems are getting faster and more capable, but they still do not eliminate the need for a sensible, intelligent person to run the show. Computers will never be 'smart enough for any fool to use.' ... When you go looking for a software package, don't just look for which one has the most automation. Don't believe that because it has all that automation, it will make your job or your life easier. It won't. ... There is no substitute for using your own brain to get a job done right." - Howard Chu of Highland __ Renovamos el Correo Yahoo! Nuevos servicios, m�s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Weird problems with printing
El mié, 09-11-2005 a las 15:31 -0500, Michael Keightley escribió: > Just swapped our Solaris SAMBA PDC for a SuSE Linux machine. It's the domain > controller as well as print server (via CUPS). It's running SuSE 9.3 with > Samba-3.0.20b. > The setup is identical to the old Solaris machine, had to re-add all machines > to the domain. Has been working OK for 2 days then suddenly some people argh... I think that you could migrate/upgrade samba from system and version without needing to re-add all machines to the domain. I made some similiar movement from samba 2.2.8a on Redhat 8 to 3.0.14a on Debian Sarge after some troubles some days ago. I'm actually documenting the movement before post anything here :( > When I try to add a printer now as a non-admin user I now get this error: > > "You do not have sufficient access to your computer to connect the selected > printer" > > When I add as a (domain) admin it asks for a print driver. Previously > printers > were being added with no problem. > Anyone got any ideas? Am a bit desperate. > > Below is my smb.conf file: > > [global] > workgroup = BOSTON > server string = %h > In theory, you can aggregate a domain user in the local machine users accounts to give access to some administrative rights ( for example, install printers ). May be the local machine is not recognizing the user as a trusted users from the domain ? ( This launches another question: Are the machines really log in the domain? . netlogon script is being created well? Try to delete netlogon.bat in one user and try to begin session on the windows machine again. If netlogon.bat is created again, the domain log on process is OK, if not then your problem could be a bad domain client authentication. HTH __ Renovamos el Correo Yahoo! Nuevos servicios, m�s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC problems
El mié, 09-11-2005 a las 16:37 +0100, Dariusz Dwornikowski escribió: > Hi, this is my first post here. > > Ive got working PDC on Samba 3.0.20 without ldap. > > Users can log into domain. > > 1. The problem is that they cannot browse each. > other's shares. (ex. user A cannot browse user B > shares ) > They all can see shares on PDC and print on a > printer. > > 2. log.nmbd shows all the time > [2005/11/09 15:26:45, 0] nmbd/nmbd_workgroupdb.c:dump_workgroups(284) > dump_workgroups() >dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.0.10: > COGNIFIDE(1) current master browser = UNKNOWN > BOSS 40099b0b (Samba Gentoo Server 3.0.20b) > > this is weird, as BOSS should be master browser. > > 3. log.smbd shows all the time -> > getpeername failed. Error was Transport endpoint is not connected > [2005/11/09 15:41:16, 0] lib/util_sock.c:get_peer_addr(1222) > > > > > Only two users can browse each other's shares. > this is weird, as they have identical systems. > I include my smb.conf > > Please help me > May be you're having a problem with how your server is resolving names. Can you be more specific on what type of name resolution are you using and send again the smb.conf file to me? Sorry but something seems to be wrong with your mail and my evolution mail client, I can't locate the smb.file in your previous post in any way Regards __ Renovamos el Correo Yahoo! Nuevos servicios, m�s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] urgent - migration samba domain from machine and version
El mar, 08-11-2005 a las 16:08 +1100, Andrew Bartlett escribió: > On Tue, 2005-11-08 at 00:51 +0100, David Ballester Montolio wrote: > Along with the getlocalsid you already know, we have: > > net setlocalsid > > Give it a shot. > > Andrew Bartlett Thanks for the tip, Andrew. The problem is that if I execute setlocalsid i can change the SID for the machine itself, but SID of the domain DOMINIO has not changed and seems not possible to execute something like net setlocalsid DOMINIO S-1-5-21... Best regards David, __ Renovamos el Correo Yahoo! Nuevos servicios, m�s seguridad http://correo.yahoo.es -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
