On Thu, Feb 16, 2006 at 09:11:54AM -, Batty, Richard wrote:
>
> The "Strong(er) authentication required" is down to a security setting on
> the windows server
>
> Security Policy: Domain Controller: LDAP server signing requirements =
> Require Signing
>
> Changing this to "None" will get
I wish this is possible...
"hide unreadable = yes" and then removing the r attribute may still not to
function in this case. I think this option prevents only from seeing the
unreadble files within the share not the share itself.
On 2/17/06, Peter <[EMAIL PROTECTED]> wrote:
>
> Hi everyone.
On Thursday 16 February 2006 09:07, Stefansson Håkan wrote:
> Hi,
>
> I am setting up a fileserver in an AD domain, using Samba 3.0.21b under
> Solaris 9. An Openldap server (version 2.3.17) is used fot the idmap
> backend.
>
> Following the Samba HOWTO Collection, chapter 6, I used the statement
>
I have successfully set up squid with ntlm_auth as per the Squid FAQ
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5 using a Win 2003 AD
for NTLM2 authentication.
The winbindd and nmbd servers are 3.0.20b, installed from Suse SLES 9 SP3.
There is a requirement to manage web surfing by grou
On Thu, 16 Feb 2006, [EMAIL PROTECTED] wrote:
An error occurred while reconnecting T: to \\wara01\TSMreports
Microsoft Windows Network: This local device name is already in use
This connection has not been restored
I received this error a couple of times before. But when I cleared out
the l
On Thu, 16 Feb 2006, [EMAIL PROTECTED] wrote:
I've been running Samba3.0.21a on two AIX5.3 servers for several weeks
with no major problems. Today, one of the servers stopped working. I
received the following message from Windows when I tried to access one of
the share drives:
What does
James,
IIRC, the CIFS protocol (as implemented by Microsoft) requires
listening ports 445/tcp & 139/tcp, with 137/udp &
138/udp. Configurable ports would tend to make interoperability
moot, hence the lack of port configuration info in the config file.
For version info, I'd suggest restartin
We have the same situation here. Apparently, users from domain-A
can properly connect/browse/etc. a server in domain-B (assuming
permissions OK, W2K3-based ADS) if the domains have a two-way trust
in place. But users from a "trusted" domain cannot access
Samba-server based resources, genera
I've been running Samba3.0.21a on two AIX5.3 servers for several weeks
with no major problems. Today, one of the servers stopped working. I
received the following message from Windows when I tried to access one of
the share drives:
An error occurred while reconnecting T: to \\wara01\TSMreport
Make the share name end with a $. For example, share$, will be hidden
from everyone. To access the share you would need to type
\\server\share$
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Peter
Sent: Thursday, February 16, 2006 4:21 PM
To: samba
Subj
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm watching the logs, and Samba is trying the following combinations for
_Get_Pwnam() with the name UserName in the domain DOMAIN:
domain+username
DOMAIN+UserName
DOMAIN+USERNAME
and then it trys:
username
UserName
USERNAME
however, all 6 fail bec
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe wrote:
I had to remove reference to some printer drivers
via tdbtool on ntdrivers.tdb.
1. Do I need to restart smbd and nmbd to make these
changes take effect?
2. If I restart smbd and nmbd will connected users get
Hi all,
I often have this type of message in my samba logs :
Feb 16 18:06:42 lxdata smbd[3731]: read_socket_data: recv failure for
4. Error = No route to host
and
Feb 16 18:06:42 lxdata smbd[3731]: [2006/02/16 18:06:42, 0]
lib/util_sock.c:read_socket_data(384)
I would like to know what it me
I have users from Domain A trying to browse a domain member samba server in
Domain B. Domain A and Domain B are both Windows 2k domains. Domain B has
a one way trust to A. A users can browse Domain B Windows server with no
problem so I no the trust is fine. Samba version is 3.0.21b on RH Linux
Thank you for your suggestions. I did all below and no luck, but I
found the answer. My mapping files are located in /var/cache/samba. I
discovered if I deleted the dir and created an empty dir of the same
name, it all worked.
Thanks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[
Hi,
I am setting up a fileserver in an AD domain, using Samba 3.0.21b under Solaris
9. An Openldap server (version 2.3.17) is used fot the idmap backend.
Following the Samba HOWTO Collection, chapter 6, I used the statement
ldap idmap suffix = ou=idmap,dc=uppsala,dc=se
in my smb.conf. This doe
If I understand what your saying, use a line such as valid user =
domain_user_name. If I'm logged in as mdp, but the share requires user
id xyz, the it should prompt you for a password automatically. At least
it does not my shares, but I also don't put in the browseable statement.
-Original
I have been unable to find what version of Samba is running on a
particular HP/UX server. The information is not included in the
../samba/lib/smb.conf where I am used to finding it. Also, I can not
tell what port they have configured on this box any tips?
John R. James, Jr.
Unix Engineer
PT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have now tried it with XFS as well :)
no go...
Jeremy Allison wrote:
|On Thu, Feb 16, 2006 at 02:27:49PM -0800, liz wrote:
|
|>-BEGIN PGP SIGNED MESSAGE-
|>Hash: SHA1
|>
|>What does it look for in the filesystem to detect acl support? It
On Thu, Feb 16, 2006 at 02:27:49PM -0800, liz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> What does it look for in the filesystem to detect acl support? It is
> compiled into Samba or at least its linked to the libacl libs. and the
> filesystem is mounted with acl's enabled. What
Remove the r attribute, like:
$ chmod -r folder
HTH
Oliver
Peter wrote:
Hi everyone. Can someone please tell me how to make shares invisible to
users who do not have any access to? Why should a user see a dozen shares
if they can access only one of them?
--
Peter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
What does it look for in the filesystem to detect acl support? It is
compiled into Samba or at least its linked to the libacl libs. and the
filesystem is mounted with acl's enabled. What check does it perform
to enable acl support? I have a fairly va
Michael Langas wrote:
I'm basically using the instructions found in the HP-UX readme with the
exception that I am trying to use the version of openldap that is in
iexpress instead of the one from hpux.cs.utah.edu.
The recommendations listed in the doc are:
HP-UX 11.00 and 11.11:
Ope
Peter wrote:
Hi everyone. Can someone please tell me how to make shares invisible to
users who do not have any access to? Why should a user see a dozen shares
if they can access only one of them?
hide unreadable = yes?
--
Best regards,
Charles
--
To unsubscribe from this list go to the fol
Correction...
I don't think these commands work in Samba 3.0.14 but they seem to work
in 3.0.20 to some extent...
I could migrate print queues successfully, I needed a add printer
command in my config and pl script to go with it.
I couldn't however migrate printer drivers.
__
Hi everyone. Can someone please tell me how to make shares invisible to
users who do not have any access to? Why should a user see a dozen shares
if they can access only one of them?
--
Peter
__
Find y
>I'm using Samba 3.0.14a
>I'm trying to migrate printers from a Windows server to my samba one.
>So I tried to use the following command :
>/net rpc printer migrate all Myprinter -S SERVER1
>--destination=SAMBAMIGR -U Administrator%mypasswd/
I don't think these commands work
I tried thi
When I try to connect to the Samba Domain this is the error message I
receive.
[2006/02/16 12:35:07, 0] utils/net_ads.c:ads_startup(191)
ads_connect: No results returned
Creation of workstation account failed
Unable to join domain DOMAIN-NAME
The machine account is created in the LDAP
This sounds like it might be somewhat related to the problem I posted
a query about earlier this week -- where domain local groups in
domain-A that contain users from (trusted/trusting) domain-B, are not
having the domain-B users being enumerated by winbind as group
members on Samba/winbind sy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Konecny wrote:
>>> 1. Do I need to restart smbd and nmbd to make these
>>> changes take effect?
>>>
>>> 2. If I restart smbd and nmbd will connected users get
>>> disconnected?
>>
>> No. smbd will pick up the changes.
>>
>
> My system is leading
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Trimble, Ronald D wrote:
> ads_connect for domain EU failed: Cannot contact any KDC
> for requested realm
The kerberos libraries don't know who to talk to in the EU realm.
This is why I recommend using DNS to resolve KDCs rather than
hard coding the
I can see the SID of the ID I am trying to authenticate with...
USTR-LINUX-1:~ # wbinfo -n EU\\inblr-auth1
S-1-5-21-606747145-879983540-1177238915-173280 User (1)
I have turned up the logging and added the EU domain to our krb5.conf.
My winbindd.log now shows the following:
[2006/02/16 14:14:58,
On Thu, Feb 16, 2006 at 11:40:08AM -0800, liz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Greetings,
>
> I am encountering a problem with Samba and setting acl's for
> files/directories from the security dialog on my Windows clients. I
> can easily toggle the file permissions. Ho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greetings,
I am encountering a problem with Samba and setting acl's for
files/directories from the security dialog on my Windows clients. I
can easily toggle the file permissions. However, it am not able to
add/remove user/groups from the GUI interfa
Hello,
I've come across a fairly unique situation and after much searching have
not found a solution. I thought I would see if anyone here has had any
experience with this before.
I have a location with two ADS domains with a two-way trust configured.
-For this example I will call them corp.com
Thanks after some reading I found a solution and am testing in a closed
environment atm, my next question would be, Once this is done - and the
Samba PDC is another host, what kind of impact will this have on clients?
Thanks
Wm
William Reid wrote:
Hi everyone,
I'm planning on moving out old
We are considering to update our Samba 3.0.5 PDC to 3.0.21 using
samba-3.0.21b-1.i386.rpm, and rpm -Uvh --test works. Whe have openldap
2.3.11 as passwd backend with samba.schema taken from samba-3.0.14 but
reading the docs (Samba-3 to Samba-3 Updates on the Same Server) it
states: "it is nece
We have a domain controlled by nt4 and are added 3 samba server to it.
The easiest way for us to handle user accounts on the linux machines
is to have a central repository of id's -- and then script adding the
accounts. We do not see building ldap as something that will work for
now.
I am thinkin
Hey all
I'm currently trying to use squid and samba/winbind to filter internet access
based on groups in a windows 2000 active directory domain. Im running Mandrake
10.1 Community and samba 3.0.10 installed from rpm.
Following the directions in the samba manual for setting up winbind I have:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe wrote:
> I had to remove reference to some printer drivers
> via tdbtool on ntdrivers.tdb.
>
> 1. Do I need to restart smbd and nmbd to make these
> changes take effect?
>
> 2. If I restart smbd and nmbd will connected users get
> disconnected?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ross McInnes wrote:
> I have all working fine and dandy AD and 6/7 Samba
> boxes getting user auth/details from the AD
> Normally you would specify the user shell in /etc/passwd,
> but to get AD authing working, getent passwd username
> returns /bin
Check out the template homedir and shell options.
David Shapiro
Unix Team Lead
919-765-2011
>>> "Ross McInnes" <[EMAIL PROTECTED]> 2/16/2006 11:15 AM >>>
Hi the list,
Bit of an odd one, have asked before but its now a real issue.
I have all working fine and dandy AD and 6/7 Samba boxes gettin
I remember seeing this before in my setup -- do you have REALMS
properly defined in your krb5.conf file for all of these other
domains? Getting the domains properly represented in krb5.conf fixed
the wbinfo --sequence output as well as allowed proper enumeration of
users from the other (truste
I had to remove reference to some printer drivers
via tdbtool on ntdrivers.tdb.
1. Do I need to restart smbd and nmbd to make these
changes take effect?
2. If I restart smbd and nmbd will connected users get
disconnected?
--
To unsubscribe from this list go to the following URL and read the
inst
Hi the list,
Bit of an odd one, have asked before but its now a real issue.
I have all working fine and dandy AD and 6/7 Samba boxes getting user
auth/details from the AD
Normally you would specify the user shell in /etc/passwd, but to get AD
authing working, getent passwd username returns /bin/
Running " getent passwd EU\\inblr-auth1 " doesn't return anything.
Although it does work successfully with my NA domain account.
The wbinfo --sequence command does reveal a little more information.
Here is the output.
wbinfo --sequence
LAC : DISCONNECTED
EU : DISCONNECTED
AP : DISCONNECTED
UIS :
Hello,
Well, it looks pretty cool. I can ssh in as DOMAIN+username. I could
not find a pam_mkhomedir for aix, but I am using a preexec to make the
home directories and templates to get around that for now. The question
is: how do I make it so some "domain users" can login in, but other
users c
At 04:06 PM 2/15/2006, Craig White wrote:
On Wed, 2006-02-15 at 14:42 -0600, Gerald (Jerry) Carter wrote:
> Don Meyer wrote:
> > At 08:24 AM 2/15/2006, Gerald (Jerry) Carter wrote:
> >> Oliver Schulze L. wrote:
> >> > Hi,
> >> > I use CentOS4 (RHEL4) and it seems that I was using /var/lib/samba
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Shapiro wrote:
> idmap_init: using 'rid' as remote backend
> Probing module 'rid'
> Probing module 'rid': Trying to load from
> /usr/local/samba/lib/idmap/rid.so
> ===
> INTERNAL ERROR:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Trimble, Ronald D wrote:
> Username EU\inblr-auth1 is invalid on this system
figure this out. That is the key. Does
"getent passwd 'EU\inblr-auth1'" return anything?
What does wbinfo --sequence show?
cheers, jerry
-BEGIN PGP SIGNATURE--
Hi list,
I have a coupla of questions regarding the NET command:
1) What flags are available with the net rpc user add command?
I says in the man pages that you can specify user flags with
the -F parameter but not which flags.
2) If I add a user with the net command it is automatically
At 08:25 AM 2/15/2006, Parker, Michael wrote:
I've configured a system to authenticate with an AD 2k3 domain (all
domain controllers have SP1) using winbind. I have joined the server to
the domain as well. I created some shares to work with AD groups.
Here's a quick snippet of a share from my sm
Perhaps:
chgrp ll_main/rhmps /u01/test
chmod 775 /u01/test
valid users = @ll_main/rhmps
David
David Shapiro
Unix Team Lead
919-765-2011
>>> "Parker, Michael" <[EMAIL PROTECTED]> 2/15/2006 9:25
AM >>>
Hi all,
I've configured a system to authenticate with an AD 2k3 domain (all
domain control
When I attempt to authenticate a user from another domain, I am seeing
some strange issues. My winbindd.log shows that I am indeed already
trusting the other domain. (I am a member of the na.uis.unisys.com
domain.) However, when I try to gain access to a share where the
username EU\INBLR-AUTH1
idmap_init: using 'rid' as remote backend
Probing module 'rid'
Probing module 'rid': Trying to load from
/usr/local/samba/lib/idmap/rid.so
===
INTERNAL ERROR: Signal 11 in pid 50910 (3.0.21b)
Please read the Trouble-Shooting section of the
On Thu, 2006-02-16 at 09:21 -0600, Gerald (Jerry) Carter wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gavin Simpson wrote:
>
> > Output from the two commands you asked me to run are here:
> > http://ecrc2.geog.ucl.ac.uk/samba/smbd.txt
> > and here:
> > http://ecrc2.geog.ucl.ac.uk/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gavin Simpson wrote:
> Output from the two commands you asked me to run are here:
> http://ecrc2.geog.ucl.ac.uk/samba/smbd.txt
> and here:
> http://ecrc2.geog.ucl.ac.uk/samba/strace.txt
Well from the strace output, it appears that smbd is in
fact ope
This time i add values to cn , the object class inetOrgPerson and a value
for sn.
After that i try to delete the machine account and it works.
Apparently it needs this object class as you said.
How can i do to add this class automatically when a add a machine account
using smbpasswd?
Thanks.
Andres
Ok,
It must be me being unclear.
Again... Some of the shares are implemented like this :
[share]
comment = share
path = /raid/share
writable = yes
browseable = yes
read only = no
public=yes
This means that everyone that is logged in to the xp ma
add "disable spoolss = yes" and your "Printers and Faxes" folder on the top
level share will be gone.
On 2/16/06, Louis van Belle <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> just a question about this.
>
> for example i also hide .files .directories
>
> BUT you will see the files if you dont set W
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Oliver Schulze L. wrote:
> Hi,
> just created:
> https://bugzilla.samba.org/show_bug.cgi?id=3518
>
> Should I announce here when I post a patch in bugzilla?
That's up to you. It's probably better to discuss patches
on the samba-technical ml.You'
On Thu, 2006-02-16 at 07:44 -0600, Gerald (Jerry) Carter wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gavin Simpson wrote:
>
> >> Thanks for the help. I just removed the file and tried
> >> a restart. Same problem as before and same messages in
> >> smbd.log. No secrets.tdb creat
I don't understand why you would want to have the user authenticate
again. If they are already signed into your domain and they try to
access a resource they have permission to, it should just let them in.
If they don't have access, it should prompt them for a valid username
and password.
Hey !
Yes, im in the 2k3 domain. I was under the impression that when i set,
security to ads or domain, it would ask the ads or domain server if
would be ok.
Ive set valid user to user1 for example, knowing that DOMAIN\user1 with
correct passwd can login to the domain on the xp machine.
I am no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gavin Simpson wrote:
>> Thanks for the help. I just removed the file and tried
>> a restart. Same problem as before and same messages in
>> smbd.log. No secrets.tdb created. I changed write permissions
>> on this directory temporarily to make it worl
password server = alg-conyers-ad1 NEXTSERVER
Cheers
Luis Rivera
Lima-Peru
From: "Parker, Michael" <[EMAIL PROTECTED]>
To:
Subject: [Samba] How to Make SMB server authenticate against multiple
ADserver
Date: Wed, 15 Feb 2006 09:35:16 -0500
I'm new to samba and I'm still trying to figure out
I see the attribute displayName(as allowed attribute) in these user object
classes:
-pabperson
-sambasamaccount
-smabagroupmapping
The user account has only this classes:
sambaSamAccount
account
top
Is this wrong?, the attribute could be in some classes at the same time?
Thanks,
Andres.
2006/2
Hi,
I have a samba server sharing some stuff. Now i want to enable access to
some share only to SOME users on the domain.
this is the smb.conf :
[global]
netbios name = DATASVR
server string = DATASVR
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It would like to change one with the gentlemen. It makes one year
that I have the samba functioning with ldap (PDC), but yesterday I had
a problem and still I did not find a possible solution for the
problem, in mine log I have the following message:
I will soon be implementing a Fedora Core 4 (or 5), 2.8MHz Xeon, 1GB
RAM, 2.5TB storage, gigabit ethernet server which will hold backup
copies of about 200 DVDs. These DVDs will be played through a gigabit
LAN to another Fedora Core 4 (or 5) workstation using xine which will
then output video
The "Strong(er) authentication required" is down to a security setting on the
windows server
Security Policy: Domain Controller: LDAP server signing requirements = Require
Signing
Changing this to "None" will get it working as a workaround. I believe this is
a bug with the samba team, but st
Take a look at pam_mount (http://pam-mount.sourceforge.net/)
On T , 2006-02-15 at 15:43 +, Toni Casueps wrote:
> I have Windows and Linux clients accessing a Samba share. In the /etc/fstab
> file of the Linux clients I use the credentials=... option so that the
> system mounts the share when
Hi Michael
The problem was resolved, actually there was no problem with samba
The problem was with my Windows Commander 5.11. It just cant delete
non-empty directories over samba.
But Windows Explorer can do that. So I'm happy.
Maybe newer versions of Windows Commanders (Total Commander) can do th
Gavin Simpson wrote:
On Wed, 2006-02-15 at 15:26 -0500, James Kosin wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gavin Simpson wrote:
Thanks for the help. I just removed the file and tried a restart. Same
problem as before and same messages in smbd.log. No secrets.tdb created.
I change
On Wed, 2006-02-15 at 15:26 -0500, James Kosin wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gavin Simpson wrote:
> >> Thanks for the help. I just removed the file and tried a restart. Same
> >> problem as before and same messages in smbd.log. No secrets.tdb created.
> >> I changed
Hi,
just a question about this.
for example i also hide .files .directories
BUT you will see the files if you dont set Windows Explorer
to dont display hidden files... !!!
Just set it to hide and your done.
Louis
>-Oorspronkelijk bericht-
>Van: [EMAIL PROTECTED]
>[mailto:[EMAIL PROT
76 matches
Mail list logo