We have been directed to move off a SAMBA domain to a server 2003R2
domain. We run roaming profiles with samba and would like to continue
this on 2003R2. After bringing all the XPSP3 desktops into the 2003R2
domain, roaming profiles wont work. I'm not even trying to use the
SAMBA generated
On 10/12/2010 01:05 PM, Douglas Phillipson wrote:
To create a "Trust" between Samba and a W2003 AD Domain, does the
Samba machine have to be a domain member also?
Doug P
I'm not clear on something. My goal is to have our AD users access a
samba share without having to enter
To create a "Trust" between Samba and a W2003 AD Domain, does the Samba
machine have to be a domain member also?
Doug P
On 10/11/2010 11:29 PM, Daniel Müller wrote:
"http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/InterdomainTrust
s.html#id2621046"
Problems with LDAP ldapsam and Ol
oops, should be using a machine arg, tried:
/var/lib/samba/sbin/smbldap-useradd.pl -w -c "Domain Trust" ECN$
Still get error:
failed to add entry: at /var/lib/samba/sbin//smbldap_tools.pm line
497, line 283.
DOug P
On 10/11/2010 10:29 AM, Douglas Phillipson wrote:
When trying
.
Thanks
Doug P
On 10/11/2010 09:53 AM, Douglas Phillipson wrote:
I'm trying to establish a two way non-transitive trust between a W2003
A/D box and our SAMBA domain.
We are using smbldap so we can log in on any of the linux boxes with
the same passwd.
Samba is version 3.0.33 on Re
I'm trying to establish a two way non-transitive trust between a W2003
A/D box and our SAMBA domain.
We are using smbldap so we can log in on any of the linux boxes with the
same passwd.
Samba is version 3.0.33 on Redhat Enterprise.
It's easy to create the trust on the Windows side with AD Do
Can a samba domain user login successfully to a PC in the domain if the
PC is not connected to the network? This assumes the user has logged on
at some point in the past to get their credentials on the local PC of
course.
Is this a "Standard" feature of SAMBA (allowing Cached credentials) or
Logging on with XP, with our desktop profile across a 10mbps wan,
takes a LONG time to transfer even just 5mb of profile data. Any
suggestion on tweaks to speed this up would be greatly appreciated.
Other protocols like ftp, rcp and scp are 10 to 20 times faster.
Regards
Douglas
Being that you SAMBA developers had to work so hard to reverse engineer
the AD protocols. Will there soon be improvements and more full
featured functionality in SAMBA now that you have access to more
documentation? Is anything on the order of a fully feature AD clone in
the works. Also, how
Is it possible to establish a two way trust relationship between a SAMBA
Domain and Win2003 AD Domain such that Users in the SAMBA domain can log
on to machines in the W2003 Domain and users in the Windows Domain can
log on to XP machines in the SAMBA Domain?Is this a domain trust, a
machi
We have a new Cyber Security professional on our staff that now says we
can't use Samba for the following reasons:
At this time any appearance that Samba-3 is capable of acting as a
domain controller in native ADS mode is limi
Douglas Phillipson wrote:
With Samba v3.x and WinXP, if there is a local profile on the users PC
when the user logs on while hooked to a Samba DC, should the PC check
for the DC profiles password prior to checking the local profiles
password? I have a client PC, originally with no local
With Samba v3.x and WinXP, if there is a local profile on the users PC
when the user logs on while hooked to a Samba DC, should the PC check
for the DC profiles password prior to checking the local profiles
password? I have a client PC, originally with no local profile, the
user logs in to the
After changing the IP address of our samba server (3.0.10), our users
can't logon. We use ldap authentication, which all worked fine for more
than a year prior. The samba log shows attempts as "guest" rather than
the user's name. Also logging in as root on an XP box translates to
user guest,
Is nobody else losing their Outlook profile/path to pst when using
roaming profiles?
Doug P
Douglas Phillipson wrote:
We are having a problem getting the path to the Outlook PST file to move
from machine to machine using roaming profiles (Samba 3.0.10 on RHEL 4).
When a user logs off on one
We are having a problem getting the path to the Outlook PST file to move
from machine to machine using roaming profiles (Samba 3.0.10 on RHEL 4).
When a user logs off on one machine and logs on to another, the
outlook path to the PST file is gone. I found this message in the
archive back in 2
I got these several years ago, but we are having problems with Outlook
with roaming profiles so I want to check and see if something new should
be added to this list of mods for roaming profiles.
-
Go to Local Computer Pol
I have the Official Samba 3 and Samba-3 by example books, although not
the second edition copies. But I can't seem to find out how to push out
patches and hotfixes with Samba. Is this not possible at this time?
I don't have a lot of experience with Windows but I am going to have to
deal with
I'd like to do some research prior to posting questions here but all I
see in the archives are monthly gzip'd files. I there a single file in
say mbox format I can grab, or is there another search/query mechanism I
don't know about?
Thanks
Doug P
--
To unsubscribe from this list go to the fo
I have the Official Samba 3 and Samba-3 by example books, although not
the second edition copies. But I can't seem to find out how to push out
patches and hotfixes with Samba. Is this not possible at this time?
I don't have a lot of experience with Windows but I am going to have to
deal with
I'd like to do some research prior to posting questions here but all I
see in the archives are monthly gzip'd files. I there a single file in
say mbox format I can grab, or is there another search/query mechanism I
don't know about?
Thanks
Doug P
--
To unsubscribe from this list go to the fo
Since I get so much from this list I thought I would share a project
I've been working on and how it works with samba (3.0.1). It is Samba
related so I hope it's not off topic.
I've set up a HA solution with redundant Samba Domain Controllers
throuth the "Heartbeat" package at:
http://www.ult
Could I get some opinions on which type of Samba based printing is
easier, CUPS or LPRNG, or just bybass Samba altogether. I'm looking at
the Printing HOWTO by Kurt Pfeifle (Printing Support in Samba 3.0) and
both look really complex. Anyone out there have any experience with
printing service
Winbind seems to have broke my roaming profiles. I have a 3.0.1Pre1 DC
on RH AS 3.0 running with Win2000 SP4 clients logging in. Remote
profiles worked well and then I added:
winbind separator = +
idmap uid = 1-2
winbind gid = 1-2
winbind enum users = yes
winbind enum groups =
Just a FYI for those that are interested.
I found that to give admin privilages, in Windows, to Domain user "root"
do this on tha Samba Domain Controller:
net groupmap modify ntgroup="Domain Admins" unixgroup=root
I can now install/remove software logged in as a domain user "root" on
Win2k.
I
When adding winbind entries in smb.conf and running testparm I get the
following warning:
'winbind separator = +' might cause problems with group membership.
"winbind separator = +" is used in the HOWTO (21.5.3.3). Is this OK?
Or will I have problems. What is the separator for? What commands
After realizing my CUPS printername in /etc/cups/cupsd.conf must be the
same as my samba printer sharename (I don't think it says that anywhere
in any HOWTO, correct me if I'm wrong though) I am now getting to the
printer resource but...
Using Samba 3.0.1 and attempting to connect to a samba cu
I have a samba based domain controller with a CUPS printer working fine.
When I try to connect to a samba printer from Win2000 I get the
following in the samba log:
2003/11/04 20:38:02, 0] printing/print_cups.c:cups_queue_get(889)
Unable to get jobs for ipp://localhost/printers/goucho -
cli
I'm sorry for asking a really newbie question here. But I'm just
missing something I guess. I've read the HOWTO for 3.0.0 and either I
missed it or I just didn't understand it.
I have 3.0.1Pre1 on RH 9 "Machine A" working as a domain controller with
a win2000 SP4 box. I made a USB local CUPS
I'm having trouble with ACL's and wonder how many others are too. I see
conflicting answers and comments about different aspects of ACL's from
many prople on the list. I was wondering if ANYONE is successfully
using ACL's with Samba 3.0 or above.
Questions I have that I'm sure many are asking
Please See ACL related questions below...
John H Terpstra wrote:
On Wed, 29 Oct 2003 [EMAIL PROTECTED] wrote:
Hi all,
I have already set up a Samba 3.0 with Openldap as user repository. I have a question
about share access controls.
Chapter 13.1 of Samba-HOWTO-Collection describes:
Samba offer
I can't seem to get an answer to this question...
Should I use winbind if my Domain Controller is a samba machine? Or is
it only useful if my DC is a real MS DC and I have other unix/linux
client machines?
I'm strictly wanting to provide file and domain logon services to
Win2000 machines via
Should I use winbind if my Domain Controller is a samba machine? Or is
it only useful if my DC is a real MS DC?
Regards
Doug P
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
I found a howto on ACL's but it assumes the following:
At this time, this document is not 100% complete. I have assumed you are
joining to a Windows 2000 domain which is using Active Directory, you
aren't trying to use Samba as a domain controller, and that you're using
ext2 or ext3 on Linux.
With NT4 I grant users access to printers via the security tab on the
printer. How do I add a printer as a domain resource, with Samba, that
I can then grant domain users access to through Windows? (Using Samba
3.0.1Pre1 as a DC)
Thanks
Doug P
--
To unsubscribe from this list go to the foll
With NT4 I add grant users access to printers via the security tab on
the printer. How do I add a printer as a domain resource, with Samba,
that I can then grant domain users access to? (Using Samba 3.0.1Pre1)
Thanks
Doug P
--
To unsubscribe from this list go to the following URL and read th
I have the Win2000 client(s) in a Samba domain. Domain authentication
works fine, my "homes" share works fine, remote profiles work fine.
Using 3.0.1Pre1 I would like to add people to "someshare" through the
Security tab, and control their access through windows ACL's.
How should I setup a sha
a resource, domain or other,to choose
from in the security tab from within windows.
I did read the April 21 2003 version of the howto and these things were
not clear to me. After I figure them out I would be happy to give you
some verbage if you would care to have it.
Thanks again Samba fol
I'm really struggling with ACL's and permissions. I have a share owned
by a user (douglas). Douglas can read, write and create to the share:
[public]
comment = Public Stuff
path = /home/samba/pub
nt acl support = yes
public = yes
admin users = douglas
write list = douglas
I'm logged
I have ACL's enabled and am getting a new error, in the Samba log (V
3.0.1Pre1, when attempting to set permissions on a file through Win2000:
get_domain_user_groups: primary gid of user [terry] is not a Domain
group !
get_domain_user_groups: You should fix it, NT doesn't like that
Do I need
If I put a preexec script in the [profiles] share that touches a file in
the users home dir, then removes it with a postexec script, I can
enforce a domain wide single login. That is for about 1 minute. What
appears to be happening is the share has a timeout feature that
disconnects after abo
In an attempt to enforce a single login domain wide. I think preexec
scripts will work but when I test a script that returns a "1" the log
says I get denied but I still get logged in. Here is the info:
ction failing
Closed connection to service netlogon
If I change the "1" to a "0" I get no entry in the log and get logged
on. The parameter appears to be acknowledged but won't prevent a logon.
Any suggestions would be appreciated.
DSP
Gémes Géza wrote:
-BEGIN PGP SIGN
I think I need "with-acl-support" in Samba 3.0.1 but am unsuer if it is
compiled in. How would I be able to tell if installed via RPM?
Thanks
DSP
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
there is such. And specifying root prexec close = yes on the
netlogon share, you could deny them.
The danger is that because of blocked clients you would got lots of
frustrated clients.
Good Luck!
Geza Gemes
John H Terpstra írta:
| On Mon, 13 Oct 2003, Douglas Phillipson wrote:
|
|
|>I didn't
I didn't get any hits on this. Does that mean it's not possible???
Has anyone enforced a "single instance" login policy somehow? Is this a
reasonable question to ask?
DSP
Douglas Phillipson wrote:
> I would like to enforce a policy for a user being only able to logi
I would like to enforce a policy for a user being only able to login
once anywhere in the Domain. When you use roaming profiles, the system
gets confused and leaves the local profile on the client PC if the same
user logs in on a second machine while they are still loggewd in on the
first one.
Through much help from a guy in my local LUG I found the solution to
making roaming profiles work on Win2000 (SP4).
1) You should have SP4 installed.
2) Two registry changes are needed:
Use regedit and change the following two dword attributes to 0
"requiresignorseal"
"signsecurechannel
I need a little advice on finishing off a Samba PDC. I have Samba
3.0.0RC1 installed and working as a PDC on a Redhat AS 3.0 machine. It
authenticates users nicely but the "roaming" profiles don't work.
Tailing the samba log, I see the an attempt to access the users
ntuser.dat file, which doe
I need a little advice on finishing off a Samba PDC. I have Samba
3.0.0RC1 installed and working as a PDC on a Redhat AS 3.0 machine. It
authenticates users nicely but the "roaming" profiles don't work.
Tailing the samba log, I see the an attempt to access the users
ntuser.dat file, which doe
When I attempt to install OfficeXP into a drive letter "S:" which is a
samba share, I can't get the install to finish. Anyone else experience
this?
DSP
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
I'm having trouble installing OfficeXP on an win2000 machine that has a
samba share. Office XP installs and gets almost to the end then coughs
an obscure error and states that two files will be sent to microsoft for
debugging, which aren't there I might add. I can install the same
software ju
52 matches
Mail list logo