Been there:
1. Compile Samba by yourself, remove WITH_DNS_UPDATE flag.
2. Disallow "allow insecure update" from DNS server.
3. Edit /etc/hosts, use shortname for your Samba server, then upon "net ads
join
" it will complain domain name not found hence will not update DNS.
Cheers
-David
2012/2/4 d
One question: amongst all those "other servers", how do we find which
server is the preferred one (by locality), in a programmatic way?
Cheers
-David
2012/1/17 Daniel Müller
> THis is what is working:
>
> Msdfs root and host msdfs and msdfs proxy are the things you need.
> You have a server let
Ever since upgrade to 3.6, wbinfo -u working but wbinfo -i hitting
WBC_ERR_DOMAIN_NOT_FOUND has been a headache, seems winbind always fails to
get the domain info for individual idmap the VERY FIRST TIME you start it
after upgrade or join a domain. Most of times I manage to solve it by
using:
Add following line to /etc/hosts
.
2011/12/24 Mike Howard
> Hi All,
>
> I've got samba4 set up as AD domain controller (from latest git), works
> fine. I'm now attempting to use a separate samba3 box as the file server
> (as I'm assuming this is current best practice?) but when joining the
Hello Lantukh,
Domain controller, LDAP server and kdc can be found by DNS, Samba consults
DNS server to find them. Therefore DNS server itself can be a single-point.
I'm guessing your myserver1 is used as the DNS server in this case and when
it's down you are in trouble.
Cheers
-David
2011/12/23
m using hash. I've found some interesting things that I've included in
> bug 8676 https://bugzilla.samba.org/show_bug.cgi?id=8676.
>
> Robert
>
> On Wed, Dec 21, 2011 at 5:33 PM, David Roid wrote:
>
>> Been there, you can try to add either "idmap config DOMAIN : d
Been there, you can try to add either "idmap config DOMAIN : default =
yes", or use old-fashion "idmap backend = ..." + "idmap uid = ..." + "idmap
gid = ..." to replace "idmap config * : ...", I don't know which one
actually fixed it.
2011/12/22 Dale Schroeder
> Originally filed by Robert LeBlan
Hi Steve,
Do you have
idmap config * : backend = ...
idmap config * : range = ...
in your smb.conf (besides domain specific backend and range)?
Regards
-David
2011/12/21 steve
> Works for a while, then falls over:
>
> wbinfo -u
> hh3$
> administrator
> dns-hh3
> krbtgt
> guest
> lynn2
>
> w
Have you considered you may have already reached the best under your
network condition?
Cheers
-David
2011/12/15 sathishkumar kanagaraj
> Hi,
>
>i am using "smb2 max read/write/credits" value 5 times the default
> value in smb.conf file. Even this changes i am getting similar performance
>
Got it, thanks for the clarification.
2011/12/6 Jeremy Allison
> On Tue, Dec 06, 2011 at 02:16:34AM +0800, David Roid wrote:
> > Hi Jeremy,
> >
> > I can understand the limit of acl_xattr because every specific file
> system may
> > impose a limit on number of ext
Hi Jeremy,
I can understand the limit of acl_xattr because every specific file system
may impose a limit on number of extended attributes. But now that with
acl_tdb ACLs are stored in tdb file, should not there be nothing to do with
file system?
Regards
-David
2011/12/6 Jeremy Allison
> On Mon
I think multiple Samba servers running in VMs is only as good as multiple
Samba servers running on different physical hosts. The fact of VMs inside
one physical host doesn't provide any special IPC between Samba servers
inside VMs, they are independent and unaware of each other, so you have to
mana
Do you enable LDAP in NSS?
2011/11/21 tony archibald
> OS = RHEL 5
> samba version 3.0.33-3.29
> openldap 2.3
>
> is it possible to have linux users stored in an ldap directory and still
> use the passdb backend = smbpasswd.
> I have an existing smbpasswd password db and an existing set of lin
Greetings list,
This sounds sort of twisted but in its essence Windows ADS has an LDAP
server too, so here is what I do hoping it'll work:
1. Install Utilities and SDK for UNIX-based application and Identity
Management for UNIX on Windows server 2003, create a new OU named "idmap".
2. Configure
I suppose this number is subject to both file system and Samba vfs object,
whichever comes first to its limit.
-David
2011/11/15 adrian.berlin
> Many thanks for response.
> Do you recommend any good tool to backup ACLs?
>
> I have another question about how many ACLs can be stored in acl_xattr
I don't think your configuration is right, "map untrusted domain", "allow
trusted domains" are not supposed to work with "security = user".
2011/11/5 schlit...@bluewin.ch
> Hi
>
> I have a question/problem about winbind and the "map untrusted to domain"
> (=yes) parameter.
>
> I use samba 3.6.0
Thanks, Michael. But in my case, neither of smbclient/mount.cifs works with
SMB2.
-David
2011/10/17 Michael Wood
> Hi
>
> On 17 October 2011 11:35, David Roid wrote:
> > Greetings list,
> >
> > I just upgraded to samba 3.6.0 trying SMB2. Though Windows 2008 R2 can
Greetings list,
I just upgraded to samba 3.6.0 trying SMB2. Though Windows 2008 R2 can work
with SMB2 shares just fine, I'm unable to access SMB2 shares with mount.cifs
or smbclient, even with "-m smb2" specified -- I get this
"Unrecognised protocol level smb2", whereas smbclient comes with
samba
Check out what does /var/log/samba/log say about logon failure? Also do you
enable "ntlm auth"?
-David
2011/9/1 Bruno Martins
> On 08/31/2011 06:57 PM, Dale Schroeder wrote:
> > Bruno,
> >
> > This is not a valid option:
> >
> > idmap backend = 192.168.0.2
> >
> > The default is tdb, but there
Try a really long username then you'll see the difference.
-David
2011/8/11 Linda Walsh
> I realized in looking at my smb.conf, I'm not using these in
> a consistent manner, and well I just don't understand what the
> differences are between them.
>
> Sure I can read the smb.conf page:
>
Hello list,
The issue is as the topic says, following are details: the Samba server
running as ADS member, NBT enabled on Windows machines, no WINS. Windows
machines can find each other by 'nbtstat -a' but cannot find the Samba
server. The Samba server can't find neither Windows machines nor itsel
Ok, thanks for your replies, frankly I still don't understand why Samba
behaves like this, sounds like an inherent issue, then I can live with that.
2011/6/25 Linda Walsh
> Dale Schroeder wrote:
>
>> On 06/24/2011 12:11 AM, Linda W wrote:
>> David was trying to view and change permissions on a u
Hello everyone,
Got a weird ACL issue:
First of all, my Linux host is fully ACL enabled (kernel support, file
system support, mount with xattr, library support, samba compilation
support, all set).
Then a share is created with vfs acl_xattr and ea support on, got mounted on
a Windows client as a
Greetings list,
After my Samba 3.5.8 server left then rejoined the same Windows 2003 AD, I
found that some Windows users, to be exact, those who has got their ACE
explicitly set in the ACL are displayed as UIDs, instead of their names.
This can be observed by getfacl or Windows explorer, and it wo
Greetings list,
I was looking at the wiki "samba and clustering" and a ctdb.pdf, admittedly
both are quite old (2006 or 2007) and I don't know how things change over
years, but I just have two questions about LMASTER:
< this is from pdf >
LMASTER fixed
● LMASTER is based on record key only
● LMAS
I think what you really need is clusterd file system..
2011/1/8 Emiliano Bonassi
> Hi,
> i'm Emiliano this is my first mail to samba mailing list.
> I have to solve this issue for a company. They need to had a folder, shared
> over CIFS for windows/mac clients, that is always available, also if
Thanks for the clarification.
2010/12/29 TAKAHASHI Motonobu
> 2010/12/29 David Roid :
> > Further experiment reveals that if "vfs objects" is removed then "create
> > mask" works. I know vfs_acl_xattr is needed to keep windows ACL here ( I
> > suppose it
Hello list,
I've got a question from reading Using Samba 3rd, where it puts:
... the final permission is caculated by below filters in the order used by
Samba:
1. Apply any DOS attribute mapping options << I take this as
either map DOS attributes to execute bits, or store DOS attribu
Hello list,
I am trying an environment with Samba 3.5 running as a WIN2003 AD member,
which (say MYAD) is mutually trusted with another YAAD, plus an openldap
server as idmap backend, winbind is also used. So my concerns are
two-folded.
1. Why users from trusted domain can do nothing
>From samba
It works! Thanks Harry!
2010/10/26 Harry Jede
> On 18:33:12 wrote David Roid:
> >
> > Q2: How to parse smbstatus to capture service column and pid column?
> > as in case of homes share the service is named as username, while
> > domain username may contain whitespac
Hello list,
I'm running a samba 3.5.3 CTDB cluster, found the output is different
Q1: What does the "0:" mean in pid column? There was no such stuff in
non-CTDB smbstatus output.
samba_01:~ # smbstatus -S 2>/dev/null
Service pid machine Connected at
Greetings list,
Have a situation that doesn't fail but with inconsistent results:
With a Samba 3.5.4 running as AD member, and map an AD user into a local
user on Samba server, configurations are like below:
smb.conf: username map = /usermap.txt
usermap.txt: foo = MYDOM\bar
Then try to
Hello, no one dealt with this before? Short question, can I get "smbclient
-L //localhost -U%" without authenticate against AD controller (when network
down), if I'm local samba server root user.
2010/9/7 David Roid
> Hello list,
>
> Accidentally I found that when netwo
Hello list,
Accidentally I found that when network is down "smbclient -L localhost -U%"
became slow however it still succeeded after like half a minute.
This is weird because my Samba server is running inside AD,
Q1. How can smbclient authenticate without talking to AD controller? I think
in thi
Hello list,
I noticed that connections from the same client to different shares have got
the same pid on samba server, please refer to the out put below:
# net status shares
Service pid machine Connected at
---
foo 1751 real
smb: \> ls
do_list: [\*] NT_STATUS_OBJECT_PATH_NOT_FOUND
Error in dskattr: NT_STATUS_OBJECT_PATH_NOT_FOUND
"smbclient //localhost/ -U" works just fine, again.
Samba ver = 3.5.3 and the homes share is a msdfs root.
2010/8/10 David Roid
> Hello list,
>
> I'm run
Hello list,
I'm running a samba server in AD domain, with some AD users explicitly
mapped into local users by "username map = sambauser.map", which is a text
file.
Problem is found with explicitly mapped user, I can only access home share
by //server/, not //server/homes (using windows explorer).
Hello all,
I have a Samba 3.5 server running in an AD domain and domain users can
access nonpublic shares with their credentials. Good since this is what I
want.
However accidentally I found that local users (of the server itself) could
also access nonpublic shares with their credentials. Is this
38 matches
Mail list logo
