RE: [Samba] Existing files don't show up in share, new files do

[stephane . purnelle]

It's the unix right which is incorrect.

what is the unix right of the file on the server ?


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
21/05/2008 16:18:41 :

> Remove any restrictions on the shares.  Like valid user and that sort of
> thing.
> 
> Jason Waters
> 
> 
> -Original Message-
> From: Pepijn Schmitz [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, May 21, 2008 10:08 AM
> To: Rubin Bennett
> Cc: Jason Waters; samba@lists.samba.org
> Subject: Re: [Samba] Existing files don't show up in share, new files do
> 
> I'm slightly closer to finding the cause of this problem. I set the smbd 

> log level to 7 and found the following entries when trying to list the 
> contents of the share:
> 
> [2008/05/21 15:27:05, 5] smbd/uid.c:change_to_user(273)
>   change_to_user uid=(500,500) gid=(0,500)
> [2008/05/21 15:27:05, 3] smbd/trans2.c:call_trans2findfirst(1704)
>   call_trans2findfirst: dirtype = 16, maxentries = 1366, 
> close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 
> 0x104, max_data_bytes = 16644
> [2008/05/21 15:27:05, 5] smbd/filename.c:unix_convert(147)
>   unix_convert called on file "*"
> [2008/05/21 15:27:05, 5] smbd/filename.c:unix_convert(246)
>   unix_convert begin: name = *, dirpath = , start = *
> [2008/05/21 15:27:05, 5] smbd/trans2.c:call_trans2findfirst(1769)
>   dir=./, mask = *
> [2008/05/21 15:27:05, 5] smbd/dir.c:dptr_create(392)
>   dptr_create dir=./
> [2008/05/21 15:27:05, 3] smbd/dir.c:dptr_create(515)
>   creating new dirptr 256 for path ./, expect_close = 1
> [2008/05/21 15:27:05, 4] smbd/trans2.c:call_trans2findfirst(1837)
>   dptr_num is 256, wcard = *, attr = 22
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
>   get_lanman2_dir_entry found ./. fname=.
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
>   get_lanman2_dir_entry found ./.. fname=..
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./Audio] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat 
> [./DIRK_GENTLY'S_HOLISTIC_DETECTIVE_AGENCY.TXT] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./Foto's] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat 
> [./HITCHHIKER'S_GUIDE_TO_THE_GALAXY.TXT] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./LAST_CHANCE_TO_SEE.TXT] 
> (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./Martijn] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./MOSTLY_HARMLESS.TXT] 
> (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./recycled] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat 
> [./RESTAURANT_END_OF_THE_UNIVERSE.TXT] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./STARSHIP_TITANIC.TXT] 
> (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./temp] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./Video] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./YOUNG_ZAPHOD_PLAYS_IT_SAFE.TXT] 

> (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./Fotos] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./.Trash-pepijn] (Permission
> denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./.Trash-500] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./volumeid.zbx] (Permission 
denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
>   get_lanman2_dir_entry:Couldn't stat [./XXX] (Permission denied)
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
>   get_lanman2_dir_entry found ./test.txt fname=test.txt
> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
>   get_lanman2_dir_entry found ./test2.txt fname=te

Re: [Samba] Planning to start a new server

[stephane . purnelle]

have you tried (if possible) samba-3.0.28a ?

I can read in change log : 
Fix ACL set bug when group being set is the primary group.
 
I don't use the windows ACL management, I have a modified webmin file 
manager for manage ACL.

thanks

Stéphane


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
28/04/2008 16:15:16 :

> hi,
> 
> El Mon, 28 Apr 2008 15:34:26 +0200
> [EMAIL PROTECTED] ha escrit:
> 
> > Hi,
> > 
> > I have a samba server which act as file/print/wins server and PDC
> > with ldap backend & ACL support  (samba-3.0.23).
> > I plan to start a new server which replace the old one.
> > 
> > My question is about the samba version, my first advice is the use 
> > samba-3.0.28a.
> > But maybe is preferable to wait samba 3.2.0.
> > 
> > What type of bugs samba-3.0.28a have ?
> 
> 
> i'm using 3.0.24 on SLES 10 because the following ACL-related problems
> on 3.0.28
> 
>   http://www.nabble.com/ACL-strange-behaviour-td16495631.html
> 
> 
> good luck!
> 
> toni
> 
> 
> > The new sever will act as samba/print server and PDC with ldap
> > backend & ACL support .
> > wins server will be on other servers (samba4wins)
> > 
> > thanks
> > 
> > Stéphane Purnelle
> > 
> > 
> > ---
> > Stéphane PURNELLE [EMAIL PROTECTED]
> > Service Informatique   Corman S.A.   Tel : 00 32
> > 087/342467
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Planning to start a new server

[stephane . purnelle]

Hi,

I have a samba server which act as file/print/wins server and PDC with 
ldap backend & ACL support  (samba-3.0.23).
I plan to start a new server which replace the old one.

My question is about the samba version, my first advice is the use 
samba-3.0.28a.
But maybe is preferable to wait samba 3.2.0.

What type of bugs samba-3.0.28a have ?
The new sever will act as samba/print server and PDC with ldap backend & 
ACL support .
wins server will be on other servers (samba4wins)

thanks

Stéphane Purnelle


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] smbldap-useradd -w won't create machine account

[stephane . purnelle]

Samba will add sambaSAMAccount when you add the workstation to the domain.
sambaldaptools not add the samba shema for that.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
01/04/2008 16:17:13 :

> I can't get smbldap-useradd to add the sambaSamAccount workstation 
> attributes. For example:
> 
> smbldap-useradd -w 'test_machine$'
> 
> 
> # test_machine$, People, desktop.hmdc.harvard.edu
> dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu
> objectClass: top
> objectClass: account
> objectClass: posixAccount
> cn: test_machine$
> uid: test_machine$
> uidNumber: 1010
> gidNumber: 515
> homeDirectory: /dev/null
> loginShell: /bin/false
> description: Computer
> gecos: Computer
> 
> 
> Has anyone else experienced this? It thinks it's creating a machine 
> account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W  ].
> 
> 
> More info:
> # rpm -qi smbldap-tools
> Name: smbldap-toolsRelocations: (not 
relocatable)
> Version : 0.9.4 Vendor: Dag Apt 
> Repository, http://dag.wieers.com/apt/
> Release : 1.el5.rf  Build Date: Sat 22 Sep 2007 
> 01:35:45 AM EDT
> Install Date: Tue 25 Mar 2008 11:43:42 AM EDT  Build Host: 
> lisse.leuven.wieers.com
> Group   : System Environment/Base   Source RPM: 
> smbldap-tools-0.9.4-1.el5.rf.src.rpm
> Size: 525573   License: GPL
> Signature   : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID 
> a20e52146b8d79e6
> Packager: Dag Wieers <[EMAIL PROTECTED]>
> URL : http://sourceforge.net/projects/smbldap-tools/
> Summary : User and group administration tools for Samba-OpenLDAP
> 
> 
> 
> Thanks,
> c
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Question about guest user

[stephane . purnelle]

Hi,

I would like to know if I can have some problem if I havn't guest user or 
if it disabled.
Actually I have a guest user which I used (illegaly) by some people.

have a nice day

Stéphane

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Problems with Samba

[stephane . purnelle]

is your  WINS server work fine ?

what says a nmblookup.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
14/03/2008 13:53:18 :

> I think there are no issues with the client machine, because nothing
> has changed.i tried to repeat the process to register a 
> clientmachine in the domain, but it failed.
> the role of my samba-server is: ROLE_DOMAIN_PDC.
> 
> 
> 
> Are you sure there are no issues with the client machine?
> 
> [EMAIL PROTECTED] wrote:
> > Hi,
> >
> > I administrate a server (debian etch) on which runs samba, version
> 3.0.24-6et. Everything worked fine until today. I tried to logon on 
> the server via a clientmachine (win2k, winxp), but i got an error, 
> "System cannot logon because domain not reachable".  (it is possible
> to ping the server and to establish a shortcut (to logon) to the 
> server - that works). I have no idea what happens. The logfiles of 
> smbd, nmbd are ok to mind, there is no advise for an error (..
> startet...becomes_domain_controller etc.). I already tested my 
> sambaconfiguration via testparm, no problems. A simple restart of 
> sambe didn't help too. testparm also shows the right name for the 
> workgroup etc. Does anyone have an idea, where the problem could be? 
> >
> > The last changes i did on the server where updates via aptitude. 
> >
> > thanks
> > Edgar
> 
_
> In 5 Schritten zur eigenen Homepage. Jetzt Domain sichern und gestalten! 

> Nur 3,99 EUR/Monat! http://www.maildomain.web.de/?mc=021114
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Is there a Samba4 list that I can use?

[stephane . purnelle]

For asking samba4 question, the best way is subscrinbing to 
samba-technical list.



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
28/02/2008 16:09:43 :

> In order to get going with Samba4 I subscribed to this list.  However, 
> I'm getting inundated with postings that are, for the most part 
> completely, irrelevant to my needs.  I know they are all the same 
> software, but Samba4 is almost a complete rewrite with completely 
> different goals.  Its very tough to filter through 99.9% of the 
> messages just in hopes of finding one that applies to your platform.
> 
> My question is, what is the best way to ask questions about Samba4? 
> So far, the only thing I've found is this list and the Samba4 signal 
> to noise ratio is way to low for me.  :(
> 
> Thanx!
>Richard
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] ldapsam:editposix and winbind questions

[stephane . purnelle]

Hi,

I'm testing a other solution about managing my user and group in the ldap 
tree.

I try to switch from smbldap-tools and webmin interface TO 
ldapsam-editposix and winbind.
I used the howto available on samba wiki for that

Now,  I have some questions : 
- How make winbind to enum all users (newly users created with new config 
and users created with older system).
- Why samba not set attribute in ldap tree if password policies is set ( 
like sambaPwdMustChange, sambabadpasswordcount) when set password with net 
rpc.

Can anyone help me ?

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Bug? "inherit acls" not working as expected

[stephane . purnelle]

not sure that you are right.

Samba use both unix right and posix acl right.

the directory test1 have unix right that autorise smb-Users to access-it.
And you cancel it with acl entry => the smb-users group have no right.
But you not have default acl entry, if you spec default acl entry with the 
same right that the acl entry, all directory created under test will take 
the value described by default acl entry.
Else take the unix value.





---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
04/01/2008 15:40:47 :

> Hello
> 
> I'm running Debian Etch with distro kernel & Samba package (2.6.18-5-686
> & 3.0.24-6etch9).
> 
> In my smb.conf I have :
> 
> inherit owner = yes
> inherit permissions = yes
> inherit acls = yes
> 
> 
> I start with a dir test1 with no rights for group smb-Users, rx for
> group smb-Inf, and rwx for group smb-Bme-Fr :
> 
> [EMAIL PROTECTED]:/mnt/temp # ll
> total 28
> drwxr-xr-x  4 root root   4096 2008-01-04 15:08 .
> drwxr-xr-x  4 root root 29 2008-01-04 14:38 ..
> drwx--  2 root root  16384 2008-01-04 14:37 lost+found
> drwxrwx---+ 2 root smb-Users  4096 2008-01-04 15:25 test1
> [EMAIL PROTECTED]:/mnt/temp # getfacl test1/
> # file: test1
> # owner: root
> # group: smb-Users
> user::rwx
> group::---
> group:smb-Inf:r-x
> group:smb-Bme-Fr:rwx
> mask::rwx
> other::---
> 
> 
> >From a Windows XP client with a user member of the group smb-Bme-Fr I
> create a dir test2 in dir test1, then I have :
> 
> [EMAIL PROTECTED]:/mnt/temp # ll test1/
> total 20
> drwxrwx---+ 3 root smb-Users 4096 2008-01-04 15:26 .
> drwxr-xr-x  4 root root  4096 2008-01-04 15:08 ..
> drwxrwx---+ 2 root smb-Users 4096 2008-01-04 15:26 test2
> [EMAIL PROTECTED]:/mnt/temp # getfacl test1/test2/
> # file: test1/test2
> # owner: root
> # group: smb-Users
> user::rwx
> group::rwx
> group:smb-Inf:r-x
> group:smb-Bme-Fr:rwx
> mask::rwx
> other::---
> 
> 
> The group smb-Users should have no rights on test2, inherited from the
> test1 dir, but it has rwx. A user belonging to smb-Users and smb-Inf has
> rwx access and he should have just rx.
> 
> I'm using XFS on my Samba server, I tried with ext3 with same results.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Samba as PDC and file server using ACLs

[stephane . purnelle]

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
14/11/2007 14:50:56 :

> Hello sambers, i'm trying to configure a samba server (3.026a) as a PDC 
> and as a file server using system's ACLs.
> 
> 1. Where samba stores the users and groups domain information? Is in the 

> /etc/passwd?

by default : YES

> 
> 2. MUST i use winbind to successfully use ACLs? If the samba is the PDC, 

> why should i have to use winbind? There is no problem to me to keep 
> linux box user and groups accounts.

NO

> 
> 3. Someone know where a find the ACLs options official guide?

for setting samba to use acl, add --with-acl-support option to the 
./configure call.
It's the first step for using samba and ACL.

And after see manual page of smb.conf for acl parameter.

> 
> Thanks again for everyone
> 
> Bruno
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] root != admin domain user?

[stephane . purnelle]

See on the samba howto collection the chapter 15 "User rights and 
Privileges" .
You will find the answer.


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
23/10/2007 11:36:01 :

> Hi all,
> 
> Samba has been running as PDC for some months in a row w/o no issues so 
> far.
> Users and machines were created and added to the domain correctly...
> 
> Now I'm facing the following problem... I hope it's easy to solve...
> Although machines have been added to the domain using the root user, and 

> it's mapped to Administrator in /etc/samba/smbusers, when a situation 
> like connecting to a remote Windows workstation or unlocking a locked 
> session using that user comes, the workstation shows a message telling 
> that I (or the SysAdmin using the root or Administartor account) have no 

> privileges to do that...
> 
> This is my smb.conf:
> 
> ---
> [global]
>netbios name = v601
>server string = Volania Six Dominatrix
>workgroup = VOLANIASIX.COM
> 
>; domain & local master browser
>; coz we're dealing with Win2k
>os level = 65
>prefered master = yes
>domain master = yes
>local master = yes
>domain logons = yes
>wins support = yes
> 
>; misc options
>socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 
> SO_RCVBUF=8192
>time server = yes
> 
>; do not show files starting with dots
>hide dot files = yes
> 
>; do not allow guest access, use only local system accounts
>security = user
>guest ok = no
>invalid users = bin deamon sys man postfix mail ftp
>admin users = @wheel
> 
>; use encrypted passwords
>encrypt passwords = yes
> 
>; logging (max log size is in kB)
>log level = 2
>log file = /var/log/samba/log.%L
>max log size = 1000
>debug timestamp = yes
>syslog = 1
> 
>; user roaming profiles path
>logon path = \\%N\profiles\%U
> 
>logon drive = H:
> 
>; general logon script (in DOS format)
>logon script = %u.bat
> 
> # These scripts are used on a domain controller or stand-alone
> # machine to add or delete corresponding unix accounts
>add user script = /usr/sbin/useradd %u
>add group script = /usr/sbin/groupadd %g
>add machine script = /usr/sbin/adduser -n -g users -c 
> V6-Windows-Machine -d /dev/null -s /bin/false %u
>delete user script = /usr/sbin/userdel %u
>delete user from group script = /usr/sbin/deluser %u %g
>delete group script = /usr/sbin/groupdel %g
>username map = /etc/samba/smbusers
> 
> 
> ; share for domain controller
> [netlogon]
>path = /usr/lib/samba/netlogon
>public = no
>writeable = no
>browsable = no
>valid users = root @smbusers
> 
> ; share for storing user profiles
> [profiles]
>comment = Network Profiles Share
> 
>path = /usr/lib/samba/profiles
>writeable = yes
>store dos attributes = yes
>create mask = 0700
>directory mask = 0700
>browsable = no
>guest ok = no
>printable = no
> 
>hide files = /desktop.ini/outlook*.lnk/*Briefcase*/
>valid users = root @smbusers
> 
> [homes]
>valid users = %S
>read only = No
>browseable = No
> 
> ---
> 
> # grep wheel /etc/group
> wheel:x:10:root
> 
> 
> 
> Any suggestions?? Maybe I've overseen something obvious when Samba was 
> set up as PDC...
> 
> 
> TIA,
> Martin
> 
> 
> -- 
> Martin Mielke - [EMAIL PROTECTED]
> Sr. SysAdmin at Casino.com
> p: +34 956785288 | f: +34 956794081 | m: +34 677509693
> w: http://www.casino.com/
> 
> The contents of this email and any attachments are for the intended 
> recipient(s) only. This email may contain proprietary, confidential,
> or otherwise private information belonging to Casino.com (hereafter 
> referred to as "The Company") or its affiliates. The Company does 
> not take any responsibility for, or endorse any information which 
> does not relate to its official business, including personal mail 
> and/or opinions by senders whether or not they are employed by The 
> Company. If you receive a message that was not intended for you, 
> please notify the sender immediately (or forward the email to 
> [EMAIL PROTECTED]). Do not read, use or disclose the contents in 
> any way and delete the message immediately.
> 
> The Company will take reasonable precautions but cannot ensure that 
> this e-mail and any attachments will be free of errors, viruses, 
> interception or interference. Therefore The Company can not be held 
> liable for any loss or damages incurred by you which have been 
> caused by any of the foregoing. No undertaking, guarantee or other 
> obligation contained in this e

RE [Samba] problem with kernel oplock

[stephane . purnelle]

NFS precision : 

127.0.0.1:/srv/vol2_For_SafeKit_Replication on /srv/vol2 type nfs 
(rw,proto=udp,port=5700,hard,timeo=5,retrans=6,nolock,addr=127.0.0.1)

You can see that NFS no lock the file.

I tried with kernel oplocks = no but the problem is the same, the message 
has just changed from I/O problem to access right problem.

Where is the problem ?

thanks 

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467



[EMAIL PROTECTED] 
Envoyé par : [EMAIL PROTECTED]
17/10/2007 13:11

A
samba@lists.samba.org
cc

Objet
[Samba] problem with kernel oplock






Hi,

We test a software called Safekit.
This software permit to have a replicated FS and can start some apps from 
a particular script.
We use this startup script for starting SaMBa. 

We make this test : 

NODE1 : Samba not actif (SECOND)
NODE2 : Samba is running (PRIM)

open a file with samba and modify it
make swap
I try to save and no possible to save, but if I close the file and reopen 
it it works fine.

On the log file, we have : 

[2007/10/17 12:25:50, 4] smbd/open.c:open_file_ntcreate(1605)
  calling open_file with flags=0x0 flags2=0x0 mode=0760, access_mask = 
0x20089, open_access_mask = 0x20089
[2007/10/17 12:25:50, 2] smbd/open.c:open_file(391)
  spu opened file CORINF/cmde/CDE5021.ods read=Yes write=No (numopen=3)
[2007/10/17 12:25:50, 3] smbd/oplock_linux.c:linux_set_kernel_oplock(173)
  linux_set_kernel_oplock: Refused oplock on file CORINF/cmde/CDE5021.ods, 

fd = 26, dev = 14, inode = 403381390. (Ressource temporairement non 
disponible)
[2007/10/17 12:25:50, 5] smbd/nttrans.c:reply_ntcreate_and_X(938)
  reply_ntcreate_and_X: fnum = 12684, open name = CORINF/cmde/CDE5021.ods
[2007/10/17 12:25:50, 5] lib/util.c:show_msg(484)
[2007/10/17 12:25:50, 5] lib/util.c:show_msg(494)

Anyone can explain this little problem ?

Samba 3.0.26a
The shared directory is accesible with a local mount of a NFS share.

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] problem with kernel oplock

[stephane . purnelle]

Hi,

We test a software called Safekit.
This software permit to have a replicated FS and can start some apps from 
a particular script.
We use this startup script for starting SaMBa. 

We make this test : 

NODE1 : Samba not actif (SECOND)
NODE2 : Samba is running (PRIM)

open a file with samba and modify it
make swap
I try to save and no possible to save, but if I close the file and reopen 
it it works fine.

On the log file, we have : 

[2007/10/17 12:25:50, 4] smbd/open.c:open_file_ntcreate(1605)
  calling open_file with flags=0x0 flags2=0x0 mode=0760, access_mask = 
0x20089, open_access_mask = 0x20089
[2007/10/17 12:25:50, 2] smbd/open.c:open_file(391)
  spu opened file CORINF/cmde/CDE5021.ods read=Yes write=No (numopen=3)
[2007/10/17 12:25:50, 3] smbd/oplock_linux.c:linux_set_kernel_oplock(173)
  linux_set_kernel_oplock: Refused oplock on file CORINF/cmde/CDE5021.ods, 
fd = 26, dev = 14, inode = 403381390. (Ressource temporairement non 
disponible)
[2007/10/17 12:25:50, 5] smbd/nttrans.c:reply_ntcreate_and_X(938)
  reply_ntcreate_and_X: fnum = 12684, open name = CORINF/cmde/CDE5021.ods
[2007/10/17 12:25:50, 5] lib/util.c:show_msg(484)
[2007/10/17 12:25:50, 5] lib/util.c:show_msg(494)

Anyone can explain this little problem ?

Samba 3.0.26a
The shared directory is accesible with a local mount of a NFS share.

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] install printer problem

[stephane . purnelle]

Actually, no windows user can print with this PC.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467



[EMAIL PROTECTED] 
Envoyé par : [EMAIL PROTECTED]
10/07/2007 11:44

A
[EMAIL PROTECTED]
cc

Objet
[Samba] install printer problem






Hi, 

With new windows XP SP2 machine, user cannot install or reuse printer 
installed on her profile.

When I try to add a printer I have : 
A strategy on your computer cannot permit to connect to this print queue.
Contact your system administrator

When I try to see property of already installed printer; I read : 
unable to end this operation.

Actually, my samba version is 3.0.23c
And if I read debug level 10 on the machine, I can see that the client 
want to have a computer account corresponding to the hostname a PDC.
My hostname is different that the DC name.

could you help me ?

thanks

Stéphane Purnelle


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] install printer problem

[stephane . purnelle]

Hi, 

With new windows XP SP2 machine, user cannot install or reuse printer 
installed on her profile.

When I try to add a printer I have : 
A strategy on your computer cannot permit to connect to this print queue.
Contact your system administrator

When I try to see property of already installed printer; I read : 
unable to end this operation.

Actually, my samba version is 3.0.23c
And if I read debug level 10 on the machine, I can see that the client 
want to have a computer account corresponding to the hostname a PDC.
My hostname is different that the DC name.

could you help me ?

thanks

Stéphane Purnelle


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Advice about samba + GFS

[stephane . purnelle]

Hi people,

Actually, I have a samba server with XFS filesystem.
It run fine with no problem.

But, I must change machine (replacement cycle).
The hardware is from HP which distribute some tools and package for 
managing server.
This tools run only with update and kernel from supported distribution (in 
this case RedHat).

The problem is the support of XFS on RedHat distrib.
If I want XFS on my server, I must recompile the kernel with problem about 
Hp package !

Another project have the objective to find a solution for clustering the 
data and the samba server.
And Redhat have a solution named GFS.

And now I would like to know some experience of sysadmin about GFS and 
samba ( on LVM and ACL )
A little bechmarl between XFS and GFS and other link if possible.

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Samba 3.0.25rc3 Available for Download

[stephane . purnelle]

> Support for Additional ACL Modules
> ==

> Samba's POSIX ACL support has been moved inside of the VFS layer
> which means it is now possible to support multiple ACL implementations
> on the same server including NFSv4 and GPFS ACLs.


If I understand, I must be find a vfs named posix_acl (eq of 
--acl-support)
But I don't find this vfs plugin.

Where is the problem (me or )

thanks 


Stéphane





---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
25/04/2007 14:08:21 :

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> ==
> I'm not really concerned with performance.
>   -- SambaXP 07 Attendee referring
>to LDAP Directories
> ==
> Release Announcements
> =
> This is the third release candidate of the Samba 3.0.25 code base
> and is provided for testing only.  An RC release means that we are
> close to the final release but the code may still have a few
> remaining minor bugs.  This release is *not* intended for production
> servers.  There has been a substantial amount of development since
> the 3.0.23/3.0.24 series of stable releases.  We would like to ask the
> Samba community for help in testing these changes as we work towards
> the next significant production upgrade Samba 3.0 release.
> 
> Major features included in the 3.0.25 code base include:
> 
>   o Significant improvements in the winbind off-line logon support.
>   o Support for secure DDNS updates as part of the 'net ads join'
> process.
>   o Rewritten IdMap interface which allows for TTL based caching and
> per domain backends.
>   o New plug-in interface for the "winbind nss info" parameter.
>   o New file change notify subsystem which is able to make use of
> inotify on Linux.
>   o Support for passing Windows security descriptors to a VFS
> plug-in allowing for multiple Unix ACL implements to running side
> by side on the Same server.
>   o Improved compatibility with Windows Vista clients including
> improved read performance with Linux servers.
>   o Man pages for IdMap and VFS plug-ins.
> 
> 
> Off-line Logons and AD Site Support
> ===
> 
> Winbind's capability to support offline logons has been greatly
> improved with the 3.0.25 release including support for locating
> domain controllers asynchronously using Active Directory Site
> information.
> 
> 
> New IdMap Interface for Winbindd
> 
> 
> The 3.0.25 release of Samba includes a rewritten IdMap interface
> for winbindd which replaces the "idmap backend" parameter.  Please
> refer to the "idmap domains" description in the smb.conf(5) man
> page for more details.
> 
> 
> Dynamic DNS Updates
> ===
> 
> The "net ads join" command is now able to register the host's DNS A
> records with Windows 2000 SP4 and 2003 DNS servers.  This
> feature must be enabled at compile time using the --with-dnsupdate
> when running the ./configure script.  There is also a related "net ads
> dns" command for refreshing a host's records which could be launched
> from a dhcp client script when a new IP address is obtained.
> 
> 
> Support for Additional ACL Modules
> ==
> 
> Samba's POSIX ACL support has been moved inside of the VFS layer
> which means it is now possible to support multiple ACL implementations
> on the same server including NFSv4 and GPFS ACLs.
> 
> 
> VFS ReadAhead Plugin
> 
> 
> Windows Vista introduces pipe-lined read support for improved
> performance when transferring files.  The new vfs_readahead plugin
> allows Linux file servers to utilize additional Kernel buffers
> for caching files in order to avoid Disk I/O wait time when serving
> Vista clients.  If you experience poor read performance between
> Linux servers and Vista clients, please test the vfs_readahead
> module by adding the following lines to the share definition
> in smb.conf:
> 
> [file_share]
>vfs objects = readahead
> 
> Note that this plugin will result in additional RAM requirements
> due to the increased amount of kernel buffer caches used by smbd.
> Please refer to vfs_readahead(8) for more information.
> 
> 
> Windows Vista, Office 2007, and Offline Files
> =
> 
> Research surrounding offline files, Windows Vista, and Microsoft
> Office 2007 has revealed a incompatibility between these
> applications and the "map acl inherit = no" setting in smb.conf.
> Users requiring support client side caching (csc) and offline
> files are encouraged to enable the "map acl inherit" for any
> affected share

Re: [Samba] Samba 3.0.25rc2 Available for Download

[stephane . purnelle]

file not attached (due to mail rules), see output of make here :

In file included from smbd/dmapi.c:36:
/usr/include/xfs/dmapi.h:83: error: syntax error before << dm_attrloc_t >>
/usr/include/xfs/dmapi.h:85: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:86: error: syntax error before << dm_fsid_t >>
/usr/include/xfs/dmapi.h:87: error: syntax error before << dm_ino_t >>
/usr/include/xfs/dmapi.h:89: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:92: error: syntax error before << dm_size_t >>
/usr/include/xfs/dmapi.h:93: error: syntax error before << dm_ssize_t >>
/usr/include/xfs/dmapi.h:104: error: syntax error before << dm_dev_t >>
/usr/include/xfs/dmapi.h:246: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:302: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:345: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:359: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:379: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:383: error: syntax error before un élément 
lexical << } >>
/usr/include/xfs/dmapi.h:410: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:416: error: syntax error before << dt_dev >>
/usr/include/xfs/dmapi.h:417: error: syntax error before << dt_ino >>
/usr/include/xfs/dmapi.h:422: error: syntax error before << dt_rdev >>
/usr/include/xfs/dmapi.h:424: error: syntax error before << dt_size >>
/usr/include/xfs/dmapi.h:429: error: syntax error before << dt_blocks >>
/usr/include/xfs/dmapi.h:435: error: syntax error before << dt_pad3 >>
/usr/include/xfs/dmapi.h:447: error: syntax error before un élément 
lexical << } >>
/usr/include/xfs/dmapi.h:477: error: champ << dx_statinfo >> est de type 
incomplet
/usr/include/xfs/dmapi.h:486: error: syntax error before << __u16 >>
/usr/include/xfs/dmapi.h:488: error: syntax error before un élément 
lexical << } >>
/usr/include/xfs/dmapi.h:491: error: syntax error before << __u16 >>
/usr/include/xfs/dmapi.h:494: error: syntax error before << dm_fid_ino >>
/usr/include/xfs/dmapi.h:501: error: syntax error before << __s64 >>
/usr/include/xfs/dmapi.h:505: error: syntax error before un élément 
lexical << } >>
/usr/include/xfs/dmapi.h:584: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:597: error: syntax error before << dm_attrloc_t 
>>
/usr/include/xfs/dmapi.h:609: error: syntax error before << dm_attrloc_t 
>>
/usr/include/xfs/dmapi.h:619: error: syntax error before << dm_size_t >>
/usr/include/xfs/dmapi.h:626: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:636: error: syntax error before << dm_attrloc_t 
>>
/usr/include/xfs/dmapi.h:659: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:773: error: syntax error before << dm_fsid_t >>
/usr/include/xfs/dmapi.h:785: error: syntax error before << dm_ino_t >>
/usr/include/xfs/dmapi.h:803: error: syntax error before << dm_attrloc_t 
>>
/usr/include/xfs/dmapi.h:811: error: syntax error before un élément 
lexical << * >>
/usr/include/xfs/dmapi.h:819: error: syntax error before un élément 
lexical << * >>
/usr/include/xfs/dmapi.h:885: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:896: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:915: error: syntax error before << dm_read_invis 
>>
/usr/include/xfs/dmapi.h:920: error: syntax error before << dm_off_t >>
/usr/include/xfs/dmapi.h:971: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:991: error: syntax error before << dm_eventset_t 
>>
/usr/include/xfs/dmapi.h:1057: error: syntax error before << 
dm_write_invis >>
/usr/include/xfs/dmapi.h:1063: error: syntax error before << dm_off_t >>
smbd/dmapi.c: In function `dmapi_file_flags':
smbd/dmapi.c:221: error: syntax error before << events >>
smbd/dmapi.c: At top level:
smbd/dmapi.c:238: error: syntax error before << if >>
smbd/dmapi.c:252: error: << path >> non déclaré ici (hors de toute 
fonction)
smbd/dmapi.c:253: error: un élément de l'initialisation n'est pas une 
constante
smbd/dmapi.c:253: warning : the data definition have no type and no 
stockage class
smbd/dmapi.c:254: error: syntax error before << if >>
smbd/dmapi.c:269: attention : noms de paramêtres (sans type) dans la 
déclaration de fonction
smbd/dmapi.c:269: error: types conflictuels pour << 
set_effective_capability >>
include/proto.h:924: error: déclaration précédente de << 
set_effective_capability >> était ici
smbd/dmapi.c:269: error: types conflictuels pour << 
set_effective_capability >>
include/proto.h:924: error: déclaration précédente de << 
set_effective_capability >> était ici
smbd/dmapi.c:269: attention : la définition de données n'a pas de type ni 
de classe de stockage
smbd/dmapi.c:271: error: redéfinition de << err >>
smbd/dmapi.c:252: error: définition précédente de << err >> était ici
smbd/dmapi.c:272: error: un élément de l'initialisation n'es

Re: [Samba] Samba 3.0.25rc2 Available for Download

[stephane . purnelle]

Hi,

I have a problem : 

./configure --with-ldap --with-acl-support --prefix=/usr/local 
--exec-prefix=/usr/local --bindir=/usr/local/bin --sbindir=/usr/local/sbin 
--libexecdir=/usr/local/libexec --datadir=/usr/local/share 
--sharedstatedir=/usr/local/com --localstatedir=/usr/local/var 
--libdir=/usr/local/lib --includedir=/usr/local/include 
--infodir=/usr/share/info --with-configdir=/etc/samba 
--sysconfdir=/etc/samba --mandir=/usr/man --enable-cups

if [ $? == 0 ]; then
  make
  if [ $? == 0 ]; then
make install
  fi
fi
exit 0; 




RedHat Enterprise Linux 4 
Kernel 2.6.16.5

package dmapi 2.2.1-1 & dmapi-devel-2.2.1-1

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
22/04/2007 21:20:18 :

> Gerald (Jerry) Carter wrote:
> 
>  > This is the second release candidate of the Samba 3.0.25 code
>  > base and is provided for testing only.
> 
> These messages are new while compiling:
> 
> deveis # make
> [...]
> Compiling auth/auth_script.c
> Building plugin bin/script.so
> make: *** No rule to make target `nsswitch/libnss_winbind.so', needed by
> `all'.  Stop.
> deveis # make install
> [...]
> make: *** No rule to make target `nsswitch/libnss_winbind.so', needed by
> `all'.  Stop.
> 
> 
> Configure options:
> export CFLAGS='-O2 -march=i486 -fomit-frame-pointer'
> ./configure \
> --target=i486-pc-linux-gnu \
> --with-sendfile-support \
> --prefix=/usr \
> --bindir=/usr/bin \
> --sbindir=/usr/sbin \
> --with-privatedir=/etc \
> --with-lockdir=/var/lock/samba \
> --with-libdir=/usr/lib/samba \
> --with-piddir=/var/run \
> --with-swatdir=/usr/lib/samba/swat \
> --with-configdir=/etc \
> --with-logfilebase=/var/log \
> --localstatedir=/var/log \
> --without-ads \
> --without-ldap \
> --with-codepagedir=/usr/lib/samba/codepages \
> --with-smbmount=yes \
> --with-sambabook=/usr/lib/samba/swat/using_samba \
> --without-winbind \
> --without-python \
> --without-manpages \
> --without-mysql \
> --without-xml \
> --with-included-popt \
> --enable-cups=no \
> --with-vfs \
> --with-utmp \
> --with-quotas \
> --with-pam \
> --with-pam_smbpass \
> --with-acl-support
> 
> 
> der tom
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Domain Admins with Samba 3.024

[stephane . purnelle]

Please read the changelog !

There are many change between 3.0.10 and 3.0.2x
In 3.0.2x samba version, privilege are enabled are must be used !


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467



Neil Jolly <[EMAIL PROTECTED]> 
Envoyé par : [EMAIL PROTECTED]
14/02/2007 15:11

A
samba@lists.samba.org
cc

Objet
Re: [Samba] Domain Admins with Samba 3.024







On 14-Feb-07, at 4:01 AM, Gareth Cummings wrote:

> I am having the same problem on 3.23d, had it working fine with on 
> 3.0.10.
>
> The users in the domain admin group can add machines to the network 
> but do not have admin rights on the actual PCs'

Thanks for confirming this problem. Good to know I'm not alone, but I 
still need to resolve the issue at some point. This server's not in 
production as yet, so I'm free to try some changes if anyone has a 
suggestion.

Thanks,
Neil Jolly
#12 800 Bowcroft Place
Cochrane, Alberta
Phone: (403) 688-7516
Fax:   (403) 851-0873


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Windows Client Print Queue does not get clearedafterjobcompletion....

[stephane . purnelle]

With CUPS (libcups), normally you don't have problem about job
jobcompletion.
With LPD ou lprng, you must complete some parameter on smb.conf (aka : 
lp parameter and print command ). 

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

"Mansell, Gary" <[EMAIL PROTECTED]> a écrit sur 31/01/2007 12:21:41 
:

> Do you mean whether you use CUPS (CentOS 4.4 default) or LPD?
> 
> Can you please explain further?
> 
> On Wed, 2007-01-31 at 12:14 +0100, [EMAIL PROTECTED] wrote:
> > It's depend on print server you are using !
> > 
> > ---
> > Stéphane PURNELLE [EMAIL PROTECTED]
> > Service Informatique   Corman S.A.   Tel : 00 32 
087/342467
> > 
> > [EMAIL PROTECTED] a écrit sur 
> > 31/01/2007 10:21:50 :
> > 
> > > Hi,
> > > 
> > > I am too having the same problem when printing, I could not find a
> > > solution other than as you do, remove it after.
> > > 
> > > I am still looking at this issue and will send to this list if I get 
a
> > > solution if no-one replies. :)
> > > 
> > > Dave 
> > > 
> > > > -Original Message-
> > > > From: 
> > > > [EMAIL PROTECTED] 
> > > > [mailto:[EMAIL PROTECTED]
> > > ba.org] On Behalf Of Mansell, Gary
> > > > Sent: 31 January 2007 09:02
> > > > To: samba@lists.samba.org
> > > > Subject: [Samba] Windows Client Print Queue does not get 
> > > > cleared afterjobcompletion
> > > > 
> > > > Hi, 
> > > > 
> > > > I am running the default version of Samba that comes with CentOS 
4.4
> > > > (3.0.10-1.4E.9) and I am experiencing a problem where print 
> > > > jobs do not get removed from the Windows print queue after 
> > > > they have been printed.
> > > > 
> > > > If I perform an lmstat on the Samba server I can confirm that 
> > > > there are no jobs still waiting to print and hence the Samba 
> > > > print queues should be empty also.
> > > > 
> > > > The jobs can be manually cancelled by the user after they 
> > > > have been printed but this is obviously a chore.
> > > > 
> > > > 
> > > > Any advice gladly received
> > > > 
> > > > Regards
> > > > 
> > > > Gary Mansell
> > > > -- 
> > > > 
> > > > This e-mail and any files transmitted with it are 
> > > > confidential and intended solely for the use of the 
> > > > individual or entity to whom they are addressed.
> > > > If you have received this e-mail in error please notify the 
> > > > sender immediately and delete this e-mail from your system. 
> > > > Please note that any views or opinions presented in this 
> > > > e-mail are solely those of the author and do not necessarily 
> > > > represent those of Ricardo (save for reports and other 
> > > > documentation formally approved and signed for release to the 
> > > > intended recipient).  Only Directors or Duly Authorised 
> > > > Officers are authorised to enter into legally binding 
> > > > obligations on behalf of Ricardo unless the obligation is 
> > > > contained within a Ricardo Purchase Order.
> > > > 
> > > > Ricardo may monitor outgoing and incoming e-mails and other 
> > > > telecommunications on its e-mail and telecommunications 
> > > > systems.  By replying to this e-mail you give consent to such 
> > > > monitoring.  The recipient should check this e-mail and any 
> > > > attachments for the presence of viruses.  Ricardo accepts no 
> > > > liability for any damage caused by any virus transmitted by 
> > > > this e-mail.  "Ricardo" means Ricardo plc and its subsidiary 
> > > > companies.
> > > > 
> > > > Ricardo plc is a public limited company registered in England 
> > > > with registered number 00222915.
> > > > The registered office of Ricardo plc is Shoreham Technical 
> > > > Centre, Shoreham-by Sea, West Sussex, BN43 5FG.
> > > > 
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions:  https://lists.samba.org/mailman/listinfo/samba
> > > > 
> > > > 
> > > > This message has been scanned for viruses by MailControl - 
> > > > (see http://bluepages.wsatkins.co.uk/?4318150)
> > > > 
> > > 
> > > 
> > > This email and any attached files are confidential and copyright 
> > > protected. If you are not the addressee, any dissemination of this 
> > > communication is strictly prohibited. Unless otherwise expressly 
> > > agreed in writing, nothing stated in this communication shall be 
> > > legally binding.
> > > 
> > > Consider the environment. Please don't print this e-mail unless you 
> > > really need to. 
> > > -- 
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  https://lists.samba.org/mailman/listinfo/samba
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailm

RE: [Samba] Windows Client Print Queue does not get cleared afterjobcompletion....

[stephane . purnelle]

It's depend on print server you are using !

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
31/01/2007 10:21:50 :

> Hi,
> 
> I am too having the same problem when printing, I could not find a
> solution other than as you do, remove it after.
> 
> I am still looking at this issue and will send to this list if I get a
> solution if no-one replies. :)
> 
> Dave 
> 
> > -Original Message-
> > From: 
> > [EMAIL PROTECTED] 
> > [mailto:[EMAIL PROTECTED]
> ba.org] On Behalf Of Mansell, Gary
> > Sent: 31 January 2007 09:02
> > To: samba@lists.samba.org
> > Subject: [Samba] Windows Client Print Queue does not get 
> > cleared afterjobcompletion
> > 
> > Hi, 
> > 
> > I am running the default version of Samba that comes with CentOS 4.4
> > (3.0.10-1.4E.9) and I am experiencing a problem where print 
> > jobs do not get removed from the Windows print queue after 
> > they have been printed.
> > 
> > If I perform an lmstat on the Samba server I can confirm that 
> > there are no jobs still waiting to print and hence the Samba 
> > print queues should be empty also.
> > 
> > The jobs can be manually cancelled by the user after they 
> > have been printed but this is obviously a chore.
> > 
> > 
> > Any advice gladly received
> > 
> > Regards
> > 
> > Gary Mansell
> > -- 
> > 
> > This e-mail and any files transmitted with it are 
> > confidential and intended solely for the use of the 
> > individual or entity to whom they are addressed.
> > If you have received this e-mail in error please notify the 
> > sender immediately and delete this e-mail from your system. 
> > Please note that any views or opinions presented in this 
> > e-mail are solely those of the author and do not necessarily 
> > represent those of Ricardo (save for reports and other 
> > documentation formally approved and signed for release to the 
> > intended recipient).  Only Directors or Duly Authorised 
> > Officers are authorised to enter into legally binding 
> > obligations on behalf of Ricardo unless the obligation is 
> > contained within a Ricardo Purchase Order.
> > 
> > Ricardo may monitor outgoing and incoming e-mails and other 
> > telecommunications on its e-mail and telecommunications 
> > systems.  By replying to this e-mail you give consent to such 
> > monitoring.  The recipient should check this e-mail and any 
> > attachments for the presence of viruses.  Ricardo accepts no 
> > liability for any damage caused by any virus transmitted by 
> > this e-mail.  "Ricardo" means Ricardo plc and its subsidiary 
> > companies.
> > 
> > Ricardo plc is a public limited company registered in England 
> > with registered number 00222915.
> > The registered office of Ricardo plc is Shoreham Technical 
> > Centre, Shoreham-by Sea, West Sussex, BN43 5FG.
> > 
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
> > 
> > 
> > This message has been scanned for viruses by MailControl - 
> > (see http://bluepages.wsatkins.co.uk/?4318150)
> > 
> 
> 
> This email and any attached files are confidential and copyright 
> protected. If you are not the addressee, any dissemination of this 
> communication is strictly prohibited. Unless otherwise expressly 
> agreed in writing, nothing stated in this communication shall be 
> legally binding.
> 
> Consider the environment. Please don't print this e-mail unless you 
> really need to. 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] access users homes share

[stephane . purnelle]

exactly, you need to create a special share for permet user2 to acces to 
home of user1 (or reverse).
but I'm not sure that is possible if you want to specify that only user2 
can acces to user1'home and not user3.
Maybe you must implement ACL...

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
23/01/2007 10:57:11 :

> hey list,
> 
> we are currently migrating our users from novell to samba. now we 
> have one problem: in novell we could give e.g. user1 access to 
> users2 home share so he could modify, delete or add files on this 
> share. in samba we defined a global homes share that is mapped on 
> logon. so how can we give user1 the needed rights? 
> here is the definition of the homes share in smb.conf:
> 
> [homes]
> comment = user share
> browseable = no
> writeable = yes
> write list = %U
> create mask = 0600
> directory mask = 0700
> force user = %U
> force group = Administrators
> oplocks = true
> 
> do we need to add a special share and group?
> 
> thanks for help and best regards
> 
> 
> 
> 
> 
> 
> 
> 
> 

> Don't pick lemons.
> See all the new 2007 cars at Yahoo! Autos.
> http://autos.yahoo.com/new_cars.html 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] smbldap-useradd question

[stephane . purnelle]

IdealX tools is for manage users in ldap tree, not in passwd.
Normally , the data of users in LDAP contain necessary attribute for unix 
account.
You can use pam_ldap & nss_ldap pour unix auth from LDAP.

For mail box, you must create one manually or modify the smbldap-useradd 
script !

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467



Jason Baker <[EMAIL PROTECTED]> 
Envoyé par : [EMAIL PROTECTED]
17/01/2007 15:14

A
samba List 
cc

Objet
[Samba] smbldap-useradd question






I have Samba 3 setup to work with LDAP and I am using the IdealX tools 
to create new users. If I issue the command /./smbldap-useradd -m -a -c 
"User Name" username/, then my new user is added, but I do not see the 
user in //etc/passwd/ and there is no entry in //var/mail/. Do I need to 
create a Unix account for this user also? They already have a /home 
directory. If I want a mail box for the user, could I just create one 
manually?
-- 

*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.
www.glastender.com 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] browser list

[stephane . purnelle]

Hi !

I have a question or request for improvement : 

Some external people with her domain name must be connected to our 
network.
Each time, he receive wins and other informations  from DHCP.
With this configuration the browser list from my PDC contain domain name 
wich not longer exist because this laptop has been connected one day or 
two.

My question is : howto remove theses informations from wins.dat without 
restart nmbd ?
If not possible, someone can make a tools for that ? or how spécify a 
timeout of existance of domain (a host exist in this domain) ?

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] IP Address permissions per share

[stephane . purnelle]

see the hosts allow parameter in man of smb.conf

Man : http://ftp.easynet.be/samba/docs/man/manpages-3/smb.conf.5.html
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
02/01/2007 17:13:21 :

> 
>  I've googled and googled for an answer to this but all I can find is ip
> specific global permissions for samba. What I want to do is only allow
> specific ip addresses access to certain shares in my config. Is this
> possible? I know I could do user permissions to shares but I want to 
lock
> it down per ip address.
> 
> Thanks,
> 
> Ed
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [samba] ACL inheritance like NTFS?

[stephane . purnelle]

XFS use ACL for that.

Each Default  entry will provide inheritance.

For applying ACL ont sub-diretcory and file, we have modified the 
file-manager of webmin for manage ACL and inheritance.
For the rest, samb manage the ACL with the good parameter.




---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
02/01/2007 13:25:48 :

> Hi all,
> 
> I will migrate a windows fileserver to a Suse System with XFS-filesystem
> and Samba. I will copy the files with the robocopy tool from Microsoft. 
> 
> I did some test and I noticed that XFS-filesystem does not support
> inheritance like NTFS. If there a solution for that problem? How did you
> solve that problem?
> 
> Thank you!
> 
> Richard
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] 3.0.23c: cannot access LDAP when not root

[stephane . purnelle]

Hi,

Try this patch, it work fine on my server
 --> (https://bugzilla.samba.org/attachment.cgi?id=2135&action=view)

Should apply cleanly to 3.0.23c.
It's my bug report : https://bugzilla.samba.org/show_bug.cgi?id=4097

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
19/10/2006 19:25:08 :

> Hi Everybody,
> 
> I have set up a Samba 3.0.23c PDC with LDAP and ACLs on Suse 10.0.
> Things seem to work fine, but log.smbd gets filled with many
> 
>smbldap_open: cannot access LDAP when not root
> 
> messages whenever I move around on the mounted user share using Windows 
> XP Explorer from a client computer. More precisely, whenever I move the 
> cursor to a new subfolder in explorer, I get a new bunch of the above 
> messages in log.smbd, the quantity apparently depending on the number of 

> ACL entries for the folder.
> 
> Any idea what could be wrong?
> 
> Let me know if you need more information, smb.conf and extended logs.
> 
> TIA, Peter Rindfuss
> 
> Wissenschaftszentrum Berlin fuer Sozialforschung
> (Social Science Research Center Berlin, Germany)
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Printing problems with samba 3.0.23c and NT4

[stephane . purnelle]

Hi,

I have the same problem on a NT4 SP3.

I must made a workaround (using direct print, without pass by samba), but 
the problem still present.


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
13/09/2006 10:36:01 :

> Hi everyone!
> 
> I have upgrade my fileserver from samba2-smbpasswd to samba3.0.23c 
> with LDAP-PDC.
> Now i can't print to the printers on that server with NT4. "net use 
> ..." is functional, but if  I print to that printer, I get the
> error - free translated from german message - "The syntax of the 
> filename, directory name or the disc-label is wrong."
> 
> WinXP hasn't that problem.
> The share is defined in this way:
> 
> [global]
> ...
> printing = BSD
> ...
> [pspdf]
> path = /tmp
> printable = yes
> print command = /usr/local/bin/samba2pdf %s %U
> use client driver = yes
> 
> I have played with "use client driver", with no success.
> 
> Is the printing-support for NT4 broken?
> 
> Thanks a lot in advance
> 
> Andreas Pohl
> [EMAIL PROTECTED]
> --
> INTERMET Ueckermünde
> D-17373 Ueckermünde, Eggesiner Str. 11
> Tel.: +49 (0) 39771 2120, Fax: +49 (0) 39771 21210
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] smbldap_open: cannot access LDAP when not root..

[stephane . purnelle]

Hello,

I have some little problems with samba 3.0.23c.

A client open a excel file (office 2000), modify it and save it.
After the office 2000 have saved the file, he display a message box with 
the message : 

"file correclty saved but he cannot reopened because the memory is too 
short."

If I look the ACL, the owner of file , the ACL is changed to read only and 
in samba log file, I can read :


[2006/09/08 09:59:23, 0] lib/smbldap.c:smbldap_open(1009)
  smbldap_open: cannot access LDAP when not root..

If I change the ACL correctly, the user will have no problem.

what happening ?

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] problem with samba 3.0.23c and windows NT4 workstation

[stephane . purnelle]

It's a test for trying to find problem.

This special section have was created only for testing.
However, the printer is loading with standard printer section.

Now, I started on samba server a ethereal and when I trie to print a page, 
I have no communication.
Do you have a idea for that ?
You can notice that the message call_nt_transact_ioctl(0x90028) is only on 
the connection or reconnection, not each time.

I attached a log level 10 of this client  and the share promatic is 
created from printer section.



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

"Gerald (Jerry) Carter" <[EMAIL PROTECTED]> a écrit sur 06/09/2006 16:18:26 
:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> [EMAIL PROTECTED] wrote:
> > It's a old NT4 SP4
> > 
> > Yesterday this machine hang one time and after no 
> > print occur on this  machines.
> > I'm not sure that is a samba problem  but my chief 
> > think that is a problem  because I upgraded samba
> > from 3.0.21b to 3.0.23c.
> > 
> > Now, I tried with a special section for a printer like : 
> ...
> > [promatic]
> > comment = Imprimante etiquette salle OTC1
> > path = /var/spool/samba
> > read only = No
> > printable = Yes
> > printer name = promatic
> > use client driver = yes
> > 
> > And is always not work !
> 
> So you believe the 'use client driver' setting is to blame?
> Do you absolutely need that option?
> 
> 
> 
> 
> 
> cheers, jerry
> =
> Samba--- http://www.samba.org
> Centeris ---  http://www.centeris.com
> "What man is a man who does not make the world better?"  --Balian
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.4 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFE/tiyIR7qMdg1EfYRAuehAJ91/O3EROiSMs9gKJjxO7dGK8yFcwCdFhQo
> AHgjAnxPJPL6XBcynoMaEGM=
> =qeFg
> -END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] problem with samba 3.0.23c and windows NT4 workstation

[stephane . purnelle]

It's a old NT4 SP4

Yesterday this machine hang one time and after no print occur on this 
machines.
I'm not sure that is a samba problem  but my chief think that is a problem 
because I upgraded samba from 3.0.21b to 3.0.23c.

Now, I tried with a special section for a printer like : 


[printers]
comment = Imprimantes
path = /tmp
guest ok = Yes
printable = Yes
browseable = No
printable = Yes
public = Yes
use client driver = No


[promatic]
comment = Imprimante etiquette salle OTC1
path = /var/spool/samba
read only = No
printable = Yes
printer name = promatic
use client driver = yes

And is always not work !


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

"Gerald (Jerry) Carter" <[EMAIL PROTECTED]> a écrit sur 06/09/2006 15:50:24 
:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> [EMAIL PROTECTED] wrote:
> > Hi,
> > 
> > I upgraded my samba 3.0.21b to 3.0.23c, after that 
> > printing from this NT 4  workstation don't work !
> > 
> > I have : 
> >call_nt_transact_ioctl(0x90028): Currently not implemented.
> > 
> > And on the workstation : 
> >write error on \\admin01\promatic for that document : 
> >name file syntax, directory or volume is incorrect
> > 
> >Would you want to retry or cancer job ?
> > 
> > anyone can help me ?
> 
> Are you vending drivers from Samba ?  Is spoolss enabled ?
> I just tested printing locally from NT4.  Driver download
> worked fine and I send a test job through without any hitches.
> 
> 
> 
> 
> 
> cheers, jerry
> =
> Samba--- http://www.samba.org
> Centeris ---  http://www.centeris.com
> "What man is a man who does not make the world better?"  --Balian
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.4 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFE/tIgIR7qMdg1EfYRAtlKAJ0QV5W/t1RF0a9jPQhBz6Mt91b1AQCfSyJk
> shxa7LH69WODJSHPq3+tleI=
> =38JI
> -END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Printing problem with samba 3.0.23c and windows NT4 (URGENT)

[stephane . purnelle]

Hi,

I upgraded my samba 3.0.21b to 3.0.23c, after that printing from this NT 4 
workstation doesn't work !

I have : 
[2006/09/06 09:01:44, 0] 
smbd/nttrans.c:call_nt_transact_ioctl(2332)
call_nt_transact_ioctl(0x90028): Currently not 
implemented.

And on the workstation : 
write error on \\admin01\promatic for that document : name file 
syntax, direcrory or volume is incorrect

Would you want to retry or cancer job ?

anyone can help me now ?

Thanks


Stéphane Purnelle
 




---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] problem with samba 3.0.23c and windows NT4 workstation

[stephane . purnelle]

Hi,

I upgraded my samba 3.0.21b to 3.0.23c, after that printing from this NT 4 
workstation don't work !

I have : 
[2006/09/06 09:01:44, 0] 
smbd/nttrans.c:call_nt_transact_ioctl(2332)
call_nt_transact_ioctl(0x90028): Currently not 
implemented.

And on the workstation : 
write error on \\admin01\promatic for that document : name file 
syntax, direcrory or volume is incorrect

Would you want to retry or cancer job ?

anyone can help me ?

thanks


Stéphane Purnelle
 




---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] What about MS06-040

[stephane . purnelle]

Hi,

I have some problem with computer browser and Net Logon.
I suspect the MS-patches named MS06-40 (921883).

http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx

Could anyone confim if this patches couse problem or not.

Actually I use samba 3.0.21c and I would like to know if samba 3.0.23c 
could resolve problem.


thanks


Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problem with guest account samba 3.0.23a (smbd wont start)

[stephane . purnelle]

Hi,

I test samba 3.0.23a and I used a existant LDAP tree.

But, samba 3.0.23a won't start : 
In smbd.log : 

..
[2006/07/28 09:58:14, 10] registry/reg_cachehook.c:reghook_cache_add(61)
  reghook_cache_add: Adding key [/HKLM/SOFTWARE/Microsoft/Windows 
NT/CurrentVersion/Ports]
[2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(201)
  pathtree_add: Enter
[2006/07/28 09:58:14, 10] lib/adt_tree.c:pathtree_add(268)
  pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows 
NT/CurrentVersion/Ports] to tree
[2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(270)
  pathtree_add: Exit
[2006/07/28 09:58:14, 10] registry/reg_cachehook.c:reghook_cache_add(61)
  reghook_cache_add: Adding key 
[/HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares]
[2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(201)
  pathtree_add: Enter
[2006/07/28 09:58:14, 10] lib/adt_tree.c:pathtree_add(268)
  pathtree_add: Successfully added node 
[HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] to tree
[2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(270)
  pathtree_add: Exit
[2006/07/28 09:58:14, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/07/28 09:58:14, 3] smbd/uid.c:push_conn_ctx(345)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/07/28 09:58:14, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/07/28 09:58:14, 5] auth/auth_util.c:debug_nt_user_token(449)
  NT user token: (NULL)
[2006/07/28 09:58:14, 5] auth/auth_util.c:debug_unix_user_token(475)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2006/07/28 09:58:14, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [dc=corman,dc=be], filter => 
[(&(uid=root)(objectclass=sambaSamAccount))], scope => [2]
[2006/07/28 09:58:14, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1396)
  ldapsam_getsampwnam: Unable to locate user [root] count=0
[2006/07/28 09:58:14, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/28 09:58:14, 5] 
passdb/pdb_interface.c:pdb_default_uid_to_rid(1217)
  pdb_default_uid_to_rid: Did not find user root (0)
[2006/07/28 09:58:14, 10] passdb/lookup_sid.c:uid_to_sid(1083)
  uid_to_sid: local 0 -> S-1-22-1-0
[2006/07/28 09:58:14, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [ou=groupes,dc=corman,dc=be], filter => 
[(&(objectClass=sambaGroupMapping)(gidNumber=0))], scope => [2]
[2006/07/28 09:58:15, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213)
  ldapsam_getgroup: Did not find group
[2006/07/28 09:58:15, 10] passdb/lookup_sid.c:gid_to_sid(1127)
  gid_to_sid: local 0 -> S-1-22-2-0
[2006/07/28 09:58:15, 3] passdb/lookup_sid.c:store_gid_sid_cache(1038)
  store_gid_sid_cache: gid 0 in cache -> S-1-22-2-0
[2006/07/28 09:58:15, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [ou=groupes,dc=corman,dc=be], filter => 
[(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-544))], scope => [2]
[2006/07/28 09:58:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213)
  ldapsam_getgroup: Did not find group
[2006/07/28 09:58:26, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [ou=groupes,dc=corman,dc=be], filter => 
[(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545))], scope => [2]
[2006/07/28 09:58:35, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213)
  ldapsam_getgroup: Did not find group
[2006/07/28 09:58:35, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [ou=groupes,dc=corman,dc=be], filter => 
[(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-22-1-0)(sambaSIDList=S-1-22-2-0)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-11)(sambaSIDList=S-1-5-32-544)))],
 
scope => [2]
[2006/07/28 09:58:50, 10] lib/smbldap.c:smbldap_search_ext(1237)
  Failed search for base: ou=groupes,dc=corman,dc=be, error: Timed out ()
[2006/07/28 09:58:50, 10] auth/auth_util.c:add_aliases(631)
  pdb_enum_alias_memberships failed: NT_STATUS_UNSUCCESSFUL
[2006/07/28 09:58:50, 10] registry/reg_db.c:regdb_open(248)
  regdb_open: incrementing refcount (1)
[2006/07/28 09:58:50, 7] registry/reg_frontend.c:regkey_open_internal(359)
  regkey_open_internal: name = [HKLM\SYSTEM\CurrentControlSet\Services]
[2006/07/28 09:58:50, 10] registry/reg_cachehook.c:reghook_cache_find(95)
  reghook_cache_find: Searching for keyname 
[/HKLM/SYSTEM/CurrentControlSet/Services]
[2006/07/28 09:58:50, 10] lib/adt_tree.c:pathtree_find(341)
  pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services]
[2006/07/28 09:58:50, 10] lib/adt_tree.c:pathtree_find(413)
  pathtree_find: Exit
[2006/07/28 09:58:50, 5] registry/reg_frontend.c:registry_access_check(59)
  registry_access_check: using root's token
[2006/07/28 09:58:50, 3] passdb/lookup_sid.c:fetch_sid_from_uid_cache(907)
  fetch sid from uid cache 0 -> S-1-22-1-0
[2006/07/28 09:58:50, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(979)
  fetch 

RE [Samba] Windows user password changing with Samba + LDAP + smbldap tools

[stephane . purnelle]

With LDAP, I not use passwd program parameter.

Samba modify directly the password attribute and the userPassword if ldap 
passwd sync = yes

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467



taso <[EMAIL PROTECTED]> 
Envoyé par : [EMAIL PROTECTED]
17/01/2006 13:49
Veuillez répondre à
[EMAIL PROTECTED]


A
samba@lists.samba.org
cc

Objet
[Samba] Windows user password changing with Samba + LDAP + smbldap tools






smbldap-tools-0.9.1-1 & Samba 3.0.21a

This is what I have in my smb.conf:

 passwd program = /opt/IDEALX/sbin/smbldap-passwd "%u"
 passwd chat = "*New password :*\n" %n "*new password :*\n" %n
 unix password sync = Yes


According to "man smb.conf", smbldap-passwd is invoked as root so the
passwd chat should be fine.

Problem is it doesn't work.

Am I missing something obvious?


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Adding workstations to domain as non-root

[stephane . purnelle]

I your log I see two problem or comment : 

- Have you configured idealx-tools (smbldap.conf & smbldap_bind.conf)
- Have you added in your ldap_tree the objectclass sambaUnixIdPool into 
the entry sambaDomainName="xxx" (it's the preference entry from 
idealx-howto)


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
16/01/2006 10:41:55 :

> Hi,
> 
> The Problem:
> 
> I have a samba domain using LDAP as the backend, complete with the 
> IdealX LDAP scripts.
> 
> Most of my Unix boxes (certainly anything which does any Samba stuff) 
> authenticates against the same LDAP backend, using it for groups and 
> users.
> 
> I need to grant some people sufficient priviliges to add workstations 
> to the domain, but I don't want to give them the root password in LDAP 
> as doing so will also give them root access to the Unix boxes.
> 
> I would therefore like to configure the system such that users who are 
> a member of a specific group (Domain Admins springs immediately to 
> mind) are able to add workstations to the domain.
> 
> I have already added myself to the "Domain Admins" group:
> 
> # Domain Admins, Group, u4eatech.com
> dn: cn=Domain Admins,ou=Group,dc=u4eatech,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 512
> cn: Domain Admins
> memberUid: Administrator
> memberUid: jamesc
> description: Netbios Domain Administrators
> sambaSID: S-1-5-21-2044582568-1589646193-1504741369-512
> sambaGroupType: 2
> displayName: Domain Admins
> 
> 
> And I've chown/chmod'ed the smbldap config files so members of the 
> Domain Admins  group can read them:
> 
> elli sbin # ls -ail /etc/smbldap-tools/
> total 27
> 238406 drwxr-xr-x   2 root root   192 Jan 11 16:16 .
>   9120 drwxr-xr-x  42 root root  3160 Jan 12 09:31 ..
> 238451 -rw-r--r--   1 root root  7634 Jan 11 16:06 smbldap.conf
> 30283 -rw-r--r--   1 root root  7728 Jan 10 13:44 
smbldap.conf.old
> 238421 -rw-r-   1 root Domain Admins  438 Jan 11 08:52 
smbldap_bind.conf
> 
> 
> However, I can't add users using the smbldap-useradd script:
> 
> [EMAIL PROTECTED] ~ $ /usr/sbin/smbldap-useradd  -w "phobos$"
> Could not find base dn, to get next uidNumber at 
> /usr/sbin//smbldap_tools.pm line 995.
> 
> Looking at the OpenLDAP logs, it seems that smbldap-useradd is 
> performing the search without first authenticating with the LDAP server:
> 
> 
> Jan 16 09:24:19 cygnus_new slapd[12571]: conn=67383 fd=52 ACCEPT from 
> IP=172.30.1.22:60342 (IP=0.0.0.0:389)
> Jan 16 09:24:19 cygnus_new slapd[26453]: conn=67383 op=1 SRCH 
> base="dc=u4eatech,dc=com" scope=2 deref=2 
> filter="(&(objectClass=posixAccount)(uid=phobos$))"
> Jan 16 09:24:19 cygnus_new slapd[26453]: conn=67383 op=1 SEARCH RESULT 
> tag=101 err=0 nentries=0 text=
> Jan 16 09:24:19 cygnus_new slapd[16367]: conn=67383 op=2 SRCH 
> base="sambaDomainName=U4EATECH,dc=u4eatech,dc=com" scope=0 deref=2 
> filter="(objectClass=sambaUnixIdPool)"
> Jan 16 09:24:19 cygnus_new slapd[16367]: conn=67383 op=2 SEARCH RESULT 
> tag=101 err=0 nentries=0 text=
> Jan 16 09:24:19 cygnus_new slapd[12571]: conn=67383 fd=52 closed
> 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] samba from RedHat 3 doesn't work in RedHat 4

[stephane . purnelle]

Verify the SeLinux conf!

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
09/01/2006 15:21:07 :

> I recently upgraded my server from a RedHat 3 on a Dell Precision 410 to
>RedHat 4 on a Dell Optiplex GX 620
> I moved all the samba configuration files from one system to the other.
> 
>The old system worked as a domain master across several subnets with 
> the use of local samba masters on each of the outlying subnets.
> 
>The new system cannot be seen as a master on the outlying subnets. 
> When I try to look at the workgroup on an outlying subnet, I get that 
> the workgroup "is not accessible."
> 
>I have iptables set up on the new server to allow access from the 
137, 
> 138 and 139 ports on the new server.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] my serwer hngs :(

[stephane . purnelle]

network card maybe

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
05/01/2006 11:54:06 :

> Heloo
> 
> My server hangs up :((machine not only samba)
> 
> I've upgrated my system.
> Now it is Gentoo 2005.1 - K 2.6.14 - Samba 3.0.20b
> 
> Everything works exelent and much more faster now but sometimes it hangs 

> up. The last hang up was when I have loged one user on w98 :( to domain.
> Only strange thing that I've found in logs are :
> 
> : [2006/01/05 07:59:13, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981)
> Jan  5 07:59:13 localhost smbd[7048]:   Attempt to bind using schannel 
> without successful serverauth2
> Jan  5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] 
> lib/util_sock.c:get_peer_addr(1222)
> Jan  5 08:01:06 localhost smbd[7061]:   getpeername failed. Error was 
> Transport endpoint is not connected
> Jan  5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] 
> lib/access.c:check_access(328)
> Jan  5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] 
> lib/util_sock.c:get_peer_addr(1222)
> Jan  5 08:01:06 localhost smbd[7061]:   getpeername failed. Error was 
> Transport endpoint is not connected
> Jan  5 08:01:06 localhost smbd[7061]:   Denied connection from (0.0.0.0)
> Jan  5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] 
> lib/util_sock.c:get_peer_addr(1222)
> Jan  5 08:01:06 localhost smbd[7061]:   getpeername failed. Error was 
> Transport endpoint is not connected
> Jan  5 08:01:06 localhost smbd[7061]:   Connection denied from 0.0.0.0
> Jan  5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] 
> lib/util_sock.c:write_data(554)
> Jan  5 08:01:06 localhost smbd[7061]:   write_data: write failure in 
> writing to client 172.17.70.36. Error Connection reset by peer
> Jan  5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] 
> lib/util_sock.c:send_smb(762)
> Jan  5 08:01:06 localhost smbd[7061]:   Error writing 5 bytes to client. 

> -1. (Connection reset by peer)
> Jan  5 08:01:06 localhost smbd[7062]: [2006/01/05 08:01:06, 0] 
> rpc_server/srv_pipe.c:api_pipe_bind_req(981)
> Jan  5 08:01:06 localhost smbd[7062]:   Attempt to bind using schannel 
> without successful serverauth2
> Jan  5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] 
> lib/util_sock.c:get_peer_addr(1222)
> Jan  5 08:06:07 localhost smbd[7070]:   getpeername failed. Error was 
> Transport endpoint is not connected
> Jan  5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] 
> lib/access.c:check_access(328)
> Jan  5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] 
> lib/util_sock.c:get_peer_addr(1222)
> Jan  5 08:06:07 localhost smbd[7070]:   getpeername failed. Error was 
> Transport endpoint is not connected
> Jan  5 08:06:07 localhost smbd[7070]:   Denied connection from (0.0.0.0)
> 
> I don't know what to do :(
> 
> my smb conf
> [global]
>  log file = /var/log/samba/%m.log
>  load printers = no
>  smb passwd file = /etc/samba/smbpasswd
>  passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
> *passwd:*all*authentication*tokens*updated*successfully*
>  obey pam restrictions = yes
>  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>  domain master = yes
>  bind interfaces only = Yes
>  hosts deny = ALL
>  hosts allow = 172.17.70.0/24 127.
>  interfaces = eth0 lo
>  hosts allow = 172.17.70.
>  encrypt passwords = yes
>  passwd program = /usr/bin/passwd %u
>  max disk size = 51200
>  dns proxy = no
>  server string = zefirek
>  netbios name = zefirek
>  printing = cups
>  logon script = %U.bat
>  message command = winpopup
>  unix password sync = Yes
>  local master = yes
>  workgroup = ztisze
>  os level = 90
>  printcap name = cups
>  security = user
>  max log size = 5000
>  pam password change = yes
>  domain logons = yes
>  restrict anonymous = true
>  dos charset = CP852
>  unix charset  = ISO8859-2
>  preserve case = yes
>  read raw = yes
>  write raw = yes
> getwd cache = yes
>  #write cache size = 65536
>  debug level = 1
>  debug timestamp = no
>  timestamp logs = true
>  dos file times = yes
>  passdb backend = smbpasswd
>  #ldap server = localhost
>  #ldap port = 0
>  #Czas
>  time server = yes
> 
> and so on
> 
> Thx for all answers
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] samba 3 with LDAP

[stephane . purnelle]

What is the version of smbldap-tools ?

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
14/12/2005 15:03:57 :

> Hi all
> 
> I am setting up Samba Primary Domain controller with LDAP in Redhat 
> Enterprise Linux ES 4.0 .
> The open Ldap version is _*OpenLDAP 2.2.3*_ and samba version 
> _*3.0.10-1.4E .*_ i used smbldap-tools which
> comes default in RHEL ES 4.0 .
> 
> After configuring samba and Ldap ie slapd.conf, and configuring 
> smbldap-conf.pm
> and populate it through smbldap-populate.pl
> i get the following error
> 

> 
> > Global symbol "$ldapsearch" requires explicit package name at 
> > /usr/local/sbin///smbldap_conf.pm line 236.
> > Global symbol "$ldapsearchnobind" requires explicit package name at 
> > /usr/local/sbin///smbldap_conf.pm line 237.
> > Global symbol "$ldappasswd" requires explicit package name at 
> > /usr/local/sbin///smbldap_conf.pm line 239.
> > Global symbol "$ldapadd" requires explicit package name at 
> > /usr/local/sbin///smbldap_conf.pm line 240.
> > Global symbol "$ldapdelete" requires explicit package name at 
> > /usr/local/sbin///smbldap_conf.pm line 241.
> > Global symbol "$ldapmodrdn" requires explicit package name at 
> > /usr/local/sbin///smbldap_conf.pm line 242.
> > Compilation failed in require at /usr/local/sbin///smbldap_tools.pm 
> > line 4.
> > BEGIN failed--compilation aborted at 
> > /usr/local/sbin///smbldap_tools.pm line 4.
> > Compilation failed in require at ./smbldap-populate.pl line 34.
> > BEGIN failed--compilation aborted at ./smbldap-populate.pl line 34.
> 
> 

> 
> and when i type *net getlocalsid* command
> i get the following error
> 
#
> 
> > [2005/12/14 18:49:49, 0] lib/smbldap.c:smbldap_search_suffix(1155)
> >   smbldap_search_suffix: Problem during the LDAP search:  (No such 
> > object)
> > SID for domain TDC17 is: S-1-5-21-664927944-2827829345-1370909811
> 
> 
#
> 
> Please guide me
> 
> Regards
> Niranjan
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Question about releases notes

[stephane . purnelle]

Hi,

Just a question about the bugs : "Incompatibilities with newer MS Windows 
hotfixes and embedded OS platforms"

What hotfixes is concerned ?

thanks

Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Temporary Profiles

[stephane . purnelle]

Are you sure that the path of profiles path are correct ?

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
01/12/2005 11:01:05 :

> Hi,
> 
> I have got a problem with samba for days now and I don't know how to 
solve
> it.
> 
> My problem is, that it doesn't matter if I enable or disable Roaming
> Profiles, all I get is a temporary profile.
> 
> If i enable Roaming Profiles, than i get a temporary serverside Profile. 
If
> I disable Roaming Profiles, than i get a temporary local Profile.
> 
> Can somebody please help me?
> 
> With Roaming Profiles I think it is a problem with Filepermissions. Root
> get's a full Serverside Profile (not the smb.conf below), but only root.
> I just want a local Profile for the users, so it is not so relevant.
> 
> Oliver
> 
> Samba is PDC
> 
> 
> [global]
> include = /etc/samba/dhcp.conf
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> logon drive = H:
> hide dot files = yes
> domain master = Yes
> username map = /etc/samba/smbusers
> map to guest = Bad User
> printer admin = @ntadmin, root, administrator
> logon home = \\%L\%U\.9xprofile
> passwd program = /usr/bin/passwd %u
> wins support = true
> printcap cache time = 750
> netbios name = fileserver
> cups options = raw
> printing = cups
> unix password sync = yes
> local master = Yes
> logon path =
> logon script = logon.bat
> workgroup = SJ
> os level = 65
> printcap name = cups
> security = user
> add machine script = /usr/sbin/useradd  -c Machine -d
> /var/lib/nobody -s /bin/false %m$
> domain logons = Yes
> preferred master = Yes
> load printers = yes
> passdb backend = smbpasswd
> 
> [homes]
> comment = Home Directories
> valid users = %S
> browseable = No
> read only = No
> inherit acls = Yes
> 
> [profiles]
> comment = Network Profiles Service
> path = %H
> read only = No
> #   store dos attributes = Yes
> create mask = 0600
> directory mask = 0700
> 
> [users]
> comment = All users
> path = /home
> read only = No
> inherit acls = Yes
> veto files = /aquota.user/groups/shares/
> 
> [groups]
> comment = All groups
> path = /home/groups
> read only = No
> inherit acls = Yes
> 
> [printers]
> comment = All Printers
> path = /var/tmp
> printable = Yes
> create mask = 0600
> browseable = No
> 
> [print$]
> comment = Printer Drivers
> path = /var/lib/samba/drivers
> write list = @ntadmin root
> force group = ntadmin
> create mask = 0664
> directory mask = 0775
> 
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> write list = @user, root
> guest ok = yes
> locking = No
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] job queue samba 3.0.20b problem

[stephane . purnelle]

Hi, 

I have a strange problem with my samba 3.0.20b with lprm_patch.

In job queue list displayed on windows client; I can see a multiple of 
line with : 

Remote Downlevel Document with status is : submited in job queue.
sometimes, this job is submited more than one time in the same second.

The job cannot be deleted my the user, but by administror, it does.
Maybe is due to windows 98 client, I don't know.

some help will be apprecied

Stéphane


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] what is the SID of the domain administrator?

[stephane . purnelle]

Hi,

Please read the samba-howto-collection available on samba website.
The cahper about right and privileges talk about that.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
16/11/2005 14:58:01 :

> Does the domain administrator SID always end with -1000?
> 
> I.e., if the SID for the domain is:
> 
> S-1-2-33-44-5-66
> 
> does this mean that the domain administrator's SID would be:
> 
> S-1-2-33-44-5-66-1000
> 
> ?
> 
> How can I get the SID number for any given user?
> 
> 
> -- 
> Tomek
> http://wpkg.org
> WPKG - software deployment and upgrades with Samba
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] samba 3.0.21rc1 + ldap PDC - smbpasswd issue

[stephane . purnelle]

I have upgraded the samba.schema in /etc/openldap/schema ,

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
15/11/2005 11:36:40 :

> Hey Guys,
> 
> I have just upgraded to version 3.0.21rc1. I decided to re-populate the 
> database and test if everything is working.
> 
> ./smbldap-populate -a root -k 0 -m 0 -> ok
> 
> ./smbldap-useradd -m -a username -> ok
> 
> ./smbldap-passwd username -> ok
> 
> smbpasswd username - > fail
> 
> [EMAIL PROTECTED] sbin]# smbpasswd asender
> New SMB password:
> Retype new SMB password:
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaPwdHistoryLength: attribute type undefined)
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaPwdHistoryLength: attribute type undefined)
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaPwdHistoryLength: attribute type undefined)
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaMaxPwdAge: attribute type undefined)
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaMinPwdAge: attribute type undefined)
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaPwdHistoryLength: attribute type undefined)
> ldapsam_set_account_policy: Could not set account policy for 
> sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute 
type 
> (sambaPwdHistoryLength: attribute type undefined)
> 
> hm any ideas; is this a bug?
> 
> 
> Please CC me the reply as well as the list.
> Adrian Sender.
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: RE RE [Samba] Could not get RealPath CORDAF/* (It's a URGENT problem)

[stephane . purnelle]

Hi,


user2 is member of 32 groups.

I found the error, that's the limit of kernel 2.4, thanks



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
26/10/2005 21:22:07 :

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Hi,
> 
> could you verify the number of group which user2 is member ?
> 
> [EMAIL PROTECTED] a écrit :
> 
> > Hi,
> >
> > I have two users which have this problem
> >
> > For the user1, I have deleted and recreated the user and is work
> > fine, no problem. For user2, I make the same thing but, don't work.
> >
> >
> > Note that this user have two laptop : - one with XP - one with
> > 2000.
> >
> > When I recreate the user I verified that it's work with two 2000
> > laptop, but when the XP is reconnected  Windows Xp could cuase
> > some problem ?
> >
> > could you help me, the user2 is my director.
> >
> > --- Stéphane PURNELLE
> > [EMAIL PROTECTED] Service Informatique Corman S.A.
> > Tel : 00 32 087/342467
> >
> > [EMAIL PROTECTED] a écrit
> > sur 24/10/2005 11:41:24 :
> >
> >> A other user have the same problem, but :
> >>
> >> I copied the directory with the same ACL on my test server and
> >> work fine
> >
> > :
> >
> >>
> >> [2005/10/24 10:25:47, 5] smbd/uid.c:change_to_user(304)
> >> change_to_user uid=(1041,1041) gid=(0,513) [2005/10/24 10:25:47,
> >> 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst:
> >> dirtype = 16, maxentries = 1366, close_after_first=0,
> >> close_if_end = 2 requires_resume_key = 4 level = 0x104,
> >> max_data_bytes = 16384 [2005/10/24 10:25:47, 5]
> >> smbd/filename.c:unix_convert(108) unix_convert called on file
> >> "CORPLA/*" [2005/10/24 10:25:47, 10]
> >> smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup
> >> failed for name [CORPLA/*] [2005/10/24 10:25:47, 10]
> >> smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup
> >> succeeded for name [CORPLA] -> [CORPLA] [2005/10/24 10:25:47, 5]
> >> smbd/filename.c:unix_convert(175) unix_convert begin: name =
> >> CORPLA/*, dirpath = CORPLA, start = * [2005/10/24 10:25:47, 10]
> >> smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24
> >> 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215)
> >> is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 10]
> >> smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24
> >> 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215)
> >> is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 5]
> >> smbd/filename.c:unix_convert(324) New file * [2005/10/24
> >> 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA/*
> >> [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path:
> >> match not found [2005/10/24 10:25:47, 5]
> >> smbd/trans2.c:call_trans2findfirst(1683) dir=CORPLA, mask = *
> >> [2005/10/24 10:25:47, 5] smbd/dir.c:dptr_create(391) dptr_create
> >> dir=CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671)
> >> is_in_path: CORPLA [2005/10/24 10:25:47, 8]
> >> lib/util.c:is_in_path(1692) is_in_path: match not found
> >> [2005/10/24 10:25:47, 3] smbd/dir.c:dptr_create(511) creating new
> >> dirptr 256 for path CORPLA, expect_close = 1 [2005/10/24
> >> 10:25:47, 4] smbd/trans2.c:call_trans2findfirst(1740) dptr_num is
> >> 256, wcard = *, attr = 22 [2005/10/24 10:25:47, 8]
> >> smbd/trans2.c:call_trans2findfirst(1745) dirpath=
> >> dontdescend=<> [2005/10/24 10:25:47, 8]
> >> smbd/trans2.c:get_lanman2_dir_entry(1077)
> >> get_lanman2_dir_entry:readdir on dirptr 0x803ad4c0 now at offset
> >> 0 [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(294) dos_mode:
> >> CORPLA/. [2005/10/24 10:25:47, 10]
> >> smbd/posix_acls.c:check_posix_acl_group_write(4027)
> >> check_posix_acl_group_write: file CORPLA/. match on group 1016 ->
> >> can write. [2005/10/24 10:25:47, 10]
> >> smbd/posix_acls.c:check_posix_acl_group_write(4078)
> >> check_posix_acl_group_write: file CORPLA/. returning (ret = 1).
> >> [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode_from_sbuf(162)
> >> dos_mode_from_sbuf returning d [2005/10/24 10:25:47, 8]
> >> smbd/dosmode.c:dos_mode(328) dos_mode returning d [2005/10/24
> >> 10:25:47, 5] smbd/trans2.c:get_lanman2_dir_entry(1167)
> >> get_lanman2_dir_entry found CORPLA/. fname=. [2005/10/24
> >> 10:25:47, 10] smbd/trans2.c:get_lanman2_dir_entry(1308)
> >> get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO
> >>
> >>
> >> And on the produc server : [2005/10/24 11:04:56, 4]
> >> smbd/uid.c:change_to_user(217) change_to_user: Skipping user
> >> change - already user [2005/10/24 11:04:56, 3]
> >> smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst:
> >> dirtype = 16, maxentries = 1366, close_after_first=0,
> >> close_if_end = 2 requires_resume_key = 4 level = 0x104,
> >> max_data_bytes = 16384 [2005/10/24 11:04:56, 5]
> >> smbd/filename.c:unix_convert(108) unix_convert c

Re: RE [Samba] syslog

[stephane . purnelle]

What version of samba ?

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
26/10/2005 16:55:48 :

> strange but ... with man smb.conf nothing about syslog ... 
> and in my smb.conf ... now ... nothing too ... 
> 
> 
> [EMAIL PROTECTED] wrote:
> 
> >Hi,
> >
> >man smb.conf
> >
> > syslog (G)
> >  This  parameter  maps  how  Samba  debug  messages  are 
> >logged onto the system syslog logging levels. Samba debug level zero 
maps 
> >onto syslog
> >  LOG_ERR, debug level one maps onto LOG_WARNING, debug 
level 
> >two maps onto LOG_NOTICE, debug level three maps onto LOG_INFO. All 
higher 
> >levels
> >  are mapped to  LOG_DEBUG.
> >
> >  This parameter sets the threshold for sending messages to 

> >syslog. Only messages with debug level less than this value will be 
sent 
> >to syslog.
> >
> >  Default: syslog = 1
> >
> >   syslog only (G)
> >  If this parameter is set then Samba debug messages are 
> >logged into the system syslog only, and not to the debug log files.
> >
> >  Default: syslog only = no
> >
> >---
> >Stéphane PURNELLE [EMAIL PROTECTED]
> >Service Informatique   Corman S.A.   Tel : 00 32 087/342467
> >
> >[EMAIL PROTECTED] a écrit sur 
> >26/10/2005 15:58:45 :
> >
> > 
> >
> >>How to stop loging with syslog ??
> >>now, samba log to /var/log/samba/* and to log file defined in 
> >>syslogd.conf in *.info entry ...
> >>I only want /var/log/samba/* ...
> >>
> >>thanx for any help
> >>-- 
> >>To unsubscribe from this list go to the following URL and read the
> >>instructions:  https://lists.samba.org/mailman/listinfo/samba
> >> 
> >>
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] syslog

[stephane . purnelle]

Hi,

man smb.conf

 syslog (G)
  This  parameter  maps  how  Samba  debug  messages  are 
logged onto the system syslog logging levels. Samba debug level zero maps 
onto syslog
  LOG_ERR, debug level one maps onto LOG_WARNING, debug level 
two maps onto LOG_NOTICE, debug level three maps onto LOG_INFO. All higher 
levels
  are mapped to  LOG_DEBUG.

  This parameter sets the threshold for sending messages to 
syslog. Only messages with debug level less than this value will be sent 
to syslog.

  Default: syslog = 1

   syslog only (G)
  If this parameter is set then Samba debug messages are 
logged into the system syslog only, and not to the debug log files.

  Default: syslog only = no

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
26/10/2005 15:58:45 :

> How to stop loging with syslog ??
> now, samba log to /var/log/samba/* and to log file defined in 
> syslogd.conf in *.info entry ...
> I only want /var/log/samba/* ...
> 
> thanx for any help
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] SambaPasswdMustChange problem

[stephane . purnelle]

Hi,

Have you specified the maximum password age with pdbedit 

pdbedit -P "maximum password age" -C 7776000
Samba takes age in seconds, so 60*60*24*90, is what you need.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
26/10/2005 15:36:41 :

> I set my users up with smbldap-tools.  SambaPasswdMustChange is 
populated
> appropriately.  The first time the user is prompted to change their
> password, and does so, the value in SambaPasswdMustChange goes to
> 2147483647 which is basically never.  Can anybody tell me why this might
> be happening?  Do I have to set this somewhere in smb.conf?
> 
> Thanks,
> Misty
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE RE [Samba] Could not get RealPath CORDAF/* (It's a URGENT problem)

[stephane . purnelle]

Hi,

I have two users which have this problem

For the user1, I have deleted and recreated the user and is work fine, no 
problem.
For user2, I make the same thing but, don't work.

Note that this user have two laptop : 
- one with XP
- one with 2000.

When I recreate the user I verified that it's work with two 2000 laptop, 
but when the XP is reconnected 
Windows Xp could cuase some problem ?

could you help me, the user2 is my director.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
24/10/2005 11:41:24 :

> A other user have the same problem, but : 
> 
> I copied the directory with the same ACL on my test server and work fine 
: 
> 
> 
> [2005/10/24 10:25:47, 5] smbd/uid.c:change_to_user(304)
>   change_to_user uid=(1041,1041) gid=(0,513)
> [2005/10/24 10:25:47, 3] smbd/trans2.c:call_trans2findfirst(1629)
>   call_trans2findfirst: dirtype = 16, maxentries = 1366, 
> close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 
> 0x104, max_data_bytes = 16384
> [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(108)
>   unix_convert called on file "CORPLA/*"
> [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(215)
>   stat_cache_lookup: lookup failed for name [CORPLA/*]
> [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(248)
>   stat_cache_lookup: lookup succeeded for name [CORPLA] -> [CORPLA]
> [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(175)
>   unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = *
> [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276)
>   is_mangled * ?
> [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215)
>   is_mangled_component * (len 1) ?
> [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276)
>   is_mangled * ?
> [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215)
>   is_mangled_component * (len 1) ?
> [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(324)
>   New file *
> [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671)
>   is_in_path: CORPLA/*
> [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692)
>   is_in_path: match not found
> [2005/10/24 10:25:47, 5] smbd/trans2.c:call_trans2findfirst(1683)
>   dir=CORPLA, mask = *
> [2005/10/24 10:25:47, 5] smbd/dir.c:dptr_create(391)
>   dptr_create dir=CORPLA
> [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671)
>   is_in_path: CORPLA
> [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692)
>   is_in_path: match not found
> [2005/10/24 10:25:47, 3] smbd/dir.c:dptr_create(511)
>   creating new dirptr 256 for path CORPLA, expect_close = 1
> [2005/10/24 10:25:47, 4] smbd/trans2.c:call_trans2findfirst(1740)
>   dptr_num is 256, wcard = *, attr = 22
> [2005/10/24 10:25:47, 8] smbd/trans2.c:call_trans2findfirst(1745)
>   dirpath= dontdescend=<>
> [2005/10/24 10:25:47, 8] smbd/trans2.c:get_lanman2_dir_entry(1077)
>   get_lanman2_dir_entry:readdir on dirptr 0x803ad4c0 now at offset 0
> [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(294)
>   dos_mode: CORPLA/.
> [2005/10/24 10:25:47, 10] 
> smbd/posix_acls.c:check_posix_acl_group_write(4027)
>   check_posix_acl_group_write: file CORPLA/. match on group 1016 -> can 
> write.
> [2005/10/24 10:25:47, 10] 
> smbd/posix_acls.c:check_posix_acl_group_write(4078)
>   check_posix_acl_group_write: file CORPLA/. returning (ret = 1).
> [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode_from_sbuf(162)
>   dos_mode_from_sbuf returning d
> [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(328)
>   dos_mode returning d
> [2005/10/24 10:25:47, 5] smbd/trans2.c:get_lanman2_dir_entry(1167)
>   get_lanman2_dir_entry found CORPLA/. fname=.
> [2005/10/24 10:25:47, 10] smbd/trans2.c:get_lanman2_dir_entry(1308)
>   get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO
> 
> 
> And on the produc server : 
> [2005/10/24 11:04:56, 4] smbd/uid.c:change_to_user(217)
>   change_to_user: Skipping user change - already user
> [2005/10/24 11:04:56, 3] smbd/trans2.c:call_trans2findfirst(1629)
>   call_trans2findfirst: dirtype = 16, maxentries = 1366, 
> close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 
> 0x104, max_data_bytes = 16384
> [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(108)
>   unix_convert called on file "CORPLA/*"
> [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(215)
>   stat_cache_lookup: lookup failed for name [CORPLA/*]
> [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(248)
>   stat_cache_lookup: lookup succeeded for name [CORPLA] -> [CORPLA]
> [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(175)
>   unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = *
> [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276)
>   is_mangled * ?
> [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled_component(215)
>   is_mangled_component * (len 1) ?
> [2005/10/24 11:04:56, 

RE [Samba] Could not get RealPath CORDAF/* (It's a urgent problem)

[stephane . purnelle]

A other user have the same problem, but : 

I copied the directory with the same ACL on my test server and work fine : 


[2005/10/24 10:25:47, 5] smbd/uid.c:change_to_user(304)
  change_to_user uid=(1041,1041) gid=(0,513)
[2005/10/24 10:25:47, 3] smbd/trans2.c:call_trans2findfirst(1629)
  call_trans2findfirst: dirtype = 16, maxentries = 1366, 
close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 
0x104, max_data_bytes = 16384
[2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(108)
  unix_convert called on file "CORPLA/*"
[2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(215)
  stat_cache_lookup: lookup failed for name [CORPLA/*]
[2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(248)
  stat_cache_lookup: lookup succeeded for name [CORPLA] -> [CORPLA]
[2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(175)
  unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = *
[2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276)
  is_mangled * ?
[2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215)
  is_mangled_component * (len 1) ?
[2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276)
  is_mangled * ?
[2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215)
  is_mangled_component * (len 1) ?
[2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(324)
  New file *
[2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671)
  is_in_path: CORPLA/*
[2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692)
  is_in_path: match not found
[2005/10/24 10:25:47, 5] smbd/trans2.c:call_trans2findfirst(1683)
  dir=CORPLA, mask = *
[2005/10/24 10:25:47, 5] smbd/dir.c:dptr_create(391)
  dptr_create dir=CORPLA
[2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671)
  is_in_path: CORPLA
[2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692)
  is_in_path: match not found
[2005/10/24 10:25:47, 3] smbd/dir.c:dptr_create(511)
  creating new dirptr 256 for path CORPLA, expect_close = 1
[2005/10/24 10:25:47, 4] smbd/trans2.c:call_trans2findfirst(1740)
  dptr_num is 256, wcard = *, attr = 22
[2005/10/24 10:25:47, 8] smbd/trans2.c:call_trans2findfirst(1745)
  dirpath= dontdescend=<>
[2005/10/24 10:25:47, 8] smbd/trans2.c:get_lanman2_dir_entry(1077)
  get_lanman2_dir_entry:readdir on dirptr 0x803ad4c0 now at offset 0
[2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(294)
  dos_mode: CORPLA/.
[2005/10/24 10:25:47, 10] 
smbd/posix_acls.c:check_posix_acl_group_write(4027)
  check_posix_acl_group_write: file CORPLA/. match on group 1016 -> can 
write.
[2005/10/24 10:25:47, 10] 
smbd/posix_acls.c:check_posix_acl_group_write(4078)
  check_posix_acl_group_write: file CORPLA/. returning (ret = 1).
[2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode_from_sbuf(162)
  dos_mode_from_sbuf returning d
[2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(328)
  dos_mode returning d
[2005/10/24 10:25:47, 5] smbd/trans2.c:get_lanman2_dir_entry(1167)
  get_lanman2_dir_entry found CORPLA/. fname=.
[2005/10/24 10:25:47, 10] smbd/trans2.c:get_lanman2_dir_entry(1308)
  get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO


And on the produc server : 
[2005/10/24 11:04:56, 4] smbd/uid.c:change_to_user(217)
  change_to_user: Skipping user change - already user
[2005/10/24 11:04:56, 3] smbd/trans2.c:call_trans2findfirst(1629)
  call_trans2findfirst: dirtype = 16, maxentries = 1366, 
close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 
0x104, max_data_bytes = 16384
[2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(108)
  unix_convert called on file "CORPLA/*"
[2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(215)
  stat_cache_lookup: lookup failed for name [CORPLA/*]
[2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(248)
  stat_cache_lookup: lookup succeeded for name [CORPLA] -> [CORPLA]
[2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(175)
  unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = *
[2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276)
  is_mangled * ?
[2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled_component(215)
  is_mangled_component * (len 1) ?
[2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276)
  is_mangled * ?
[2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled_component(215)
  is_mangled_component * (len 1) ?
[2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(324)
  New file *
[2005/10/24 11:04:56, 8] lib/util.c:is_in_path(1671)
  is_in_path: CORPLA/*
[2005/10/24 11:04:56, 8] lib/util.c:is_in_path(1692)
  is_in_path: match not found
[2005/10/24 11:04:56, 1] smbd/vfs.c:reduce_name(981)
  reduce_name: couldn't get realpath for CORPLA/*
[2005/10/24 11:04:56, 5] smbd/filename.c:check_name(418)
  check_name on CORPLA/* failed
[2005/10/24 11:04:56, 10] smbd/trans2.c:set_bad_path_error(2583)
  set_bad_path_error: err = 13 bad_path = 0
[2005/10/24 11:04:56, 3] smbd/error.c:unix_error_packet(91)
  unix_error_packet: error string = Permission denied
[2005/10/24 11:04:56, 3] smbd/error.c:

[Samba] Could not get RealPath CORDAF/*

[stephane . purnelle]

Hi,

I have a strange problem : 

some users cannot acces to diretcory, the message is "access denied".
The ACL is correct


# file: rsrv/vol2/data1/groupes/CORDAF
# owner: root
# group: Utilisateurs
user::rwx
user:mro:r-x
user:sad:r-x
group::---
group:administrateurs:rwx
group:daf:rwx
mask::rwx
other::---
default:user::rwx
default:user:mro:r-x
default:user:sad:r-x
default:group::---
default:group:administrateurs:rwx
default:group:daf:rwx
default:mask::rwx
default:other::---

The user lge is member of group daf, but cannot acces to to directory.
In log I find Could not get RealPath CORDAF/*

But if I add the user directly to the ACL, no problem

Maybe is caused by the update to last service pack on the  laptop, because 
a other people which is also member of group daf can acces correctly.

can anyone have problem with last service pack ?


Configuration : 
samba 3.0.20b
ldap backend
ldap:trusted=yes
privileges enabled.

file is on a XFS partition.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Dangling MS Access DB Lock Files *.ldb

[stephane . purnelle]

Hi,

Where is this patch, I would like to update my server to 3.0.20a, but if 
there are some problem with  Access DB Lock Files, I prefer to patche 
samba before compiling. 

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
11/10/2005 21:08:22 :

> On Tue, Oct 11, 2005 at 08:03:10PM +0100, Dragan Krnic wrote:
> > 
> > I might have unwittingly made the impression that the problem only 
came 
> > with 3.0.20. The same problem was present in 3.0.14 as well as 3.0.4. 
> > It's a very intermittent problem which has been haunting me for months 
now.
> 
> Then it's not this particular bug.
> 
> > I have compiled your patches and installed it on the affected samba 
server 
> > and the first obvious difference is that when either the *.mdb or 
*.ldb 
> > file is opened then the "Sharing" attribute in the "Open Files" 
section of 
> > the status page is now "DENY_DOS" instead of "DENY_NONE". (I can catch 
the
> > moment when they're opend if I keep refreshing the status often 
enough.)
> > 
> > I hope that no lock file will dangle any more. I'll keep you posted.
> 
> Hopefully the combination of the new NTCreateX file open code in 3.0.20+
> and this patch will do the trick.
> 
> Jeremy.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] remove rights on c:\Documents and Settings

[stephane . purnelle]

The right of c:\Documents and Setting is not dependant of Samba.
It's dependant of the configuration of the client.



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
11/10/2005 11:54:56 :

> Hi,
> 
> on samba all our users are just member of  'domain user' group. This way 

> gives them limted rights on local workstation, but they still have full 
> rights on c:\Documents and Settings.
> Is there a way to  just give them read right on that folder ?
> 
> Thanks
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] cannot change computer name

[stephane . purnelle]

You cannot change the  computer namde direcly, you must disconnect from 
the domain, change the name and reconnect to the domain.
I always use this methode

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
10/10/2005 12:31:37 :

> This is a repeat post . I am waiting to hear from someone about this 
issue.
> please help me resolving this issue.
> 
> > I have samba PDC configured.
> >
> > I am unable to change the computer name for any computer . All clients 

> > are windows XP pro .
> >
> > It says access denied. Although i use the same Administrator username 
> > and password which i used to join these computers to samba domain. I 
> > will really appreciate if some can help me in this .
> > thanks & regards
> >
> > I am using samba-server-3.0.13-2mdk
> >
> > Here is Global section of my samba conf
> >
> > [global]
> >server string = network Share
> >workgroup = NETPDC
> >netbios name = freeze
> >encrypt passwords = Yes
> >smb passwd file = /etc/samba/smbpasswd
> >passwd chat = *New*password* %n\n *new*password* %n\n *success*
> >passwd program = /usr/bin/passwd %u
> >passwd chat debug = yes
> >unix password sync = Yes
> >log level = 0
> >username map = /etc/samba/smbusers
> >syslog = 0
> >printcap name = CUPS
> >show add printer wizard = no
> >printing = CUPS
> >name resolve order = wins bcast hosts
> >add user script = /usr/sbin/useradd -m %u
> >delete user script = /usr/sbin/userdel -r %u
> >add group script = /usr/sbin/groupadd %g
> >delete group script = /usr/sbin/groupdel %g
> >add user to group script = /usr/sbin/usermod -G %g %u
> >add machine script = /usr/sbin/useradd -s /bin/false -d 
> > /dev/null %u
> >logon script = scripts\login.bat
> >#logon home = \\%L\%U
> >#logon drive = X:
> >domain logons = Yes
> >preferred master =  Yes
> >wins support = Yes
> >winbind separator = \
> >idmap uid = 1-2
> >idmap gid = 1-2
> > #   directory security mask = 0775
> > #   security mask = 0775
> > #   create mask = 0775
> >directory mode = 0775
> >
> >
> >
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] password policy

[stephane . purnelle]

Hi,

 pdbedit -P "min password length" -C value


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
06/10/2005 11:40:33 :

> Hello,
> 
> PDC: Samba 2.2.5 on FreeBSD 4.11 
> Clients: WindowsXP SP2 (local user profiles)
> 
> The WindowsXP clients login to the PDC.
> The users can change their password on
> local PC and Samba in one step (Ctrl+Alt+Del -> Change Password)
> 
> Now my question:
> How can I set password policies like "min. passwowrd length" 
> I tried to do that with "gpedit", but it works, if the user
> login to the local PC, only.
> 
> Thanks in advance
> Niels 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

re: [Samba] smbd: nss_ldap: could not hard reconnect to LDAP server - Can't contact LDAP server

[stephane . purnelle]

Samba use a other user than manager.

I don't understand why samba call nss_ldap and why nss_ldap use the old 
password.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

Grant Bigham <[EMAIL PROTECTED]> a écrit sur 04/10/2005 14:14:23 
:

> Stephane, have you issued a "smbpasswd -w " ??
> 
> Cheers, GrantB
> 
> 
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] smbd: nss_ldap: could not hard reconnect to LDAP server - Can't contact LDAP server

[stephane . purnelle]

Hi,

I changed the password of  user "Manager" on my LDAP server, I have 
changed in /etc/ldap.conf the passwd too.
I restarted ldap, nscd, but in messages log I have : 

smbd: nss_ldap: could not hard reconnect to LDAP server - Can't contact 
LDAP server

anyone can explain why this error produce

the ldapsam:trusted can be used for having no problem when changing ldap 
password without restart samba ?

thanks 

Stéphane Purnelle


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE RES: [Samba] ACLs with Problem

[stephane . purnelle]

Hi,

- With which user use try to change ACL ?
- is the admin users ?
- winbind work correctly ?
-wbinfo ???




---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
23/09/2005 14:39:10 :

> Hi Greg,
> Really, the first step to install filesystem it with support ACL. 
> It looks at my archive:
> LABEL=/ /   ext3defaults,acl 1 1
> LABEL=/boot /boot   ext3defaults 1 2
> LABEL=/data /data   ext3defaults,acl 1 2
> none/dev/ptsdevpts  gid=5,mode=620 0 
0
> none/proc   procdefaults 0 0
> none/dev/shmtmpfs   defaults 0 0
> /dev/cciss/c0d0p2   swapswapdefaults 0 0
> /dev/cdrom  /mnt/cdrom  udf,iso9660 noauto,
> owner,kudzu,ro 0 0
> /dev/fd0/mnt/floppy auto noauto,owner,kudzu 
0 0
> 
> My server samba is integrated with the server windows 2003 (PDC). 
> The server samba is using the users of windows 2003, catching using 
> the way winbind.
> When I try to change the permissions of an file of the server samba,
> in my workstation I appear a message "Denied Access". I perceived 
> that windows also does not obtain to catch the extendidas 
> permissions when I modified for the server linux.
> It looks at some parameters of my smb.conf:
> nt acl support = Yes
> acl compatibility = win2k
> acl map full control = yes
> acl check permissions = no
> acl group control = yes
> inherit acls = Yes
> profile acls = Yes
> map acl inherit = Yes
> force unknown acl user = Yes
> 
> You can help me?
> -Mensagem original-
> De: Greg Folkert [mailto:[EMAIL PROTECTED]
> Enviada em: quinta-feira, 22 de setembro de 2005 13:35
> Para: samba@lists.samba.org
> Assunto: Re: [Samba] ACLs with Problem
> 
> 
> On Thu, 2005-09-22 at 11:43 -0300, Luis Henrique de Faria Guimarães
> wrote:
> > Hi All,
> > 
> > I am with problem with the permissions of windows.
> > The samba is not getting the ACLs permissions.  I compiled version
> > 3.0.20, with the following options:
> > 
> [...]
> 
> Well the first thin we need to know, is the filesystem that you are
> sharing via samba mounted with the acl option in the /etc/fstab?
> 
> Here is what mine looks like and I get the ACLs just fine:
> 
> /dev/datavg/examplelv   /lf/db   ext3   rw,suid,nodev,exec,auto,
> nouser,async,acl,errors=remount-ro   1 1
> 
> I guess, I could have done "defaults,acl,nodev" and be-equivalent... but
> hey I guess I am a bit retentive.
> 
> > # file: teste.txt
> > # owner: root
> > # group: Domain Users
> > user::rwx
> > user:henrique:rw-
> > group::r--
> > mask::rw-
> > other::r--
> > 
> > The user henrique appears in linux, but he does not appear in windows.
> > When I try to add permissions through windows appears a message of
> > "denied access".
> > Somebody can help me
> 
> Well, as long as you have the filesystem mounted (assuming it is ext3
> with acl support compiled in) with the ACLs turned on... then things
> should work.
> -- 
> greg, [EMAIL PROTECTED]
> 
> The technology that is 
> Stronger, Better, Faster: Linux
> 
> Use Debian GNU/Linux, its a bazaar thing.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] (no subject)

[stephane . purnelle]

look at changelog of the last version, you can see that a privilege 
seTakeOwnerShip is available.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
12/09/2005 11:08:44 :

> Hi,
> 
> 
> 
> How user can modify the owner of file if he ?s not an Admin.
> 
> 
> 
> thanks 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] cups driver

[stephane . purnelle]

[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
>> why you set browseable = yes ?, normally browseable = no
   read only = yes
   guest ok = yes
# Uncomment to allow remote administration of Windows print drivers.
# Replace 'ntadmin' with the name of the group your admin users are
# members of.
  write list = root, @ntadmin

I suppose that administrator is in ntadmin group ?

[global]
log file = /var/log/samba/log.%m
dns proxy = no
netbios name = pykota
security = user
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
server string = sprint
socket options = TCP_NODELAY
invalid users = root
obey pam restrictions = yes
workgroup = PyKoTa
os level = 20
auto services = printers
encrypt passwords = true
syslog = 0
passwd program = /usr/bin/passwd %u
passdb backend = tdbsam guest
panic action = /usr/share/samba/panic-action %d
max log size = 1000
load printer = Yes
printing = cups
printcap name = cups

use client driver = yes
Please modify this line : use client driver = no.

The permission of /var/lib/printers is correct.

try with no invalid users parameter in a second step



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur
09/09/2005 15:02:12 :

> hi
>
> yes i'm sure ... i'm logged in administrator (user in administrator
group)
> why did you say machinename ?
>
> so my problem is that drivers  are well uploaded on samba share $print
> (/printer/W32X86/3/hp*)  but
> after when i want to finish installation i get : not saved , access
denied
>
> ???
>
>
> Bruno Guerreiro a écrit :
>
> >You're sure the machinename\administrator belongs to the printer admin
> >group?
> >
> >Bruno Guerreiro
> >
> >
> >
> >>-Original Message-
> >>From: stenon [mailto:[EMAIL PROTECTED]
> >>Sent: sexta-feira, 9 de Setembro de 2005 11:40
> >>To: Bruno Guerreiro; samba@lists.samba.org
> >>Subject: Re: [Samba] cups driver
> >>
> >>
> >>hi,
> >>
> >>it's almost good !
> >>
> >>i can add new driver and it's uploading in my $print share on my samba
> >>server
> >>but when i want to save my change ...
> >>"printer configuration connot be saved, access denied"
> >>
> >>so i have change access on my directory
> >>/var/lib/samba/printers ... nothing
> >>
> >>where could i see my access denied ? which directory is it ? because
> >>logs are empty
> >>
> >>thanks ...
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] Bug in LDAP stuff?

[stephane . purnelle]

Hi,

since samba-3.0.20rc1 the ldap filter parameter is removed.

you can resolve your problem by comment the ldap-filter parameter.


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur
10/08/2005 17:15:01 :

> I think I've found a bug in the LDAP stuff. I've got a LDAP backend
> setup based on the idealx scripts. When I try to join a machine to my
> domain, I get the following. The important bit I want to point out is
> that the LDAP search is looking for (a lot of) properties, but it seems
> to be looking for _ALL_ objectClass=sambaSamAccount's. At this point in
> the trace, it should be trying to validate the login *as root* in order
> to join the machine. The query it's making does indeed return two
> entries: root and nobody, as it should, but two entries screws up the
> process now. Shouldn't the filter here be more like
> '(&(objectClass=sambaSamAccount)(uid=root))'? (Or whatever uid you're
> using to try to join the machine with. I know that the idealx stuff is
> out of date now post 3.0.11 with the "root" requirement. Here's hoping
> they update their stuff soon.) The filter is being supplied by Samba
> itself; hence, I'm thinking it's a bug. The question is: where do I go
> from here?
>
> Regards,
> dk
>
>
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3]
> lib/smbldap.c:smbldap_connect_system(866)
> Aug 10 09:38:50 excelsior smbd[32235]:   ldap_connect_system: succesful
> connection to the LDAP server
> Aug 10 09:38:50 excelsior smbd[32235]:   ldap_connect_system: LDAP
> server does support paged resultsAug 10 09:38:50 excelsior smbd[32235]:
> [2005/08/10 09:38:50, 4] lib/smbldap.c:smbldap_open(929)
> Aug 10 09:38:50 excelsior smbd[32235]:   The LDAP server is succesfully
> connected
> Aug 10 09:38:50 excelsior slapd[31471]: conn=64 op=2 SRCH
> base="dc=starfleet,dc=mil" scope=2 deref=0
> filter="(&(objectClass=sambaSamAccount))"
> Aug 10 09:38:50 excelsior slapd[31471]: conn=64 op=2 SRCH attr=uid
> uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
> sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
> displayName sambaHomeDrive sambaHomePath sambaLogonScript
> sambaProfilePath description sambaUserWorkstations sambaSID
> sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
> objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount
> sambaBadPasswordTime sambaPasswordHistory modifyTimestamp
> sambaLogonHours modifyTimestamp
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 1]
> passdb/pdb_ldap.c:ldapsam_getsampwnam(1338)
> Aug 10 09:38:50 excelsior smbd[32235]:   ldapsam_getsampwnam: Duplicate
> entries for this user [root] Failing. count=2
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3]
> smbd/sec_ctx.c:pop_sec_ctx(386)
> Aug 10 09:38:50 excelsior smbd[32235]:   pop_sec_ctx (0, 0) -
> sec_ctx_stack_ndx = 0
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3]
> auth/auth_sam.c:check_sam_security(257)
> Aug 10 09:38:50 excelsior smbd[32235]:   check_sam_security: Couldn't
> find user 'root' in passdb.
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3]
> auth/auth_winbind.c:check_winbind_security(80)
> Aug 10 09:38:50 excelsior smbd[32235]:   check_winbind_security: Not
> using winbind, requested domain [STARFLEET] was for this SAM.
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 2]
> auth/auth.c:check_ntlm_password(312)Aug 10 09:38:50 excelsior
> smbd[32235]:   check_ntlm_password:  Authentication for user [root] ->
> [root] FAILED with error NT_STATUS_NO_SUCH_USER
> Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3]
> smbd/sesssetup.c:do_map_to_guest(41)Aug 10 09:38:50 excelsior
> smbd[32235]:   No such user root [STARFLEET] - using guest account
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Réf. : Re: Réf. : [Samba] Puzzle -- Logon/Login from Windows XP

[stephane . purnelle]

Configure samba for become a domain member of a domain ?
or make samba as a domain controler and configure trusting account

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


   
  [EMAIL PROTECTED] 
  com  Pour :   [EMAIL PROTECTED]
   cc :
  29/09/2004 12:46 Objet :  Re: Réf. : [Samba] Puzzle --  
Logon/Login from Windows  XP
   
   




> In a message dated 9/29/2004 6:10:14 AM Eastern Daylight Time,
> [EMAIL PROTECTED] writes:
>
>I think that for resolve your problem, you configure samba for become PDC
>and connect all WINDOWS XP workstations to domain.

Thanks for the reply.

How do you define and create a domain? And is it difficult to maintain a
domain as the users change?

And what if the Samba server is just one of many servers on a network that
might have other domains and domain servers? And what if the workstations
have
to access other domains? This is the sort of environment where my system
has to
work.



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] Puzzle -- Logon/Login from Windows XP

[stephane . purnelle]

I think that for resolve your problem, you configure samba for become PDC
and connect all WINDOWS XP workstations to domain.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   [EMAIL PROTECTED]   |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   29/09/2004 11:57  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  [Samba] Puzzle --  Logon/Login from Windows XP 
   |
  
>---|




I hope somebody can help me with this. I posed this question a week ago and

got several well-meaning answers that were not very helpful.

I have 10 Windows XP workstations and 100 users. Each of the 100 users has
an
account on my Samba server (running Samba 3.03  on Mandrake Linux 10).

Each user has several shares on the Samba server which are unique to that
user. In other words, only THAT user can access his/her shares, and THAT
user has
read/write priviledges for those shares.

BTW,  I define each user's shares by listings in "smb.username.conf" files
and the "include=smb.%U.conf" option (I may have that backwards it may be
"username.smb.conf" and "include=%U.smb.conf", I have it right on my
server.)

The problem is, I need each of my 100 users to be able to logon to the
Samba
server (with READ/WRITE access to their own shares) from any of the 10
Windows
XP workstations. It's not a problem if the user has an account on the XP
machine that matches the username and password on the Linux Samba server.

But users don't have their own machines and it's impractical to create 100
user accounts on EACH Windows XP workstation. Especially when the list of
users
changes every few months.

So my question is, how can those 100 users logon to the Samba server from
ANY
workstation without having an account on the Windows XP workstation that
matches their username/password on the Samba server?

I have a clumsy workaround right now, but I need something better. This is
what I can do now:

-- I have a Samba share that is accessible to everyone.
-- In Windows XP, if I "map network drive" on that share and select
"connect
using different username", I get an opportunity to enter the username and
password for the specific user.
-- Once the Windows XP machine connects to the Samba server, the Samba
server
"knows" who the user is and displays a list of the user's own unique shares

-- which can then be mapped as well.

The thing that's awkward about this technique, however, is that I'm having
to
map a public share JUST to communicate to the Samba server the username and

password.

Isn't there a way to get the Samba server to ask for a username and
password
when the user clicks on the name of the Samba server in Explorer?

That's what happens when I click on the name of a Windows XP machine (XP
Machine 1) from another Windows XP machine (XP Machine 2) when I'm logged
on to
Machine 2 with a username and password that does not match an account on XP

Machine 1.  I get a dialog box asking for a username and password. If I
enter a
username that has an account on the first machine -- and the matching
password
-- I connect and get read/write access to all shared drives and folders.

I want to get the same dialog box when I click on the Linux Samba server.
But
how?

Thanks in advance for the help.

Regards,
Andy Liebman
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] security in samba

[stephane . purnelle]

Could you explain more ?

One people can access to one printer or each printer are one adminitrator
and other people can just print ?
else there are the printer admin parameter

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Shashi Kanth Boddula" <[EMAIL PROTECTED]>  |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   29/09/2004 14:57  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   <[EMAIL PROTECTED]>
   |
  |cc :
   |
  |Objet :  [Samba] security in samba  
   |
  
>---|




Hi,
 In my company , we have 25 HP printers at different floors. All
printesr are configured on  One Linux  Machine. Each printer has one
administrator. My  task is share the printer to that  particular
administrator.
 For example if i have 2 printers  ( HP1  and HP2) , i want to share

HP1 printer to only 192.168.0.1 and HP2 printer to only 192.168.0.2.
   If we use  host  allow & host deny in global  { or  (or) and } shared

section, the behaviour is not meets my requirement.
   if use valid users  in shared section, it's not working properly. On
windows, when i connect with valid username and passwd , it gives a
credentials conflict error.
   Please , can any one give suggestions on this.


Regards,
shashi kanth

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : Re: Re: [Samba] Authenticateing DC's on an ldap backend... nobody knows how?

[stephane . purnelle]

I know, but I want to say that samba manage machine group same as a other
group, not for Domain Users and Domain Admin group.
You can create a group for machine account but, I think that actually is
not very important for samba domain.

I can be mistaken.





---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


   
  Adam Tauno   
  Williams Pour :   [EMAIL PROTECTED]
  <[EMAIL PROTECTED] cc : [EMAIL PROTECTED]
  nd.com>  Objet :  Re: Re: [Samba] 
Authenticateing DC's on an ldap backend... nobody knows how?
   
  28/09/2004 15:56 
   
   




> Could explain more your problem ?
> On samba there are machine account for windows NT4, 2000, XP but no
> separation between workstation and server and DC.

?  A machine account is machine account,  only WINS cares about the
difference.

> And also, there are no specific group for machine which are managed by
> samba.

This is an entirely site specific setup thing.  If you want all your
machine
accounts created with a given gidNumber you can certainly do that.



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: Re: [Samba] Authenticateing DC's on an ldap backend... nobody knows how?

[stephane . purnelle]

Hi,

Could explain more your problem ?

On samba there are machine account for windows NT4, 2000, XP but no
separation between workstation and server and DC.
And also, there are no specific group for machine which are managed by
samba.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Paul Gienger <[EMAIL PROTECTED]>  |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   28/09/2004 15:16  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   "Jim C." <[EMAIL PROTECTED]>   
|
  |cc : [EMAIL PROTECTED]  
   |
  |Objet :  Re: [Samba] Authenticateing DC's on an ldap backend... nobody 
knows how?  |
  
>---|




Jim C. wrote:

> Doesn't anyone here know how to authenticate hosts in the group
> 'Domain Controllers' such that you don't have to set 'ldap admin dn'
> to the ldap server's root dn?  What's the big deal?  Why is this such
> a secret? Everytime I ask about it I get dead silence. It doesn't seem
> to matter what list I am on either.

Well if that's the way you're asking the question it's probably because
no one can understand what you're talking about and they are too busy
answering well formed quesions to ask for clarification.

--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc.
Information Systems Consultant   Fax:701-281-1322
URL: www.ae-solutions.commailto: [EMAIL PROTECTED]


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] What is the correct SambaPrimaryGroupSID

[stephane . purnelle]

Hi,

I ask to you for a small question :

I have some user with this SambaPrimaryGroiupSID =
S-1-5-21-X-X--1443
And other user with this SambaPrimaryGroiupSID =
S-1-5-21-X-X--513

What is correct SambaPrimaryGroiupSID ?
The SambaSID of my primary group is S-1-5-21-X-X--513
The S-1-5-21-X-X--1443 is the result of GID 221*2 + 1001 RID
algorithm

I use samba 3.0.4.

thanks

  Stéphane

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: Re: [Samba] NTFS-type directory permissions

[stephane . purnelle]

You have just, but the kernel and FS used for store data must using ACL...
It's just patch kernel (if kernel 2.4.x) for ACL support
http://acl.bestbits.at
and use a FS which have this possibility :
- ext3
- ReiserFS
- JFS
- XFS


  Stéphane

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


   
   
   




Hi,

I think if you choose to compile samba with the acl flag then you will have
the complex access control desired.

When you do a ./configure --help

... the options will be there but I think the option for acl support
is --with-acl-support or something like that.

Both my samba book and a unix terminal are not available to me now.

Bri-



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re : Re: [Samba] Changing password problem

[stephane . purnelle]

Hi Christian,

The ldap passwd sync is used for set if samba update LM, NT passwords and
LDAP password or not the LDAP Password.
But I read on the man of smb.conf :

This option is used to define whether or not Samba should sync the LDAP
password with the NT and LM hashes for normal accounts (NOT for
workstation, server or domain trusts) on a password change via SAMBA.


The ldap passwd sync can be set to one of three values:
  Yes = Try to update the LDAP, NT and LM passwords and update the
  pwdLastSet time.
  No = Update NT and LM passwords and update the pwdLastSet time.
  Only = Only update the LDAP password and let the LDAP server do the
  rest


Why sambaPwdMustChange is not updated, samba must update sambaPwdMustChange
if the password policy maximum password age is set.
Maybe this options is corrected in 3.0.6 ?

Thank you


  Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


   
   
  [EMAIL PROTECTED]
   
  entware.com   Pour :   [EMAIL PROTECTED] 
 
cc : [EMAIL PROTECTED] 
   
  27/07/2004 13:00  Objet :  Re: [Samba] 
Changing password problem
   
   
   
   




Hi stephane,

did you try

ldap passwd sync = yes

for me it worked.

Christian Wittmer

-
Büro/Office: +49 (0) 6227/385-120
Email: [EMAIL PROTECTED]

InterComponentWare AG
Otto-Hahn-Strasse 3
69190 Walldorf
Zentrale/Main: +49 (6227) 385-100

http://www.intercomponentware.com
http://www.lifesensor.com




[EMAIL PROTECTED]
Sent by:
[EMAIL PROTECTED]
27.07.2004 12:49


To: [EMAIL PROTECTED]
cc:
Subject:[Samba] Changing password problem






Hi,

When a client try to change password :

if sambaPwdCanChange = 2147483647 and sambaPwdMustChange = 1090923529 (for
example)
Samba would not change the password  :
I can find in log :
  user xxx cannot change password now, must wait until ven, 13 déc
1901
21:45:51 GMT

But, if I set the sambaPwdCanChange to 0, the password is changed but, the
sambaPwdMustChange is not updated to next date.

I use LDAP and password policy.
The unix password sync = no

Can anyone answer to this problem ?

Thank you


  Stéphane Purnelle


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba






--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Changing password problem

[stephane . purnelle]

Hi,

When a client try to change password :

if sambaPwdCanChange = 2147483647 and sambaPwdMustChange = 1090923529 (for
example)
Samba would not change the password  :
I can find in log :
  user xxx cannot change password now, must wait until ven, 13 déc 1901
21:45:51 GMT

But, if I set the sambaPwdCanChange to 0, the password is changed but, the
sambaPwdMustChange is not updated to next date.

I use LDAP and password policy.
The unix password sync = no

Can anyone answer to this problem ?

Thank you


  Stéphane Purnelle


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re. : Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10

[stephane . purnelle]

Hi,

On 3.0.4, I have a similar problem, it's caused by a group which have a
user that not exist.
Could you verify your user account ?



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Andreas Grabner <[EMAIL PROTECTED]> |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   13/07/2004 08:46  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10   
   |
  
>---|




Hi
It gets URGENT (for me) because there i a course which forces this
problem twice a day and all other clients crash.

Thanks
Andreas Grabner


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re. : [Samba] best filesystem choice for samba (was: new user cannot logon)

[stephane . purnelle]

Hi,

My Samba server is a PDc and file server.
I use XFS for data with ACL and data & OS are on a RAID 5 structure disk.

No problem for speed acces.


  Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Simon Oliver" <[EMAIL PROTECTED]> |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   08/07/2004 15:05  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   <[EMAIL PROTECTED]>
   |
  |cc :
   |
  |Objet :  [Samba] best filesystem choice for samba (was: new user cannot
logon)  |
  
>---|




I am setting up a Samba server and am uncertain as to which filesystem to
choose.

The consensus seems to be XFS but I'm not sure how proven this filesystem
is
(I know SGI have used it since Irix 6.5 but that's a different OS).

I want the filesystem to be available via both CIFS and NFS.

I need quotas and would like acls, but most of all want a fast reliable
system.

Reports indicate that ext2/3 is particularly slow, especially for long file
listings and many people complain have corruption issues with reiser (nut
maybe that's RedHat only).  Recently, someone even suggested using VFAT!

I'd like to hear your thoughts and experiences with the various
filesystems,
especially with regard to using them with Samba and/or NFS.

P.s. The filesystem will be on hardware RAID5, with a hardware RAID1 root
filesystem.  I've heard that it makes sense to place the log file on the
RAID1 partition - I carried out some simple tests but couldn't detect any
difference in performance with XFS no matter where the log file is.

--
  Simon Oliver

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] reloading group member from LDAP

[stephane . purnelle]

Hello,

I use samba 3.0.4 with LDAP backend and ACL, I have no problem.
But I see a small problem and I suggest a solution.

I explain by an example :
I have a user toto, he ask to me to access to two folder (erp01 and crm02).

The ACL of erp01 is grp_erp01 rwx
The ACL of crm02 is user_bla rx, user_blo, rwx

The first directory is managed by a group and the second directly with user
list.
I going to my LDAP server and I add a memberUid ( = toto) to grp_erp01 and
I add a user to my ACL of crm02.

If I call toto for says " Ok, you can work", toto will see only crm02, no
erp01.
Why : because smbd load group member on session setup.
If a use the command 'smbcontrol pid close-share' or I use the 'kill
button' of swat status, the auto-reconnection will reload the group, else
not.

I just suggest for 3.0.5 to add a parameter : 'reload group' or 'reload
session setup' value in second and include the necessary code on smbd.

Thanks

  Stéphane Purnelle

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re. : [Samba] Two questions about smbldap-tools

[stephane . purnelle]

Hi



   
   
   




Hi all.

1.  Are they any web based interfaces to smbldap-passwd.pl?

No

2.  Is www.idealx.org still a valid site for the smbldap-tools and
related info?  When I go there, no matter the URL I enter, I get a login
screen prompting for a username and password or a message that page can
not be found on the server.

www.idealx.org is a valid URL, but you can use this url
http://samba.idealx.org/ for accesc directly to smbldap-tools page.

Thanks,

~Dan

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re. : [Samba] scripts and pdbedit

[stephane . purnelle]

Hi,

I think that the delete user script is called only by smbd when a usrmgr or
other external tools work with samba.
smbpasswd and pdbedit is local tools and not use the "delete user script",
it work directly with the selected sam.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Collen Blijenberg "|
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   03/06/2004 12:30  |
| |   Veuillez répondre à "Collen Blijenberg "|
| | |
|-+->
  
>---|
  |
   |
  |Pour :   samba mailing list <[EMAIL PROTECTED]> 
   |
  |cc :
   |
  |Objet :  [Samba] scripts and pdbedit
   |
  
>---|




i noticed the follow,

i deleted a user, with both smbpasswd -x and tryed one with pdbedit -x
and saw that only the username entry was removed from the
samba passwd-backend..
the "delete user script" entry in the smb.conf is ignored with
both commands ??
Why ??
-
Collen Blijenberg (Systeem/Netwerk Beheerder)


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re. : [Samba] changing smbpasswd password rules

[stephane . purnelle]

The min password length in smb.conf is for unix password, you must modify
the parameter with this command
$ pdbedit -P "min password length" -C 3

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Jeff Kraeger <[EMAIL PROTECTED]>   |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   01/06/2004 17:02  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
 |
  |cc :
   |
  |Objet :  [Samba] changing smbpasswd password rules  
   |
  
>---|




Where does smbpasswd get its password rules from? I need to change them!
I need to allow for passwords as short as 3 characters.
I've changed my unix rules to allow users using passwd to change their
password correctly but samba will not.
I'm using encrypted passwords so min password length = 3 doesn't do
anything, right?
I keep getting RAP86 errors and the log says password too short account
policy min password len = 5
How do I change this to 3 - do I need to recompile? If so what file
needs to change?

Thanks,
   Jeff Kraeger

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] LOGON problem on windows 2000 server

[stephane . purnelle]

Hello, I have a problem a little complicated .
I have a Samba (3.0.2a) server compiled with ACL support and using a
directory LDAP for the users and groups, and it makes function of PDC.

On the network, I also a WINS server (win 2000 server) whose PDC is
customer.
Always on the network I have w98, 2000 (wrk), XP (pro) clients and three
server win2000 (of which waiter WINS).
This three Windows 2000 servers have problems of connection to the PDC.
Messages of the rvent viewer:
No controller of Windows NT field or Windows 2000 is available for field
CORMAN.
The following error occurred:  %%1722
and

the explorer could not find the list of the servers of exploring Master
\\ADMIN01 on the network
\Device\NetBT_Tcpip_{D0D1ÇA2-08DD-4BF1-9322-1D66DBC73B0C }.  The data is
the error code.

 In order to try to include/understand what occurs, I made a script which
executed every 10 minutes and which sends a mail to me.
This mail contains the result of an order smbclient towards one of the
machines.
Sometimes, that passes without problem, I have normal posting, but the
majority of the mails ends in:
SPENGO login failed:  No logon servers As I carry out this order with the
option-d10, I have at more the exit of the debug:  session setup failed:
NT_STATUS_NO_LOGON_SERVERS

Somebody can it help me ?

  Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] Samba basics

[stephane . purnelle]

Have you verified your  hosts.allow and hosts.deny conf ?

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Austin, Ben" <[EMAIL PROTECTED]>  |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   07/05/2004 14:05  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>  
   |
  |cc :
   |
  |Objet :  [Samba] Samba basics   
   |
  
>---|





Hi,

I know little to nothing about samba so need some advice on a problem I'm
having.

One of my users is trying to mount a UNIX directory onto his PC and gets
the
error "not authorised from this station". He was able to do this until he
had his hard drive swapped out. Desktop have said they all settings are as
they were previously and that this is a UNIX issue. Other users on the same
network are not having this problem and the user in question can mount the
directory from another PC which would suggest this is a problem with that
specific PC.

I have checked that all relevant smb/nmb procs are running and there are no
errors in the logs. I can ping/traceroute to the PC and the PC can ping the
UNIX box. I believe this is a local PC issue and wondered if anyone could
help me determine this as the problem is flying back and forwards between
UNIX and Desktop and the user is starting to get p$£%d

Thanks in advance.

Ben





Our name has changed, please update your address book to the following
format for the latest identities received "[EMAIL PROTECTED]".

This message contains information that may be privileged or confidential
and is the property of the Capgemini Group. It is intended only for the
person to whom it is addressed. If you are not the intended recipient,  you
are not authorized to read, print, retain, copy, disseminate,  distribute,
or use this message or any part thereof. If you receive this  message in
error, please notify the sender immediately and delete all  copies of this
message.

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] Machine Accounts in Samba3 and OpenLDAP

[stephane . purnelle]

Hi,

I know, I put a bug with no response,
normaly, if you uncomment the part of code ... script adds sambaSamAccount
atribute, you can adding computers on two step :
first step : you have : windows message is same "The user name could be not
find"
-> samba try to add the machine account because not found the entry
second step : the connection work fine
-> samba found entry and modify correcly entry (sambaNTPassword, )

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Ruslanas Cechovskis" <[EMAIL PROTECTED]>|
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   26/04/2004 11:15  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   <[EMAIL PROTECTED]>
   |
  |cc :
   |
  |Objet :  [Samba] Machine Accounts in Samba3 and OpenLDAP
   |
  
>---|




Hi,

Trying to run Samba3 and OpenLDAP.. and have a problem with adding
computers
to domain
while checking logs i found that samba is doing such search :
smbldap_search: base => [dc=forbis,dc=lt], filter =>
[(&(uid=test$)(objectclas
s=sambaSamAccount))], scope => [2]
[2004/04/26 09:45:46, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1062)
  ldapsam_getsampwnam: Unable to locate user [test$] count=0

i use smbldap-useradd script to add computers .. and entry is without
sambaSamAccount atribute
in smbldap-useradd.pl i found comented entry that samba add sambaSamAccoun
atribute automaticaly... somehow it do not happens..

Also i tryed to put ldap filter = (uid=%u) entry in my smb.conf file ..also
nothing happend samba still searchs in sambaSamAccount

Tryed to uncoment this part of code ... script adds sambaSamAccount
atribute
.. but still cant join domain.. windows message is same "The user name
could
be not find"

And right now im out of ideas ... any help ?

Su pagarba,

Ruslanas Cechovskis
UAB "Forbis" inzinerius

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Problem adding computer to domain

[stephane . purnelle]

Hi!

I try to add a computer to my domain and I found a problem with samba.
I use the IDEALX smbldap script for create entry in LDAP tree.
If I uncomment the add_machine_mkntpasswd, the samba faild.
If the add_machine_mkntpasswd is commented, I cannot add the computer to,
because the SambaSID already exist.

I found the problem.
The last time that a computer will be added succesfully, samba converted
the posixAccount to account schema.
And the account schema don't have uid attribute or my configuration is
misconfigured.

And the script smbldap don't find correcly uid for machine account.

Before adding the next machine, I will must export the last added machine
to LDIF,n modify it for add posixAccount and some information, re-import to
LDAP.

I anyone have some information or help me

Samba 3.0.2a
OpenLDAP 2.1.25
RedHat 8.0

Thank you

  Stéphane



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] add machine script wont add Postfix account

[stephane . purnelle]

Hi!

I have the same problem with my PDC.

Work fine:
Modify the script for add samba attribute ( three lines)
Execute manually the entry (with smbldap-useradd.pl -w machine1)
Try to join the domain

Don't work  :
Samba call the smbldap-useradd -w %u and the script is not modified.

I use samba 3.0.2a RH 8.0 openldap 2.1.25


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Stagiair <[EMAIL PROTECTED]>|
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   26/03/2004 16:06  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  [Samba] add machine script wont add Postfix account
   |
  
>---|




He Guys,

When we add a client pc (win2k) to our domain everything goes well
except that the add machine script wont run.
A computer will be created within the lDAP directory but not with the
add machine script.
The following is our situation.

Fedora Core1
|-samba-3.0.2-7.FC1
|-openldap-2.1.22-8

smb.conf
--
# Global parameters
[global]
workgroup = T3E
server string = domeinserver
bind interfaces only = Yes
passwd program = /usr/sbin/smbldap-passwd.pl %u
passwd chat = *new*password* %n *new*password* %n *successfully*
passwd chat debug = Yes
passdb backend = ldapsam:ldap://localhost
#unix password sync = Yes
log level = 2
log file = /var/log/samba/samba.log.%m
time server = Yes
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
add user script = /usr/sbin/smbldap-useradd.pl -a -m %u
add machine script = /usr/sbin/smbldap-useradd.pl -w %u
delete user script = /usr/sbin/smbldap-userdel.pl -r %u
add group script = /usr/sbin/smbldap-groupadd.pl %g
delete group script = /usr/sbin/smbldap-groupdel.pl %g
add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u
domain logons = Yes
os level = 34
preferred master = Yes
domain master = Yes
wins support = Yes
ldap suffix = o=T3E,c=nl
ldap admin dn = cn=Manager,o=T3E,c=nl
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap user suffix = ou=people
ldap ssl = no
admin users = root
hide unreadable = Yes
logon path = \\%N\%U\.winprofile
logon script = netwerk.bat
encrypt passwords = Yes
username map = /etc/samba/smbusers
--
As you see we use the smbldap-tools to execute when a client logins to
the domain.
After login the following entry will be made in LDAP:

uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
--
dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
uid: tmc-ontwikkelpc$
sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006
sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007
objectClass: sambaSamAccount
objectClass: account
displayName: TMC-ONTWIKKELPC$
sambaPwdCanChange: 1080312437
sambaPwdMustChange: 2147483647
sambaLMPassword: F64C97556FCFA59023753BB150C8A535
sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27
sambaPwdLastSet: 1080312437
sambaAcctFlags: [W  ]
--

If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we
get the following entry in the LDAP dir:

uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
--
dn: uid=test$,ou=computers,o=T3E,c=nl
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
cn: test$
sn: test$
uid: test$
uidNumber: 1000
gidNumber: 10012
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
--

This is a really different schema, and this is the one that we need.
Anyone  sees what were doing wrong?


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this li

[Samba] Samba SID and new installation

[stephane . purnelle]

Hi,

I make a new installation of my server with samba 3.0.2a
But I restored my LDAP tree and the SambaDomainName in LDAP is different
that net getlocalsid.

What can I make  :
- set the local sid with the old sid (from ldap) net setlocalsid ..
- Or change the SambaDomainSID on LDAP tree and all users, groups, and
computers.




---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re. : Re: [Samba] Re: Multiple DB / fragmented information

[stephane . purnelle]

Hi,

Maybe using LDAP REFERRAL ???

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Lapin(c)" <[EMAIL PROTECTED]>   |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   04/03/2004 14:51  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   Jérôme Fenal <[EMAIL PROTECTED]>   
  |
  |cc : "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
   |
  |Objet :  Re: [Samba] Re: Multiple DB / fragmented information   
   |
  
>---|




Selon Jérôme Fenal <[EMAIL PROTECTED]>:

> Salut Lapin(c),
>
> Comment va depuis notre longue discussion sur Solutions Linux ?

Plutot bien merci :)

>
> Lapin(c) wrote:
>
> > I was exploring a local LDAP solution, as it's for a very large network
> (1000
> > sites / 10 users) we want a disjunction between local
administration
> for
> > machines and global administration for users.
>
> What do you mean for disjunction between local administration and users ?
>
> Do you mean :
> 1. Separation between directory insertion (etheir user or machine) and
> local PC admin rights :
> - class D people can insert machines, as well as users
> - class T people can login to machines as local admin
>
> 2. Separation between directory insertion (users inserted by some
> people, machine by others) and local PC admin rights :
> - class M people (local support I guess) can insert local machine, in
> the right ou=site,ou=Computers sub-ou
> - class D people can insert users (centrally managed I guess), and maybe
>   Computers
> - class T people (see below).
>
> I guess (read I think, but not yet investigated further) that it could
> be done, maybe with the help of LDAP management application and
> carefully crafted LDAP ACLs.
> I think that, if using IdealX scripts, and different sub-ou
> configuration for these, you may can do what you intend to, directly
> using Samba and inserting machine directly from the Windows PC.

I mean that computers account is a local data and users password is a
global
data. so I need to separate both information in term of localization, hence
for
administration. It's mainly a LDAP architecture problem now.

>
>
> What is the size of the biggest site (I beg it is the Lyon one in
> Part-Dieu) ? Or maybe Paris'ones.

yes they are, the biggest are 300/400 users per site.

>
> I guess that machine passwords traffic (once per week) would not be that
> huge, even on 64kb/s lines
>

no the study is done to minimize network flow on the backbone.




--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] printers unreachable in samba 3.0.2?

[stephane . purnelle]

Already fixed in CVS.  See this report for the patch and applay it.

 https://bugzilla.samba.org/show_bug.cgi?id=1147

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   "Book, Jesse" <[EMAIL PROTECTED]> |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   04/03/2004 13:23  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  [Samba] printers unreachable in samba 3.0.2?   
   |
  
>---|




Hello,
 I'm currently running print services on a linux/cups/samba
3.0.2 machine.  It
seems that every now and again a group of users complains that they are
seeing a windows error message telling them that they are unable to connect

to their printer, and that the printer may be offline or is unreachable.
Looking in the samba log I see the following error message.

---log level 1-
[2004/03/04 06:35:04, 0] lib/util.c:smb_panic(1400)
  PANIC: internal error
[2004/03/04 06:35:04, 0] lib/util.c:smb_panic(1408)
  BACKTRACE: 16 stack frames:
   #0 /opt/samba/sbin/smbd(smb_panic+0x181) [0x8180ebd]
   #1 /opt/samba/sbin/smbd [0x8171676]
   #2 /opt/samba/sbin/smbd [0x81716cb]
   #3 /lib/libc.so.6 [0x401eb988]
   #4 /opt/samba/sbin/smbd(print_queue_status+0x159) [0x819adb4]
   #5 /opt/samba/sbin/smbd [0x808604e]
   #6 /opt/samba/sbin/smbd(api_reply+0x2c0) [0x808c074]
   #7 /opt/samba/sbin/smbd [0x80839b5]
   #8 /opt/samba/sbin/smbd(reply_trans+0x9dd) [0x80844ec]
   #9 /opt/samba/sbin/smbd [0x80b7713]
   #10 /opt/samba/sbin/smbd [0x80b77a5]
   #11 /opt/samba/sbin/smbd(process_smb+0x1c6) [0x80b7ab5]
   #12 /opt/samba/sbin/smbd(smbd_process+0x153) [0x80b854d]
   #13 /opt/samba/sbin/smbd(main+0x6ec) [0x81cd699]
   #14 /lib/libc.so.6(__libc_start_main+0xc6) [0x401d7d06]
   #15 /opt/samba/sbin/smbd(yp_get_default_domain+0x91) [0x80726a1]
--


Looking at the machine via cups show everything with the printer is normal,

and a test page from cups can be printed successfully.  However, from the
windows side, all users that are connected to that printer are unable to
use
the printer.  Deleting the individual printer .tdb
(../var/locks/printing/printername.tdb) file and issuing a 'smbcontrol smbd

reload-config' seems to clear the problem.

I don't know if this is a new problem, or goes back to Jerry Haltom's
problem
that I read about last month. (Signal 11 in smbd 3.0.2rc2 on printer
operation)

-= Jesse =-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : Re: Réf. : Re: Réf. : Re: [Samba] using a master ldap server and a slave ldap server

[stephane . purnelle]

The origine of my message is a problem with my local LDAP server.

last thursday I upgraded my RH 8 with the glibc update from RedHAt, after
sometimes the LDAP server is unreachable.
In log :
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open
/etc/hosts.allow: Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny:
Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open
/etc/hosts.allow: Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny:
Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open
/etc/hosts.allow: Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny:
Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open
/etc/hosts.allow: Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny:
Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open
/etc/hosts.allow: Too many open files
Mar  2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny:
Too many open files

Some peolple says : "It's the limit of open file number", I verified this,
it's not  this problem.
I know, it's a HS mail, but I want to know howto resolve this.

Thanks


  Stéphane


---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Beast <[EMAIL PROTECTED]>   |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   02/03/2004 12:18  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  Re: Réf. : Re: Réf. : Re: [Samba] using a master ldap   server 
and a slave|
  |ldap server for one  samba  
   |
  
>---|




* [EMAIL PROTECTED] nulis:

>
>
>
>
> If the first LDAP server faild, the second can be used directly.
> This server is a PDC server with more than 100 people connected and some
> application required domain authentification for running.
>
> For me is a critical server.

You can use one ldapsam with multiple server, see previous posting for the
syntax. You can also setup dedicated ldap server for samba though i dont
think that samba make a intensive call to ldap server, pam/nss_ldap yes,
but 100 (concurent) user will not that high :)


--beast

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : Re: Réf. : Re: [Samba] using a master ldap server and a slave ldap server for one samba

[stephane . purnelle]

If the first LDAP server faild, the second can be used directly.
This server is a PDC server with more than 100 people connected and some
application required domain authentification for running.

For me is a critical server.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Beast <[EMAIL PROTECTED]>   |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   02/03/2004 11:18  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  Re: Réf. : Re: [Samba] using a master ldap  server and a slave 
ldap server|
  |for one samba server
   |
  
>---|




* [EMAIL PROTECTED] nulis:

>
>
>
>
> What's means, can I have some problem with this configuration ?
> Or it's just a speed problem ?
>

Samba will get 2 value for same id and problem will appear soon or later.
Any reason why using 2 ldapsam backend?

> Stéphane
>


--beast

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : Re: [Samba] using a master ldap server and a slave ldap server for one samba server

[stephane . purnelle]

What's means, can I have some problem with this configuration ?
Or it's just a speed problem ?

Stéphane



   
  John H Terpstra  
  <[EMAIL PROTECTED]>  Pour :   [EMAIL PROTECTED]
   cc : [EMAIL PROTECTED]
  01/03/2004 18:22 Objet :  Re: [Samba] using a master 
ldap server and a slave ldap server for one samba
   server  
   




On Mon, 1 Mar 2004, John H Terpstra wrote:

> On Mon, 1 Mar 2004 [EMAIL PROTECTED] wrote:
>
> >
> >
> >
> >
> > Hi,
> >
> > I would like to make this :
> >
> > passwd backend : ldapsam:ldap://127.0.0.1, ldapsam:ldap://10.217.7.14

Oops! I meant to add that the configuration above will result in both LDAP
servers being contacted reesulting in a doubling up of all account
entries.

- John T.



>
> Change that to:
>
> passwd backend = ldapsam:"ldap://127.0.0.1 ldap://10.217.7.14";
>
> Note the specific use of the double quotes.
>
> - John T.
>
> >
> > The ldap server on 127.0.0.1 is the master LDAP server
> > The ldap server on 10.217.7.14 is the slave LDAP server.
> >
> > Can I do this.
> >
> >
> >   Stéphane Purnelle
> >
> > ---
> > Stéphane PURNELLE [EMAIL PROTECTED]
> > Service Informatique   Corman S.A.   Tel : 00 32 087/342467
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
>
>

--
John H Terpstra
Email: [EMAIL PROTECTED]

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] using a master ldap server and a slave ldap server for one samba server

[stephane . purnelle]

Hi,

I would like to make this :

passwd backend : ldapsam:ldap://127.0.0.1, ldapsam:ldap://10.217.7.14

The ldap server on 127.0.0.1 is the master LDAP server
The ldap server on 10.217.7.14 is the slave LDAP server.

Can I do this.


  Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] Trouble with install, still--please help

[stephane . purnelle]

Hi

These files are the samba daemon !

> usr/local/samba/sbin/nmbd
> usr/local/samba/sbin/smbd
> usr/local/samba/sbin/swat
> usr/local/samba/sbin/winbindd

You must create the smb.conf in /usr/local/samba/lib.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


|-+->
| |   Anne Ramey <[EMAIL PROTECTED]>  |
| |   Envoyé par :  |
| |   [EMAIL PROTECTED]|
| |   s.samba.org   |
| | |
| | |
| |   27/02/2004 16:49  |
| | |
|-+->
  
>---|
  |
   |
  |Pour :   [EMAIL PROTECTED]  
   |
  |cc :
   |
  |Objet :  [Samba] Trouble with install, still--please help   
   |
  
>---|




When I compile the source, I don't get smbd, nmbd, etc.  Can't very
well use samba without the deamons.
details:

> I've tried building it on a server that I know has pretty much every
> library possible for a program to need, but I'm still not getting a
> good samba install.
> I'm on white-dwarf linux (kernel 2.4.25), gcc 3.3.2, Samba 3.0.2a
> White-dwarf is home-grown, very much like slackware.
>
> When I configure and make and make install, I don't get any errors,
> but I when I look for some files that are supposed to come with it,
> they aren't there.  ex /usr/local/samba/lib/smb.conf: No such file or
> directory  & /etc/smb.conf: No such file or directory
>
> These are the files it did install:
>
> ./
> usr/
> usr/local/
> usr/local/samba/
> usr/local/samba/bin/
> usr/local/samba/bin/net
> usr/local/samba/bin/smbclient.old
> usr/local/samba/bin/testparm.old
> usr/local/samba/bin/smbtar.old
> usr/local/samba/bin/tdbbackup.old
> usr/local/samba/bin/wbinfo.old
> usr/local/samba/bin/smbstatus.old
> usr/local/samba/bin/rpcclient.old
> usr/local/samba/bin/smbpasswd.old
> usr/local/samba/bin/smbtree
> usr/local/samba/bin/ntlm_auth
> usr/local/samba/bin/testparm
> usr/local/samba/bin/testprns
> usr/local/samba/bin/tdbdump
> usr/local/samba/bin/nmblookup.old
> usr/local/samba/bin/findsmb
> usr/local/samba/bin/smbclient
> usr/local/samba/bin/testprns.old
> usr/local/samba/bin/smbpasswd
> usr/local/samba/bin/tdbbackup
> usr/local/samba/bin/nmblookup
> usr/local/samba/bin/smbstatus
> usr/local/samba/bin/smbtar
> usr/local/samba/bin/smbcacls
> usr/local/samba/bin/smbspool
> usr/local/samba/bin/findsmb.old
> usr/local/samba/bin/wbinfo
> usr/local/samba/bin/smbcontrol.old
> usr/local/samba/bin/pdbedit
> usr/local/samba/bin/profiles
> usr/local/samba/bin/smbcontrol
> usr/local/samba/bin/smbcquotas
> usr/local/samba/bin/rpcclient
> usr/local/samba/bin/smbcacls.old
> usr/local/samba/bin/smbspool.old
> usr/local/samba/lib/
> usr/local/samba/lib/vfs/
> usr/local/samba/lib/vfs/audit.so
> usr/local/samba/lib/vfs/default_quota.so
> usr/local/samba/lib/vfs/netatalk.so
> usr/local/samba/lib/vfs/cap.so
> usr/local/samba/lib/vfs/readonly.so
> usr/local/samba/lib/vfs/fake_perms.so
> usr/local/samba/lib/vfs/extd_audit.so
> usr/local/samba/lib/vfs/recycle.so
> usr/local/samba/lib/de.msg
> usr/local/samba/lib/upcase.dat
> usr/local/samba/lib/en.msg
> usr/local/samba/lib/valid.dat
> usr/local/samba/lib/fr.msg
> usr/local/samba/lib/libsmbclient.so
> usr/local/samba/lib/ja.msg
> usr/local/samba/lib/it.msg
> usr/local/samba/lib/nl.msg
> usr/local/samba/lib/pl.msg
> usr/local/samba/lib/tr.msg
> usr/local/samba/lib/lowcase.dat
> usr/local/samba/lib/charset/
> usr/local/samba/lib/charset/CP437.so
> usr/local/samba/lib/charset/CP850.so
> usr/local/samba/man/
> usr/local/samba/man/man1/nmblookup.1
> usr/local/samba/man/man1/profiles.1
> usr/local/samba/man/man1/smbcquotas.1
> usr/local/samba/man/man1/editreg.1
> usr/local/samba/man/man1/testparm.1
> usr/local/samba/man/man1/testprns.1
> usr/local/samba/man/man1/rpcclient.1
> usr/local/samba/man/man1/findsmb.1
> usr/local/samba/man/man1/smbsh.1
> usr/local/samba/man/man1/smbstatus.1
> usr/local/samba/man/man1/wbinfo.1
> usr/local/samba/man/man1/ntlm_auth.1
> usr/local/samba/man/man1/smbcacls.1
> usr/local/samba/man/man1/vfstest.1
> usr/local/samba/man/man1/s

Re. : Re: [Samba] SPNEGO nego problem (REPOST)

[stephane . purnelle]

I have the problem with smbclient -L ...
This is a level 50 debug message

[2004/02/23 10:45:00, 5] lib/debug.c:debug_dump_status(359)
  INFO: Current debug levels:
all: True/50
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
[2004/02/23 10:45:00, 3] param/loadparm.c:lp_load(3918)
  lp_load: refreshing parameters
[2004/02/23 10:45:00, 3] param/loadparm.c:init_globals(1304)
  Initialising global parameters
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95)
  Attempting to register new charset UCS-2LE
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103)
  Registered charset UCS-2LE
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95)
  Attempting to register new charset UTF8
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103)
  Registered charset UTF8
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95)
  Attempting to register new charset ASCII
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103)
  Registered charset ASCII
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95)
  Attempting to register new charset 646
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103)
  Registered charset 646
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95)
  Attempting to register new charset ISO-8859-1
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103)
  Registered charset ISO-8859-1
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95)
  Attempting to register new charset UCS2-HEX
[2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103)
  Registered charset UCS2-HEX
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 3] param/params.c:pm_process(566)
  params.c:pm_process() - Processing configuration file
"/usr/local/samba/lib/smb.conf"
[2004/02/23 10:45:00, 3] param/loadparm.c:do_section(3421)
  Processing section "[global]"
  doing parameter netbios name = ADMIN01
[2004/02/23 10:45:00, 4] param/loadparm.c:handle_netbios_name(2709)
  handle_netbios_name: set global_myname to: ADMIN01
  doing parameter workgroup = CORMAN
  doing parameter server string = Serveur administratif
  doing parameter security = user
  doing parameter passwd chat debug = yes
  doing parameter passwd chat = *new*password* %n\n *new*password* %n\n
successfully*
  doing parameter passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
  doing parameter password level = 2
  doing parameter unix password sync = no
  doing parameter admin users = @administrateurs
  doing parameter os level = 75
  doing parameter unix charset = ISO-8859-15
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
[2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74)
  Substituting charset 'ANSI_X3.4-1968' for LOCALE
  doing parameter display charset = ISO-8859-15
  doing parameter dos charset = ISO-8859-15
  doing parameter veto fi

[Samba] lp_servicenumber: couldn't find qstpfbl

[stephane . purnelle]

Hello,

Some questions :

- Can anyone could explain this message :

[2004/01/26 12:40:57, 7] param/loadparm.c:lp_servicenumber(4060)
  lp_servicenumber: couldn't find qstpfbl
[2004/01/26 12:40:57, 3] param/loadparm.c:lp_add_printer(2394)
  adding printer service qstpfbl


qstpfbl is a printer

- Why sometimes a windows 2000 server (SP4)  which is a member server of my
DOMAIN could not be available on network (Internal server error) ?
- When I restart smb daemon (/etc/rc.d/init.d/smb restart), the system not
restart correctly, but if i do : /etc/rc.d/init.d/smb stop, wait 1 second,
/etc/rc.d/init.d/smb stop, samba work fine !  The message asked in my first
question can be the answer ?

Thank you


 Stéphane Purnelle



---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] My story installing Samba-LDAP PDC (it has a happy ending)

[stephane . purnelle]

Could you send the ldap conf of samba (smb.conf) ?


 Stéphane

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


   
  
Muhammad Reza <[EMAIL PROTECTED]>  
 
Envoyé par :   Pour :  
[EMAIL PROTECTED] 
[EMAIL PROTECTED]cc :  

.samba.org Objet : 
 [Samba] My story installing Samba-LDAP PDC (it has a happy   
   ending) 
  
   
  
05/02/2004 11:08   
  
   
  
   
  




hi.

I Failed when try to mapping (create) samba (NT) group

#net groupmap add rid=513 ntgroup="Domain Guests" unixgroup=nobody
adding entry for group Domain Guests failed!


# ldapsearch -x -h localhost -b "cn=nobody,ou=Groups,dc=mra,dc=net"
# extended LDIF
#
# LDAPv3
# base  with scope sub
# filter: (objectclass=*)
# requesting: ALL
#

# nobody, Groups, mra.net
dn: cn=nobody,ou=Groups,dc=mra,dc=net
objectClass: posixGroup
objectClass: top
cn: nobody
description: Local Unix group
gidNumber: 65533

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

please help me...

regards
reza

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba




--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] tdb(unnamed): tdb_brlock failed (fd=12) at offset 4 rw_type=1 lck_type=13

[stephane . purnelle]

Some times I have in log :

[2004/02/04 12:00:06, 5] lib/gencache.c:gencache_init(59)
  Opening cache file at /var/lock/samba/gencache.tdb
[2004/02/04 12:00:06, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=12) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/02/04 12:00:06, 5] libsmb/namecache.c:namecache_enable(58)
  namecache_enable: enabling netbios namecache, timeout 660 seconds
[2004/02/04 12:00:06, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=13) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/02/04 12:00:06, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=17) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/02/04 12:00:06, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=18) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/02/04 12:00:06, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=19) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible


What's mean ... ?

thank you ..

 Stéphane Purnelle

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] bugzilla.samba.org not work ?

[stephane . purnelle]

I would like to post a bug, on bugzilla.samba.org, but the website don't
respond.

My bug is :

Some users can't save file correctly the firts time, a second try work
fine, but the first try cause an error on workstations.
In smbd.log, I have :

[2004/01/20 11:13:54, 5] libsmb/namecache.c:namecache_enable(45)
  namecache_enable: disabling netbios name cache
[2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=12) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=13) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=17) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=18) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible

bye

 Stéphane

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] smbldap-tools 8.2 and sambaPrimaryGroupSID different that older version

[stephane . purnelle]

Hi!

In 0.7 version, the sambaprimaryGroupSID was composed with SID- uid * 2 +
1001, for example : 221*2+1001 = 1443.
Now, the smbldap-tools 8.2 (the latest version) create the
sambaprimaryGroupSID with group-SID of group.

Its' because I have a groupmapping of this group (Users -> Domain Users) ?
It's normal ?


Thank you for your help.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Réf. : [Samba] samba 2.2.8a PDC LDAP CTRL+ALT+DEL password change, not chaning Unix password

[stephane . purnelle]

Hi,

Why you spécifie :

 smb passwd file = /etc/samba/smbpasswd
 pam password change = Yes

If you use LDAP ?
It's the interaction between  LDAP and these parameter which cause the
problem.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467


   
  
"Sundaram Ramasamy" <[EMAIL PROTECTED]>
   
Envoyé par :   Pour :  
<[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> 
[EMAIL PROTECTED]cc :[EMAIL PROTECTED] 

.samba.org Objet : 
 [Samba] samba 2.2.8a PDC LDAP CTRL+ALT+DEL password change,  
   not chaning 
Unix password 
   
  
14/01/2004 16:01   
  
   
  
   
  




Hi,

I am running samba 2.2.8a with ldap PDC. From windows machine If I change
password by process CTL+ALT+DEL key its changing only windows password.

from command line  smbldap-passwd.pl  script changing the both UNIX and
samba password.

any idea why its not changing UNIX password?

Thanks
SR

Here my smb.conf file

encrypt passwords = Yes
 min passwd length = 5
 null passwords = No
 password server =
 smb passwd file = /etc/samba/smbpasswd
 pam password change = Yes
 passwd program = /usr/local/sbin/smbldap-passwd.pl %u
 passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password*
%n\n*passwd:*all*authentication*tokens*updated*successfully*
 passwd chat debug = Yes
 password level = 0
 unix password sync = No
 machine password timeout = 604800

my smbldap-passwd.pl  file
===
use FindBin;
use FindBin qw($RealBin);
use lib "$RealBin/";

use smbldap_tools;
use smbldap_conf;

my $user;
my $oldpass;
my $ret;

my $arg;

foreach $arg (@ARGV) {
 if ($< != 0) {
  die "Only root can specify parameters\n";
 } else {
  if ( ($arg eq '-?') || ($arg eq '--help') ) {
   print "Usage: $0 [username]\n";
   print "  -?, --help   show this help message\n";
   exit (6);
  } elsif (substr($arg,0) ne '-')  {
   $user = $arg;
  }
  $oldpass = 1;
 }
}

if (!defined($user)) {
 $user=$ENV{"USER"};
}

# test existence of user in LDAP
my $dn_line;
if (!defined($dn_line = get_user_dn($user))) {
print "$0: user $user doesn't exist\n";
exit (10);
}

my $dn = get_dn_from_line($dn_line);

my $samba = is_samba_user($user);

print "Changing password for $user\n";

# non-root user
if (!defined($oldpass)) {
# prompt for current password
 system "stty -echo";
 print "(current) UNIX password: ";
 chomp($oldpass=);
 print "\n";
 system "stty echo";

 if (!is_user_valid($user, $dn, $oldpass)) {
 print "Authentication failure\n";
 exit (10);
 }
}

# prompt for new password

my $pass;
my $pass2;

system "stty -echo";
print "New password : ";
chomp($pass=);
print "\n";
system "stty echo";

system "stty -echo";
print "Retype new password : ";
chomp($pass2=);
print "\n";
system "stty echo";

if ($pass ne $pass2) {
print "New passwords don't match!\n";
exit (10);
}

# only modify smb passwords if smb user
if ($samba == 1) {
if (!$with_smbpasswd) {
# generate LanManager and NT clear text passwords
 if ($mk_ntpasswd eq '') {
 print "Either set \$with_smbpasswd = 1 or specify \$mk_ntpasswd\n";
 exit(1);
 }
 my $ntpwd = `$mk_ntpasswd '$pass'`;
chomp(my $lmpassword = substr($ntpwd, 0, index($ntpwd, ':')));
chomp(my $ntpassword = substr($ntpwd, index($ntpwd, ':')+1));

# change nt/lm passwords
 my $tmpldif =
"$dn_line
changetype: modify
replace: lmpassword
lmpassword: $lmpassword
-
changetype: modify
replace: ntpassword
ntpassword: $ntpassword
-

";
 die "$0: error while modifying password for $user\n"
 unless (do_ldapmodify($tmpldif) == 0);
 undef $tmpldif;
}
else {
 if ($< != 0) {
 my $FILE="|$smbpasswd -s >/dev/null";
 open (FILE, $FILE) || die "$!\n";
 print FILE < /dev/null";
if ($ret == 0) {
print "all authentication tokens updated succes

[Samba] samba says "you have right" but I must not have right (Important - SECURITY ISSUE)

[stephane . purnelle]

My Samba 3.0.1 is configured with LDAP SAM and ACL on XFS filesystem.

For a test, I added my user to the group "cadres". This group is in ACL
definition of my directory.

# file: Projets
# owner: root
# group: root
user::rwx
user:asi:rwx
group::rwx
group:administrateurs
group:cdir:r-x
group:jardin:r-x
group:cadres:r-x
mask::rwx
other::---
default:user::rwx
default:user:asi:rwx
default:group::rwx
default:group:adminis
default:mask::rwx
default:other::---

In my explorer, the directory Projets appear, the directory is available.
After, I modifed my group "cadres" and I supress my account from group.

since more than 1 hour, I can see and acces to directory but in unix
console I cannot and I must don't access to this directory.
The only possibility than I have is : "killing my connection with SWAT"


I looking the source and I think that is the NT_USER_TOKEN information is
not updated after connection or if these informations is updated not
correctly.
I propose that samba refresh correcly these information every five minutes
or a parameter REFRECH_USRE_INFO in smb.conf.

please help me.

 Stéphane
 Samba Administrator.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] tdb access problem - tdb_brlock failed

[stephane . purnelle]

Hi I my smbd.log, I  can find these lines.
How to resolv this problem ?

[2004/01/08 12:03:11, 5] lib/gencache.c:gencache_init(59)
  Opening cache file at /var/cache/samba/gencache.tdb
[2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=12) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/08 12:03:11, 5] libsmb/namecache.c:namecache_enable(58)
  namecache_enable: enabling netbios namecache, timeout 660 seconds
[2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=13) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=17) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=18) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724)
  tdb(unnamed): tdb_brlock failed (fd=19) at offset 4 rw_type=1
lck_type=13: Ressource temporairement non disponible
[2004/01/08 12:03:11, 10] registry/reg_cachehook.c:reghook_cache_add(60)
  reghook_cache_add: Adding key
[/HKLM/SYSTEM/CurrentControlSet/Control/Print]
[2004/01/08 12:03:11, 8] lib/adt_tree.c:sorted_tree_add(247)
  sorted_tree_add: Enter
[2004/01/08 12:03:11, 10] lib/adt_tree.c:sorted_tree_add(314)
  sorted_tree_add: Successfully added node
[HKLM/SYSTEM/CurrentControlSet/Control/Print] to tree
[2004/01/08 12:03:11, 8] lib/adt_tree.c:sorted_tree_add(316)
  sorted_tree_add: Exit

tdb file in /var/cache/samba :

account_policy.tdb
brlock.tdb
browse.dat
connections.tdb
gencache.tdb
group_mapping.tdb
lang_en.tdb
lang_fr.tdb
locking.tdb
messages.tdb
namelist.debug
ntdrivers.tdb
ntforms.tdb
ntprinters.tdb
printing (this is a directory)
registry.tdb
sessionid.tdb
share_info.tdb
unexpected.tdb
wins.dat


Thank you

 Stéphane

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba