I'm no expert on Samba, but I'm hoping somebody here will be able to tell
me...
I have inherited a Windows NT4 domain and a Windows 2003 AD domain. Half of
it has been migrated and I will finish the rest. However, until the
migration is complete, all users need to be able to access their file
Hi Piotr
I had all these problems too... and posted here, but no solution. The only
solution I found was to delete the group/user entirely, and specify the RID
at the same time as you create the group/user. It's ok then. However, once
I had the error (although the RID changed), I had a corru
This Samba Wiki entry:
http://wiki.samba.org/index.php/Implementing_System_Policies_with_Samba
... says how to use the MS System Policy Editor, and implies it runs on XP.
When I run "adminpak.msi" (extracted from Windows 2000 SP4) it says it wil l
not run on this version of Windows, and if you c
As far as I understand it, in a 9x/XP mixed network using roaming profiles,
I have to specify:
logon home (for the 9x profiles)
logon path (for the NT/2000/XP profiles)
logon drive (for the NT machines)
The upshot of this is that a network drive is automatically mapped on all
pla
In the roaming profile, delete the file:
"Start Menu\Programs\Startup\desktop.ini"
Steve :)
--
Komal Shah wrote:
> I am using Samba as a PDC with Roaming profile.Every time i login to
> domain a notepad windows pops up with information
>
> [.ShellClassInfo]
> [EMAIL PROTECTED],-21787
>
>
> The
As the second edition is a bit long in the tooth, I wrote to O'Reilly, and
they said the 3rd edition of "Using Samba" is scheduled for release in
November.
Steve :)
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/
Hi Eric
I would be inclined to start small and get bigger. Look in the official
HowTo at the chapter "Fast Start: Cure for Impatience". In my hard copy,
example 2.3.1 lists an anonymous Read-Only Server Configuration. In fact,
work through that chapter and see what works/doesn't work.
If it
Hi Eric
Eric Evans wrote:
> Sorry to be a pest, but I need to try to get some clarification of how the
> machine name works when setting up a machine account on the Samba
> server. The Samba How-To page
> http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id2536400
> talks
Eric Evans wrote:
> I'm a bit worried about this. I really don't like the idea of an account
> on the Sun that does not have a password associated with it.
Taken from the official howto:
" Manually creating a Machine Trust Account using this method is the
equivalent of creating a Machine Trust
Eric Evans wrote:
> OK, one little question here: what about passwords for the machine
> accounts? How should such passwords be chosen, and how does the client
> machine know to use the right password when logging on to the domain?
You don't need to worry about passwords for machine accounts. Th
Eric Evans wrote:
Hi Eric, why not start by posting your smb.conf?
> OK, I hate to seem like I'm terribly dense here, but I guess I am. What
> is a "machine account"? I'm only familiar with accounts for users, not
> machines.
Every machine that joins a Windows domain has a machine account, bec
Eric Evans wrote:
> Does anyone have any idea if there is anything further that I need to do
> to set up the Samba server as a PDC?
Hi Eric,
You need to either, a) first create a machine account in UNIX and Samba for
that client you're adding, or b) make use of the 'add machine script' in
smb.c
In my smb.conf (below)...
1.
I would like the ntadmins group to be able to see (and write to if
necessary) all defined shares. The way I've done this is to share the root
[export] of where I've put all my shares. Is that the easiest and
recommended way? As it stand, members of ntadmins can c
I get this error when trying to set the RID of the Samba administrator
account (following instructions here:
http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html#id2580586).
| pdbedit -U S-1-5-21-2442793596-1261311712-3817712761-500 -u
administrator -r
The full error is:
| U
I noticed I hadn't compiled in Winbind. So, I removed everything, compiled
with Winbind and all seems ok now. It also appears you don't have to set
the RID of the administrator account.
Would the lack of Winbind explain my problems?
Cheers,
Steve :)
Steve A wrote:
> After cha
After changing the SID of any account, eg:
pdbedit -U S-1-5-21-2411803954-1159576741-3064619986-500 -u administrator -r
...the SID *is* changed successfully, but I get the following error:
---
Unable to modify TDB passwd ! Error: Record does not exist
occured while storing the RID index (RID_00
Whenever I try to change the samba password for administrator, I get the
following error:
---
Unable to modify TDB passwd ! Error: Record does not exist
occured while storing the RID index (RID_01f4)
Failed to modify entry for user administrator.
Failed to modify password entry for user admi
Pas XL wrote:
> It don't seem to be the problem with duplicate entries. Problem stays
> after removing them, additionally client don't send any packets to
> connect to the domain. All it does is 6 times broadcast the name query
> request, on 1st of it domain replies "I don't know such name".
Ok, s
Pas XL wrote:
> It don't seem to be the problem with duplicate entries. Problem stays
> after removing them, additionally client don't send any packets to
> connect to the domain. All it does is 6 times broadcast the name query
> request, on 1st of it domain replies "I don't know such name".
Ok, s
John H Terpstra wrote:
> On Monday 03 July 2006 13:45, Steve A wrote:
>> This is part of a larger post that was maybe too complicated for me to
>> get the right answer, so I'm breaking it down and will do it bit by bit.
>>
>> Server is Samba-3 PDC, clients are NT4 &
Pas XL wrote:
> Samba is up and working, but when i'm trying to connect to Domain
> controller through XP Pro SP2's Identification Wizard it shows error
> "Can't connect to Domain Controller.". Ethereal is catching NetBios Name
> queries to my server, but server responding "Name does not exist or
>
Steve A wrote:
> if I change the unix uid/gid for 'administrator' - it works.
If I change the unix uid/gid for 'administrator to 0:0 - it works.
Steve :)
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
This is part of a larger post that was maybe too complicated for me to get
the right answer, so I'm breaking it down and will do it bit by bit.
Server is Samba-3 PDC, clients are NT4 & XP.
I can join the domain using root credentials (so the add machine script
works), but not when using 'admini
Gerald (Jerry) Carter wrote:
>> The "Samba-3 by Example" instructs you to make a mapping,
>> "root = Administrator". Is this absolutely necessary?
>
> No. Not necessary. Read up on Samba's privilege model.
Thanks Jerry, I did find all your documentation on the Samba website and it
makes sense,
I've got Samba set up as a domain controller successfully, and am now
wanting to user usrmgr.exe and svrmgr.exe to make basic user admin changes
from a Windows workstation.
Some stuff works, and some stuff doesn't, and I was looking for some help
with the script sections listed here...
What wo
Felipe Alfaro Solana wrote:
> AFAIK, the Domain Admins group has a fixed RID of 512. Thus, your SID
> should look like S-1-5-21-3323006203-4037909810-1162086780-512
> instead. The same happens with the Domain Users (RID 513), Domain
> Computers (RID 515) and Domain Guests (RID 514).
Thanks Felipe,
Felipe Alfaro Solana wrote:
> AFAIK, the Domain Admins group has a fixed RID of 512. Thus, your SID
> should look like S-1-5-21-3323006203-4037909810-1162086780-512
That's strange, because the RID was auto-created when I used:
net groupmap add ntgroup="Domain Admins" unixgroup=ntadmins
Steve :)
The "Samba-3 by Example" instructs you to make a mapping, "root =
Administrator". Is this absolutely necessary? What if someone hacks a
Windows machine and is able to supply Administrator credentials to Samba?
Is there a way around this? I can live with having to supply root
credentials in W
Hello, I'm running FreeBSD-6.1, and Samba 3.0.22 with a Windows XP (SP2)
client.
As per subject line, administrator doesn't have administrator rights on the
workstation.
--- 'net groupmap list' gives,
Domain Admins (S-1-5-21-3323006203-4037909810-1162086780-3003) -> ntadmins
--- 'pdbedit -Lv'
Gerald (Jerry) Carter wrote:
> Sounds like you are putting the valid users in the [global]
> section. And it sounds like the machine is getting when
> it tries to connect using the its trust account.
> Make sure that you allow machines to connect in authenticated
> SMB sessions as well as users.
Craig White wrote:
> see Jerry's answer pertaining to valid users = sa in [global] which
> picked up on something I didn't consider.
Thanks Craig, that was indeed the key to the answer. What I wanted to do
was to globally allow everyone to "login to the domain, or access shares"
but only if I s
Craig White wrote:
> OK netlogon, homes and profiles are all special shares. They really
> only mean something to users who log on to the domain via Windows
> computers that have been 'joined' to the domain.
I can still see my home shares even though I'm not logged onto the domain.
Windows does p
Craig White wrote:
> OK - from your original dump of smb.conf, I don't see any shares other
> than netlogon...do you have others? Do they show in command...
Yes, I didn't think they were applicable, but here's the shares:
==
[netlogon]
path = /export/netlogon
browseable =
Craig White wrote:
> have your rebooted since you 'disabled' SELinux?
Yes.
> have you added a samba user sa ?
Yes. I can still access the shares when logged in locally using the same
name/password I use when I try to log into the domain.
Steve :)
--
To unsubscribe from this list go to th
Craig White wrote:
> SELinux
>
> http://wiki.samba.org/index.php/Samba_Troubleshooting
Thanks Craig, but...
[EMAIL PROTECTED] ~]# grep -i SELINUX= /etc/selinux/config
# SELINUX= can take one of these three values:
SELINUX=disabled
Steve :)
--
To unsubscribe from this list go to the followin
updatemyself . wrote:
> can u copy the smb.conf file..
>
> regards
> robinboby.
[global]
workgroup = SAMBA-DOMAIN
netbios name = SAMBA
server string = KJN Server
smb passwd file = /etc/samba/passdb.tdb
passdb backend = tdbsam
passwd program = /usr/b
Update:
I'm running FC5, and Samba was installed as a binary using yum. If I use
the global option, "valid users = sa", where sa is my username, I'm unable
to login.
The strange thing is, root can always log in.
When login fails, this gets added to syslog
=
Apr 8 14:51:19 fedora smbd[41
This is what appears in the machine's log file when the password error
happens:
[2006/04/05 04:22:05, 0] lib/debug.c:reopen_logs(597)
Unable to open new log file /var/log/samba/valiant.log: Permission denied
[2006/04/05 04:22:06, 0] lib/util_sock.c:read_socket_with_timeout(492)
read_socket_wi
Samba 3.0.22-1 on FC5
I can log into the domain, but if I set the "valid users" option to
"@users", I can't log in anymore to my Samba domain.
My user is a member of Unix group "users"
Unix group "users" is mapped to Windows group "Domain Users"
I can still access \\
... but I can't log into th
Hi Terry,
Check this out... (from your message)
In-Reply-To: <[EMAIL PROTECTED]>
And from my message (completely different topic)...
Message-ID: <[EMAIL PROTECTED]>
You should always create a new post, not reply to an existing one by
changing the subject, otherwise your message will
Chris Anders wrote:
> Have you created a machine trust account ? thats the username its not
> happy about..
Thanks for the guidance. I refuse to manually create all the machine
accounts, so after figuring out the "add machine script", then remembering
to create the machines group (and add root
Mike Mercier wrote:
> I receive the following message in the syslog logfile:
> smbd[pid] host (x.x.x.x) couldn't find service myshare
IIRC (it's so long ago I really can't remember), but try adding "smb ports =
139" in the [global] section of your smb.conf.
Steve :)
--
To unsubscribe from t
I have done all I can think of to make Samba be a PDC, but I can't get my
Windows XP-SP2 client to join the domain. I've already edited the Group
Policy for the roaming profile thingumyjig. I am asked for the user/pass (I
use root) to add the machine to the domain, and the error is:
"The user
you noticed, I've just included this
option
in my smb.conf [see below] and it's not working. Any suggestions ?
Thanks Paul
===
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Steve A
Sent: Sunday, April 02, 2006 9:
Add this line to your smb.conf:
server string =
Steve :)
--
Paul wrote:
> Hello
>
>
>
> I have the following problem: I mapped my share on linux (with samba)
> with a letter Z: . how can I change title when accessing this share
> from My computer in WinXP.
>
> This title is : share_name on
The subject's a little misleading really, but I was looking for some
clarification of my thoughts...
In Windows, one can use both share permissions and NTFS permissions to
control access to files. I would normally use share permissions to control a
connection (allow/deny), and use NTFS to contr
"Craig White" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> http://fedoraproject.org/wiki/SELinux
Thank you so much Craig... I have disabled SELinux for now, it is too much
to learn SELinux and Linux at the same time!
Cheers,
Steve :)
--
To unsubscribe from this list go to
I am running Samba 3.0.21b-2 on Fedora Core 5.
I created a new Unix user called sa using useradd -G users -m sa, and added
the smbuser using smbpasswd -a sa (and set the same password just in case).
The password is also the same as my Windows password.
When I try to access the shares on Samba fro
48 matches
Mail list logo
