subject:"\[Samba\] vampire doesn't appear to be working at the moment\?"

Re: [Samba] vampire doesn't appear to be working at the moment?

2004-07-13 Thread Eric J Bennett

Thankyou Craig, this appears to have worked to a degree, the only thing 
now is that all the accounts are transferred over but all their 
passwords are set to;

crypt{x}
instead of their NT password hashes... I'm not sure why this is? (well, 
I know why it is, because I had a look at the source for 
smbldap-useradd, but shouldn't vampire also set the password hashes 
correctly?)

Regards
Eric
Craig White wrote:
On Mon, 2004-07-12 at 22:17, Eric J Bennett wrote:
 

Hello All,
Software environment is RedHat 8.0 running Samba 3.0.4 compiled from 
source downloaded from planetmirror. When I try to run net rpc vampire 
-S pdc -U administrator%password I get a message like this

Cannot import users from ITOUCHAU at this time, as the current domain:
   ITOUCH-1008: S-1-5-21-3757787686-1591169446-1440766903
conflicts with the remote domain
   ITOUCHAU: S-1-5-21-991195760-36068510-1124750213
Perhaps you need to set:
   security=user
   workgroup=ITOUCHAU
in your smb.conf?
Itouch-1008 is the name of the server samba is running on.The relevant 
bits of smb.conf are below, as well as the output of
net rpc vampire -U administrator%password -d 4
(without specifying the server) as this did actually appear to do 
something and come back with NT_STATUS_UNSUCCESSFUL

Any ideas, anyone?
   


try
net setlocalsid S-1-5-21-991195760-36068510-1124750213
first
Craig
 

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] vampire doesn't appear to be working at the moment?

2004-07-13 Thread Craig White

On Tue, 2004-07-13 at 00:01, Eric J Bennett wrote:
 Thankyou Craig, this appears to have worked to a degree, the only thing 
 now is that all the accounts are transferred over but all their 
 passwords are set to;
 
 crypt{x}
 instead of their NT password hashes... I'm not sure why this is? (well, 
 I know why it is, because I had a look at the source for 
 smbldap-useradd, but shouldn't vampire also set the password hashes 
 correctly?)
-
Indeed it should. I think that this occurs when the NT4 PDC doesn't
entirely trust the 'BDC' trying to do the vampire (like a setting isn't
right).

I would wipe out the users/machine accounts that were imported and try
again.

Make sure that samba is set up like a BDC (and I am doing this from
memory from more than 6 months ago)...
security = domain
domain master = yes
preferred master = no

net join etc...
net rpc vampire etc...

Craig

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] vampire doesn't appear to be working at the moment?

2004-07-12 Thread Eric J Bennett

Hello All,
Software environment is RedHat 8.0 running Samba 3.0.4 compiled from 
source downloaded from planetmirror. When I try to run net rpc vampire 
-S pdc -U administrator%password I get a message like this

Cannot import users from ITOUCHAU at this time, as the current domain:
   ITOUCH-1008: S-1-5-21-3757787686-1591169446-1440766903
conflicts with the remote domain
   ITOUCHAU: S-1-5-21-991195760-36068510-1124750213
Perhaps you need to set:
   security=user
   workgroup=ITOUCHAU
in your smb.conf?
Itouch-1008 is the name of the server samba is running on.The relevant 
bits of smb.conf are below, as well as the output of
net rpc vampire -U administrator%password -d 4
(without specifying the server) as this did actually appear to do 
something and come back with NT_STATUS_UNSUCCESSFUL

Any ideas, anyone?
Regards
Eric
output from net rpc vampire -U administrator%password -d 4
[2004/07/13 13:46:45, 3] param/loadparm.c:lp_load(3877)
 lp_load: refreshing parameters
[2004/07/13 13:46:45, 3] param/loadparm.c:init_globals(1307)
 Initialising global parameters
[2004/07/13 13:46:45, 3] param/params.c:pm_process(566)
 params.c:pm_process() - Processing configuration file 
/usr/local/samba/lib/smb.conf
[2004/07/13 13:46:45, 3] param/loadparm.c:do_section(3375)
 Processing section [global]
 doing parameter security = domain
 doing parameter workgroup = ITOUCHAU
 doing parameter password server = *
 doing parameter encrypt passwords = yes
 doing parameter passdb backend = ldapsam:ldap://localhost
 doing parameter username map = /etc/samba/smbusers
 doing parameter printcap name = cups
 doing parameter add user script = /usr/local/sbin/smbldap-useradd.pl 
-m '%u'
 doing parameter delete user script = /usr/local/sbin/smbldap-userdel.pl %u
 doing parameter add group script = /usr/local/sbin/smbldap-groupadd.pl 
-p '%g'
 doing parameter delete group script = 
/usr/local/sbin/smbldap-groupdel.pl '%g'
 doing parameter add user to group script = /usr/local/sbin/ 
smbldap-groupmod.pl -m '%g' '%u'
 doing parameter delete user from group script = /usr/local/sbin/ 
smbldap-groupmod.pl -x '%g' '%u'
 doing parameter set primary group script = /usr/local/sbin/ 
smbldap-usermod.pl -g '%g' '%u'
 doing parameter add machine script = 
/usr/local/sbin/smbldap-useradd.pl -w '%u'
 doing parameter logon script = logon.cmd
 doing parameter logon path =
 doing parameter logon drive =
 doing parameter logon home =
 doing parameter domain logons = no
 doing parameter os level = 35
 doing parameter preferred master = no
 doing parameter domain master = no
 doing parameter ldap suffix = dc=itouchaudev,dc=com
 doing parameter ldap machine suffix = ou=People
 doing parameter ldap user suffix = ou=People
 doing parameter ldap group suffix = ou=People
 doing parameter ldap idmap suffix = ou=People
 doing parameter ldap admin dn = cn=Manager,dc=itouchaudev,dc=com
 doing parameter ldap ssl = no
 doing parameter ldap passwd sync = Yes
 doing parameter idmap uid = 15000-2
 doing parameter idmap gid = 15000-2
 doing parameter winbind separator = +
 doing parameter printing = cups
[2004/07/13 13:46:45, 4] param/loadparm.c:lp_load(3909)
 pm_process() returned Yes
[2004/07/13 13:46:45, 2] lib/interface.c:add_interface(79)
 added interface ip=192.168.13.108 bcast=192.168.13.255 nmask=255.255.255.0
[2004/07/13 13:46:45, 3] libsmb/cliconnect.c:cli_start_connection(1369)
 Connecting to host=127.0.0.1
[2004/07/13 13:46:45, 3] lib/util_sock.c:open_socket_out(733)
 Connecting to 127.0.0.1 at port 445
[2004/07/13 13:46:45, 2] lib/util_sock.c:open_socket_out(769)
 error connecting to 127.0.0.1:445 (Connection refused)
[2004/07/13 13:46:45, 3] lib/util_sock.c:open_socket_out(733)
 Connecting to 127.0.0.1 at port 139
[2004/07/13 13:46:45, 2] lib/util_sock.c:open_socket_out(769)
 error connecting to 127.0.0.1:139 (Connection refused)
[2004/07/13 13:46:45, 1] libsmb/cliconnect.c:cli_connect(1293)
 Error connecting to 127.0.0.1 (Connection refused)
[2004/07/13 13:46:45, 1] libsmb/cliconnect.c:cli_start_connection(1373)
 cli_full_connection: failed to connect to 127.0.0.120 (127.0.0.1)
[2004/07/13 13:46:45, 1] utils/net.c:connect_to_ipc_anonymous(191)
 Cannot connect to server (anonymously).  Error was NT_STATUS_UNSUCCESSFUL
[2004/07/13 13:46:45, 2] utils/net.c:main(792)
 return code = -1

smb.conf;
[global]
security=domain
workgroup=ITOUCHAU
password server = *
encrypt passwords = yes
passdb backend = ldapsam:ldap://localhost
domain logons = no
os level = 35
preferred master = no
domain master = no
I've omitted a lot of LDAP config info here, if it's necessary please 
let me know, I just didn't want to clutter up this post. I did run a net 
rpc join before running vampire, and that succeeded, I set domain logons 
and pref master and domain master to no as I don't want this server to 
go live until I can verify that it's accepting domain logons from 
active machines.

--
To unsubscribe from this list go to the following URL and read the

Re: [Samba] vampire doesn't appear to be working at the moment?

2004-07-12 Thread Craig White

On Mon, 2004-07-12 at 22:17, Eric J Bennett wrote:
 Hello All,
 
 Software environment is RedHat 8.0 running Samba 3.0.4 compiled from 
 source downloaded from planetmirror. When I try to run net rpc vampire 
 -S pdc -U administrator%password I get a message like this
 
 Cannot import users from ITOUCHAU at this time, as the current domain:
 ITOUCH-1008: S-1-5-21-3757787686-1591169446-1440766903
 conflicts with the remote domain
 ITOUCHAU: S-1-5-21-991195760-36068510-1124750213
 Perhaps you need to set:
 
 security=user
 workgroup=ITOUCHAU
 
  in your smb.conf?
 
 Itouch-1008 is the name of the server samba is running on.The relevant 
 bits of smb.conf are below, as well as the output of
 net rpc vampire -U administrator%password -d 4
 (without specifying the server) as this did actually appear to do 
 something and come back with NT_STATUS_UNSUCCESSFUL
 
 Any ideas, anyone?

try
net setlocalsid S-1-5-21-991195760-36068510-1124750213
first

Craig

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] vampire doesn't appear to be working at the moment?

Re: [Samba] vampire doesn't appear to be working at the moment?

[Samba] vampire doesn't appear to be working at the moment?

Re: [Samba] vampire doesn't appear to be working at the moment?

4 matches

Site Navigation

Mail list logo

Footer information