Re: [Samba] (no subject)

[Denis Cardon]

Le 28/09/2013 01:15, Jim Jenkins a écrit :

Hey Gang,

I'm stuck near the end of installing Samba 4 on a Debian Wheezy machine.
I'm trying to connect to a Win2k AD.

Basically I can't get "getent passwd" to show domain accounts.  I also
can't access shares using my credentials.  What did I forget?!


Here is what works:
sudo net ads join -U "DOMAINADMIN"

wbinfo -g  //shows domain groups!
wbinfo -u  //shows domain users!

I have setup symlinks from */lib/i386-linux-gnu/libnss_winbind.so* to *
/lib/i386-linux-gnu/libnss_winbind.so


if you did compile samba4, then the correct libnss_winbind.so library is 
located at /usr/local/samba/lib/libnss_winbind.so.2 (cf. 
http://wiki.samba.org/index.php/Samba4/Winbind#Using_libnss_winbind)


if you used the samba4 (4.0.0~beta2+dfsg1-3.2) package from debian 
repository, then you'd better go for the compiled version. The package 
in wheezy repository are quite old.



*
*smb.conf
[global]
 workgroup = DOMAIN
 realm = DOMAIN.COM
 server string = %h server
 security = ADS
 map to guest = Bad User
 obey pam restrictions = Yes
 pam password change = Yes
 passwd program = /usr/bin/passwd %u
 passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .


I guess most of those lines are not needed if you are using AD 
authentication I guess.



 unix password sync = Yes
 syslog = 0
 log file = /var/log/samba/log.%m
 max log size = 1000
 dns proxy = No
 usershare allow guests = Yes
 panic action = /usr/share/samba/panic-action %d
 winbind separator = +
 winbind enum users = Yes
 winbind enum groups = Yes
 winbind use default domain = Yes
 winbind nss info = rfc2307
 idmap config SHORTDOMAINNAME:range = 500-4
 idmap config SHORTDOMAINNAME:schema_mode = rfc2307
 idmap config SHORTDOMAINNAME:backend = ad
 idmap config *:range = 70001-8
 idmap config * : backend = tdb
 store dos attributes = Yes


*
*Besides "getent passwd" failing to show domain accounts, I get this when I
attempt to authenticate via a SMB client.



[2013/09/27 19:03:28.678145,  3]
../auth/ntlmssp/ntlmssp_server.c:358(ntlmssp_server_preauth)
   Got user=[TestUser] domain=[DOMAIN] workstation=[BADASS] len1=24 len2=154
.
.
[2013/09/27 19:03:28.681267,  3]
../source3/auth/auth.c:177(auth_check_ntlm_password)
   check_ntlm_password:  Checking password for unmapped user


samba is complaining of "unmapped user", this should go away once libnss 
is proprely configured



Cheers,

Denis


[**DOMAIN]\[TestUser]@[BADASS]
with the new password interface
[2013/09/27 19:03:28.681359,  3]
../source3/auth/auth.c:180(auth_check_ntlm_password)
   check_ntlm_password:  mapped user is: [**DOMAIN]\[**TestUser]@[BADASS]
[2013/09/27 19:03:28.691085,  3]
../source3/auth/auth_util.c:1247(check_account)
   Failed to find authenticated user **DOMAIN+jjenkins via getpwnam(),
denying access.
[2013/09/27 19:03:28.691235,  2]
../source3/auth/auth.c:288(auth_check_ntlm_password)
   check_ntlm_password:  Authentication for user [jjenkins] -> [**TestUser]
FAILED with error NT_STATUS_NO_SUCH_USER
[2013/09/27 19:03:28.691354,  3]
../source3/auth/auth_util.c:1593(do_map_to_guest_server_info)
   No such user jjenkins [**DOMAIN] - using guest account

*




--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Gilles Pion]

Andrew Bartlett  samba.org> writes:

> Where is ldap.h on your system.  It may be enough to just specify
> CFLAGS="-I/usr/local/openldap/include" ./configure
> 
> (if that is where ldap.h is).
> 
> If we have found ldap.h, it will be added to those tests.
> 

I'm using a dedicated openldap installation located in the samba destination
directory
(openldap "./configure" prefix is the same as samba "./configure" prefix)


Also, as I've alway done for configure env variables, for includes switches, 
I'm not using "CFLAGS" 
but "CPPLAGS".
(which BTW contains the required "-I" switch pointing to ldap headers 
directory)

Is this not correct?


Note that with the following fix to ".source3/wscript" the check is 
successfull, 

replaced
conf.CHECK_FUNCS_IN('ldap_init ldap_init_fd ldap_initialize 
ldap_set_rebind_proc', 'ldap')
conf.CHECK_FUNCS_IN('ldap_add_result_entry', 'ldap')

by
conf.CHECK_FUNCS_IN('ldap_init ldap_init_fd ldap_initialize 
ldap_set_rebind_proc', 'ldap',  
 headers='ldap.h lber.h')
conf.CHECK_FUNCS_IN('ldap_add_result_entry', 'ldap', 
 headers='ldap.h')



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[hagai yaffe]

hagaiy
hagai yaffe
.
I'll turn over a new leaf. -- Miguel de Cervantes
%
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Daniel Müller]

Have a look:
http://linux.die.net/man/1/ldbedit

---
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: muel...@tropenklinik.de
Internet: www.tropenklinik.de
---

-Ursprüngliche Nachricht-
Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im 
Auftrag von ciradhb.forw...@laposte.net
Gesendet: Mittwoch, 4. April 2012 12:06
An: Moray Henderson; samba@lists.samba.org
Betreff: [Samba] (no subject)

 Hi Moray, 
 
Thanks for your answer. It could help but only partially. 
 
The script name logon%u.cmd was a bad example. Actually, a user can log on from 
WinXP , or Win 7 workstations, and I'like to run different logon scripts 
depending on the OS . So having logon script = logon%a.cmd in the smb.conf 
generally works thanks to variable substitution.
 
But for user accounts that have been created with the USRMGR.EXE tools, the 
Logon Script attributes have not been set and it seems not possible to modify 
it with variables using "pdbedit --script" .(one precision : I use  passdb 
backend = tdbsam ).

 
Your script could help , but as you said logon script name will be hardcoded 
for each users which I want to avoid. 


Isn't it possible to manually change some entries in the passdb.tdb file ?   
 
Henri 
 
> -Message d'origine-
> De : Moray Henderson [mailto:moray.hender...@ict-software.org]
> Envoyé : mercredi 4 avril 2012 12:56
> À : ciradhb.forw...@laposte.net; samba@lists.samba.org Objet : RE: 
> [Samba] macro characters with pdbedit ?
> 
> > From: ciradhb.forw...@laposte.net 
> > [mailto:ciradhb.forw...@laposte.net]
> > Sent: 03 April 2012 11:49
> >
> > Hi,
> >
> > I would like to change the Logon script name attributes of a samba 
> > user account to something like logon%u.cmd using pdbedit with the 
> > --script option. It does not work because the string logon%u.cmd is 
> > litteraly taken as the value, loosing the variable substitution at 
> > evaluation time. pdbedit -v output gives "Logon Script : logon%u.cmd" .
> >
> > When creating a user account without --script option, it takes by 
> > default the string that is specified in the smb.conf (say :
> > logon%a.cmd) as a macro that will be evaluated later (pdbedit -v 
> > gives Logon Script: logonUNKNOWN.cmd which seems normal on linux).
> >
> > So my question is :  is it possible to use macro characters with 
> > pdbedit the same way they are used in the smb.conf ? If not how can 
> > I change account attributes (and specifically the Logon Script Name) 
> > with macro charaters ? maybe with another tool than pdbedit ?
> >
> > Thanks in advance
> >
> > Henri
> 
> You could hard-code each user name into the Logon Script using a shell 
> script to loop through the user database and pick out the
> names:
> 
>   for u in `pdbedit -L | cut -d: -f1`; do
> [[ $u =~ \\$ ]] && continue# Filter out machine accounts
> echo pdbedit -S logon_$u.cmd -u $u
>   done
> 
> If it looks like the pdbedit commands are correct, remove the "echo".
> 
> Otherwise, you could try setting --script to whatever it gets when it picks 
> up its value from "logon script" in smb.conf.
> 
> 
> Moray.
> “To err is human; to purr, feline.”
> 
> 
> 
 


Une messagerie gratuite, garantie à vie et des services en plus, ça vous tente ?
Je crée ma boîte mail www.laposte.net
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Aaron E.]

You could turn off the Windows Automatic printer find feature? That 
would stop the printers that are found and Tagged Auto I believe..


Windows searches the network for shared printers and will auto add the 
printer if this is turned on and they will be tagged as Auto..


My first post is probably irrelevant if this is the issue.. But it may 
have the same effect to set BrowseAllow NONE, if it is finding the cups 
shared printers..


On 01/25/2012 01:09 PM, Yécine Allouache wrote:

Sorry I'm not really fluent in english :)

I will try tomorrow, but I did not know that CUPS could be the reason

Le 25 janvier 2012 17:28, Yécine Allouache  a
écrit :


Hello,

I'm on a debian Squeez  and I use  Samba 3.5.6 and CUPS 1.4.4

When I add a printer with windows: \\server\Name_printer, regulary  all
printers on this server come with this syntax: Auto-Nameprinter on server.

I search in the configuration file but I can not find options that
will fix this
problem.

Thanks!

--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba







--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Yécine Allouache]

Sorry I'm not really fluent in english :)

I will try tomorrow, but I did not know that CUPS could be the reason

Le 25 janvier 2012 17:28, Yécine Allouache  a
écrit :

> Hello,
>
> I'm on a debian Squeez  and I use  Samba 3.5.6 and CUPS 1.4.4
>
> When I add a printer with windows: \\server\Name_printer, regulary  all
> printers on this server come with this syntax: Auto-Nameprinter on server.
>
> I search in the configuration file but I can not find options that
> will fix this
> problem.
>
> Thanks!
>
> --
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



-- 
J'ai mal au dos callaghan!
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Aaron E.]

If I understand you properly, I believe you want to disable or enable 
pending on what you need these two settings in cupsd.conf


Browsing on/off
BrowseAllow None/All

On 01/25/2012 11:28 AM, Yécine Allouache wrote:

Hello,

I'm on a debian Squeez  and I use  Samba 3.5.6 and CUPS 1.4.4

When I add a printer with windows: \\server\Name_printer, regulary  all
printers on this server come with this syntax: Auto-Nameprinter on server.

I search in the configuration file but I can not find options that
will fix this
problem.

Thanks!

--


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Herczeg Péter]

Come on! Let�s do shopping together! Don�t waste any time!..
http://www.lecki.boo.pl/new.year.php?levgoogleId=30e6

-- 
Herczeg Péter
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Adam Tauno Williams]

On Mon, 2011-12-12 at 09:53 +0100, Molo CoC wrote:
> iam using samba 4 (apt -get -> Ubunt 11.04) and did the provision with 
> --ldap-backend-type=openldap .
> It generates a slapd file and included a modul called: rndval
> which can not be located.
> it tryed it again with compiling samba 4 from source, and the same, no module 
> rndval for ldap.

The Samba4 LDAP backend no longer works; it hasn't worked for some time
and is not longer expected to work.  



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Matthieu Patou]

On 12/12/2011 10:55, Molo CoC wrote:

thanks for your answer.
that mean, the whole replication process works inside Samba4.
i am currently learning ldap for lpic 301, an there are 15 pages which descripe 
how to replicate via ldap ->  samba users and setup a secondary dc controller.

what about samba 3.5 can i still use ldap as backend there, or same as samba 4, 
not longer supported 'ldap'
It's two different things, samba 3.x as a NT domain controller can use 
openldap because the constraints on the schema are not the same as the 
constraints for a AD domain controller.

and if so, what is the recommend backend type yet ?
When using samba4 as AD domain controller you have the option for using 
just the ldb backend and using the standard DRS for DC to DC replication.



Matthieu.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Matthieu Patou]

On 12/12/2011 09:53, Molo CoC wrote:

Hey all,

iam using samba 4 (apt -get ->  Ubunt 11.04) and did the provision with 
--ldap-backend-type=openldap .
It generates a slapd file and included a modul called: rndval
which can not be located.
it tryed it again with compiling samba 4 from source, and the same, no module 
rndval for ldap.

Do not use the openldap backend we don't support this configuration anymore.

unfotunatly i cannot find the Modul inside the system or somewhere else to 
download
i hope you can give me an advice

Matthieu.

--
Matthieu Patou
Samba Team
http://samba.org

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Jeremy Allison]

On Thu, Apr 15, 2010 at 12:07:40PM +0200, yves.coutoll...@erymaservices.com 
wrote:
> Hi,
> 
> When I try to save a new execl file to a samba share, I 've got an error
> "unable to access to file", but the file is currently well saved.
> No problem with open office nor ms word.
> 
> A wireshark trace indicate "Query_path_info/ error status_access_denied"
> 
> thanks for your help
> regards

More details needed please. Log a bug @ bugzilla.samba.org and
attach the relevent files/logs.

Thanks,

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[John Drescher]

Try this:

http://pastebin.com/reBxWQTE

John
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Evan Ingram]

I'm not sure :/

Theres only 1 windows box, and the clients connect to it via RDP. So
does that need roaming profiles?? Does it always have to create the
users profile in C:\users ??

The profiles directory, profile.V2 doesn't seem to be where i thought it
would be, ie whats in the smb.conf. 

Everyones home directory showing up in network places as a share is also
a bit of a mess, and I'm not sure why they are showing up there.



On Tue, 2010-03-23 at 13:35 -0500, Adam wrote:
> what are you wanting to do?  disable roaming profiles?
> 
> evan.ing...@cariss.co.uk wrote:
> > hi
> >
> > having a few troubles with samba profile directories.
> >
> > im using a windows server 2008 r2 server as a remote desktop server so the
> > terminals connect over RDP, the windows box is then authenticating against a
> > samba pdc. to begin with profiles just were not working so i tried a few
> > different options in smb.conf and stumbled across one that worked... heres 
> > my
> > smb.conf - http://pastebin.com/Kcssv9Vp
> >
> > but its creating the profiles in the users home directory in a directory 
> > called
> > profile.V2, takes a long time to log in as it is waiting for the profile
> > service, as it does when logging out.
> >
> > the profile is also ending up in C:\users on the windows box, (is this
> > avaoidable? i thought it would start to fill up the relatively small 
> > harddrive
> > space i gave to the windows vm as opposed to the samba vm).
> >
> > when logged in to a user account on windows, all the other users home
> > directories are showing up in network places, so it look a bit of a mess 
> > when i
> > just want a couple of central shared directories.
> >
> > any advice on any of the above?
> > cheers
> >
> >
-- 

*** Please note change of contact details below with immediate effect ***

Evan Ingram
Technical Manager
CARISS
CARISS House,
205 Westbrook Avenue,
Margate,
CT9 5HS

01843 823 724
www.cariss.co.uk

CARISS is a trading name of Ask-4-IT Ltd
Company registered in England and Wales
Company Number - 5374955
VAT Number - 856 1229 22

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Adam]

what are you wanting to do?  disable roaming profiles?

evan.ing...@cariss.co.uk wrote:

hi

having a few troubles with samba profile directories.

im using a windows server 2008 r2 server as a remote desktop server so the
terminals connect over RDP, the windows box is then authenticating against a
samba pdc. to begin with profiles just were not working so i tried a few
different options in smb.conf and stumbled across one that worked... heres my
smb.conf - http://pastebin.com/Kcssv9Vp

but its creating the profiles in the users home directory in a directory called
profile.V2, takes a long time to log in as it is waiting for the profile
service, as it does when logging out.

the profile is also ending up in C:\users on the windows box, (is this
avaoidable? i thought it would start to fill up the relatively small harddrive
space i gave to the windows vm as opposed to the samba vm).

when logged in to a user account on windows, all the other users home
directories are showing up in network places, so it look a bit of a mess when i
just want a couple of central shared directories.

any advice on any of the above?
cheers

   

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Timur I. Bakeyev]

That what happens with those, who don't use FreeBSD ports infrastructure :)

On Tue, Feb 9, 2010 at 11:35 AM, . .  wrote:
> Hi, Anyone!
> Help me get Samba compiled, if you can. Latest Samba, freshest FreeBSD 8.0. 
> So, full steps:
>
> fetch http://www.samba.org/samba/ftp/stable/samba-3.4.5.tar.gz
> tar zxf samba-3.4.5.tar.gz ; cd samba-3.4.5/source3
>
> ./configure --prefix=/usr/local --with-configdir=/usr/local/etc 
> --with-mandir=/usr/share/man --with-libiconv=/usr/local 
> --with-krb5=/usr/local \
>  --enable-swat --enable-shared-libs --with-ads --with-libsmbclient 
> --with-winbind --with-ldap --with-acl-support --enable-cups \
>  --with-libaddns --with-libsmbsharemodes --with-aio-support 
> --with-included-popt --with-quotas
> libsmb/libsmb_cache.c: In function 'SMBC_purge_cached_servers':
> libsmb/libsmb_cache.c:232: error: dereferencing pointer to incomplete type
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[kornel kornatka]

2010/2/6 Michael Wood 

> On 6 February 2010 13:05, kornel kornatka  wrote:
> > 2010/2/6 Greg Byshenk 
> [...]
> >> Why not create a single share something like this:
> >>
> >> [privateshare]
> >>   comment =  Private share for local machines
> >>   browseable = yes
> >>   writable = yes
> >>   path = /var/archives/USERS/%I
> >>   public = yes
> >>   hosts deny = 192.168. EXCEPT %I
> >>
> >> This allows every host to see just a single folder of its own -- and
> also
> >> makes for a much simpler smb.conf.
> >
> > As you can see I'm beginner with samba.
> > I've changed my conf as you said... it's not working
> > But in my understanding ... :
> > Samba can't know possibilities of %I variable to create shares.
>
> I agree with Greg.
>
> I believe Samba should create the shares on the fly when the user
> connects, the same way it does for the [homes] share.
>
> I have not tried this, though.
>
> --
> Michael Wood 
>


* *
I've tested new configuration


[privateshare %I]
  comment =  Private share for local machines
  browseable = yes
  writable = yes
  path = /var/archives/USERS/%I
  public = yes

Works preaty good :)
obviously - the hosts allow is no need now (thats why it wasn't working
earlier)

Thank you for your help! :)
Regards Kornel
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Greg Byshenk]

On Sat, Feb 06, 2010 at 11:31:31AM +0100, kornel kornatka wrote:

> I Have a problem:
> 
> I'm sharing ~600 folders on my samba server:
> 
> [SHARE 192.168.0.20]
> comment =  Private share for host 192.168.0.20
> browseable = yes
> writable = yes
> path = /var/archives/USERS/192.168.0.20
> public=yes
> hosts deny = 192.168. EXCEPT 192.168.0.20
> 
> [SHARE 192.168.0.21]
> comment =  Private share for host 192.168.0.21
> browseable = yes
> writable = yes
> path = /var/archives/USERS/192.168.0.21
> public=yes
> hosts deny = 192.168. EXCEPT 192.168.0.21
> .
> .
> .
> 
> But any user can see all shares even those without permissions (each host
> can see ~600 shares and only one is working for him)
> I don't know how to hide shares for each host so that he can see only share
> created for him.
> 
> For Example host 192.168.0.10 will see only "SHARE 192.168.0.10"


I'm not a samba expert, but what you're doing seems clumsy to me.

Why not create a single share something like this:

[privateshare]
   comment =  Private share for local machines
   browseable = yes
   writable = yes
   path = /var/archives/USERS/%I
   public = yes
   hosts deny = 192.168. EXCEPT %I

This allows every host to see just a single folder of its own -- and also
makes for a much simpler smb.conf.


-- 
greg byshenk  -  gbysh...@byshenk.net  -  Leiden, NL
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Michael Wood]

On 6 February 2010 13:05, kornel kornatka  wrote:
> 2010/2/6 Greg Byshenk 
[...]
>> Why not create a single share something like this:
>>
>> [privateshare]
>>   comment =  Private share for local machines
>>   browseable = yes
>>   writable = yes
>>   path = /var/archives/USERS/%I
>>   public = yes
>>   hosts deny = 192.168. EXCEPT %I
>>
>> This allows every host to see just a single folder of its own -- and also
>> makes for a much simpler smb.conf.
>
> As you can see I'm beginner with samba.
> I've changed my conf as you said... it's not working
> But in my understanding ... :
> Samba can't know possibilities of %I variable to create shares.

I agree with Greg.

I believe Samba should create the shares on the fly when the user
connects, the same way it does for the [homes] share.

I have not tried this, though.

-- 
Michael Wood 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[kornel kornatka]

2010/2/6 Greg Byshenk 

> On Sat, Feb 06, 2010 at 11:31:31AM +0100, kornel kornatka wrote:
>
> > I Have a problem:
> >
> > I'm sharing ~600 folders on my samba server:
> >
> > [SHARE 192.168.0.20]
> > comment =  Private share for host 192.168.0.20
> > browseable = yes
> > writable = yes
> > path = /var/archives/USERS/192.168.0.20
> > public=yes
> > hosts deny = 192.168. EXCEPT 192.168.0.20
> >
> > [SHARE 192.168.0.21]
> > comment =  Private share for host 192.168.0.21
> > browseable = yes
> > writable = yes
> > path = /var/archives/USERS/192.168.0.21
> > public=yes
> > hosts deny = 192.168. EXCEPT 192.168.0.21
> > .
> > .
> > .
> >
> > But any user can see all shares even those without permissions (each host
> > can see ~600 shares and only one is working for him)
> > I don't know how to hide shares for each host so that he can see only
> share
> > created for him.
> >
> > For Example host 192.168.0.10 will see only "SHARE 192.168.0.10"
>
>
> I'm not a samba expert, but what you're doing seems clumsy to me.
>
> Why not create a single share something like this:
>
> [privateshare]
>   comment =  Private share for local machines
>   browseable = yes
>   writable = yes
>   path = /var/archives/USERS/%I
>   public = yes
>   hosts deny = 192.168. EXCEPT %I
>
> This allows every host to see just a single folder of its own -- and also
> makes for a much simpler smb.conf.
>
>
> --
> greg byshenk  -  gbysh...@byshenk.net  -  Leiden, NL
>

As you can see I'm beginner with samba.
I've changed my conf as you said... it's not working
But in my understanding ... :
Samba can't know possibilities of %I variable to create shares.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject) - DOS apps are failing on recent samba version

[Günter Kukkukk]

Am Mittwoch 03 Februar 2010 03:52:43 schrieb Günter Kukkukk:
> Am Dienstag 02 Februar 2010 23:56:06 schrieb James Hurlburt:
> > Sirs:
> >
> > I have a Ubuntu 6.06 samba 3.0.22 file server running on linux.
> > I am attempting to update the file server to ubuntu 8.10, samba 3.2.3.
> > I have been attempting this, intermittently, for some time which is why
> >  8.10.
> >
> >
> > I have 10 MSDOS (mostly 6.22) workstations as a part of the network.
> > The ones that have to run, control production machinery on the plant
> > floor. Updating the operating system on those machines is effectivly
> > impossible. There are some of them that run software that I control, most
> > of them use vendor supplied software to control the older machines.
> >
> > They are using lanman 2.2 as the client software.
> > (I have many xp workstations, they work fine with both systems.
> > I can map drives, read and save and run the same dos exe files that the
> > dos stations are failing on. Print stuff...)
> >
> > On the old server, the dos stations can log in and use network resources.
> > Thus far, I have failed to make them work on the new server.
> >
> > The relevant parts of the smb.conf files for the servers are --
> >
> > The 3.0.22 server.  This one is the production server and the dos
> > stations work.
> >
> > # Samba config file created using SWAT
> > # from 10.23.0.118 (10.23.0.118)
> > # Date: 2010/01/29 09:46:06
> >
> > [global]
> > workgroup = ATRIUM-DW
> > server string = Samba
> > passwd program = /usr/bin/passwd %u
> > unix password sync = Yes
> > change notify timeout = 30
> > deadtime = 30
> > printcap name = CUPS
> > disable spoolss = Yes
> > show add printer wizard = No
> > ldap ssl = no
> > case sensitive = No
> >
> > [bestbilt]
> > comment = Mapped as U:
> > path = /atrium/bestbilt
> > valid users = @users
> > force group = users
> > read only = No
> > create mask = 0664
> > force create mode = 0664
> > directory mask = 0775
> > force directory mode = 0775
> > oplocks = No
> > level2 oplocks = No
> > strict locking = No
> >
> > ***
> >
> > The 3.2.3 server
> >
> > # Samba config file created using SWAT
> > # from UNKNOWN ()
> > # Date: 2010/02/02 13:20:51
> >
> > [global]
> > workgroup = ATRIUM-DW
> > guest account = bbijimhur
> > lanman auth = Yes
> > ldap ssl = no
> >
> > [bestbilt]
> > comment = working production data
> > path = /atrium/bestbilt
> > username = bbijimhur
> > valid users = @users
> > force group = users
> > read only = No
> > guest ok = Yes
> >
> > [dosbbilt]
> > comment = win94 for dos workstations
> > path = /atrium/bestbilt
> > read only = No
> > guest ok = Yes
> >
> > This smb.conf file is the best one I have been able to create
> > for the dos stations.
> >
> > With it, I can log in and map the drive.
> > net use u: \\bbi-sam-2-srv\bestbilt
> >
> >
> > I can do directory listings and change directory to u:\win94
> >
> > When I attempt to run a dos program (tracking.exe) I get the following
> >
> > u:\win94\>  Tracking
> >
> > NET805: NETWORK DEVICE NO LONGER EXISTS READING DRIVE U
> >
> > Abort, Retry, Fail?
> >
> > f
> >
> > Access denied.
> >
> > I have much the same error if I put the executable on the local drive and
> > attempt to use shared .dbf data files from the server.
> >
> > I can connect to the old server with the same box.
> > It takes a few minutes to change all the config files for lanman, but it
> >  works.
> >
> > On the old server, I can login, map the drives and run executables and
> > use the dbf data files.
> >
> > It seems to me as if there is some configuration flag where the default
> > has from 3.0 to 3.2 that I can't find.
> >
> > I did a detailed view of both config files from swat and ran a dif on
> > them. I was unable to identify a place that could be changed that would
> > allow the dos machines to utilize the samba file server.
> >
> > I am willing to use either different client software on the dos stations,
> >  or update the samba setup to a different version.
> > I like ubuntu, but am not wedded to it.
> >
> > However, the dos stations must stay, even if I must maintain a server
> > with 3.0 on it to keep them running.
> >
> > Any ideas?  I am more that willing to RTFM, but have exausted my ideas of
> > which FM and which part of it to read.  Hints in this matter would be
> >  welcome. Hints on which config option in smb.conf would be even more
> >  welcome.
> >
> > Thanks in advance,
> > Jim Hurlburt
> > Atrium Windows and Doors Northwest.
> > Yakima, WA  USA
> 
> 1.) On your new server add the following to the [global] section of
>  smb.conf: log level = 10
> 
> This will raise the debug level of samba - the log file(s) are usually
>  written to /var/log/samba/log.smbd   (this might be different in your
>  distro)
> 
> 2.) Take a network s

Re: [Samba] (no subject)

[Stan Hoeppner]

James Hurlburt put forth on 2/2/2010 4:56 PM:

> NET805: NETWORK DEVICE NO LONGER EXISTS READING DRIVE U
> 
> Abort, Retry, Fail?

Hi James,

You didn't happen to put the new Samba server on a different IP subnet or VLAN
than the old server did you?  You didn't show the IP's and subnet masks of each
machine.

IIRC, NETBIOS can have problems crossing some routers and VLANs, possibly other
network boundaries.  If you aren't already, the first thing I'd do is get the
new server on an IP address consecutive to the old server and make sure they're
jacked into the same switch.  This should eliminate any possible network
topology issues causing problems.

Is the new server a virtual machine?  Make sure the hypervisor is allowing
NETBIOS traffic to flow from the physical NIC to/from the VM.  Actually, I
should say, make sure it isn't disallowing such traffic.  This is unlikely, but
it's best to check.  Running in a VM can often cause goofy hard to solve
problems because of things not working at low levels the way we expect them to.

Lastly, disable any iptables rules on the new server or other firewall scripting
software, and disable SELinux if it is enabled.  Look at netstat -an on both
servers when connecting with the clients, and make sure all the same ports are
being used.

That's about all I can think of at this point.  As Gunter mentioned, a network
trace couldn't hurt.  I'd probably try a few of the less time consuming
recommendations above before resorting to the trace.

-- 
Stan
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject) - DOS apps are failing on recent samba version

[Günter Kukkukk]

Am Dienstag 02 Februar 2010 23:56:06 schrieb James Hurlburt:
> Sirs:
> 
> I have a Ubuntu 6.06 samba 3.0.22 file server running on linux.
> I am attempting to update the file server to ubuntu 8.10, samba 3.2.3.
> I have been attempting this, intermittently, for some time which is why
>  8.10.
> 
> 
> I have 10 MSDOS (mostly 6.22) workstations as a part of the network.
> The ones that have to run, control production machinery on the plant floor.
> Updating the operating system on those machines is effectivly impossible.
> There are some of them that run software that I control, most of them
> use vendor supplied software to control the older machines.
> 
> They are using lanman 2.2 as the client software.
> (I have many xp workstations, they work fine with both systems.
> I can map drives, read and save and run the same dos exe files that the
> dos stations are failing on. Print stuff...)
> 
> On the old server, the dos stations can log in and use network resources.
> Thus far, I have failed to make them work on the new server.
> 
> The relevant parts of the smb.conf files for the servers are --
> 
> The 3.0.22 server.  This one is the production server and the dos stations
>  work.
> 
> # Samba config file created using SWAT
> # from 10.23.0.118 (10.23.0.118)
> # Date: 2010/01/29 09:46:06
> 
> [global]
>   workgroup = ATRIUM-DW
>   server string = Samba
>   passwd program = /usr/bin/passwd %u
>   unix password sync = Yes
>   change notify timeout = 30
>   deadtime = 30
>   printcap name = CUPS
>   disable spoolss = Yes
>   show add printer wizard = No
>   ldap ssl = no
>   case sensitive = No
> 
> [bestbilt]
>   comment = Mapped as U:
>   path = /atrium/bestbilt
>   valid users = @users
>   force group = users
>   read only = No
>   create mask = 0664
>   force create mode = 0664
>   directory mask = 0775
>   force directory mode = 0775
>   oplocks = No
>   level2 oplocks = No
>   strict locking = No
> 
> ***
> 
> The 3.2.3 server
> 
> # Samba config file created using SWAT
> # from UNKNOWN ()
> # Date: 2010/02/02 13:20:51
> 
> [global]
>   workgroup = ATRIUM-DW
>   guest account = bbijimhur
>   lanman auth = Yes
>   ldap ssl = no
> 
> [bestbilt]
>   comment = working production data
>   path = /atrium/bestbilt
>   username = bbijimhur
>   valid users = @users
>   force group = users
>   read only = No
>   guest ok = Yes
> 
> [dosbbilt]
>   comment = win94 for dos workstations
>   path = /atrium/bestbilt
>   read only = No
>   guest ok = Yes
> 
> This smb.conf file is the best one I have been able to create
> for the dos stations.
> 
> With it, I can log in and map the drive.
> net use u: \\bbi-sam-2-srv\bestbilt
> 
> 
> I can do directory listings and change directory to u:\win94
> 
> When I attempt to run a dos program (tracking.exe) I get the following
> 
> u:\win94\>  Tracking
> 
> NET805: NETWORK DEVICE NO LONGER EXISTS READING DRIVE U
> 
> Abort, Retry, Fail?
> 
> f
> 
> Access denied.
> 
> I have much the same error if I put the executable on the local drive and
> attempt to use shared .dbf data files from the server.
> 
> I can connect to the old server with the same box.
> It takes a few minutes to change all the config files for lanman, but it
>  works.
> 
> On the old server, I can login, map the drives and run executables and
> use the dbf data files.
> 
> It seems to me as if there is some configuration flag where the default has
> from 3.0 to 3.2 that I can't find.
> 
> I did a detailed view of both config files from swat and ran a dif on them.
> I was unable to identify a place that could be changed that would allow the
> dos machines to utilize the samba file server.
> 
> I am willing to use either different client software on the dos stations,
>  or update the samba setup to a different version.
> I like ubuntu, but am not wedded to it.
> 
> However, the dos stations must stay, even if I must maintain a server with
>  3.0 on it to keep them running.
> 
> Any ideas?  I am more that willing to RTFM, but have exausted my ideas of
> which FM and which part of it to read.  Hints in this matter would be
>  welcome. Hints on which config option in smb.conf would be even more
>  welcome.
> 
> Thanks in advance,
> Jim Hurlburt
> Atrium Windows and Doors Northwest.
> Yakima, WA  USA
> 

1.) On your new server add the following to the [global] section of smb.conf:
log level = 10

This will raise the debug level of samba - the log file(s) are usually written 
to
   /var/log/samba/log.smbd   (this might be different in your distro)

2.) Take a network sniff on your new server, details are here:
   http://wiki.samba.org/index.php/Capture_Packets

Now do the failing DOS commands again.

The 1.) samba debug log might already be sufficient to track down the problem.

Better would be both - the 

Re: [Samba] (no subject)

[Jeremy Allison]

On Wed, Aug 19, 2009 at 09:58:39AM -0500, McGranahan, Jamen wrote:
> Running Sun Solaris 9 sparc; trying to get Samba to interact with our Windows 
> Active Directory so we can create shares on our Sun server. Kerberos works 
> well. Wbinfo -u and Wbinfo -g both return results. Getent also returns 
> results, both getent passwd & getent group.  I've created a test folder and 
> added it in the smb.conf file as a share:
> 
> [test]
> path = /test
> writeable = yes
> browseable = yes
> guest ok = no
> valid users = VANDERBILT\mcgranj
> public = no
> 
> This folder does exist on the server, but when I try to map, I get no 
> results. When I check the samba log, I see that samba crashes:
> 
> lib240:/usr/local/samba/var#tail 129.59.149.157.log
> [2009/06/22 10:26:12,  0] lib/util.c:log_stack_trace(1827)
>   unable to produce a stack trace on this platform
> [2009/06/22 10:26:12,  0] lib/fault.c:dump_core(231)
>   dumping core in /usr/local/samba/var/cores/smbd
> [2009/08/19 09:50:50,  0] lib/util.c:smb_panic(1673)
>   PANIC (pid 21681): sys_setgroups failed
> [2009/08/19 09:50:50,  0] lib/util.c:log_stack_trace(1827)
>   unable to produce a stack trace on this platform
> [2009/08/19 09:50:50,  0] lib/fault.c:dump_core(231)
>   dumping core in /usr/local/samba/var/cores/smbd

You're running into this bug :

https://bugzilla.samba.org/show_bug.cgi?id=2496

Solaris limits the number of supplementary groups
a user can be in to 32. This is too small for Windows,
and in Sun's in-kernel CIFS server running on ZFS
they have a kernel-only workaround which they currently
have refused to make available to user-space processes.

Please complain to Sun support about this situation,
and ask them to fix this limitation in the solaris
userspace support.

Attached to this bug you'll find a workaround
written by Dave Collier-Brown which uses an
LB_PRELOAD library to use the Solaris group
list as a cache.

Jeremy.

-
 From the code:

/*
 * libgroups - a library for Samba on Solaris to allow
 *  an arbitrarily large number of groups.
 *
 *
 * Problem Description:
 * Unix has a system-wide limit on the number of groups
 * a user may be in. Samba, which provides file service
 * to Windows clients, needs to support larger numbers
 * of groups per user. This is due to the Windows use of
 * groups, which typically results in more than 16 or
 * 32 groups for a user. At the moment, only Linux has
 * enoug groups for a medium to large Windows AD domain.
 * 
 * I therefor wrote this interposer library (at home)
 * to remove this limitation on a per-process basis.
 * It keeps an unbounded list of groups and treats the 
 * standard Solaris groups list as a cache. Before opening 
 * a file, the interposer checks to see if the open would 
 * fail because of a group not being in the cache, and if so 
 * will  move it to the head of the ache, shifting the
 * other entries down.
 *
 * Caveats: 
 * This was written for Samba, which is setuid-root.
 * As the library requries root permissions for setgroups, 
 * it will ONLY work if the program is setuid root or
 * otherwise has the ablity to call setgroups from the
 * middle of the open interposer function. The library will
 * try to abort immediately on startup if it does not
 * have sufficient privelege.
 *

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: Solaris build [was Re: [Samba] (no subject)]

[David Eisner]

On Mon, Apr 6, 2009 at 3:06 PM, jerry  wrote:
> Sounds like the configure test may be picking up the Solaris
> native libs.  been a while since I looked at that.  Check the
> config.log file for clues.

Yes, I think this is the problem.  From my year-old notes building
Samba on Solaris 10:

"checking whether krb5_mk_error takes 3 arguments MIT or 9 Heimdal... yes
configure: WARNING: krb5_mk_req_extended not found in -lkrb5
configure: WARNING: no CREATE_KEY_FUNCTIONS detected
configure: WARNING: no GET_ENCTYPES_FUNCTIONS detected
configure: WARNING: no KT_FREE_FUNCTION detected
configure: WARNING: no KRB5_VERIFY_CHECKSUM_FUNCTION detected
configure: error: krb5 libs don't have all features required for
Active Directory support


Use Heimdal kerberos from http://www.pdc.kth.se/heimdal/, download source:
http://www.h5l.org/dist/src/heimdal-1.1.tar.gz
http://www.h5l.org/dist/src/heimdal-1.1.tar.gz.asc


Untarred into /usr/local/{bin,sbin,..}.  Make sure /usr/local/bin
comes first in path to get propper krb5-config.

Hmm, krb5-config wants it to be installed /usr/heimdel/.  Make sure
/usr/heimdel/bin is first in PATH"

You may also need to set your LDFLAGS environment variable to include
-L and -R flags for the heimdal library directory.

-David


-- 
David Eisner http://cradle.brokenglass.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Solaris build [was Re: [Samba] (no subject)]

[jerry]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

McGranahan, Jamen wrote:
> Error (last part):
> configure:63086: result: no
> configure:63105: WARNING: krb5_mk_req_extended not found in -lkrb5
> configure:63113: WARNING: no CREATE_KEY_FUNCTIONS detected
> configure:63121: WARNING: no GET_ENCTYPES_FUNCTIONS detected
> configure:63129: WARNING: no KT_FREE_FUNCTION detected
> configure:63137: WARNING: no KRB5_VERIFY_CHECKSUM_FUNCTION detected
> configure:63183: error: krb5 libs don't have all features required for
> Active Directory support

Sounds like the configure test may be picking up the Solaris
native libs.  been a while since I looked at that.  Check the
config.log file for clues.





cheers, jerry
- --
=
"What man is a man who does not make the world better?"  --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJ2lK5IR7qMdg1EfYRAtMSAJ0bfUpzowppEtmbp2uf1f7knR/zPwCfdiPl
uAGWFTK/KolOO2g7p/0de4A=
=OQQh
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] (no subject)

[Volker Lendecke]

On Thu, Oct 30, 2008 at 09:42:47PM +0530, vishesh wrote:
> mimagabooks wrote:
> >smbd crashes on startup
> >
> >/var/log/samba/smbd output:
> >
> >[2008/10/30 00:58:56,  1]
> >passdb/pdb_ldap.c:ldapsam_enum_group_memberships(2850)
> >  User account [nobody] not found!
> >[2008/10/30 00:58:56,  0] lib/fault.c:fault_report(40)
> >  ===
> >[2008/10/30 00:58:56,  0] lib/fault.c:fault_report(41)
> >  INTERNAL ERROR: Signal 6 in pid 3902 (3.2.3-0.1-1882-SUSE-SL11.0)
> >  Please read the Trouble-Shooting section of the Samba3-HOWTO

Signal 6 is an abort, not a crash in the stricter sense. It
is very likely that some assumption in the LDAP code is not
met. This time it seems you have something like
ldapsam:trusted set but you don't have the user nobody
defined in your ldap tree. Please define nobody.

Volker


pgpXYKvD75Rwr.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[vishesh]

mimagabooks wrote:

smbd crashes on startup

/var/log/samba/smbd output:

[2008/10/30 00:58:56,  1]
passdb/pdb_ldap.c:ldapsam_enum_group_memberships(2850)
  User account [nobody] not found!
[2008/10/30 00:58:56,  0] lib/fault.c:fault_report(40)
  ===
[2008/10/30 00:58:56,  0] lib/fault.c:fault_report(41)
  INTERNAL ERROR: Signal 6 in pid 3902 (3.2.3-0.1-1882-SUSE-SL11.0)
  Please read the Trouble-Shooting section of the Samba3-HOWTO
[2008/10/30 00:58:56,  0] lib/fault.c:fault_report(43)

  From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2008/10/30 00:58:56,  0] lib/fault.c:fault_report(44)
  ===
[2008/10/30 00:58:56,  0] lib/util.c:smb_panic(1663)
  PANIC (pid 3902): internal error
[2008/10/30 00:58:56,  0] lib/util.c:log_stack_trace(1767)
  BACKTRACE: 10 stack frames:
   #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0xb7dcaaed]
   #1 /usr/sbin/smbd(smb_panic+0x2d) [0xb7dcabed]
   #2 /usr/sbin/smbd [0xb7db3846]
   #3 [0xe400]
   #4 /lib/libc.so.6(abort+0x188) [0xb75e3238]
   #5 /usr/sbin/smbd(talloc_free+0x22d) [0xb7d992ed]
   #6 /usr/sbin/smbd(init_guest_info+0xb8) [0xb7e1d018]
   #7 /usr/sbin/smbd(main+0x816) [0xb800afe6]
   #8 /lib/libc.so.6(__libc_start_main+0xe5) [0xb75cd5f5]
   #9 /usr/sbin/smbd [0xb7b92521]
[2008/10/30 00:58:56,  0] lib/fault.c:dump_core(201)
  dumping core in /var/log/samba/cores/smbd

/etc/samba/smb.conf

[global]
unix charset = LOCALE
workgroup = MAGABOOKS.ORG
netbios name = arizona
passdb backend =ldapsam:ldap://arizona.magabooks.org
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = logon.bat
logon path = \\arizona\profiles\%u
logon drive = Z:
domain logons = Yes
domain master = Yes
wins support = Yes
# peformance optimization all users stored in ldap
ldapsam:trusted = yes
ldap suffix = dc=magabooks,dc=org
ldap machine suffix = ou=Computers,ou=Users
ldap user suffix = ou=People,ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=sambaadmin,dc=magabooks,dc=org
idmap backend = ldap://127.0.0.1
idmap uid = 1-2
idmap gid = 1-2
# printer admin = root
printing = cups

#Share Definitions=

[homes]
 comment = Home Directories
 valid users = %S
 browseable = yes
 writable = yes
 create mask = 0600
 directory mask = 0700

[sysvol]
 path = /var/lib/samba/sysvol
 read only = no

[netlogon]
 comment = Network Logon Service
 path = /var/lib/samba/sysvol/magabooks.org/scripts
 writeable = yes
 browseable = yes
 read only = no

[profiles]
 path = /var/lib/samba/profiles
 writeable = yes
 browseable = no
 read only = no
 create mode = 0777
 directory mode = 0777

[Documents]
 comment = share to test samba
 path = /var/lib/samba/documents
 writeable = yes
 browseable = yes
 read only = no
 valid users = "@Domain Users"

If I comment out passdb backend then it does not crash.
  

dear
You haven't mentioned your ldap server configuration, ensure your ldap 
server is running properly.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[William Jojo]

 Original message 
>Date: Tue, 23 Sep 2008 11:39:25 +1000
>From: "Ray, Tito" <[EMAIL PROTECTED]>  
>Subject: [Samba] (no subject)  
>To: 
>
>Hello,
>
>I am using samba 2.2.2 in AIX 5.1 environment and planning to upgrade to
>a more stable samba. 
>
>1. Which version is most stable? 
>
>2. Do I need to pay for the Licence?
>
>3. How can I upgrade?
>
> 

Are you planning to upgrade to a supported AIX level?

You can go to:

http://pware.hvcc.edu/

For latest Samba for AIX 5.2, 5.3 and 6.1 releases.


Cheers,
Bill
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Miguel Medalha]

Ray, Tito wrote:

Hello,

I am using samba 2.2.2 in AIX 5.1 environment and planning to upgrade to
a more stable samba. 

1. Which version is most stable? 
2. Do I need to pay for the Licence?

3. How can I upgrade?

  

http://www.samba.org

Also, don't send messages without a subject.
Thank you!
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Eric Roseme]

Hi Sudheer,

Although your particular case is fixed already, I'll reply here for 
completeness to the list.


HP-UX requires a special tweak to the /etc/krb5.conf file in order to 
create a keytab file - the addition of the "WRFILE" parameter.  This is 
fully explained in the "HP CIFS Server and Kerberos" whitepaper, located 
here:


http://www.docs.hp.com/en/7213/HPCIFSKerberosV103.pdf

Eric Roseme


Radhakrishnan, Sudheer Kumar K. wrote:

Hello Samba,

 


We are using Samba/CIFS hp-ux server connecting to Windows ADS and try
to create keytab file using 

 


net ads create keytab -u Administrator ,but it is unable to create
keytab file in the /etc/directory.

 


Please see the attached output file for your reference.

 


Appreciate your help!!

 


Sudheer Radhakrishnan / Capgemini
North America P&C / East Business Unit
Unix Support / Hosting
Mobile: 508 769 2371  http://www.capgemini.com/
 
Fax: 508.229.2013
45 Bartlett Street /  Marlborough, Ma 01752 
Together: the Collaborative Business Experience


 








This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is 
intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to 
read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message 
in error, please notify the sender immediately and delete all copies of this message.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Douglas VanLeuven]

Dale Schroeder wrote:
> I have systems using security = ADS and security = domain where
> "password server =" works quite well.  There's something else going on.
> 
> Dale
> 
> Adam Williams wrote:
>> password server = only works when samba is in security = server mode.
>>
>> security = domain is used when the server is a member server of an NT4
>> style domain (meaning, its not a PDC or a BDC, but another server with
>> some file shares on it and it authenticates to the PDC using LDAP).
>>
>> when you have a bunch of samba servers like you sound like you do, you
>> should be using an LDAP backend.
>>
>> Carter, David SIS SB56 ITMOXF POWERGEN wrote:
>>> Installed Samba 3.0.10 via 'pkgadd' on Solaris 2.6 workstation s080
>>> (137.223.31.80) - previously running Samba 2.2.8 which has worked for a
>>> long time.
>>> Samba 3.0.10 smb.conf file - changed to security =DOMAIN  from SERVER at
>>> 2.2.8 version
>>> password server = 137.223.33.45, 137.223.33.72  - these are DCs
>>>  
>>>
>>> # Samba config file created using SWAT
>>> # from 127.0.0.1 (127.0.0.1)
>>> # Date: 2008/02/07 16:05:52
>>>
>>> # Global parameters
>>> [global]
>>> workgroup = WW007
>>> server string = Samba Server ww007
>>> interfaces = 137.223.31.80/255.255.255.0
>>> bind interfaces only = Yes

You might try adding 127.0.0.1
  interfaces = 137.223.31.80/255.255.255.0, 127.0.0.1/24

There are some issues documented in the manual and it seems to help with
any broadcast related issues.

I've started masking to 24 bits because I've had some servers come up
with 127.0.0.2 on occasion.  Might be dual processors, but I've not
pursued it further.

Regards, Doug
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Dale Schroeder]

I have systems using security = ADS and security = domain where 
"password server =" works quite well.  There's something else going on.


Dale

Adam Williams wrote:

password server = only works when samba is in security = server mode.

security = domain is used when the server is a member server of an NT4 
style domain (meaning, its not a PDC or a BDC, but another server with 
some file shares on it and it authenticates to the PDC using LDAP).


when you have a bunch of samba servers like you sound like you do, you 
should be using an LDAP backend.


Carter, David SIS SB56 ITMOXF POWERGEN wrote:

Installed Samba 3.0.10 via 'pkgadd' on Solaris 2.6 workstation s080
(137.223.31.80) - previously running Samba 2.2.8 which has worked for a
long time.
Samba 3.0.10 smb.conf file - changed to security =DOMAIN  from SERVER at
2.2.8 version
password server = 137.223.33.45, 137.223.33.72  - these are DCs
 


# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2008/02/07 16:05:52

# Global parameters
[global]
workgroup = WW007
server string = Samba Server ww007
interfaces = 137.223.31.80/255.255.255.0
bind interfaces only = Yes
security = DOMAIN
password server = 137.223.33.45, 137.223.33.72
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log level = 1
max log size = 50
deadtime = 15
lpq cache time = 30
load printers = No
wins server = 137.223.33.45
follow symlinks = No

[ipc$]
path = /tmp
hosts allow = 127.0.0.1, 137.223.26., 137.223.32., 137.223.33.,
137.223.197., 193.35.224.
hosts deny = 0.0.0.0/0

[gb400226]
comment = Dave's home directory
path = /d2/home/dgc00226
valid users = gb400226
read only = No
force create mode = 060

[gb412533]
comment = Dave Clark's home directory
path = /d2/home/davi
valid users = gb412533, gb4avsched, gb499908
read only = No
force create mode = 060



log.nmbd
Shows following error approx every 15 mins  Unable to find the Domain 
Master Browser name WW007<1b> for the

workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:01:49, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
  find_domain_master_name_query_fail:
  Unable to find the Domain Master Browser name WW007<1b> for the
workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:16:49, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
  find_domain_master_name_query_fail:
  Unable to find the Domain Master Browser name WW007<1b> for the
workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:31:52, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
  find_domain_master_name_query_fail:
  Unable to find the Domain Master Browser name WW007<1b> for the
workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:46:52, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)

log.smbd

Shows following at end of log Primary group is 0 and contains 0 
supplementary groups

[2008/01/30 13:18:24, 5] smbd/uid.c:change_to_root_user(296)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2008/01/30 13:18:24, 2] smbd/server.c:exit_server(571)
  Closing connections
[2008/01/30 13:18:24, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to [2008/01/30 13:18:24, 5] 
smbd/oplock.c:receive_local_message(107)

  receive_local_message: doing select with timeout of 1 ms
[2008/01/30 13:18:24, 3] smbd/server.c:exit_server(614)
  Server exit (Caught TERM signal)
[2008/01/30 13:19:59, 0] smbd/server.c:main(760)
  smbd version 3.0.10 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2008/01/30 13:36:06, 0] lib/access.c:check_access(328)
  Denied connection from  (137.223.31.80)
[2008/01/30 13:36:22, 1]
auth/auth_server.c:check_smbserver_security(363)
  password server 137.223.33.45 rejected the password
[2008/02/05 14:30:01, 0] smbd/server.c:main(760)
  smbd version 3.0.10 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2008/02/05 15:27:53, 0] smbd/server.c:main(760)
  smbd version 3.0.10 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004

log.winbindd

Shows following in parts of log file
[2008/01/30 13:16:06, 5] rpc_parse/parse_prs.c:prs_uint32s(869)
  1954 sub_auths : 0015 4862e393 3973dd20 2b3be507 
[2008/01/30 13:16:06, 5] rpc_parse/parse_prs.c:prs_ntstatus(672)

  1964 status: NT_STATUS_OK
[2008/01/30 13:16:06, 5]
libsmb/trustdom_cache.c:trustdom_cache_store(127)
  trustdom_store: storing SID S-1-5-21-789336058-764733703-1417001333 of
domain WW007
[2008/01/30 13:16:06, 5]
libsmb/trustdom_cache.c:trustdom_cache_store(127)
  trustdom_store: storing SID S-1-5-21-1482476501-261903793-725345543 of
domain SIEMENS-NET
[2008/01/30 13:16:06, 5]
libsmb/trustdom_cache.c:trustdom_cache_store(127)
  trustdom_store: storing SID S-1-5-21-1834491315-1761740509-113626

Re: [Samba] (no subject)

[Adam Williams]

password server = only works when samba is in security = server mode.

security = domain is used when the server is a member server of an NT4 
style domain (meaning, its not a PDC or a BDC, but another server with 
some file shares on it and it authenticates to the PDC using LDAP).


when you have a bunch of samba servers like you sound like you do, you 
should be using an LDAP backend.


Carter, David SIS SB56 ITMOXF POWERGEN wrote:

Installed Samba 3.0.10 via 'pkgadd' on Solaris 2.6 workstation s080
(137.223.31.80) - previously running Samba 2.2.8 which has worked for a
long time. 


Samba 3.0.10 smb.conf file - changed to security =DOMAIN  from SERVER at
2.2.8 version
password server = 137.223.33.45, 137.223.33.72  - these are DCs
 


# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2008/02/07 16:05:52

# Global parameters
[global]
workgroup = WW007
server string = Samba Server ww007
interfaces = 137.223.31.80/255.255.255.0
bind interfaces only = Yes
security = DOMAIN
password server = 137.223.33.45, 137.223.33.72
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log level = 1
max log size = 50
deadtime = 15
lpq cache time = 30
load printers = No
wins server = 137.223.33.45
follow symlinks = No

[ipc$]
path = /tmp
hosts allow = 127.0.0.1, 137.223.26., 137.223.32., 137.223.33.,
137.223.197., 193.35.224.
hosts deny = 0.0.0.0/0

[gb400226]
comment = Dave's home directory
path = /d2/home/dgc00226
valid users = gb400226
read only = No
force create mode = 060

[gb412533]
comment = Dave Clark's home directory
path = /d2/home/davi
valid users = gb412533, gb4avsched, gb499908
read only = No
force create mode = 060



log.nmbd 

Shows following error approx every 15 mins 
 Unable to find the Domain Master Browser name WW007<1b> for the

workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:01:49, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
  find_domain_master_name_query_fail:
  Unable to find the Domain Master Browser name WW007<1b> for the
workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:16:49, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
  find_domain_master_name_query_fail:
  Unable to find the Domain Master Browser name WW007<1b> for the
workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:31:52, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
  find_domain_master_name_query_fail:
  Unable to find the Domain Master Browser name WW007<1b> for the
workgroup WW007.
  Unable to sync browse lists in this workgroup.
[2008/02/06 10:46:52, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)

log.smbd

Shows following at end of log 
Primary group is 0 and contains 0 supplementary groups

[2008/01/30 13:18:24, 5] smbd/uid.c:change_to_root_user(296)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2008/01/30 13:18:24, 2] smbd/server.c:exit_server(571)
  Closing connections
[2008/01/30 13:18:24, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to 
[2008/01/30 13:18:24, 5] smbd/oplock.c:receive_local_message(107)

  receive_local_message: doing select with timeout of 1 ms
[2008/01/30 13:18:24, 3] smbd/server.c:exit_server(614)
  Server exit (Caught TERM signal)
[2008/01/30 13:19:59, 0] smbd/server.c:main(760)
  smbd version 3.0.10 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2008/01/30 13:36:06, 0] lib/access.c:check_access(328)
  Denied connection from  (137.223.31.80)
[2008/01/30 13:36:22, 1]
auth/auth_server.c:check_smbserver_security(363)
  password server 137.223.33.45 rejected the password
[2008/02/05 14:30:01, 0] smbd/server.c:main(760)
  smbd version 3.0.10 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2008/02/05 15:27:53, 0] smbd/server.c:main(760)
  smbd version 3.0.10 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004

log.winbindd

Shows following in parts of log file
[2008/01/30 13:16:06, 5] rpc_parse/parse_prs.c:prs_uint32s(869)
  1954 sub_auths : 0015 4862e393 3973dd20 2b3be507 
[2008/01/30 13:16:06, 5] rpc_parse/parse_prs.c:prs_ntstatus(672)

  1964 status: NT_STATUS_OK
[2008/01/30 13:16:06, 5]
libsmb/trustdom_cache.c:trustdom_cache_store(127)
  trustdom_store: storing SID S-1-5-21-789336058-764733703-1417001333 of
domain WW007
[2008/01/30 13:16:06, 5]
libsmb/trustdom_cache.c:trustdom_cache_store(127)
  trustdom_store: storing SID S-1-5-21-1482476501-261903793-725345543 of
domain SIEMENS-NET
[2008/01/30 13:16:06, 5]
libsmb/trustdom_cache.c:trustdom_cache_store(127)
  trustdom_store: storing SID S-1-5-21-1834491315-1761740509-1136263860
of domain BRANDE
[2008/01/30 13:16:06, 5

Re: [Samba] (no subject)

[Eric Williams]

Excerpts from james.deas's message of Wed Jan 02 19:09:01 + 2008:
> I am currently using the Fedora Open directory with a posix structure
> user information to authenticate several hundred Mac users.
> 
> Currently this is being done using the netatalk package for userId, UID,
> GID, password, home directory.
> 
>  
> 
> What I am looking for is a way to move from netatalk to Samba without
> losing my LDAP capabilities.
> 
>  
> 
> I have seen several post related to doing this but none that give me
> specific information on Fedora 7 and its precompiled version of Samba.
> 
>  
> 
> Can someone confirm for me that this distribution is PAM enabled and
> that ldap using posix user info is compatible?
> 
>  

the distribution is definitely pam-enabled, and samba too:

[EMAIL PROTECTED] ~]$ ldd /usr/sbin/smbd
...
libldap-2.3.so.0 => /usr/lib64/libldap-2.3.so.0 (0x2b2a4000)
...
libpam.so.0 => /lib64/libpam.so.0 (0x2caf3000)

This may be interesting for you:

http://directory.fedoraproject.org/wiki/Howto:Samba#Samba_Setup

cya,
eric


> 
> Thanks,
> 
> JD
> 

-- 
Eric Williams
GSS-EMEA
 09:09:01 up 23 days, 15:25,  1 user,  load average: 1.81, 1.89, 1.90
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Felipe Augusto van de Wiel]

Hmmm... Ok, let's try again cc:ing now, since I already answer your
e-mail a while ago.


On 10/14/2006 01:02 PM, [EMAIL PROTECTED] escreveu:

I have a problem with smbtree.
When I try smbtree -N on my PC I receive:

Got a positive name query response from 192.168.0.100 ( 192.168.0.100 )
read_socket_with_timeout: timeout read. read error = Connection reset by
peer.
failed tcon_X with NT_STATUS_INVALID_NETWORK_RESPONSE
read_socket_with_timeout: timeout read. read error = Connection reset by
peer.
failed tcon_X with NT_STATUS_INVALID_NETWORK_RESPONSE

I have an smb.conf with two very simples shared like this one:
[ex1]
comment = Example
path = /home/stefano/shared1
valid users = user1
read list = user1
write list = user1

Could someone suggest me something?


Did you change 'server schannel' parameter?  I read
something about using it with 'no' as value, it could be a
"corner untested case".



Thanks a lot in advance
Stefano C.


Kind regards,

--
Felipe Augusto van de Wiel <[EMAIL PROTECTED]>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Felipe Augusto van de Wiel]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 09/13/2006 04:40 AM, [EMAIL PROTECTED] escreveu:
> Hi everyone!
> 
> I have two strange problems I cannot solve with my PDC SAMBA:
> 1)
>>From every XP Pro PC I can access but sometimes I have to try 5 or 6 times
> to enter my domain. Then, once entered, everything works good, until next
> login, when I have the same problem.
> This is what I can see in SAMBA log file:
> [2006/09/12 09:17:42, 1] smbd/service.c:close_cnum(835)
>   mario (192.168.1.101) closed connection to service mario
> [2006/09/12 09:19:44, 0] lib/util_sock.c:get_peer_addr(1150)
>   getpeername failed. Error was Transport endpoint is not connected
> [2006/09/12 09:19:44, 0] lib/util_sock.c:write_socket_data(430)
>   write_socket_data: write failure. Error = Connection reset by peer
> [2006/09/12 09:19:44, 0] lib/util_sock.c:write_socket(455)
>   write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection
> reset by peer
> [2006/09/12 09:19:44, 0] lib/util_sock.c:send_smb(647)
>   Error writing 4 bytes to client. -1. (Connection reset by peer)
> [2006/09/12 09:19:47, 1] smbd/service.c:make_connection_snum(642)
> 
> 
> 
> 2)
>>From a Win 2000 Pro PC I cannot login as the same user that works on the
> XP. It says something like there is not enough space on the server and it
> cannot create profile, but it's impossible,I have more than GBs free on my
> server.
> 
> Plase, help me! :-)

We will need the smb.conf to check your configuration and
try to figure out what's going on. Did you really have space and
permission in the profiles directory on your Samba Server?


> Thanks a lot in advance
> Stefano

Kind regards,

- --
Felipe Augusto van de Wiel <[EMAIL PROTECTED]>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFCrSRCj65ZxU4gPQRAozTAJ4s2EMJRZMGwhf/OCL4JRI51fcyiACfePMV
lcenXW7WOETStMgfmGE4LSA=
=mZ1+
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gary Dale]

One thing I notice is that you don't have any normal user administration 
scripts. The ones in my smb.conf look like this:

   add user script = /usr/sbin/useradd -g samba -c %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   delete group script = /usr/sbin/groupdel %g
   add user to group script = /usr/sbin/usermod -G  %g %u
   add machine script = /usr/sbin/useradd -g machines -c Machine -d 
/dev/null -s /bin/false %u


This may be creating problems because if your users aren't in the 
correct groups, they won't have permission to modify the files. Your 
shares are set to have valid users in the NIS or Unix ste_varinard 
group, but it's not clear how your users are getting into that group.


Also, I notice that you have guest ok = no in the globals, but you've 
declared all your shares as public. Public means "guest ok = yes". It's 
possible that your files are being created with the guest account but 
accessed by the user's real account, which then wouldn't have 
permission, or vice-versa.




Vaisonet wrote:


Owner and file permissions seem to be ok.

This my smb.conf :

[global]
 netbios name = CUMULUS
 server string = Serveur de fichiers
 workgroup = RC

 ; domain & local master browser
 ; coz we're dealing with Win2k
 os level = 65
 prefered master = yes
 domain master = yes
 local master = yes
 domain logons = yes

 ; misc options
 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 
SO_RCVBUF=8192

 time server = yes

 ; do not show files starting with dots
 hide dot files = yes

 ; Central European code page support
 client code page = 852
 character set = ISO8859-2

 ; do not allow guest access, use only local system accounts
 security = user
 guest ok = no
 invalid users = bin deamon sys man postfix mail ftp
 ;admin users = @wheel

 ; domain administrators
 domain admin group = root samba
 domain admin users = root
  ;add user script = /usr/sbin/useradd -n -g machines -d /dev/null -s 
/bin/false %m$
   add user script = /usr/sbin/useradd -d /dev/null -g machines -c 
'Machine Account' -s /bin/false -M %u


 ; use encrypted passwords
 encrypt passwords = yes

 ; logging (max log size is in kB)
 log level = 2
 log file = /var/log/samba/log.%L
 max log size = 1000
 debug timestamp = yes
 syslog = 1

 ; user roaming profiles path
 logon path = \\%N\profiles\%u

 ; general logon script (in DOS format)
 logon script = logon.bat

  case sensitive = no
  wins support = yes

; share for domain controller
[netlogon]
 path = /home/netlogon
 public = no
 writeable = no
 browsable = no
 valid users = root @ste_varinard

; share for storing user profiles
[profiles]
 path = /home/profiles
 writeable = yes
 create mask = 0700
 directory mask = 0700
 browsable = no
 valid users = root @ste_varinard

[Documents]
  path = /home/Documents
  strict locking = yes
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Banque images]
  comment = Non sauvegardé
  strict locking = yes
  path = /non-sauve/b_img
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Partage]
  comment = Pour mettre les fichiers utilisés par les programmes
  path = /home/partage
  strict locking = yes
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes

[Mail]
  comment = Mozilla Thunderbird
  path = /home/mail
  strict locking = yes
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root daubepart mbotteau
 public = yes
  veto oplock files = /*.mab/

[Money]
  path = /home/money
  strict locking = yes
  writeable = yes
  create mode = 0750
 directory mode = 0750
  valid users = root mcvarinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Devis]
  path = /var/www/html/devis
  strict locking = yes
  oplocks = no
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  

Re: [Samba] (no subject)

[Vaisonet]

Owner and file permissions seem to be ok.

This my smb.conf :

[global]
 netbios name = CUMULUS
 server string = Serveur de fichiers
 workgroup = RC

 ; domain & local master browser
 ; coz we're dealing with Win2k
 os level = 65
 prefered master = yes
 domain master = yes
 local master = yes
 domain logons = yes

 ; misc options
 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 
SO_RCVBUF=8192

 time server = yes

 ; do not show files starting with dots
 hide dot files = yes

 ; Central European code page support
 client code page = 852
 character set = ISO8859-2

 ; do not allow guest access, use only local system accounts
 security = user
 guest ok = no
 invalid users = bin deamon sys man postfix mail ftp
 ;admin users = @wheel

 ; domain administrators
 domain admin group = root
 domain admin users = root
  ;add user script = /usr/sbin/useradd -n -g machines -d /dev/null -s 
/bin/false %m$
   add user script = /usr/sbin/useradd -d /dev/null -g machines -c 
'Machine Account' -s /bin/false -M %u


 ; use encrypted passwords
 encrypt passwords = yes

 ; logging (max log size is in kB)
 log level = 2
 log file = /var/log/samba/log.%L
 max log size = 1000
 debug timestamp = yes
 syslog = 1

 ; user roaming profiles path
 logon path = \\%N\profiles\%u

 ; general logon script (in DOS format)
 logon script = logon.bat

  case sensitive = no
  wins support = yes

; share for domain controller
[netlogon]
 path = /home/netlogon
 public = no
 writeable = no
 browsable = no
 valid users = root @ste_varinard

; share for storing user profiles
[profiles]
 path = /home/profiles
 writeable = yes
 create mask = 0700
 directory mask = 0700
 browsable = no
 valid users = root @ste_varinard

[Documents]
  path = /home/Documents
  strict locking = yes
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Banque images]
  comment = Non sauvegardé
  strict locking = yes
  path = /non-sauve/b_img
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Partage]
  comment = Pour mettre les fichiers utilisés par les programmes
  path = /home/partage
  strict locking = yes
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes

[Mail]
  comment = Mozilla Thunderbird
  path = /home/mail
  strict locking = yes
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root daubepart mbotteau
 public = yes
  veto oplock files = /*.mab/

[Money]
  path = /home/money
  strict locking = yes
  writeable = yes
  create mode = 0750
 directory mode = 0750
  valid users = root mcvarinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Devis]
  path = /var/www/html/devis
  strict locking = yes
  oplocks = no
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes
  #définition de la Corbeille
  vfs object = recycle
  recycle:repository = ../../../../non-sauve/Corbeille
  recycle:keeptree = yes
  recycle:versions = yes
  recycle:touch = yes
  recycle:maxsize = 204857600

[Corbeille]
  comment = Corbeille Serveur de fichiers
  path = /non-sauve/Corbeille
  writeable = yes
  create mode = 0700
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes

[Applications]
  comment = Logiciels communs
  strict locking = yes
  path = /non-sauve/appli
  writeable = yes
  create mode = 0770
 directory mode = 0770
  valid users = root @ste_varinard
 public = yes

Thanks for your help :-)

Maxime



Gary Dale a écrit :
Can you go onto the Linux server and look at the actual owner:group 
and file permissions? Check both the files and the directory they are 
part of. If they are what you expect to see, then can you post a 
sample of them and post your smb.conf file?



Vaisonet wrote:


Samba is 3.0.22 on a CentOS 4 box.
Only Word and Excel write a temporary file, i have the same problem 
with corel draw, and openoffice.

Office is 97 and XP. Openoffice is 2.0.

It's happening with eall shared folders.
All users have this problems.
It's happening only with existing fi

Re: [Samba] (no subject)

[Gary Dale]

Can you go onto the Linux server and look at the actual owner:group and 
file permissions? Check both the files and the directory they are part 
of. If they are what you expect to see, then can you post a sample of 
them and post your smb.conf file?



Vaisonet wrote:


Samba is 3.0.22 on a CentOS 4 box.
Only Word and Excel write a temporary file, i have the same problem 
with corel draw, and openoffice.

Office is 97 and XP. Openoffice is 2.0.

It's happening with eall shared folders.
All users have this problems.
It's happening only with existing files, previously saved.
It's not only happen on files that were created by someone else that 
you are now editing.


Thanks.


Gary Dale a écrit :


[EMAIL PROTECTED] wrote:


Hi,

I'm using samba, and sometime i can't save excel ou word file.
Windows tell me :
i can't save file as 'filename'. A temporary file 'AE751FLM' was 
created. Close your file and save it with another name.


What's wrong ?
Why can i not same file sometime ?

Thanks

 

Since you say "sometimes", I assume that sometimes you can save these 
files. A few obvious questions, since I don't know what you've tried 
or your level of expertise:

- which version of Samba are you running?
- is this happening with just excel and word files, or do you have 
problems saving other files as well?

- which version of M$ Office are you using?
- is this happening only in particular directories?
- is this happening only for some users?
- is this happening only on new files or does it happen on existing 
files that you had previously saved?
- is this happening only on files that were created by someone else 
that you are now editing?







--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Vaisonet]

Samba is 3.0.22 on a CentOS 4 box.
Only Word and Excel write a temporary file, i have the same problem with 
corel draw, and openoffice.

Office is 97 and XP. Openoffice is 2.0.

It's happening with eall shared folders.
All users have this problems.
It's happening only with existing files, previously saved.
It's not only happen on files that were created by someone else that you 
are now editing.


Thanks.


Gary Dale a écrit :

[EMAIL PROTECTED] wrote:


Hi,

I'm using samba, and sometime i can't save excel ou word file.
Windows tell me :
i can't save file as 'filename'. A temporary file 'AE751FLM' was 
created. Close your file and save it with another name.


What's wrong ?
Why can i not same file sometime ?

Thanks

 

Since you say "sometimes", I assume that sometimes you can save these 
files. A few obvious questions, since I don't know what you've tried 
or your level of expertise:

- which version of Samba are you running?
- is this happening with just excel and word files, or do you have 
problems saving other files as well?

- which version of M$ Office are you using?
- is this happening only in particular directories?
- is this happening only for some users?
- is this happening only on new files or does it happen on existing 
files that you had previously saved?
- is this happening only on files that were created by someone else 
that you are now editing?





-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gary Dale]

[EMAIL PROTECTED] wrote:


Hi,

I'm using samba, and sometime i can't save excel ou word file.
Windows tell me :
i can't save file as 'filename'. A temporary file 'AE751FLM' was created. Close 
your file and save it with another name.

What's wrong ?
Why can i not same file sometime ?

Thanks

 

Since you say "sometimes", I assume that sometimes you can save these 
files. A few obvious questions, since I don't know what you've tried or 
your level of expertise:

- which version of Samba are you running?
- is this happening with just excel and word files, or do you have 
problems saving other files as well?

- which version of M$ Office are you using?
- is this happening only in particular directories?
- is this happening only for some users?
- is this happening only on new files or does it happen on existing 
files that you had previously saved?
- is this happening only on files that were created by someone else that 
you are now editing?


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Joel Franco]

-- 
Joel Franco
| 
| self-powered by
|  Debian Linux
|
|  .''`. 
| : :' : 
| `. `' 
|   `- 
|

On Seg Nov 28 05 12:26, Gerald (Jerry) Carter wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Joel,
> 
> Joel Franco wrote:
> 
> | Empirically, when a NT based is added to the
> | existing network, the database application runs
> | slowly (access data) in this client machine
> | and in others NT machines that are added to the LAN.
> |
> | If i substitute this samba server with a Win2k3
> | Standard Server, the application latency backs
> | to the original (or close), before the NT clients.
> | This was a big deception to me and since then, i'm
> | trying to find why this happens but i'm specialist.
> 
> What version of Samba are you running?

Samba 3.0.20b-2.

But this problem exists since old samba versions.

> 
> | I have observed in the ethereal sniffer that exists a
> | lot of "Locking AndX Request" and "Locking AndX Response"
> | that is highly "ping pong" communication between
> | the server and the client, that certainly don't
> | permit a good brute transfer. I understand that must
> | exist a lock mechanism to not corrupt the file
> | database shared between others stations.
> 
> Most people running pc based database apps disable
> oplocks on the server.  Can you run a quick test
> with and without oplocks in the Samba share.

The oplocks warn that could be problem on this enabled. If a client
machine crash, the database could be corrupted, correct?

Should I understand the oplocks is a tradeoff and have to be choosed
between speed and corrupt probability?

Thank You,

> 
> 
> 
> 
> 
> 
> 
> 
> cheers, jerry
> =
> Alleviating the pain of Windows(tm)  --- http://www.samba.org
> GnuPG Key- http://www.plainjoe.org/gpg_public.asc
> "There's an anonymous coward in all of us."   --anonymous
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.0 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
> 
> iD8DBQFDi0vaIR7qMdg1EfYRAgIUAJ9jkPtfLkm+enDbZNH8nVFFx6I9WwCfQWfm
> h3PNQINCD70+Tu6/atQdPeA=
> =2Gjd
> -END PGP SIGNATURE-
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Joel,

Joel Franco wrote:

| Empirically, when a NT based is added to the
| existing network, the database application runs
| slowly (access data) in this client machine
| and in others NT machines that are added to the LAN.
|
| If i substitute this samba server with a Win2k3
| Standard Server, the application latency backs
| to the original (or close), before the NT clients.
| This was a big deception to me and since then, i'm
| trying to find why this happens but i'm specialist.

What version of Samba are you running?

| I have observed in the ethereal sniffer that exists a
| lot of "Locking AndX Request" and "Locking AndX Response"
| that is highly "ping pong" communication between
| the server and the client, that certainly don't
| permit a good brute transfer. I understand that must
| exist a lock mechanism to not corrupt the file
| database shared between others stations.

Most people running pc based database apps disable
oplocks on the server.  Can you run a quick test
with and without oplocks in the Samba share.








cheers, jerry
=
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
"There's an anonymous coward in all of us."   --anonymous
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDi0vaIR7qMdg1EfYRAgIUAJ9jkPtfLkm+enDbZNH8nVFFx6I9WwCfQWfm
h3PNQINCD70+Tu6/atQdPeA=
=2Gjd
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE [Samba] (no subject)

[stephane . purnelle]

look at changelog of the last version, you can see that a privilege 
seTakeOwnerShip is available.

---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique   Corman S.A.   Tel : 00 32 087/342467

[EMAIL PROTECTED] a écrit sur 
12/09/2005 11:08:44 :

> Hi,
> 
> 
> 
> How user can modify the owner of file if he ?s not an Admin.
> 
> 
> 
> thanks 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Jim Cunning]

On Jul 10 at 9:03am, Lonnie Jordal wrote:

> I am looking for the definition of the word:
> ACLARATION
> I can't find it in any dictionary - but when I do
> a GOOGLE search on it - it finds many many people
> using it. 

To my knowledge aclaration is not an English word.  From the contexts of 
the uses of it Google finds, I think there are two possible 
interpretations:

1. Declaration - I found a couple instances of docs listing Aclaration 1, 
Aclaration 2, etc., that should have been "Declaration 1" etc.

2. Clarification - This is the more likely intended meaning, as I found 
lots of docs where that meaning fit the context.

Jim
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Graeme Humphries]

On Wed, 2005-06-15 at 14:21 +0200, [EMAIL PROTECTED] wrote:
> Hi all,
> I have the samba version 3.0.10-4 configured as a primary domain controller. I
> have disabled the webclient on xp workstation but I have a first slow access 
> on
> the network drive.About 15 seconds. Why?

It could be (and this is a long shot) that the Linux box is trying to
use DNS to resolve the hostname of the connecting machine, and failing.
I've seen some weird, seemingly unexplainable initial timeouts on other
services recently, that eventually came down to this.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[John H Terpstra]

On Tuesday 17 May 2005 20:20, Roger Merritt wrote:
> I've just had to do some further work with Samba -- I've been running ver 2
> for years without any problems -- so I just discovered that the current
> version is 3.14a. Right now I'm a bit overwhelmed with the amount of
> information that's been added in the last couple of years and hope someone
> will help me to cut through my information overload. Are there any
> particular issues I should know about when upgrading to ver 3? Any known
> common problems?

Suggest you check chapter 8 of the book "Samba-3 by Example". Your specially 
reserved copy is waiting for you at:

http://www.samba.org/samba/docs/Samba-Guide.pdf

You may find more information of use than just chapter 8, but its a start.

It is also a good idea to check out the Official Samba-3 HOWTO and Reference 
Guide. We wont complain if you download it from:

http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf

It too has a chapter on Updating that may be of use. If you have any specific 
questions just shoot me an email.

- John T.
-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Tony Earnshaw]

tir, 17.05.2005 kl. 14.45 skrev Michael_Börjesson:

> Hello Andreas
>  
> I´ve read yor thread about the opening word files read only protection
> failure.
>  
> I have the same problem. Have you got any answer on the problem you will
> share.

Alt fra Michael_Börjesson går fra nå av hei  dundrende rett i kill-fila
mi. Den der eier nemlig ikke noe som helst folkevett.

--Tonni

Hmmm ... det var det med svensker og dansker (idag er syttendemai :) De
har ikke det, hedningene som de er ...

-- 
Nothing sucksseeds like a pigeon without a beak ...

mail: [EMAIL PROTECTED]
http://www.billy.demon.nl
 
They'll love us, won't they? They feed us, don't they? ...

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Jeremy Allison]

On Fri, Apr 15, 2005 at 09:23:13AM +1000, Grant Bigham wrote:
> 
> I have an issue with W2K/XP using Folder Redirection to a Samba homes share
> (or any share for that matter). This is only a problem when access for a
> user is via an ACE (ACL) and not the traditional file system permissions.
> So for example (user is test in this example):
> # ls -ld History/
> drwxrwx---+   3 root root 4096 Apr 12 21:15 History/
> # getfacl History
> # file: History
> # owner: root
> # group: root
> user::rwx
> user:test:rwx
> group::r-x
> group:c-l-management:rwx
> group:q-l-management:rwx
> group:c-l-management (read):r-x
> mask::rwx
> other::---
> default:user::rwx
> default:user:test:rwx
> default:group::r-x
> default:group:c-l-management:rwx
> default:group:q-l-management:rwx
> default:group:c-l-management (read):r-x
> default:mask::rwx
> default:other::---
> 
> I have also tried this using the "profile acls = yes" option, but with no
> success (works fine if similar permissions are used for raoming profiles
> tho, as it was designed to do).
> 
> It seems that Windows may be trying to set acls on index.dat which seems to
> fail if default (parent) permissions come from ACLs only. Here's an
> indication of this from the samba log:
> [2005/04/12 21:44:55, 2] smbd/posix_acls.c:set_canon_ace_list(2436)
> set_canon_ace_list: sys_acl_set_file failed for file
> k-drive/History/History.IE5/MSHist012005041220050413/index.dat (Operation
> not permitted).
> [2005/04/12 21:44:55, 2] smbd/close.c:close_normal_file(270)  DBR05A+cath
> closed file k-drive/History/History.IE5/MSHist012005041220050413/i
> ndex.dat (numopen=3)
> 
> Any help would be appreciated. I expect that this may be an Samba issue
> that might need to be looked at by the samba-technical gods.

Can you send me a capture trace and the full debug level 10 log from smbd 
please ? Also an ACL dump of the files and directories involved, and the
output from id of the user involved (so I can work out what groups are in
their token).

Thanks,

Jeremy.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[John H Terpstra]

On Friday 25 March 2005 09:17, Joao Carneiro - DLS wrote:
>  Hi there,
>
> I'm implementing samba as ADS domain member server with samba and ldap
> authentication. There is an extension of the AD schema to be performed,
> right?
> What is the tool that does that?
> Thanks in advance
>

Suggest you check chapter 10 "Adding UNIX/Linux Servers and Clients".
I just updated this title to: "Adding Domain Member Servers and Clients" so 
this chapter title will change the next time the documentation is built.

You can download this book from:

http://www.samba.org/samba/docs/Samba-Guide.pdf

If this chapter does not solve your needs please let me know and I will work 
with you to solve the issue you have and to extend the documentation.

Cheers,
John T.

>
> João Carneiro
> Departamento de Sistemas e Tecnologias da Informação
> [EMAIL PROTECTED]
>
>
> DLS - Projectos Automação e Manutenção, Lda
> Tel.: 227 470 786 :: Fax: 227 470 787

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[SABINE ZARABIAN]

Thomas Kreft wrote:
I have a rather complex access setup for my users home-directories. This is
because
a) All users have to be able to read other users files (minus some private
folders)
b) Some users additionally have write access to specific (not: all!)
home-directories
So a user Joe also has a group called 'Joe' with members Joe, Tim and Kate.
Hence,  Joe, Tim and Kate may write to /home/joe. I do this by editing
smb.conf as follows:
[homes]
   valid users = @users
   write list = @%g
   browseable = No
   create mask = 0660
   directory mask = 0770
Now the question is: How do I provide the users with an easy way to access
the various 'homes', ie. via a mapped network drive, and STILL preserve the
'write list' option of the smb.conf?
Of course, the users could type "\\SERVERNAME" into their windows explorer,
or browse through the network neighbourhood everytime, but this is rather
inconvenient.
Or I could create a share with symlinks to all the home folders, but this
would deprive me of the individual 'write list' access control.
Hope I could make myself clear! Any ideas are highly appreciated, I'm
completely lost.
Thomas
 

Hallo Thomas,
I would solve your problem this way:
I would create home folders like you have done /home/joe , /home/tim ...
I would create group folders like /group/joe, /group/...
in smb.conf :
[homes]
comment = private
browseable = yes
create mask = 0700
directory mask = 0700
public = no
writeable = yes
[group]
comment = group directory
path = /group/%g
create mask = 0770
directory mask = 0770
force directory mode = 0770
force create mode = 0770
public = no
writeable = yes
in logon.bat:
net use x: \\server\homes
net use y: \\server\group
In this way, data in x:\  are private f.e. joe,
data in y:\ are readable and writeable for the  whole group f. e. joe, 
tim and kate.

Sabine

--
Sabine Zarabian
Universität Bielefeld
Fakultät für Biologie
0521 - 106 5567
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Craig White]

On Sat, 2004-12-11 at 17:09 -0500, alton bailey wrote:
> when I issue a command to populate my ldap directory I receive an erro cant 
> find Net/SSleay.pm how can I find an Net:SSleay rpm to install on FC3

---
what does this have to do with samba?

perl -MCPAN -e shell
install Net::SSLeay
exit

Craig

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Ilia Chipitsine]

1) SID mapping got broken for some reason ?
2) is Domain Admins group included into local Administrators group
on w2k3 server ? (using the same SID)
3) if nothing helps, you can always log on as local administrator and
take ownership of those files. after that you will be able to set 
permissions to them and delete them

Cheers,
Ilia Chipitsine
Hi.
We have set up a configuration with a Samba 3.06 PDC and Windows profiles stored
on a Windows2003 Server.
Workstations logged on the PDC created their profiles on the Windows Server, but
now neither the domain admin nor the local Admin on the Win2k3 machine have
permission to delete this files. Does anyone have an idea how to handle this
problem?
Cheers, Chris

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gémes Géza]

Shiraaz Singh írta:
Hi
Has anyone successfully integrated SLES 9.1 into Active Directory using
Samba 3 , such that the AD users log onto the directory and gain access
to resources on the SLES server as if it were just another Windows
server. 

I am a total newbie but with the help of the fantastic Linux community
managed to get myself to the point where the SLES box is in AD but if I
want AD users to gain access to any of the SLES shares I need to create
seperate user accounts on the SLES server. 

Anyone that can offer some help or even the direction to where the help
is will be appreciated 

Thanks   

 

You need winbind for mapping your Active Directory users to Linux users.
I'd recommand to read:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html
http://www.samba.org/samba/docs/man/Samba-Guide/unixclients.html
http://www.samba.org/samba/docs/man/Samba-Guide/kerberos.html
Good Luck!
Geza Gemes
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Christian Merrill]

Tom Skeren wrote:
It's a mount command.  On FBSD it's
mount_smbfs //[EMAIL PROTECTED]/share /(some local directory path)
Gerald Hughes wrote:
Samba,
Is if possible to connect to a C drive on a windows machine from a 
Unix machine using SAMBA?  We can go the other way but have a problem 
from Windows to Unix.
Any Examples out there?

jerry
Gerald C. Hughes
GEO/Graphic, Inc.
90 West Center Street
Logan, UT 84321
ph:435.753-5429

This mail sent through Valley InfiNet Webmail: 
http://webmail.mtwest.net/
 



If you want the actual c drive mounted it would be something like:
smbmount //windows_machine/c$ -o username=Administrator,workgroup=WORKGROUP
Christian
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Tom Skeren]

It's a mount command.  On FBSD it's
mount_smbfs //[EMAIL PROTECTED]/share /(some local directory path)
Gerald Hughes wrote:
Samba,
Is if possible to connect to a C drive on a windows machine from a Unix machine 
using SAMBA?  We can go the other way but have a problem from Windows to Unix.
Any Examples out there?

jerry
Gerald C. Hughes
GEO/Graphic, Inc.
90 West Center Street
Logan, UT 84321
ph:435.753-5429

This mail sent through Valley InfiNet Webmail: http://webmail.mtwest.net/
 


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Michael Andrewjeski]

I believe if your samba server is a member in one of the workgroups and
there is a trust relationship between it and the other workgroup then
you can configure samba to allow from the other workgroup in effect
serving both workgroups.

HTH

Mike

-Original Message-
From: Mark Lidstone [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, August 11, 2004 6:34 AM
To: [EMAIL PROTECTED]
Subject: RE: [Samba] (no subject)


You're kinda confusing things there.  A single physical network could
span multiple IP networks, and a single IP network doesn't have to be
restricted to one physical network.

Do you mean that you want to use a single server to serve to two
separate workgroups both of which are using the same physical hardware
and IP network?  If so, then I don't believe so, but I could be wrong.
AFAIK it's only possible to have a server answer to multiple names in a
single workgroup ("netbios name" then "netbios aliases")

I hope this helps,

Mark Lidstone
IT and Network Support Administrator

BMT SeaTech Ltd
Grove House, Meridians Cross, 7 Ocean Way
Ocean Village, Southampton.  SO14 3TJ. UK
Tel: +44 (0)23 8063 5122 
Fax: +44 (0)23 8063 5144

E-Mail:  mailto:[EMAIL PROTECTED]
Website: www.bmtseatech.co.uk

==
Confidentiality Notice and Disclaimer: 
The contents of this e-mail and any attachments are intended only for
the use of the e-mail addressee(s) shown. If you are not that person, or
one of those persons, you are not allowed to take any action based upon
it or to copy it, forward, distribute or disclose the contents of it and
you should please delete it from your system. BMT SeaTech Limited does
not accept liability for any errors or omissions in the context of this
e-mail or its attachments which arise as a result of Internet
transmission, nor accept liability for statements which are those of the
author and not clearly made on behalf of BMT SeaTech Limited.

==
  

-Original Message-
From: Andrew Norman [mailto:[EMAIL PROTECTED] 
Sent: 11 August 2004 14:28
To: [EMAIL PROTECTED]
Subject: [Samba] (no subject)


Hi, 
 
I'm new to samba and wish to know if it is possible to set up a samba
server that can be accessed from different workgroups on the same
physical network i.e. 192.168.0?
 
Many thanks
 
Andy
 
 
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Mike Stewart]

Can I disagree there Mark...

I've set up several Samba servers for our company over the past year.  All
just purely file servers (nothing clever).  They can be accessed from
different windows workgroups.  I'm in the workgroup PTAdmin and I can access
the servers in all the other workgroups PTLTrain, PTNTtrain etc.

(Um... I hope I'm understanding the original question right !)

ATB

Mike

- Original Message - 
From: "Mark Lidstone" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 11, 2004 2:34 PM
Subject: RE: [Samba] (no subject)


You're kinda confusing things there.  A single physical network could
span multiple IP networks, and a single IP network doesn't have to be
restricted to one physical network.

Do you mean that you want to use a single server to serve to two
separate workgroups both of which are using the same physical hardware
and IP network?  If so, then I don't believe so, but I could be wrong.
AFAIK it's only possible to have a server answer to multiple names in a
single workgroup ("netbios name" then "netbios aliases")

I hope this helps,

Mark Lidstone
IT and Network Support Administrator

BMT SeaTech Ltd
Grove House, Meridians Cross, 7 Ocean Way
Ocean Village, Southampton.  SO14 3TJ. UK
Tel: +44 (0)23 8063 5122
Fax: +44 (0)23 8063 5144

E-Mail:  mailto:[EMAIL PROTECTED]
Website: www.bmtseatech.co.uk

==
Confidentiality Notice and Disclaimer:
The contents of this e-mail and any attachments are intended only for
the
use of the e-mail addressee(s) shown. If you are not that person, or one
of those persons, you are not allowed to take any action based upon it
or
to copy it, forward, distribute or disclose the contents of it and you
should please delete it from your system. BMT SeaTech Limited does not
accept liability for any errors or omissions in the context of this
e-mail
or its attachments which arise as a result of Internet transmission, nor
accept liability for statements which are those of the author and not
clearly made on behalf of BMT SeaTech Limited.

==


-Original Message-
From: Andrew Norman [mailto:[EMAIL PROTECTED]
Sent: 11 August 2004 14:28
To: [EMAIL PROTECTED]
Subject: [Samba] (no subject)


Hi,

I'm new to samba and wish to know if it is possible to set up a samba
server that can be accessed from different workgroups on the same
physical network i.e. 192.168.0?

Many thanks

Andy



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba




---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.736 / Virus Database: 490 - Release Date: 09/08/2004


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Mark Lidstone]

You're kinda confusing things there.  A single physical network could
span multiple IP networks, and a single IP network doesn't have to be
restricted to one physical network.

Do you mean that you want to use a single server to serve to two
separate workgroups both of which are using the same physical hardware
and IP network?  If so, then I don't believe so, but I could be wrong.
AFAIK it's only possible to have a server answer to multiple names in a
single workgroup ("netbios name" then "netbios aliases")

I hope this helps,

Mark Lidstone
IT and Network Support Administrator

BMT SeaTech Ltd
Grove House, Meridians Cross, 7 Ocean Way
Ocean Village, Southampton.  SO14 3TJ. UK
Tel: +44 (0)23 8063 5122 
Fax: +44 (0)23 8063 5144

E-Mail:  mailto:[EMAIL PROTECTED]
Website: www.bmtseatech.co.uk

==
Confidentiality Notice and Disclaimer: 
The contents of this e-mail and any attachments are intended only for
the
use of the e-mail addressee(s) shown. If you are not that person, or one
of those persons, you are not allowed to take any action based upon it
or
to copy it, forward, distribute or disclose the contents of it and you
should please delete it from your system. BMT SeaTech Limited does not
accept liability for any errors or omissions in the context of this
e-mail
or its attachments which arise as a result of Internet transmission, nor
accept liability for statements which are those of the author and not
clearly made on behalf of BMT SeaTech Limited.

==
  

-Original Message-
From: Andrew Norman [mailto:[EMAIL PROTECTED] 
Sent: 11 August 2004 14:28
To: [EMAIL PROTECTED]
Subject: [Samba] (no subject)


Hi, 
 
I'm new to samba and wish to know if it is possible to set up a samba
server that can be accessed from different workgroups on the same
physical network i.e. 192.168.0?
 
Many thanks
 
Andy
 
 
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Andrew Gaffney]

Proteus (Anton) wrote:
How long am I still going to wait to be unsubscribed?
I've been trying for at least 3 months now!
If, as I suspect your server is running on Linux, I start getting a bad feeling about 
either the OS or your professionalism
Did you follow the directions at the bottom of every email posted to this list? 
Go to , enter your subscribed 
email address in the text box at the bottom of the page and hit the button. 
Click the 'Unsubscribe' button on the next page. Reply to the email that is sent 
to you.

--
Andrew Gaffney
Network Administrator
Skyline Aeronautics, LLC.
636-357-1548
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Craig White]

On Fri, 2004-06-04 at 09:03, [EMAIL PROTECTED] wrote:
> >When performing an upgrade of Red Hat 2.1 AS to Red Hat 3 ES Samba fail to
> start
> >due of missing libssl.so.2 and libcrypt.so.2 libraries that has been
> deleted
> >during upgrade process. We restored files from backup but winbind still
> fail
> >to starting.
> 
> Radu,
> 
>   First, it's very scary that you're using RedHat 3. That could be a
> source of many problems. ;) Anyway, what error(s) is winbind giving you when
> it fails to start? Anything in the syslog?

just for the record - I have had virtually no problems with several RHEL
AS 3 systems.

For the solution, it would seem that the thing to do is to either remove
your samba installation on RHEL 3 and reinstall, either from source or
from their up2date/rpm mechanism...

rpm -qa|grep samba
samba-3.0.2-6.3E
redhat-config-samba-1.0.16-1
samba-common-3.0.2-6.3E
samba-client-3.0.2-6.3E

Craig

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Greg Folkert]

On Fri, 2004-06-04 at 12:03, [EMAIL PROTECTED] wrote:
> >When performing an upgrade of Red Hat 2.1 AS to Red Hat 3 ES Samba fail to
> start
> >due of missing libssl.so.2 and libcrypt.so.2 libraries that has been
> deleted
> >during upgrade process. We restored files from backup but winbind still
> fail
> >to starting.
> 
> Radu,
> 
>   First, it's very scary that you're using RedHat 3. That could be a
> source of many problems. ;) Anyway, what error(s) is winbind giving you when
> it fails to start? Anything in the syslog?

Ummm, that is Enterprise Server v3.0 of RedHat. Which is the current
version.

-- 
[EMAIL PROTECTED]
REMEMBER ED CURRY! http://www.iwethey.org/ed_curry

Novell's Directory Services is a competitive product to Microsoft's
Active Directory in much the same way that the Saturn V is a competitive
product to those dinky little model rockets that kids light off down at
the playfield. -- Thane Walkup


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[mconnor]

>When performing an upgrade of Red Hat 2.1 AS to Red Hat 3 ES Samba fail to
start
>due of missing libssl.so.2 and libcrypt.so.2 libraries that has been
deleted
>during upgrade process. We restored files from backup but winbind still
fail
>to starting.

Radu,

First, it's very scary that you're using RedHat 3. That could be a
source of many problems. ;) Anyway, what error(s) is winbind giving you when
it fails to start? Anything in the syslog?

Matthew
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Marcus White]

On Tue, 2004-04-27 at 19:56, Andrew Phillips wrote:
> I have currently installed the fedora core onto a box of mine. Along with 
> the fedora core came samba 3.0. I am trying to install and setup the swat 
> util to work on my system but all the help files i can find online tell me 
> to add the following line to my swat file in xinetd.conf:
> 
>   server = /usr/local/samba/bin/swat
> 
> The problem is there is no /usr/loca/samba directory to be heard of at 
> all. And all attempts to even find a binary for the swat util has turned 
> up nothing to this point. Can anyone please point a lost soul in the 
> direction needed. Thanks!

Check to ensure samba swat is installed...

"rpm -q samba-swat" If it is not then you must install it... "rpm -Uvh
//samba-swat*.rpm"

Marcus O.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Loc Nguyen]

I figured out why; credentials= doesn't ignore ' ' ...


BLOCKQUOTE { BORDER-LEFT:#1F4687 1px solid; padding-left:20px;
margin-left: 0px; }-Original Message-
From: Loc Nguyen <[EMAIL PROTECTED]>
Sent: Monday, 23. Feb 2004 19:03 -0800
To: [EMAIL PROTECTED]
Subject: [Samba] (no subject)

Hi list, 


I'm getting stuck at the replication part for my BDC. Could

someone familiar with OpenLDAP replication shed some light?


I'm sure

that password is correct 


Thanks for taking a look at!


1. slapd.conf

(master)

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8

2003/05/24 23:19:14 kurt Exp $

#

# See slapd.conf(5) for details on

configuration options.

#

#

include

/usr/local/etc/openldap/schema/core.schema

include

/usr/local/etc/openldap/schema/cosine.schema

include

/usr/local/etc/openldap/schema/nis.schema

include

/usr/local/etc/openldap/schema/inetorgperson.schema

include

/usr/local/etc/openldap/schema/samba.schema

include

/etc/samba/samba.acl


pidfile /usr/local/var/slapd.pid

argsfile

/usr/local/var/slapd.args


#

##

# ldbm database

definitions



###


database bdb

suffix "dc=tuluc,dc=com"

rootdn

"cn=Manager,dc=tuluc,dc=com"

# Cleartext passwords, especially for the

rootdn, should

# be avoid. See slappasswd(8) and slapd.conf(5) for

details.

# Use of strong authentication encouraged.

rootpw

secrete

#rootpw {MD5}QL5OWbmiorXf+5GMDoaz1w==

# The database directory

MUST exist prior to running slapd AND

# should only be accessible by the

slapd and slap tools.

# Mode 700 recommended.

directory

/usr/local/var/openldap-data

###

#

#replica

password-hash   {MD5}

replogfile 

/var/lib/ldap/replica.log


replica host=192.168.4.2:389

   

binddn="cn=replicator,dc=tuluc,dc=com"

bindmethod=simple

credentials='mybdc'

loglevel 

65535

#

# Indices to maintain

## required by OpenLDAP

index objectClass

eq


index cn pres,sub,eq

index sn pres,sub,eq

## required to support

pdb_getsampwnam

index uid pres,sub,eq

## required to support

pdb_getsambapwrid()

index displayName pres,sub,eq


## uncomment these if

you are storing posixAccount and


## uncomment these if you are storing

posixAccount and

## posixGroup entries in the directory as well

index

uidNumber eq

index gidNumber eq

index memberUid eq


index sambaSID

eq

index sambaPrimaryGroupSID eq

index sambaDomainName eq

index default

sub



2. slapd.conf (slave)


# $OpenLDAP:

pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt

Exp $

#

# See slapd.conf(5) for details on configuration

options.

#

#

include /usr/local/etc/openldap/schema/core.schema

include

/usr/local/etc/openldap/schema/cosine.schema

include

/usr/local/etc/openldap/schema/nis.schema

include

/usr/local/etc/openldap/schema/inetorgperson.schema

include

/usr/local/etc/openldap/schema/samba.schema


pidfile

/usr/local/var/slapd.pid

argsfile

/usr/local/var/slapd.args


#

##

# ldbm database

definitions



###


database bdb

suffix "dc=tuluc,dc=com"

rootdn

"cn=Manager,dc=tuluc,dc=com"

# Cleartext passwords, especially for the

rootdn, should

# be avoid. See slappasswd(8) and slapd.conf(5) for

details.

# Use of strong authentication encouraged.

rootpw

secrete

#rootpw {MD5}QL5OWbmiorXf+5GMDoaz1w==

# The database directory

MUST exist prior to running slapd AND

# should only be accessible by the

slapd and slap tools.

# Mode 700 recommended.

directory

/usr/local/var/openldap-data

###

##

# Indices to maintain

## required by

OpenLDAP

index objectClass eq


index cn pres,sub,eq

index sn

pres,sub,eq

## required to support pdb_getsampwnam

index uid

pres,sub,eq

## required to support pdb_getsambapwrid()

index displayName

pres,sub,eq


## uncomment these if you are storing posixAccount and

##

posixGroup entries in the directory as well

index uidNumber eq

index

gidNumber eq

index memberUid eq


index sambaSID eq

index

sambaPrimaryGroupSID eq

index sambaDomainName eq

index default sub

##

for testing I open ACL wide open 

access to *

by

dn="cn=Manager,dc=tuluc,dc=com" write

by

dn="cn=replicator,dc=tuluc,dc=com" write

by * read

updatedn

"cn=replicator,dc=tuluc,dc=com"

updateref ldap://192.168.5.3


loglevel

65535

3. Log from the master slurpd


begin replication thread for

192.168.4.2:389

Initializing session to 192.168.4.2:389

ldap_create

bind

to 192.168.4.2:389 as cn=replicator,dc=tuluc,dc=com

(simple)

ldap_simple_bind_s

ldap_sasl_bind_s

ldap_sasl_bind

ldap_se

Re: [Samba] (no subject)

[John H Terpstra]

On Wed, 18 Feb 2004, Loc Nguyen wrote:

> Hi list,
>
> Could anyone explain why Samba+LDAP PDC needs to have PAM and
> NSS configured with ldap to authenticate ?
>
> I thought that SAMBA
> authenticates directly against LDAP rather asking PAM/NSS to do this,
> but this doesn't seem to be true.
>
> I configured a Samba+LDAP PDC with
> the help of idealx.org SAMBA PDC howto. I succeeded with 3.0.2a. Just
> for experimenting, I used authconfig to disable ldap in nssswitch.conf
> and system-auth, the PDC stop working. Is it true that SAMBA need to
> authenticate twice, one with SambaSamAccount, and another with
> PosixAccount?

Samba relies on the OS it sits on top of to do identify resolution. NSS
(/etc/nsswitch.conf) does only Identity resolution.

On a PDC+LDAP you must have Posix accounts in LDAP and must be able to
resolve UID/GIDs via NSS (nss_ldap) for propoer operation. By default, 3.x
does not use PAM authentication for smbd operation.

- John T.


>
>
> thanks for any ideas on this matter
>

-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gémes Géza]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Loc Nguyen írta:
| Hi list,
|
| Could anyone explain why Samba+LDAP PDC needs to have PAM and
| NSS configured with ldap to authenticate ?
|
| I thought that SAMBA
| authenticates directly against LDAP rather asking PAM/NSS to do this,
| but this doesn't seem to be true.
|
| I configured a Samba+LDAP PDC with
| the help of idealx.org SAMBA PDC howto. I succeeded with 3.0.2a. Just
| for experimenting, I used authconfig to disable ldap in nssswitch.conf
| and system-auth, the PDC stop working. Is it true that SAMBA need to
| authenticate twice, one with SambaSamAccount, and another with
| PosixAccount?
|
|
| thanks for any ideas on this matter
Yes and no, you don't need to authenticate twice, e.g. you can disable
the coresponding UNIX account, and stil able to log in via samba, but
you need a UNIX (Posix) account. The rationelle is quite simple: As long
as Samba runs as a Unix process, in order to get the rights of the user
as you are connecting it is runing with that users userid. Without a
valid userid, aka Posix account it would not be possible.
Cheers,

Geza
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFAM9pv/PxuIn+i1pIRAlL5AJiurPb5Xix6XqGaXPpd7mMQ7VHmAJ415mPe
i2CNXBr0DM/FslXhMKbADA==
=/DhM
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Stéphane Purnelle]

Winbind is used if you want to authentificate unix account with a other PDC.
I don't know if on the same server you can use winbind for unix auth and 
ldap for Samba ...

Loc Nguyen a écrit :

Is this means we can use winbind rather setting up nss,PAM with ldap 
to authenticate ? I'll try this to understand more Thanks!



--




-Original Message-
From: Stéphane Purnelle <[EMAIL PROTECTED]>
Sent: Wednesday, 18. Feb 2004 12:49 -0800
To: Loc Nguyen <[EMAIL PROTECTED]>
Subject: Re: [Samba] (no subject)
The howto from idealx explain a PDC with "unix auth" in LDAP.
Your Linux (RedHat I suppose) use nss_ldap and nsswitch.conf for find
UNIX user and groups.
Samba don't have a support for NUA, if the linux layer don't find user,
samba don't work.
I don't know howto set unix user is passwd and samba part in LDAP.


Loc Nguyen a écrit :

>Hi list,
>
>Could anyone explain why Samba+LDAP PDC needs to have PAM and
>NSS configured with ldap to authenticate ?
>
>I thought that SAMBA
>authenticates directly against LDAP rather asking PAM/NSS to do this,
>but this doesn't seem to be true.
>
>I configured a Samba+LDAP PDC with
>the help of idealx.org SAMBA PDC howto. I succeeded with 3.0.2a. Just
>for experimenting, I used authconfig to disable ldap in nssswitch.conf
>and system-auth, the PDC stop working. Is it true that SAMBA need to
>authenticate twice, one with SambaSamAccount, and another with
>PosixAccount?
>
>
>thanks for any ideas on this matter
>
>
--
Stéphane Purnelle <[EMAIL PROTECTED] 
<mailto:[EMAIL PROTECTED]>>
Site Web : http://www.linuxplusvalue.be



--
Stéphane Purnelle <[EMAIL PROTECTED]>
Site Web : http://www.linuxplusvalue.be
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Edward Ashley]

Can't really see what the problem is though try using smbldap-useradd.pl
-a -m test instead and see whether it makes a difference. You have played
around with smbldap_conf.pm to suit your needs I'm assuming.
Ned

> hi.
>
> i´m having big trouble with smbldap-useradd.pl
>
> when i try
> #cd /usr/local/bin
> #./smbldap-useradd -a test
>
> i got this message:
>
> Can't call method "get_value" on an undefined value at
> ./smbldap-useradd.pl line 152,  line 283.
>
> help please!!!??
>
> []´s
>
> Bruno Ricci
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Marc Schoechlin]

Hi !

On Mon, Sep 15, 2003 at 02:22:14PM +0200, Antoine Jacoutot wrote:
 
> No, I'm sorry I can't help you... but maybe YOU can help me :)
> How did you create a Domain admin user to insert your workstation in the 
> domain ? I'm still fighting on that and can't find any solution :(
> 

I´m also interested in that :-))

Best regards

Marc Schoechlin
-- 

Gruss / Best regards  |  LF.net GmbH|  fon +49 711 90074-413
Marc Schoechlin   |  Ruppmannstr. 27|  fax +49 711 90074-33
[EMAIL PROTECTED] |  D-70565 Stuttgart  |  http://www.lf.net
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Antoine Jacoutot]

[EMAIL PROTECTED] wrote:
I´m trying to use Samba 3.0 with OpenLDAP as a PDC.
Joining the Domain with a NT4 WS works fine, a machine Account is
automatically created by Samba during the join process.
After restarting the NT machine, the local netlogon process fails to start,
and also some dependent processes, so no domain login is available.
If i try to logon directly after the join process (without the restart) it
works fine, all shares are available.
Has anyone heard of this before??
No, I'm sorry I can't help you... but maybe YOU can help me :)
How did you create a Domain admin user to insert your workstation in the 
domain ? I'm still fighting on that and can't find any solution :(

Antoine

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Samba-3.0.0 RC1 available for download [was Re: [Samba] (no subject)]

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Sorry.  Subject was in the wrong field

On Sat, 16 Aug 2003, Gerald (Jerry) Carter wrote:

> The Samba Team is proud to announce the availability of the 
> first release candidate of the Samba 3.0.0 code base.  A release 
> candidate implies that the code is very close to a final release, 
> but remember that this is still a non-production snapshot intended 
> for testing purposes. Use at your own risk.
> 
> One of the main additions in this release is the inclusion
> of stable support for both client and server SMB signing.
> 
> The source code can be downloaded from :
> 
> http://download.samba.org/samba/ftp/rc/
> 
> The uncompressed tarball and patch file have been signed
> using GnuPG.  The Samba public key is available at
> 
> http://download.samba.org/samba/ftp/samba-pubkey.asc
> 
> Binary packages will be available soon at
> 
> http://download.samba.org/samba/ftp/Binary_Packages/
> 
> A simplified version of the CVS log of updates since 3.0.0beta3
> can be found in the the download directory under the name
> ChangeLog-3.0.0beta3-3.0.0rc1.  The Release Notes are available
> on-line at
> 
> http://www.samba.org/samba/whatsnew/samba-3.0.0rc1.html
> 
> Please file any bugs you find in this release at 
> 
> https://bugzilla.samba.org/
> 
> As always, all bugs are our responsibility.
>   
>   --Enjoy
>   The Samba Team
> 
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE/Pdx8IR7qMdg1EfYRAk8cAKDfew8b8oZXQVs5zY3zpfqSGNYWNQCfQKn4
giiGPIp00nyFNIfMdjI9Q0Q=
=oLMb
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Nicolas Gieczewski]

I think it's a language issue, but I'd have at least taken a minute to look up
the word "please" in the dictionary ;)

Nicolas Gieczewski
Nix Software Solutions
http://www.nixsoftware.com/


- Original Message - 
From: "Thilo Rößler" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 29, 2003 08:11
Subject: Re: [Samba] (no subject)


> Would you like us to wipe your arse for you aswell?

Personally, I don't think that I would have put it that way ... but it is 
really interesting how many posts there are which just say someting like "Do 
my work for me" ...

Thilo

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Thilo Rößler]

> Would you like us to wipe your arse for you aswell?

Personally, I don't think that I would have put it that way ... but it is 
really interesting how many posts there are which just say someting like "Do 
my work for me" ...

Thilo
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gareth Davies]

 Original Message -
From: "Yasir Chaudhary" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 29, 2003 10:36 AM
Subject: [Samba] (no subject)

Funnily enough the subject line is for entering a relevant subject.


> Dear Sir/Madam,
>
> I want to configure my Samba Server with my windows NT 4.0 and Windows
2000
> server as a two way trust.
> kindly send me a detail configuration of smb.conf or other changes i have
to
> made in Linux machine aswell as Wimdows machines.

Would you like us to wipe your arse for you aswell?

http://samba.mirror.ac.uk/samba/docs/

>
> with regards
> Yasir Ch
> Lab Supervisor
> GCU,Lahore, Pakistan
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>







*
This email has been checked by the altohiway e-Sweeper Service
*

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Joel Hammer]

That message:
>   bind failed on port 139 socket_addr = 0.0.0.0.
>   Error = Address already in use

Often means that samba is already running OR inetd or whatever is already
watching that port. You can edit inetd to not watch this port by editing
inetd.conf. Life is simpler when you start samba as a stand alone daemon
with a simple startup script.

That nmbd message is familar,too, but, I forget what that means!

Joel

On Mon, Jul 28, 2003 at 03:42:40PM -0700, Christopher Campo wrote:
> Greetings All:
> 
> I'm a newbie at Samba and have been attempting to get Samba to run on a BSD 
> box with little success.  Looking at hte /var/log/log.smbd file I get some 
> wierd error message:
> 
> [2003/07/28 13:18:36, 0] lib/util_sock.c:open_socket_in(804)
>   bind failed on port 139 socket_addr = 0.0.0.0.
>   Error = Address already in use
> 
> Also, in the nmbd:
> 
> [2003/07/28 13:18:41, 0] 
> nmbd/nmbd_responserecordsdb.c:find_response_record(235)
>   find_response_record: response packet id 893 received with no matching 
> record.
> 
> When I try to browse to my BSD box i get a access denied error from Windows 
> XP.
> 
> Help!
> 
> Thank you in advance.
> 
> Regards,
> 
> Chris
> 
> _
> Tired of spam? Get advanced junk mail protection with MSN 8. 
> http://join.msn.com/?page=features/junkmail
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Nicolas Gieczewski]

Under what circumstances is the error logged, and how does it relate
to Samba? I think you should first search Microsoft's knowledge base
for the Event ID accompanying that error at:

http://support.microsoft.com/

Cheers,

Nicolas Gieczewski
Nix Software Solutions
http://www.nixsoftware.com/


- Original Message - 
From: "hamed adelshahian" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 28, 2003 11:10
Subject: [Samba] (no subject)


hi my friend
i have an error in event viewer of win2K.:
NETLogon is the discription.
how can i repair this error.
thank u

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Vizitiu, Ciprian]

> 
> I want to change my Samba 2.2.5 Version to Samba 2.2.8. But I 
> do not know, if I can use the same Config-File ( 
> /lib/smb.conf) and the same userfile ( /private/smbpasswd ) 
> ?? Perhaps I must also convert it.
> 

Make also a back-up of all .tdb.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

re: [Samba] (no subject)

[Karl Banasky]

Use the "smbpasswd -a username" to setup a new user password.  But without your setup 
and how you did it and what is going on in the logs it is hard to answer this 
question, it is very broad.  There are great and wonderful documents to learn all 
about SAMBA and how to set it up.  
(Thank you to everyone that created those works of art. 'sniff, sniff' Beautiful they 
are. Got me everywhere.)
See the link:
http://hr.uoregon.edu/davidrl/samba/
Also there are these archives to search too. Cheers.
Karl-

>>  Hi I have installed samba 2.2.8 on a box running Fresco as a router and
>>  Web server. On my Win2000 box I can see the router but when I try to get
>>  in and access the shared files it asks for a password I don't know what
>>  it is I never set that up. What password does it come with by default?
>>  I ran the command smbpasswd and get the following msg

>>  Failed to find entry for user Root
>>  Failed to modify password entry for user Root

>>  Can anyone pleas help?
>>  -- 
>>  To unsubscribe from this list go to the following URL and read the
>>  instructions:  http://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Brent McDowell]

> 
> 

err.. appologies -- damn pine!

--Brent

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[[EMAIL PROTECTED]]

If you include:
deb ftp://ftp.easynet.be/samba/Binary_Packages/Debian/ stable main
in your sources.list, then you have access to the latest binaries. If you want to 
compile it yourself, you can use the attached script.



 "Philippe Dhont   (Sea-ro)" <[EMAIL PROTECTED]> wrote:

Hi, i install samba 2.2.8a but are there standard startup/shutdown scripts ?
>I use latest debian.
>
>
>thnx
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[John H Terpstra]

Anne,

Suggest you read the new Samba HOWTO.

The chapters you might benefit from are:

Chapter 10 - Re: Browsing
Chapter 8, section 8.3.2

- John T.

On Sun, 4 May 2003 [EMAIL PROTECTED] wrote:

> I can see my linux box as an icon from my win2k
> server, but when I click on it it says:
>
> \\localhost not accessible, a duplicate name exists on
> the network.
>
> I want to set up the linux box as a print server. I
> can't see the printer at all from my windows machines.
>
> Thank you in advance,
>
> Anne
>
>

-- 
John H Terpstra
Email: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I used to have a novell print server; at the moment we consider to
> migrate to a samba (2.2.5-124) controlled printserver using cups
> (1.1.15-69) on Suse 8.1.
>
> Problem is: Using Novell the print queue you see on the (win-) client is
> automatically updated every few seconds. Using Samba it is not updated;
> means you have to click on refresh to get the actual queue. Is this a
> client (redmont-wincrap) or a server (samba/cups) problem? Does anybody
> have the same problem? Is there a fix? thanx in advance chris

I missed the original post so maybe someone has described this already.
There are some known issues with Samba's print change notify 
implementation in Samba 2.2.  These have been corrected in the Samba 
3.0/HEAD cvs branches.

Mostly likely it is a Samba bug that is causing the client to ignore 
update event to the queue listing.




cheers, jerry
 --
 Hewlett-Packard- http://www.hp.com
 SAMBA Team -- http://www.samba.org
 GnuPG Key   http://www.plainjoe.org/gpg_public.asc
 ISBN 0-672-32269-2 "SAMS Teach Yourself Samba in 24 Hours" 2ed
 "You can never go home again, Oatman, but I guess you can shop there."  
--John Cusack - "Grosse Point Blank" (1997)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+NUx4IR7qMdg1EfYRAtrDAJ0ebDMdcZb4RXlP2mlLkObkDXpKSACbB6Dl
0HZp5+V9eZLZQ3uaOxEqqrA=
=m2lP
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[TE]

Sorry!

The version of samba is 2.2.5 and it is running on SUSE 8.1 with kernel 2.4.19. The 
network is a 100 MB full duplex one, with D-link switch.

To Martin Thomas reply. I will check what the exact error message is as soon as 
possible, that is tomorrow. If it could be hardware related, as you said, could 
possible the file system on the storage disk have an effect?

Thanks for the fast replies
//
Thomas E

"Marian Mlcoch, Ing" <[EMAIL PROTECTED]> wrote:

>Hi you must write version off samba,linux and network type you use? Afther x
>MB stop?
>
>- Original Message -
>From: "TE" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Monday, January 13, 2003 2:27 PM
>Subject: [Samba] (no subject)
>
>
>> Hi everybody!
>>
>> Bare with me as I am pretty new to Linux and everything that goes with it.
>My problem consists of copying large files from my w2k client to my samba
>server. Files larger than ca 700 MB will, when moving ore copying to a samba
>share, stop in a error message that the network path is no longer
>accessible. The “server”, which samba is running on, starts to write to the
>disk but there is no network activity and after a while the error message
>appears. I have looked through all the forums and so on to see if I could
>find an answer, but no. I have however found other users posting messages
>about the same problem, but never an answer that solved the problem. Is
>there anyone who knows how to solve this problem?
>>
>> Best regards
>> //
>> Thomas E
>>
>>
>> __
>> The NEW Netscape 7.0 browser is now available. Upgrade now!
>http://channels.netscape.com/ns/browsers/download.jsp
>>
>> Get your own FREE, personal Netscape Mail account today at
>http://webmail.netscape.com/
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  http://lists.samba.org/mailman/listinfo/samba
>
>

__
The NEW Netscape 7.0 browser is now available. Upgrade now! 
http://channels.netscape.com/ns/browsers/download.jsp 

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Martin Thomas]

>From: [EMAIL PROTECTED] (TE)
>
>Bare with me as I am pretty new to Linux and everything that goes with it. My problem 
>consists
>of copying large files from my w2k client to my samba server. Files larger than ca 
>700 MB will,
>when moving ore copying to a samba share, stop in a error message that the network 
>path is no
>longer accessible. The â?oserverâ?, which samba is running on, starts to write to 
>the disk but
>there is no network activity and after a while the error message appears. I have 
>looked through
>all the forums and so on to see if I could find an answer, but no. I have however 
>found other
>users posting messages about the same problem, but never an answer that solved the 
>problem.
>Is there anyone who knows how to solve this problem?

Is the error message "network path is longer accessible" or "the network path is no 
longer
available"? If it's "no longer available" try this:
Check your Network, maybe dulpex-mode or transfer-rate are not correctly 
autonegotiated.
Try to set those to a fixed value for a client and the server and every managable 
device
(switch) between them.
Try to replace the network-interface-cards (NICs) in the server and the your 
test-client. Try
different hubs/switchs or use a crossover-cable to connect server and client directly 
if possible.

I'm one of those "other users" who posted about this problem. Later we found a wrong
transfer-speed setting in one of the managable switches. I had contact with around 10 
others
during the last year who had the same error message. All of them who wrote feedback had
bad network-hardware or wrong network-settings. I dont' think that this is a Samba 
problem.

Martin



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Marian Mlcoch, Ing]

Hi you must write version off samba,linux and network type you use? Afther x
MB stop?

- Original Message -
From: "TE" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 13, 2003 2:27 PM
Subject: [Samba] (no subject)


> Hi everybody!
>
> Bare with me as I am pretty new to Linux and everything that goes with it.
My problem consists of copying large files from my w2k client to my samba
server. Files larger than ca 700 MB will, when moving ore copying to a samba
share, stop in a error message that the network path is no longer
accessible. The “server”, which samba is running on, starts to write to the
disk but there is no network activity and after a while the error message
appears. I have looked through all the forums and so on to see if I could
find an answer, but no. I have however found other users posting messages
about the same problem, but never an answer that solved the problem. Is
there anyone who knows how to solve this problem?
>
> Best regards
> //
> Thomas E
>
>
> __
> The NEW Netscape 7.0 browser is now available. Upgrade now!
http://channels.netscape.com/ns/browsers/download.jsp
>
> Get your own FREE, personal Netscape Mail account today at
http://webmail.netscape.com/
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Terry Davis]

If I create the machine account manually:
smbldap-useradd -w -n foo$

then I can join the domain normally.

I cannot get samba to create the machine account automatically. I should
be able to do this.

ldapsearch -x returns everything, yes. :)

Thank you again for your help.


On Thu, 2003-01-09 at 09:24, Bradley W. Langhorst wrote:
> On Wed, 2003-01-08 at 20:58, Terry Davis wrote:
> > I am at a loss...thank you!
> > 
> > here is my config:
> > http://approbation.org/smb.conf
> i just took a look - it looks fine to me for a samba 2.2 ldap PDC.
> 
> are you sure that machine accounts are being created in /etc/passwd?
> if you've moved them to the ldap server then you don't need them in
> /etc/password
> 
> do you have the ldap server configured correctly?
> (ie ldapsearch -x returns all your users?)
> 
> brad
> -- 
> Bradley W. Langhorst <[EMAIL PROTECTED]>
-- 
Terry Davis
http://approbation.org/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Bradley W. Langhorst]

On Wed, 2003-01-08 at 20:58, Terry Davis wrote:
> I am at a loss...thank you!
> 
> here is my config:
> http://approbation.org/smb.conf
i just took a look - it looks fine to me for a samba 2.2 ldap PDC.

are you sure that machine accounts are being created in /etc/passwd?
if you've moved them to the ldap server then you don't need them in
/etc/password

do you have the ldap server configured correctly?
(ie ldapsearch -x returns all your users?)

brad
-- 
Bradley W. Langhorst <[EMAIL PROTECTED]>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Terry Davis]

I am at a loss...thank you!

here is my config:
http://approbation.org/smb.conf


On Wed, 2003-01-08 at 19:45, Bradley W. Langhorst wrote:
> On Wed, 2003-01-08 at 20:40, Terry Davis wrote:
> > I just ran across this myself.  I guess I dont understand why there
> > needs to be machine names in /etc/passwd if you are storing everything
> > in LDAP.  Am I missing a configuration option here?   Can one of you
> > samba geniuses point me in the right direction please?
> 
> there don't need to be machine names (or usernames) in /etc/passwd
> when using ldapsam...
> what does your smb.conf file look like?
> 
> i'm using the smbldap tools with no problems
> add machine script = /usr/sbin/smbldap-useradd.pl -w -n %u
> 
> i'm also using an nua backend (this is from samba3)
> passdb backend = ldapsam_nua:ldap://localhost/
> non unix account range = 1-2
> 
> 
> brad
> 
> -- 
> Bradley W. Langhorst <[EMAIL PROTECTED]>
-- 
Terry Davis
http://approbation.org/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Bradley W. Langhorst]

On Wed, 2003-01-08 at 20:40, Terry Davis wrote:
> I just ran across this myself.  I guess I dont understand why there
> needs to be machine names in /etc/passwd if you are storing everything
> in LDAP.  Am I missing a configuration option here?   Can one of you
> samba geniuses point me in the right direction please?

there don't need to be machine names (or usernames) in /etc/passwd
when using ldapsam...
what does your smb.conf file look like?

i'm using the smbldap tools with no problems
add machine script = /usr/sbin/smbldap-useradd.pl -w -n %u

i'm also using an nua backend (this is from samba3)
passdb backend = ldapsam_nua:ldap://localhost/
non unix account range = 1-2


brad

-- 
Bradley W. Langhorst <[EMAIL PROTECTED]>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Bryan Brannigan]

you should probably set "local master = no" if you have a Windows PDC
already running.

> -Original Message-
> From: Muhamad Riman [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 07, 2003 1:02 AM
> To: [EMAIL PROTECTED]
> Subject: [Samba] (no subject)
> 
> 
> From: Muhamad Riman <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Subject: samba join to NT PDC and WINS server
> X-IP: 202.146.253.47
> X-Mailer: Inbox Mailer (http://www.inbox.net)
> Hi, 
> I cannot use share in samba server 
> I Have NT PDC and WINS server,  I already install Red Hat 7.1. 
> I Would like to Share File from Red Hat 7.1 with NT Client in 
> my network. 
> 
> I already install samba in red hat 7.1 and configure smb.conf  : 
> 
> [global] 
> workgroup = MYdOMAIN (This is my domain NT) 
> netbios name = samba 
> security = domain 
> password server = DOM1 (Netbios name for PDC ) 
> encrypt password = Yes 
> local master = Yes 
> wins server = 192.11.11.19 (WINS SERVER in NT) 
> 
> [share] 
> path = /data 
> browseable = Yes 
> Writeable = yes 
> 
> I already do : smbpasswd -j MYdomain -r DOM1 
> 
> if i running nmblookup -u 127.0.0.1 SAMBA 
> it is show "name_query failed to find name SAMBA" 
> 
> thank 
> 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Carlos Oliva G.]

On Mon, 2003-01-06 at 12:54, Kononov Eldar wrote:
> Hello!
> I trying to setup Domain Controller with Samba,
> but I have some trouble.
> As I understood, I ought to create "Trust Account" for
> every mashine, and if mashine name is "vasya" then
> account should be "vasya$"
> but FreeBSD is not allowed to create accounts with "$" characters,
> 
> what should I do ?
> 
> Thanks!
> 
> /* spectre */

As the samba documentation outlines, this is not a major issue. You can
add the user without the $ character and then add it manually later by
editing the /etc/passwd and /etc/shadow files.

Regards,

-- 
Carlos Oliva G.
Igloo Sistemas Ltda.
Fono/Fax: +56 32 684798
[EMAIL PROTECTED] - http://www.igloo.cl

"I've been mad for fucking years, absolutely years, been over the edge
for yonks, been working me buns off for bands..." 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gareth Davies]

- Original Message -
From: "pondiboy -" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 03, 2003 12:10 PM
Subject: [Samba] (no subject)


> Hi there
>
> I have resently shifted from a windows server to a linux server (Mandrake
> 9.0). I have configured the /etc/samba/smb.conf file and I have the server
> shown in the network neibourhood of my win clients. But I am not able to
> login the server. Could anyone please help me??
>
> Thanks
>
> Pondiboy
>

Sure you need to make some changes to your /etc/samba/smb.conf and restart
smbd and nmbd and then everything should be fine.

Thanks.

Shaolin

P.S. How to ask questions:
http://www.security-forums.com/forum/viewtopic.php?t=249

Fine Manuals: http://us1.samba.org/samba/docs/



*
This email has been checked by the altohiway e-Sweeper Service
*

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Bryan Brannigan]

Then I think you should be ok.  Unless I'm wrong, the router will also act
as your DNS servers and all should resolve anyway.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Sommers, David (NIH/NIMH)]

The IP addresses are assigned via DHCP - a Linksys router.

David
David I. Sommers, Ph.D.
Scientific Review Administrator
Interventions Review Committee (ITV)
National Institute of Mental Health
6001 Executive Boulevard
Room 6144, MSC 9608
Bethesda, MD 20892
Rockville, MD 20852 (for express or courier service)
301-443-7861 - voice
301-443-4720 - fax
[EMAIL PROTECTED] - email


-Original Message-
From: Bryan Brannigan [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 26, 2002 3:38 PM
To: Samba List (E-mail)
Subject: RE: [Samba] (no subject)


Yes you can name the linux boxes anything you want, no you don't need a
domain... probably want to add the names and their respective IP addresses
to your hosts files.

> -Original Message-
> From: Sommers, David (NIH/NIMH) [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, December 26, 2002 3:34 PM
> To: '[EMAIL PROTECTED]'
> Subject: [Samba] (no subject)
> 
> 
> My ignorance is showing - so I can name the Linux boxes 
> anything I want -
> they are in the Windows workgroup but I don't have a domain - 
> do I? Can I
> name a domain - only on the LAN? And then each Linux box? 
> 
> I think I set up the shares in SWAT. Must I log on the 
> Windows and Linux
> machine as same user and password?
> 
> David
> David I. Sommers, Ph.D.
> Scientific Review Administrator
> Interventions Review Committee (ITV)
> National Institute of Mental Health
> 6001 Executive Boulevard
> Room 6144, MSC 9608
> Bethesda, MD 20892
> Rockville, MD 20852 (for express or courier service)
> 301-443-7861 - voice
> 301-443-4720 - fax
> [EMAIL PROTECTED] - email
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Bryan Brannigan]

Yes you can name the linux boxes anything you want, no you don't need a
domain... probably want to add the names and their respective IP addresses
to your hosts files.

> -Original Message-
> From: Sommers, David (NIH/NIMH) [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, December 26, 2002 3:34 PM
> To: '[EMAIL PROTECTED]'
> Subject: [Samba] (no subject)
> 
> 
> My ignorance is showing - so I can name the Linux boxes 
> anything I want -
> they are in the Windows workgroup but I don't have a domain - 
> do I? Can I
> name a domain - only on the LAN? And then each Linux box? 
> 
> I think I set up the shares in SWAT. Must I log on the 
> Windows and Linux
> machine as same user and password?
> 
> David
> David I. Sommers, Ph.D.
> Scientific Review Administrator
> Interventions Review Committee (ITV)
> National Institute of Mental Health
> 6001 Executive Boulevard
> Room 6144, MSC 9608
> Bethesda, MD 20892
> Rockville, MD 20852 (for express or courier service)
> 301-443-7861 - voice
> 301-443-4720 - fax
> [EMAIL PROTECTED] - email
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Gareth Davies]

- Original Message -
From: "Chris Candillo" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, December 23, 2002 7:05 PM
Subject: [Samba] (no subject)


> Hello. I am running Samba version 2.2.5 on Redhat Linux 8.0, kernel
version
> 2.4.18-14.  Encrypted passwords = yes; security = user; wins server
> =169.254.1.2; netbios name = SambaServer.  My client is Windows 2000,
> service pack 3.  I am only able to browse my samba shares only if I use
the
> ip address of my samba server. For example on Winddows 2000 I run: NET USE
> \\169.254.1.1, I can see the shares, I am also able to map drives, all is
> good.  If I run NET USE \\SambaServer, using the netbios name, I get
'Access
> Denied'.
>


*sigh*

2 minutes later after a quick visit to Google..

My setup was failing with this command:

H:\Documents and Settings\Dan Langille>net view \\xeon
System error 5 has occurred.

Access is denied.


H:\Documents and Settings\Dan Langille>

After doing the search mentioned in the previous section, I added this to
the [Globals] section of my smb.conf file.
nt acl support = no
Then I restarted samba:
/usr/local/etc/rc.d/samba.sh stop
/usr/local/etc/rc.d/samba.sh start
After adding that item, I was successful in that test:
H:\Documents and Settings\Dan Langille>net view \\xeon
Shared resources at \\xeon

Samba 2.2.6pre2

Share name  Type  Used as  Comment


---
public  Disk   A place to store stuff
The command completed successfully.


H:\Documents and Settings\Dan Langille>
That looks much better



Shaolin




*
This email has been checked by the altohiway e-Sweeper Service
*

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] (no subject)

[Rasmus Reinholdt Nielsen]

you should be able to login with any SAMBA users. Have you created a samba 
user named student?

smbpasswd -a student


/Rasmus

At 19:55 09-12-2002 +0800, akshay rawat wrote:
Win2k client is recognising the domain but is unable to logon . It
asks for the usrname/passwd , which usrname/passwd am i supposed to
give here . As shown in the smb.conf file below,admin user is set to
'student ' , but it does not accept this username , says ' unknown
username or bad password '. Earlier the trust account of the client
machine was created on the samba server . Please help . Using 2.2.3a
.

[global]
   netbios name = POGO
workgroup = NARNIA
   os level = 64
preferred master = yes
domain master = yes
local master = yes
security = user
 encrypt passwords = yes


domain logons = yes

logon path = \\%N\profiles\%u

logon drive = H:
logon home = \\homeserver\%u


logon script = logon.cmd

[netlogon]
path = /usr/local/samba/lib/netlogon
read only = yes
  [  write list = ntadmin


[profiles]
path = /export/smb/ntprofile
read only = no
create mask = 0600
directory mask = 0700





Thank you,
Akshay
--
__
http://www.linuxmail.org/
Now with POP3/IMAP access for only US$19.95/yr

Powered by Outblaze
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] (no subject)

[Robert Adkins]

I am unsure if that is quite possible... However, I think that it would   
be best to address this to a Windows Mailing list of some sort. There may   
well be an answer that you can alter to work with whatever Samba   
installation that you have.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804


 -Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 02, 2002 11:30 PM
To: [EMAIL PROTECTED]; Robert Adkins
Subject: [Samba] (no subject)

   

> How can I move the profile for a local
> user to the domain user?

Ever tried to copy the whole profile to a /home/%U/profile
and see what happens?

Perhaps you need to fix the SID in a couple of places.
It's bound to be fun.


_
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
 --
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
 --
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba