Ya that's not really an option, I don't control the AD servers, so no
suf or schema extensions.
But what I'm finding make it pretty clear there is no way to replace
NFS with SMB for a large multiuser system. I find that very
disappointing given the age of the samba project. I really figur
Okay I've run out of cool ideas and am hoping that someone can offer a
brilliant solution to this problem.
I'm attempting to deploy a RHEL 5.3 server as a shared ssh servers,
user home directories are coming off a Windows 2008 fileserver. I
though autofs would be the winning solution but i
DCs?
G.
- Original Message - From: "Derek Harkness" <[EMAIL PROTECTED]
>
To: "Samba List"
Sent: Monday, December 08, 2008 4:40 PM
Subject: [Samba] AD controller problems.
In my AD setup I have 3 domain controllers (dc1, dc2, dc3) when
samba/ winbind are ta
2, 2008, at 11:04 AM, Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Derek Harkness wrote:
Hello All,
I'm integrating an existing unix environment into an exist AD
environment. I'm thinking of switching from nssldap to nss_winbind
but
have one problem. My
In my AD setup I have 3 domain controllers (dc1, dc2, dc3) when samba/
winbind are talking to dc1 everything is great when talking to dc2 or
dc3 I get this error "kinit succeeded but ads_sasl_spnego_krb5_bind
failed: Strong(er) authentication required" and nothing works. I
don't think its a
On Dec 2, 2008, at 11:04 AM, Gerald (Jerry) Carter wrote:
No but this would be easy to implement. The nss_info API allows
you to write a new plugin. if you code in C, I can point you right
at what to do. Maybe an hour's work.
Seems doing able. Point me where I need to go.
Thanks!
Derek
-
Hello All,
I'm integrating an existing unix environment into an exist AD
environment. I'm thinking of switching from nssldap to nss_winbind
but have one problem. My user's home directories are in the format
of /home/user/<$first letter>/<$second letter>/<$username> (/home/user/
d/h/dhakn
Cool thanks.
-W did the trick.
Derek
On Dec 1, 2008, at 13:12 PM, Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey Derek,
Derek Harkness wrote:
net sam addmember gives me "Adding local group member failed with
NT_STATUS_NO_SUCH_ALIAS".
OT:default = yes
Oh and to confuse the matter a bit more, the AD is setup to use pass
thru authentication to an external kerberos realm.
Thanks,
Derek
On Dec 1, 2008, at 12:11 PM, Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Derek Harkness wrote:
I am a
I am attempting to set the SePrintOperatorPrivilege right on my RHEL
5.2 samba server and need some guidance. The samba box is currently
joined to an AD forest in which I have a delegated OU, I do not have a
Domain Admin account. Samba seems to want/need an Admin account in
order to make
Okay I found the solution to this problem. It appears you shouldn't
run winbindd on a samba PDC.
Derek Harkness
Data Security Analyst Senior
University of Michigan-Dearborn
(313) 593-5089
On Jan 31, 2008, at 08:08 AM, Derek Harkness wrote:
I've got a very odd situation occ
I've got a very odd situation occurring. I recently upgraded to Samba
2.0.26a and now secondary group membership doesn't work.
On the filesystem I have this layout
/derek
/derek/Folder 1
/derek/Folder 2
derek has these ACLs
# file: derek
# owner: root
# group: root
user::rwx
group::r-x
other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Nov 28, 2005, at 3:37 AM, Fabio wrote:
Hi!
On Thu, 2005-11-24 at 09:53 +1000, Adam Nielsen wrote:
If "printer admin" is deprecated, what option replace it?
I'm not sure, I was wondering this same question myself.
printer admin is still val
We use AFS/Kerberos/LDAP to provide home directories to our Linux/
Unix/OSX users, our Windows users connect into our Samba domain.
Samba has pretty good AFS support for gatewaying SMB <-> AFS
requests, at a minor weakening of filesystem security. I'm hoping
Samba4 will allow me to use Ker
I've been using Samba as an AFS gateway since December 04 and it's
been working great but I recently deployed a 3.0.14a server and now
samba isn't honoring AFS acls. It is enforcing unix mode permissions
which is completely the wrong behavior in this case.
For example I have a directory wi
The cool thing is, I didn't either I simply forgot to comment one
out. But hey I'll certainly make use of it.
Derek
On Oct 4, 2005, at 9:46 AM, Marcel de Riedmatten wrote:
Le mar 04/10/2005 à 14:57, Derek Harkness a écrit :
Thanks! I was doing some testing this morning and fou
time.
Thanks again,
Derek
On Oct 4, 2005, at 8:52 AM, Marcel de Riedmatten wrote:
Le ven 30/09/2005 à 15:37, Derek Harkness a écrit :
When setting up an LDAP PDC do I have to have both user and machines
in the ou=People container? Here's what I've got.
LDAP Tree
ou=People,o=umd.um
When setting up an LDAP PDC do I have to have both user and machines
in the ou=People container? Here's what I've got.
LDAP Tree
ou=People,o=umd.umich.edu
ou=NIS,ou=Groups,o=umd.umich.eud
ou=machines,ou=Samba,ou=Services,o=umd.umich.edu
ou=Idmap,ou=Samba,ou=Services,o=umd.umich.edu
smb.conf
This maybe more appropriate on the developers list but I'll ask here
first.
Anybody know if any improved support for AFS is being added to either
samba 3 or 4? We currently share all user home directories, shared
files, web sites, etc. etc. from AFS using Samba. This setup is
working gr
wrote:
Derek Harkness wrote:
Is it better to setup lots of small print servers or one big
print server?
I've currently got 1 print server serving up about 55 printers.
All the server does is Samba and CUPS the box has 2 2.8gig P4
xeon, 2 gigs of RAM and a load average of 3. Which i
Is it better to setup lots of small print servers or one big print
server?
I've currently got 1 print server serving up about 55 printers. All
the server does is Samba and CUPS the box has 2 2.8gig P4 xeon, 2
gigs of RAM and a load average of 3. Which is way to high since
users are comp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have been moving printers from lpd printing to samba print queues.
Drive installs, point-n-print, and everything else is working well
but I can't for the life of me figure out how to make print job collate.
I've been searching on how to corre
Does anyone have any recommendations or possibly patches to allow WINS
replications from a Samba PDC to a Samba BDC?
Thanks!
Derek
My lack of knowledge is only exceeded by my lack of concern.
--Anonymous GE Engineer
PGP.sig
Description: This is a digitally signed message part
--
To unsubscribe
Is it possible to limit where a user can logon? I would like to limit
which users can logon to which workstations. I've found an application
called Userlock but was wondering if anyone had a more open source
solution.
Thanks!
Derek
Failure is not an option. It comes bundled with your Microsof
Does anybody have a way of dynamically selecting which server a user's
home drive get mapped to?
I have two servers sharing the same AFS file space, and I want to load
balance home drive mappings between them. I'm hoping for something I
can put in the smb.conf as opposed to mapping in the logo
Has anybody found a fix for the Access 2003 printing? I've got a
couple of work arounds but neither is a good long term solution.
1) Set the default printer to something other then a Samba print queue.
2) Map the Samba print queue to a dos LPT port.
Thanks,
Derek
To boldly go where I surely don'
Try turning off the pre-compiled header all together. Under
Project->Settings then the C/C++ tab and the Precompiled Headers pull
down.
Derek
On Jan 26, 2005, at 9:35 AM, Kelly S. Smelser wrote:
I've tried setting dos filetimes = yes and dos filetime resolution =
yes, but this brought no chang
Okay I've recently started have some problems with the Samba AFS code.
If I'm doing mass data operations, deleting 14 GB of data (lots of
files), copying lots of files, etc. I'll get access denied error at
random times. If I let everything sit for a few minutes then I can
continue the operati
Which version of openafs do I need to compile AFS support into samba.
I tried compiling Samba 3.0.7 but get a setpag() undefined error, when
building against OpenAFS 1.2.11.
Thanks,
Derek
Isn't sanity just a one-trick pony anyway? I mean, all you get is that
one trick, rational thinking, but w
The easiest solution here is WINS.
wins support = yes
in smb.conf. Then configure your workstations to use the new wins
server, this can be set through dhcp if you're using dhcp. Other
config options that might be useful.
# This allow the workstation to create a machine account in the domain
a
Has anyone gotten wins sync between samba server working? I've got two
Samba 3.0 boxes (PDC and BDC) and I want to run a wins server on each
and have the two sync up is this possible? Are there plans to make it
possible?
Derek
Not one shred of evidence supports the notion that life is serious
On Aug 12, 2004, at 7:57 AM, Alex Sharaz wrote:
3). Copy smbpasswd, secrets.tdb and smbusers from old server/etc/samba
to new server/etc/samba
Don't copy the secrets.tdb, most of the information in secrets.tdb is
server specific. The information piece of information in the file is
the domain S
I ran into a similar problem when the last field in the password file
was LCT-.
Derek
On Aug 5, 2004, at 3:56 PM, Tim Tyler wrote:
Samba experts,
I am running samba 3.0.3-5 of Samba on Fedora core 2
(Red Hat). I am trying to use encrypted passwords.
However, when a user tries to
I haven't seen that error before. But here is my PDC config, this is
Samba 3 btw.
[global]
workgroup = SMBDOMAIN
netbios name = PDC
server string = %h server (Samba %v)
nt status support = yes
lanman auth = no
wide links = no
log level = 2
I currently use Poledit to create an ntconfig.pol which works well. Of
course poledit sucks major butt. So if you've got another suggestion
I'd love to hear it.
Derek
On Aug 3, 2004, at 11:48 AM, [EMAIL PROTECTED]
wrote:
Hi @all,
I have some question I can't find a explanation.
I have a stan
Are you using encrypted passwords?
Derek
On Aug 1, 2004, at 1:42 PM, Lupe Christoph wrote:
On Sunday, 2004-08-01 at 10:26:49 -0700, chad work wrote:
I can see the shares, I can map, for example, the J:
drive to "shared", but cannot switch to it by typing:
"J: enter".
I'm having the same problem. Le
quantum home # adduser -g machines -s /bin/false -d /dev/null
quantumwin
quantum home # passwd -l quantumwin
When adding a machine account to the unix password file it needs to
have a $ at the end of the name. Also the last time I checked the only
user who could join a machine to the domain in
I'm in the process of setting up a similar environment, I'm just
working at it from the other side. I've got the Samba environment and
I'm adding the kerberos/afs to it. Be sure to compile with the
--with-afs option.
Samba hand crafts AFS tokens on the users behalf, this means
maintaining tw
Edit the smb.conf for you needs and "net rpc join -UAdministrator"
should be the trick.
Derek
On Jul 23, 2004, at 1:30 AM, my diva wrote:
hi...mailers
i have s PDC server. and i have two client using windows and Linux. In
windows client no problem but in Linux client i have the problem.
so...ho
I ran into a similar problem and finally determine that I didn't have
the group mapping correct. Do a "net groupmap list" a verify the your
"Domain Admins" group is mapped to the correct unix group and that
whatever user you're using is in that group.
I was having trouble mostly because of my
I've been fighting with winbind for several months now have yet to get
it to work according to the documentation.
I've got a Samba 3.0.4 PDC, named PDC, running on a Debian linux box,
and I'm trying to add a second linux box, FCSPRTSRV. I can successful
join the domain using net rpc join -U dh
There is a registry setting that can be used to redirect the My
Documents and AppData folders.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\She
ll Folders\Personal
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\She
ll Folders\AppData
Have fun!
Der
Just found a solution to that this morning.
Here is the script I've been testing, replace ServerName and PrinterName
' VBScript.' Guy Thomas February 2004.
' http://computerperformance.co.uk
' Purpose of script to create a local printer
' **
Dim net
Set net = Cr
I have a Samba 3.0.4 PDC and several domain member servers and for the
most part everything appears to be working. Do I need to manually sync
domain group maps?
net groupmap list on a member server indicates that no maps have been
established.
net groupmap list on the PDC has the correct mapp
I'm wondering how other samba admins are dealing with system policies.
I've been use the System Policy Editor but it's VERY limited and
extremely inflexible. Are there any better tools for creating .pol
files?
Thanks,
Derek
Failure is not an option. It comes bundled with your Microsoft produc
g to join the domain.
Good luck--
Sam Barasch
Computer Systems Support
Dept. of Biostatistics
University of Wisconsin in Madison
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Behalf Of Derek Harkness
Sent: Monday, June 07, 2004 11:20 AM
To: [EMAIL PROTECTED]
Sub
other things. You might want to think about migrating
to the
tdb password backend instead. It's more reliable.
Jason
-Original Message-
From: Derek Harkness [mailto:[EMAIL PROTECTED]
Sent: Monday, June 07, 2004 12:00 PM
To: Jason Gray
Subject: Re: [Samba] XP Joining domain
More
think about migrating to
the
tdb password backend instead. It's more reliable.
Jason
-----Original Message-
From: Derek Harkness [mailto:[EMAIL PROTECTED]
Sent: Monday, June 07, 2004 12:00 PM
To: Jason Gray
Subject: Re: [Samba] XP Joining domain
More details...
I'm not using lda
I'm attempting to join a Samba 3.0.4 domain on a Debian linux box, with
a Windows XP client.
Problems
1) Can only get the join to work if I use the root account. On Win2k I
can use any account in the Domain Admins group.
2) The join succeeds, the unix account and the smb account are created
bu
Samba 2.2 currently but I will be upgrading it to Samba 3.
Thanks,
Derek
On Jun 7, 2004, at 11:30 AM, Hamish wrote:
What is your PDC running?
Derek Harkness wrote:
Thanks!
In my environment we have a small department that manages servers and
the network, but we leave end user support to each
o supply their own usernames etc for joining
If you are using a samba PDC i remember there are some tools for GPO
type stuff...
Sorry a bit vague but it might help :)
Derek Harkness wrote:
I've been googling for a while now and haven't found a decent answer
to this question.
How do I a
ase look in the description of bug report 1383 for
more detail.
Regards, Hans.
https://bugzilla.samba.org/show_bug.cgi?id=1383
-Original Message-----
From: Derek Harkness [mailto:[EMAIL PROTECTED]
Sent: 4. juni 2004 09:22
To: [EMAIL PROTECTED]
Subject: [Samba] Winbind problem?
I've got a Samba PD
I've been googling for a while now and haven't found a decent answer to
this question.
How do I allow users to join the domain without handing out a domain
admin level account? Is there someway to limit what other domain
features this account has access to?
Thanks,
Derek
PGP.sig
Description
I've got a Samba PDC and a Samba domain member server. I successfully
joined the domain, started winbind and run the wbinfo -p; wbinfo -t
tests, both succeeded. But if I do a winbind -g I only get
BUILDIN/group and if I do a wbinfo -u I get "Error looking up domain
users". But ntlm_auth succ
I've got a Samba PDC running 2.2.8a. I'm attempting to add a domain
member server. The member server is a linux box running Samba 3.0.4.
PDC config
[global]
workgroup = UMD
server string = %h server (Samba %v)
status = yes
netbios name = Samba
lanman auth = no
wide links = no
Okay got everything compiled and attempted to added my afs key to
secrets.tdb and I'm getting the error.
"Could not write keyfile to secrets.tdb"
So can I get another clue on how to make this work. I'm using the
command "net afskey afs.keytab umd.umich.edu".
Does my cell name have to be the s
Okay I don't think what I want to do is possible but here goes. I want
to deploy a samba domain for my windows clients, but I want samba to
use AFS on the back end. But AFS requires kerberos to get tickets and
tokens. So is there anyway to make this work. I personally don't care
if samba ac
57 matches
Mail list logo
