Hi volks,
i want to ask if the "fs_acl_xattr" and "vfs_acl_tdb" in samba 3.3 are
now "stable" or if its planned to be stable in 3.4
What is the experience with this vfs modules in 3.3 ?
Bye,
Andy
--
To unsubscribe from this list go to the following URL and read the
instructions: https://li
Hi,
i visited wiki.samba.org and read the "Release Planning for Samba 3.2"
information and the "Release Planning for Samba 3.3" information.
So my question is:
Is samba 3.2 development stopped and all concentration given to Samba
3.3 ? Because there isnt any further release note available fo
Chavez, James R. schrieb:
I am using 3.2.3, so it must be available for this version?
I do not see it in the man smb.conf output if it is. Any links or docs
available out there that can help me grasp this a little better. Gotta
ask.
I cant see something in the "man smb.conf" too, but i found a
Hi Michael,
ah, ok.
Was this feature add since 3.0.29 ? I could see nothing in the changelog
since 3.0.28.
It sounds interesting.
You must not be using 3.0.28. The config format changed and they made
an nss backend available.
--
To unsubscribe from this list go to the following URL and r
I'm not a Samba developer but in the latest releases of the 3.0.x tree
you can use the idmap backend of "nss" to get the old behavior of
mapping the Windows account name to the same account name in Unix.
mmm for "idmap backend" the man smb.conf say:
idmap_tdb (default)
idmap_ldap
idmap_rid
id
d tbsky schrieb:
hi:
we have a 2003 R2 domain. it is running on 2003 native mode. we
want to setup some samba member file servers. our client is windows
xp.
i try samba 3.2 with "security = domain" and "idmap backend = rid".
it seems fine. but i saw there are more advanced options in samba
h the Windows AD information, without to migrate the uids/gids.
I hope a samba developer could answer this question positive :-)
Bye,
Andy
Thanks
James
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Adam
Sent: Friday, September 12, 20
use with SFU or the RFC2307 schemata extension you could add the
uids/gids by yourself and built a setup with the existing ids from
/etc/passwd and /etc/group or NIS.
I wish you the very best ;-)
Andreas Ladanyi
vishesh schrieb:
Thanks for reply
The SID of windows users and groups is s
vishesh schrieb:
dear all
i am running samba 3.0.28 on two server and using winbind to get active
directory users and group. the problem i facing is attach the uid
assigned for same user is diffrent on samba servers.
The uid saved in the Active Directory is different from the winbind
Linux s
[EMAIL PROTECTED] schrieb:
Hi Andy,
Thanks for the answer but I've tryed this already.
With
guest ok = yes
And/or
valid users = TESTDOM\awm013 awm013 testdom\awm013 AWM013
I haven't set the winbind seperator so it should be ok to use \
And also with guest ok = yes I still get the password
Hallo Wolfgang,
[woma]
comment = test folder for ads
path = /home/woma
browseable = yes
read only = No
guest ok = no
create mask = 0770
directory mask = 0770
guest ok = no -> Result is you have to authenticate if you want to
access this share !
So you have to to define a "valid user" list:
Andreas Ladanyi schrieb:
Hi everybody,
the force user/group does a great work.
But i have to set an ACL with Samba when a file/directory is created.
Does Samba have an integrated mechanism ?
My alternative idea is to use the "preexec" and "postexec" method.
Bye,
And
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Hi,
with NIS the "compat" Mode in /etc/nsswitch.conf was
available. So you could exclude user/group from login to
the host. I read this mechanism is not possible
with winbind.
If you are using pam_winbind, l
Hi Alexandre,
i have not seen your smb.conf, but
guest ok = yes
browseable = yes (to get the share listet in the explorer)
should work.
We use "security = ads" and it works.
Is the "guest = ok" parameter accepted by samba ? Does samba run ?
You could test your smb.conf with the "testparm" pr
Hi,
with NIS the "compat" Mode in /etc/nsswitch.conf was available. So you
could exclude user/group from login to the host. I read this mechanism
is not possible with winbind.
Is there any solution to solve this issue ?
Bye,
Andy
--
To unsubscribe from this list go to the following URL and
Hi Doug,
i read your mail intently and would thank you for your detailed
illustration. ;-)
I would change the parameter you suggest and would do some more tests to
verify for my comprehension.
Bye,
Andy
Doug VanLeuven schrieb:
Andreas Ladanyi wrote:
There is one "UNIX attribute
Hi everybody,
the force user/group does a great work.
But i have to set an ACL with Samba when a file/directory is created.
Does Samba have an integrated mechanism ?
My alternative idea is to use the "preexec" and "postexec" method.
Bye,
Andy
--
To unsubscribe from this list go to the follo
There is one "UNIX attribute" tab and one "Members Of" tab.
During some tests we discover the following facts
=
In "UNIX attribute" tab:
winbind is only interested in the UID field ->
in ldap tree the attribute "uidnumber".
I
Hay Jerry,
Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Ok ! Could it be true this behavior is different between
"security=domain" and "security=ads" ?
Because we had to put the user to the group:
- firs
Andrei Mikhailovsky schrieb:
Hi
I was wondering if anyone came across an issue with Vista with SP1 and
usernames that have @ in their usernames (example [EMAIL PROTECTED]).
The login to samba network stopped working once i have installed SP1.
The message I get is:
The local Session Manager serv
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Winbind honors the Windows group membership and not
necessarily "msSFU30PosixMemberOf" attributes.
So it should be enough if you give the Windows group a GID in tab "UNIX
attribute" in Active Director
Hi Jerry,
Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Hi,
after deleting winbindd_idmap and winbindd_cache.tdb files:
For security =domain AND security=ADS !
wbinfo -u /-g /-t are ok !
getent passwd is ok.
getent group shows
Hi Daniel,
is solved this issue with the parameter:
client ntlmv2 use = yes
in smb.conf.
But my Linux Server is an ADS member (security=ads). I dont know exactly
if this is required so that the parameter above will work.
http://www.arktur.de/FAQ/28_120_de.html?highlight=lsa
Grüße,
Andy
D
The answer is to use %U instead %u (from the old smb.conf) then
everything work :-)
Andreas Ladanyi schrieb:
Hi,
smbclient i60ws1\\public_html -U ladanyi
results in:
[2008/08/17 10:43:10, 0] smbd/service.c:make_connection_snum(1003)
'/var/www/public_html/IPR-OFFICE/ladanyi'
destination string is:
/home/IPR-OFFICE/IPR-OFFICE/ladanyi
I think the:
winbind use default domain
parameter only affect to wbinfo and PAM for login ??
Bye,
Andy
Andreas Ladanyi schrieb:
Hi,
smbclient i60ws1\\public_html -U ladanyi
results in:
[2008/08/17 10:43:10, 0] smbd
Hi,
smbclient i60ws1\\public_html -U ladanyi
results in:
[2008/08/17 10:43:10, 0] smbd/service.c:make_connection_snum(1003)
'/var/www/public_html/IPR-OFFICE/ladanyi' does not exist or
permission denied when connecting to [public_html] Error was Permission
denied
I use the:
winbind u
Hi,
after deleting winbindd_idmap and winbindd_cache.tdb files:
For security =domain AND security=ADS !
wbinfo -u /-g /-t are ok !
getent passwd is ok.
getent group shows different group memberships as ldapsearch with filter
"msSFU30PosixMemberOf".
smb.conf - winbind:
winbind separator =
Hi together,
The user information are stored in ActiveDirectory with SFU 3 schemata
extension.
Some days ago i changed the security mode from:
domain -> ADS
I did a:
net ads join -U..
with the result "DNS Update failed", but the join seems to be ok.
Now the problem is the user and gro
Hi together,
The user information are stored in ActiveDirectory with SFU 3 schemata
extension.
Some days ago i changed the security mode from:
domain -> ADS
I did a:
net ads join -U..
with the result "DNS Update failed", but the join seems to be ok.
Now the problem is the user and gro
Hi Douglas,
thank you.
I have forgotten winbind architecture changed since 3.0.25
:-)
Buy,
Andy
In the meantime, use idmap config, something like this:
winbind nss info = sfu
idmap domains = DOMAINNAME
idmap config DOMAINNAME:readonly = yes
idmap config DOMAINNAME:default = y
Hi Douglas,
thank you.
I have forgotten the winbind architecture changed since 3.0.25
:-)
Andy
In the meantime, use idmap config, something like this:
winbind nss info = sfu
idmap domains = DOMAINNAME
idmap config DOMAINNAME:readonly = yes
idmap config DOMAINNAME:default = ye
Volker Lendecke schrieb:
On Tue, Aug 12, 2008 at 12:23:18AM +0200, Andreas Ladanyi wrote:
why is this parameter deprecated ?
I have to set this parameter if i want to get my user/group information
from Active Directory with SFU AD schemata extension.
Is there a new parameter instead of
Hi,
it seems that all is working perfectly, but if start an "net ads join" i
get the message "DNS Update failed !" .
What is the consequence if i dont care about this message ? Is the Samba
Server (ADS member) only not registered in the ADS DNS tree ?
Buy,
Andy
--
To unsubscribe from thi
Hi,
why is this parameter deprecated ?
I have to set this parameter if i want to get my user/group information
from Active Directory with SFU AD schemata extension.
Is there a new parameter instead of "idmap backend" ???
Buy Andy
--
To unsubscribe from this list go to the following URL and
Hay Andrew,
i read you use "idmap backend = ad".
Did you install the AD schemata addon for POSIX data. For example MS SFU
or AD4UNIX ?
in our environment we installed MS SFU 3.5. This is a part of the 2003
R2 server Installation, but you have set a tick in "windows
compenent7software setup"
Hi,
Following situation:
1 Vista Client
1 Samba Server 3.0.24
1 2003 R2 AD Server
Samba Server is ADS member of 2003 Server.
The Vista client could only connect to share on the Samba Server if the
user authenticate local.
If the user authenticate to the domain on Vista Client, then the Vist
Hello,
I want to configure share for Windows like Postboxes. A user has a directory.
He could do with content what ever he want. All the world could only put in
files in the user directory.
I think this must be the Unix permissions: rwx --- -w-
How should i configure this share in samba ? I wo
Hi,
Did i understand it correctly that the difference between "security=ADS" and
"security=domain" is ADS will use Kerberos and domain will not ?
I configured my winbind with security=ADS. Could i change this to "domain" ?
How do you think about the security question ?
Andy
__
Hi all,
is it possible to configure winbind to not ask for the "Domain-Users" Group ?
All my users should not be member of this primary Group, because i created my
own Unix Group in the AD. Is it possible to change the Group membership to this
Unix Group to get winbind out of asking for "Domai
Hi all,
ldapsearch shows "uidNumber" attribute from ad.
samba 0.24
security=ads
idmap backend = ad
no idmap uid/gid ranges because ids are saved in AD ?!!
winbind nss info = sfu or rfc2307
wbinfo-t -u- g OK !
net ads join or net rpc join -> OK.
pam_winbind OK !
log.winbind: cat out f
40 matches
Mail list logo