WINS proxy
Hi, I am using samba-2.2.5 And I see, that when wins server and wins proxy is set, broadcast announcements does not do anything with WINS database. Is this behavior is right? I think, that host announcement should add this host to WINS database. Or it is solved in Samba-3.0? Thanks, Alex Torkhov.
Samba 3.0 alpha 19 released
Hi all! Samba 3.0 alpha 19 has just been released. Changes in this release: - Virtual registry framework with printing hooks (jerry) - Heavy registry updates (jerry) - Use 850 as the default DOS character set in smb.conf (tpot) - printer fixes - removed encoding of queueid in job number (jra) - A lot of small fixes (jra) - Don't crash on setfileinfo on printer fsp(jra) - fixed line buffer mode in XFILE(jra) - update samba.schema from 2.2 (jerry,idra) - Fix problem with oplock breaks and win2k - noticed by Lev Iserovich <[EMAIL PROTECTED]> (jra) - Update smbgroupedit to document -d - thanks to metze (abartlet) - Support weird behaviour used by win9x pass-through auth (abartlet,tpot) - Support for duplicating stderr in log files (abartlet) - Move startup time initialisation to server.c (abartlet) - *A lot* of fixes and cleanups (abartlet) - Fix up compiler warnings (abartlet) - Few small fixes (tpot) - Renamed new_cli_netlogon_* -> cli_netlogon_* (tpot) - Fixed segfault in net time when host is unavailable (tridge) - Ensure to be root when opening printer backend tdb (jra) - Merges from APPLIANCE_HEAD (tpot,jerry) - configure updates (tridge) - getgrouplist() updates (tridge) - Support for pdbedit to query account policy values (abartlet) - Allow one to create trusting domain account using smbpasswd (mimir,abartlet) - 'Net rpc trustdom list' (mimir, abartlet) - Fix fallback to anonymous connection (mimir, abartlet) - Fix for pdb_ldap and OpenLDAP 2.1 - Added support in swat to determine whether winbind is running (idra) - Add 'hide unwritable' option (idra) - Correct pickup of [homes] share after subsequent session setups (abartlet) - Update rebind code in pdb_ldap (abartlet) - Add some info levels to RPC srvsvc code - thanks to Nigel Williams" <[EMAIL PROTECTED]> (abartlet) - Small doc fixes (tridge) - good security patch from [EMAIL PROTECTED] (tridge) - fix minor nits in nmbd from [EMAIL PROTECTED] (tridge) - make sure async dns nmbd child dies (tridge) - interim fix for nmbd not registering DOMAIN#1b (tridge) - fix for smbtar filename matching (tridge) - Better quote handling in smb.conf (abartlet) - Support browsers setting multiple languages in swat (idra) - Changed str_list_make to be able to use a different separator string (idra) - Samsync support to insert account info into the pdb (tpot) - Don't hide unwritable dirs when 'hide unwritable' is enabled - suggested by Alexander Oswald <[EMAIL PROTECTED]> (idra) - Fix for handling sparse files in smbd (tridge) - Merges from 2_2 (jerry) - Minor printer fixes (jerry) - Add some checks to SID lookup code (abartlet) - Cascaded VFS (Alexander Bokovoy, idra) - Some netbios-less connections support in ADS mode (tridge) - ADS tweaks (tridge) - Fix plaintext passwords with win2k (tridge) - 'net ads info' reports IP of LDAP server (tridge) - Add some more RPC functions (jmcd) - Add 'smb ports = ' option (tridge) - Various small fixes (tridge) - Passdb security checks (abartlet) - Large winbind updates (abartlet) - Moved rpc client routines from libsmb to rpc_client (tpot) - Few nmbd fixes (jmcd) - Fix swat to handle new debug level code (idra) - Fix name length bug in namequeries (tridge) - Don't have client binaries depend on libs they don't use - patch from Steve Langasek <[EMAIL PROTECTED]> (abartlet) - Printing change notification (merged from HEAD_APPLIANCE) (jerry) - fix delete printer driver (from HEAD_APPLIANCE) (jerry) - Added pdb_xml and pdb_mysql (jelmer) - Update pdb_test (jelmer) - Fix security issues with %m (abartlet) - Support for service joins from win2k AND use SPNEGO (jmcd) - pdbedit -i and -e fix, add -b (idra) - textdocs converted to sgml (jelmer, jerry) - Merge netbios namecache code from APPLIANCE_HEAD (tpot) - Fix segs in new NTLMSSP code (abartlet) - Always make guest rid 501 (abartlet) The samba-3,0alpha19.tar.gz should be downloadable from all samba ftp mirrors from the alpha directory within a few hours. Jelmer -- Jelmer Vernooij http://samba.org/~jelmer/ Samba Team http://www.samba.org/ Running Samba version 2.999+3.0cvs20020723-1 for Debian
Re: Use less 'magic' environment variables
On Fri, 16 Aug 2002, Tim Potter wrote: > On Sat, Aug 17, 2002 at 09:18:22AM +1000, Andrew Bartlett wrote: > > Environment variables are more flexible - you can do things like: > > $ WINBINDD_DOMAIN=FOODOM getent passwd > > or my favourite: > > $ _NO_WINBINDD=1 killall -9 winbindd Hmmm, where do you use this? Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Re: Use less 'magic' environment variables
Simo Sorce wrote: > > On Fri, 2002-08-16 at 15:24, Andrew Bartlett wrote: > > This patch removes WINBINDD_DOMAIN, and some of the misguided (and > > fruitless) attempts to prevent winbind from calling smbd recursivly. (I > > fixed that the 'proper' way, and the worst case is a pipe timeout of 30 > > sec, not a lockup). > > Which is the 'proper' way? In smbd/uid.c I always just call the local routines for SIDs in our Domain, and for users in our Domain. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
Re: "case sensitive" parameter - was Re: Any help would be greatlyappreciated...
On Fri, 2002-08-16 at 02:17, John E. Malmberg wrote: > Tim Potter wrote: > > On Thu, Aug 15, 2002 at 12:29:32AM -0500, Gerald (Jerry) Carter wrote: > > > > Can't we get rid of the case sensitive option?. It just seems to cause > > people lots of uncessary pain. > > Strangely enough, having "case_sensitive = yes", makes SAMBA more > responsive for case insensitive file systems. Probably because with case sensitive = yes we avoid lot of code needed to handle case insensitivity. > It probably would be better to have SAMBA allow the VFS level to do the > file name matching, so that it can be taylored to the file system. Yes, I think we will go in that direction soon. > The OpenVMS file api that is eventually called by readdir() accepts a > wildcard mask. yes but probably accepted wildcards differs between NT and OpenVMS > So if a vfs_wild_reeaddir() existed, it would do the wildcard matching > and the wildcard file lookup could be optimized to the file system. yes of course, and there are also lot more advantages, like having a file system able to handle mangling directly. Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 signature.asc Description: This is a digitally signed message part
Patch for testparm.c - Re: Samba problems?
Hello everyone,
Hereby I would like to add my patch to the utils/testparm.c file;
Change line 54:
if (lp_wins_support() && wins_srv_count()) {
in to:
if (lp_wins_support() && lp_wins_server_list()) {
This wil solve testparm complaining: "ERROR: both 'wins support = true' and
'wins server = ' cannot be set in the smb.conf file. nmbd will abort
with this setting." while the parameter 'wins server=' is not used in
smb.conf.
With friendly greetings,
Eddie Lania.
- Original Message -
From: "Andrew Bartlett" <[EMAIL PROTECTED]>
To: "Eddie Lania" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, August 17, 2002 12:40 PM
Subject: Re: Samba problems?
> Eddie Lania wrote:
> >
> > Hello everybody,
> >
> > I am using Samba in networking environments at home and work.
> >
> > I am testing with samba.
> >
> > I compile the HEAD version from cvs with regular intervals but keep on
> > having the following problems.
> > In both environments, samba is
> > compiled --with-ldapsam, --with-smbmount, --with-nsswitch
>
> --with-ldapsam doesn't do anything any more, its in by default if you
> have ldap on the system. I don't think we even have a
> --with-nsswitch...
>
> > and --with-acl-support on a RedHat 7.0 system with openldap installed.
> >
> > Hopefully, the information in this message can be an usefull
contribution to
> > this list.
> > Please observe:
> >
> > - First the details of my smb.conf:
> >
> > [global]
> > passdb backend = ldapsam:ldap://localhost
> > ldap suffix = "dc=elton-intra,dc=net"
> > ldap user suffix = "ou=Users"
> > ldap machine suffix = "ou=Computers"
> > ldap admin dn = "cn=Manager,dc=elton-intra,dc=net"
> > ldap ssl = off
> > use spnego = No
> > workgroup = ELTON
> > time server = Yes
> > wins support = Yes
> > os level = 64
> > prefered master = Auto
> > domain master = Yes
> > local master = Yes
> > security = user
> > # security = ads
> > encrypt passwords = Yes
> > null passwords = Yes
> > passwd program = /usr/local/sbin/smbldap-passwd.pl
> > guest account = Guest
> > socket address = 192.168.169.192
> > interfaces = 192.168.169.0/24 127.0.0.1
> > bind interfaces only = Yes
> > remote announce = 192.168.168.150
> > remote browse sync = 192.168.168.150
> > domain logons = Yes
> > add user script = /usr/local/sbin/smbldap-useradd.pl -a -E
login.bat
> > %u
> > add machine script = /usr/local/sbin/smbldap-useradd.pl -g
102 -w %u
> > delete user script = /usr/local/sbin/smbldap-userdel.pl %u
> > logon path = \\%L\profiles\%U
> > logon drive = q:
> > logon home = \\%L\%U\.profile
> > logon script = login.bat
> > debug uid = Yes
> > log file = /var/log/samba3/%m.log
> > max log size = 0
> > [netlogon]
> > comment = Network Logon Service
> > path = /home/netlogon
> > read only = Yes
> > [homes]
> > path = /home/users/%U
> > read only = No
> > browseable = No
> > inherit acls = Yes
> > inherit permissions = Yes
> > csc policy = disable
> > [profiles]
> > comment = User Profiles share
> > path = /home/profiles
> > read only = No
> > inherit acls = Yes
> > inherit permissions = Yes
> > csc policy = disable
> > [users]
> > comment = Users directories
> > path = /home/users
> > read only = Yes
> > write list = @"Administrators"
> > inherit acls = Yes
> > inherit permissions = Yes
> > [public]
> > comment = Public Files share
> > path = /mnt/big_f32/public
> > force user = nobody
> > read only = No
> > [apps]
> > comment = Applications share
> > path = /mnt/big_f32/apps
> > force user = nobody
> > read only = No
> > [backup]
> > comment = Backup share
> > path = /mnt/big_f32/backup
> > force user = nobody
> > read only = Yes
> >
> > - Using this configuration, testparm outputs the following error:
> >
> > Processing section "[netlogon]"
> > Processing section "[homes]"
> > Processing section "[profiles]"
> > Processing section "[users]"
> > Processing section "[public]"
> > Processing section "[apps]"
> > Processing section "[backup]"
> > Load smb config files from /usr/local/samba/lib/smb.conf
> > Loaded services file OK.
> > ERROR: both 'wins support = true' and 'wins server = ' cannot be
set
> > in the smb.conf file. nmbd will abort with this setting.
> >
> > Altough the parameter 'wins server = ' is not defined in my
> > smb.conf.
> >
> > Is this a bug?
>
> Quite possible - have a look at the testparm source and see what you can
> figure out.
>
> > - When logging on from a windows 9xx client, there are no errors in t
Re: Samba problems?
On Sat, 2002-08-17 at 12:40, Andrew Bartlett wrote: > > User "eddie" is in ldap with (uidNumber 500) and member of group 201 (Domain > > Users), primairyGroupID 1403. > > This problem did not appear in 2.2.5 with ldapsam. > > We didn't have group support before now. You need to make sure the > primary group is listed in the group mapping tdb, using smbgroupedit. The group thing is pretty new and many do not know much about it. Maybe we can add anotice to show up in smbpasswd when you add a user without a 'know' primary group? -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 signature.asc Description: This is a digitally signed message part
Re: Use less 'magic' environment variables
On Fri, 2002-08-16 at 15:24, Andrew Bartlett wrote: > This patch removes WINBINDD_DOMAIN, and some of the misguided (and > fruitless) attempts to prevent winbind from calling smbd recursivly. (I > fixed that the 'proper' way, and the worst case is a pipe timeout of 30 > sec, not a lockup). Which is the 'proper' way? -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 signature.asc Description: This is a digitally signed message part
Re: Samba problems?
Eddie Lania wrote: > > Hello everybody, > > I am using Samba in networking environments at home and work. > > I am testing with samba. > > I compile the HEAD version from cvs with regular intervals but keep on > having the following problems. > In both environments, samba is > compiled --with-ldapsam, --with-smbmount, --with-nsswitch --with-ldapsam doesn't do anything any more, its in by default if you have ldap on the system. I don't think we even have a --with-nsswitch... > and --with-acl-support on a RedHat 7.0 system with openldap installed. > > Hopefully, the information in this message can be an usefull contribution to > this list. > Please observe: > > - First the details of my smb.conf: > > [global] > passdb backend = ldapsam:ldap://localhost > ldap suffix = "dc=elton-intra,dc=net" > ldap user suffix = "ou=Users" > ldap machine suffix = "ou=Computers" > ldap admin dn = "cn=Manager,dc=elton-intra,dc=net" > ldap ssl = off > use spnego = No > workgroup = ELTON > time server = Yes > wins support = Yes > os level = 64 > prefered master = Auto > domain master = Yes > local master = Yes > security = user > # security = ads > encrypt passwords = Yes > null passwords = Yes > passwd program = /usr/local/sbin/smbldap-passwd.pl > guest account = Guest > socket address = 192.168.169.192 > interfaces = 192.168.169.0/24 127.0.0.1 > bind interfaces only = Yes > remote announce = 192.168.168.150 > remote browse sync = 192.168.168.150 > domain logons = Yes > add user script = /usr/local/sbin/smbldap-useradd.pl -a -E login.bat > %u > add machine script = /usr/local/sbin/smbldap-useradd.pl -g 102 -w %u > delete user script = /usr/local/sbin/smbldap-userdel.pl %u > logon path = \\%L\profiles\%U > logon drive = q: > logon home = \\%L\%U\.profile > logon script = login.bat > debug uid = Yes > log file = /var/log/samba3/%m.log > max log size = 0 > [netlogon] > comment = Network Logon Service > path = /home/netlogon > read only = Yes > [homes] > path = /home/users/%U > read only = No > browseable = No > inherit acls = Yes > inherit permissions = Yes > csc policy = disable > [profiles] > comment = User Profiles share > path = /home/profiles > read only = No > inherit acls = Yes > inherit permissions = Yes > csc policy = disable > [users] > comment = Users directories > path = /home/users > read only = Yes > write list = @"Administrators" > inherit acls = Yes > inherit permissions = Yes > [public] > comment = Public Files share > path = /mnt/big_f32/public > force user = nobody > read only = No > [apps] > comment = Applications share > path = /mnt/big_f32/apps > force user = nobody > read only = No > [backup] > comment = Backup share > path = /mnt/big_f32/backup > force user = nobody > read only = Yes > > - Using this configuration, testparm outputs the following error: > > Processing section "[netlogon]" > Processing section "[homes]" > Processing section "[profiles]" > Processing section "[users]" > Processing section "[public]" > Processing section "[apps]" > Processing section "[backup]" > Load smb config files from /usr/local/samba/lib/smb.conf > Loaded services file OK. > ERROR: both 'wins support = true' and 'wins server = ' cannot be set > in the smb.conf file. nmbd will abort with this setting. > > Altough the parameter 'wins server = ' is not defined in my > smb.conf. > > Is this a bug? Quite possible - have a look at the testparm source and see what you can figure out. > - When logging on from a windows 9xx client, there are no errors in the > samba log file(s). > When logging on from Xp the next message is displayed in the log file: > > [2002/08/17 08:53:45, 0, effective(500, 500), real(0, 0)] > rpc_server/srv_util.c:get_domain_user_groups(342) > get_domain_user_groups: primary gid of user [eddie] is not a Domain group > ! > get_domain_user_groups: You should fix it, NT doesn't like that > > User "eddie" is in ldap with (uidNumber 500) and member of group 201 (Domain > Users), primairyGroupID 1403. > This problem did not appear in 2.2.5 with ldapsam. We didn't have group support before now. You need to make sure the primary group is listed in the group mapping tdb, using smbgroupedit. > - When a user logs on, a log file is created by samba first named to the ip > address of the wks, and then again is created with the wks's netbios name: > > ls of /var/log/samba3/ > > 192.168.169.253.log > log.nmbd > log.smbd > p450aukje.log > smbd.log > >
Samba problems?
Hello everybody, I am using Samba in networking environments at home and work. I am testing with samba. I compile the HEAD version from cvs with regular intervals but keep on having the following problems. In both environments, samba is compiled --with-ldapsam, --with-smbmount, --with-nsswitch and --with-acl-support on a RedHat 7.0 system with openldap installed. Hopefully, the information in this message can be an usefull contribution to this list. Please observe: - First the details of my smb.conf: [global] passdb backend = ldapsam:ldap://localhost ldap suffix = "dc=elton-intra,dc=net" ldap user suffix = "ou=Users" ldap machine suffix = "ou=Computers" ldap admin dn = "cn=Manager,dc=elton-intra,dc=net" ldap ssl = off use spnego = No workgroup = ELTON time server = Yes wins support = Yes os level = 64 prefered master = Auto domain master = Yes local master = Yes security = user # security = ads encrypt passwords = Yes null passwords = Yes passwd program = /usr/local/sbin/smbldap-passwd.pl guest account = Guest socket address = 192.168.169.192 interfaces = 192.168.169.0/24 127.0.0.1 bind interfaces only = Yes remote announce = 192.168.168.150 remote browse sync = 192.168.168.150 domain logons = Yes add user script = /usr/local/sbin/smbldap-useradd.pl -a -E login.bat %u add machine script = /usr/local/sbin/smbldap-useradd.pl -g 102 -w %u delete user script = /usr/local/sbin/smbldap-userdel.pl %u logon path = \\%L\profiles\%U logon drive = q: logon home = \\%L\%U\.profile logon script = login.bat debug uid = Yes log file = /var/log/samba3/%m.log max log size = 0 [netlogon] comment = Network Logon Service path = /home/netlogon read only = Yes [homes] path = /home/users/%U read only = No browseable = No inherit acls = Yes inherit permissions = Yes csc policy = disable [profiles] comment = User Profiles share path = /home/profiles read only = No inherit acls = Yes inherit permissions = Yes csc policy = disable [users] comment = Users directories path = /home/users read only = Yes write list = @"Administrators" inherit acls = Yes inherit permissions = Yes [public] comment = Public Files share path = /mnt/big_f32/public force user = nobody read only = No [apps] comment = Applications share path = /mnt/big_f32/apps force user = nobody read only = No [backup] comment = Backup share path = /mnt/big_f32/backup force user = nobody read only = Yes - Using this configuration, testparm outputs the following error: Processing section "[netlogon]" Processing section "[homes]" Processing section "[profiles]" Processing section "[users]" Processing section "[public]" Processing section "[apps]" Processing section "[backup]" Load smb config files from /usr/local/samba/lib/smb.conf Loaded services file OK. ERROR: both 'wins support = true' and 'wins server = ' cannot be set in the smb.conf file. nmbd will abort with this setting. Altough the parameter 'wins server = ' is not defined in my smb.conf. Is this a bug? - When logging on from a windows 9xx client, there are no errors in the samba log file(s). When logging on from Xp the next message is displayed in the log file: [2002/08/17 08:53:45, 0, effective(500, 500), real(0, 0)] rpc_server/srv_util.c:get_domain_user_groups(342) get_domain_user_groups: primary gid of user [eddie] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that User "eddie" is in ldap with (uidNumber 500) and member of group 201 (Domain Users), primairyGroupID 1403. This problem did not appear in 2.2.5 with ldapsam. - When a user logs on, a log file is created by samba first named to the ip address of the wks, and then again is created with the wks's netbios name: ls of /var/log/samba3/ 192.168.169.253.log log.nmbd log.smbd p450aukje.log smbd.log Note that 192.168.169.253 is the ip of p450aukje. Is this something to worry about? - Swat doesn't work properly: Whatever I have tried, I am unable to use swat because the authentication through the web interface failes. The only thing I receive in my webbrowser is a "401 Bad Authorization - username or password incorrect". Is this a bug? That's it for now. Thank you for any reply. With kind regards, Eddie Lania. ICT Manager. Industrie en handelsonderneming Elton B.V. the Netherlands buisiness page: http://www.elton.nl personal page: http://nl3lek.webhop.net
