Hi volks,
i want to ask if the fs_acl_xattr and vfs_acl_tdb in samba 3.3 are
now stable or if its planned to be stable in 3.4
What is the experience with this vfs modules in 3.3 ?
Bye,
Andy
--
To unsubscribe from this list go to the following URL and read the
instructions:
Hi,
i visited wiki.samba.org and read the Release Planning for Samba 3.2
information and the Release Planning for Samba 3.3 information.
So my question is:
Is samba 3.2 development stopped and all concentration given to Samba
3.3 ? Because there isnt any further release note available for
Chavez, James R. schrieb:
I am using 3.2.3, so it must be available for this version?
I do not see it in the man smb.conf output if it is. Any links or docs
available out there that can help me grasp this a little better. Gotta
ask.
I cant see something in the man smb.conf too, but i found a
d tbsky schrieb:
hi:
we have a 2003 R2 domain. it is running on 2003 native mode. we
want to setup some samba member file servers. our client is windows
xp.
i try samba 3.2 with security = domain and idmap backend = rid.
it seems fine. but i saw there are more advanced options in samba
I'm not a Samba developer but in the latest releases of the 3.0.x tree
you can use the idmap backend of nss to get the old behavior of
mapping the Windows account name to the same account name in Unix.
mmm for idmap backend the man smb.conf say:
idmap_tdb (default)
idmap_ldap
idmap_rid
Hi Michael,
ah, ok.
Was this feature add since 3.0.29 ? I could see nothing in the changelog
since 3.0.28.
It sounds interesting.
You must not be using 3.0.28. The config format changed and they made
an nss backend available.
--
To unsubscribe from this list go to the following URL and
to migrate the uids/gids.
I hope a samba developer could answer this question positive :-)
Bye,
Andy
Thanks
James
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Adam
Sent: Friday, September 12, 2008 2:19 AM
To: Andreas Ladanyi
Cc: samba
with SFU or the RFC2307 schemata extension you could add the
uids/gids by yourself and built a setup with the existing ids from
/etc/passwd and /etc/group or NIS.
I wish you the very best ;-)
Andreas Ladanyi
vishesh schrieb:
Thanks for reply
The SID of windows users and groups is same
vishesh schrieb:
dear all
i am running samba 3.0.28 on two server and using winbind to get active
directory users and group. the problem i facing is attach the uid
assigned for same user is diffrent on samba servers.
The uid saved in the Active Directory is different from the winbind
Linux
Hallo Wolfgang,
[woma]
comment = test folder for ads
path = /home/woma
browseable = yes
read only = No
guest ok = no
create mask = 0770
directory mask = 0770
guest ok = no - Result is you have to authenticate if you want to
access this share !
So you have to to define a valid user list:
[EMAIL PROTECTED] schrieb:
Hi Andy,
Thanks for the answer but I've tryed this already.
With
guest ok = yes
And/or
valid users = TESTDOM\awm013 awm013 testdom\awm013 AWM013
I haven't set the winbind seperator so it should be ok to use \
And also with guest ok = yes I still get the
Andreas Ladanyi schrieb:
Hi everybody,
the force user/group does a great work.
But i have to set an ACL with Samba when a file/directory is created.
Does Samba have an integrated mechanism ?
My alternative idea is to use the preexec and postexec method.
Bye,
Andy
I found out:
i have
Hi Alexandre,
i have not seen your smb.conf, but
guest ok = yes
browseable = yes (to get the share listet in the explorer)
should work.
We use security = ads and it works.
Is the guest = ok parameter accepted by samba ? Does samba run ?
You could test your smb.conf with the testparm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Hi,
with NIS the compat Mode in /etc/nsswitch.conf was
available. So you could exclude user/group from login to
the host. I read this mechanism is not possible
with winbind.
If you are using pam_winbind, look
Hi everybody,
the force user/group does a great work.
But i have to set an ACL with Samba when a file/directory is created.
Does Samba have an integrated mechanism ?
My alternative idea is to use the preexec and postexec method.
Bye,
Andy
--
To unsubscribe from this list go to the
Hi Doug,
i read your mail intently and would thank you for your detailed
illustration. ;-)
I would change the parameter you suggest and would do some more tests to
verify for my comprehension.
Bye,
Andy
Doug VanLeuven schrieb:
Andreas Ladanyi wrote:
There is one UNIX attribute tab
Hi,
with NIS the compat Mode in /etc/nsswitch.conf was available. So you
could exclude user/group from login to the host. I read this mechanism
is not possible with winbind.
Is there any solution to solve this issue ?
Bye,
Andy
--
To unsubscribe from this list go to the following URL and
There is one UNIX attribute tab and one Members Of tab.
During some tests we discover the following facts
=
In UNIX attribute tab:
winbind is only interested in the UID field -
in ldap tree the attribute uidnumber.
If you're
Hay Jerry,
Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Ok ! Could it be true this behavior is different between
security=domain and security=ads ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
Andrei Mikhailovsky schrieb:
Hi
I was wondering if anyone came across an issue with Vista with SP1 and
usernames that have @ in their usernames (example [EMAIL PROTECTED]).
The login to samba network stopped working once i have installed SP1.
The message I get is:
The local Session Manager
Hi Jerry,
Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Hi,
after deleting winbindd_idmap and winbindd_cache.tdb files:
For security =domain AND security=ADS !
wbinfo -u /-g /-t are ok !
getent passwd is ok.
getent group shows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Winbind honors the Windows group membership and not
necessarily msSFU30PosixMemberOf attributes.
So it should be enough if you give the Windows group a GID in tab UNIX
attribute in Active Directory and you have to do
Hi,
smbclient i60ws1\\public_html -U ladanyi
results in:
[2008/08/17 10:43:10, 0] smbd/service.c:make_connection_snum(1003)
'/var/www/public_html/IPR-OFFICE/ladanyi' does not exist or
permission denied when connecting to [public_html] Error was Permission
denied
I use the:
winbind
then the destination string is:
/home/IPR-OFFICE/IPR-OFFICE/ladanyi
I think the:
winbind use default domain
parameter only affect to wbinfo and PAM for login ??
Bye,
Andy
Andreas Ladanyi schrieb:
Hi,
smbclient i60ws1\\public_html -U ladanyi
results in:
[2008/08/17 10:43:10, 0] smbd
The answer is to use %U instead %u (from the old smb.conf) then
everything work :-)
Andreas Ladanyi schrieb:
Hi,
smbclient i60ws1\\public_html -U ladanyi
results in:
[2008/08/17 10:43:10, 0] smbd/service.c:make_connection_snum(1003)
'/var/www/public_html/IPR-OFFICE/ladanyi' does
Hi,
after deleting winbindd_idmap and winbindd_cache.tdb files:
For security =domain AND security=ADS !
wbinfo -u /-g /-t are ok !
getent passwd is ok.
getent group shows different group memberships as ldapsearch with filter
msSFU30PosixMemberOf.
smb.conf - winbind:
winbind separator = /
Hi together,
The user information are stored in ActiveDirectory with SFU 3 schemata
extension.
Some days ago i changed the security mode from:
domain - ADS
I did a:
net ads join -U..
with the result DNS Update failed, but the join seems to be ok.
Now the problem is the user and group
Hi together,
The user information are stored in ActiveDirectory with SFU 3 schemata
extension.
Some days ago i changed the security mode from:
domain - ADS
I did a:
net ads join -U..
with the result DNS Update failed, but the join seems to be ok.
Now the problem is the user and group
Volker Lendecke schrieb:
On Tue, Aug 12, 2008 at 12:23:18AM +0200, Andreas Ladanyi wrote:
why is this parameter deprecated ?
I have to set this parameter if i want to get my user/group information
from Active Directory with SFU AD schemata extension.
Is there a new parameter instead
Hi Douglas,
thank you.
I have forgotten the winbind architecture changed since 3.0.25
:-)
Andy
In the meantime, use idmap config, something like this:
winbind nss info = sfu
idmap domains = DOMAINNAME
idmap config DOMAINNAME:readonly = yes
idmap config DOMAINNAME:default =
Hi Douglas,
thank you.
I have forgotten winbind architecture changed since 3.0.25
:-)
Buy,
Andy
In the meantime, use idmap config, something like this:
winbind nss info = sfu
idmap domains = DOMAINNAME
idmap config DOMAINNAME:readonly = yes
idmap config DOMAINNAME:default =
Hi,
why is this parameter deprecated ?
I have to set this parameter if i want to get my user/group information
from Active Directory with SFU AD schemata extension.
Is there a new parameter instead of idmap backend ???
Buy Andy
--
To unsubscribe from this list go to the following URL and
Hi,
it seems that all is working perfectly, but if start an net ads join i
get the message DNS Update failed ! .
What is the consequence if i dont care about this message ? Is the Samba
Server (ADS member) only not registered in the ADS DNS tree ?
Buy,
Andy
--
To unsubscribe from this
Hi,
Following situation:
1 Vista Client
1 Samba Server 3.0.24
1 2003 R2 AD Server
Samba Server is ADS member of 2003 Server.
The Vista client could only connect to share on the Samba Server if the
user authenticate local.
If the user authenticate to the domain on Vista Client, then the
Hay Andrew,
i read you use idmap backend = ad.
Did you install the AD schemata addon for POSIX data. For example MS SFU
or AD4UNIX ?
in our environment we installed MS SFU 3.5. This is a part of the 2003
R2 server Installation, but you have set a tick in windows
compenent7software setup to
Hello,
I want to configure share for Windows like Postboxes. A user has a directory.
He could do with content what ever he want. All the world could only put in
files in the user directory.
I think this must be the Unix permissions: rwx --- -w-
How should i configure this share in samba ? I
Hi all,
is it possible to configure winbind to not ask for the Domain-Users Group ?
All my users should not be member of this primary Group, because i created my
own Unix Group in the AD. Is it possible to change the Group membership to this
Unix Group to get winbind out of asking for
Hi,
Did i understand it correctly that the difference between security=ADS and
security=domain is ADS will use Kerberos and domain will not ?
I configured my winbind with security=ADS. Could i change this to domain ?
How do you think about the security question ?
Andy
Hi all,
ldapsearch shows uidNumber attribute from ad.
samba 0.24
security=ads
idmap backend = ad
no idmap uid/gid ranges because ids are saved in AD ?!!
winbind nss info = sfu or rfc2307
wbinfo-t -u- g OK !
net ads join or net rpc join - OK.
pam_winbind OK !
log.winbind: cat out for
39 matches
Mail list logo
