Make sure the SID on your new PDC is the same as the SID on your old PDC. SIDs
are used to encode passwords, determine file and directory permissions... If
the SID changes, roaming profiles stop working.
"man net" for more info (see "net getlocalsid" and "net setlocalsid"
specifically).
>>> "E
On Sat, Jan 27, 2007 at 11:35:32PM +0100, Jan Engelhardt wrote:
>
> Ah I found it. This is smb.conf: http://pastebin.ca/330452
> Removing SO_SNDBUF=8192 gives
>
> $ smbget smb://localhost/rt/blob.iso
> [blob.iso] 41.08Mb of 171.06Mb (24.01%) at 41.08Mb/s ETA: 00:00:03
>
> perfect performance aga
What does the list think of setting "locking = no" on the netlogon share for a
PDC? The man page for smb.conf says we should never need to set the parameter,
but given that it's a read-only share for most users, I have a hard time
discerning any downside to this.
Thoughts?
Ryan
>> After Samba 3.0.14 you can have a normal user account with
>> Domain Administrator powers, which includes adding machines to the
>> domain and other privileges, using 'net groupmap'.
>>
>> So you can an account as the LDAP administrator, another
>> account as your Samba Administrator
> I just got Samba + LDAP up and running as a PDC. If I list the users in
> the LDAP directory with pdbedit -L I see:
>
>root:0:test
>nobody:99:nobody
>aster$:1001:Computer
>toast$:1002:TOAST$
>fordprefect:1003:Test Account
>
> Shouldn't there be an Administrator account and
All,
I found the solution. By stopping NSCD and THEN purging the passwd table, the
bad entries were cleared.
Ryan
-
This email transmission and any documents, files or previous
email messages attached to it may contain information that is
confid
All,
Since installing my shiny new Samba3 PDC (3.0.23d, ldapsam backend), I've had
one recurring issue that's been driving me nuts. Once a minute, Samba on one of
the client servers logs the following:
getsmbfilepwent: user name cmeyer2 has a negative uid.
getsmbfilepwent: user name jhundley ha
Check your "passwd chat" directive; I've seen the "don't have permission" error
when the case of any of the letters is wrong.
Ryan
>>> "Dan" <[EMAIL PROTECTED]> 12/27/2006 8:45:47 PM >>>
Hello all,
I am running 3.0.22 on Ubuntu 6.0.6 LTS and cannot get user passwords to
change while unix pass
All,
Since upgrading to 3.0.23d on several linux servers, I'm seeing the following
error repeatedly in my logs:
Jan 2 15:05:49 boothost smbd[27935]: [2007/01/02 15:05:49, 0]
smbd/nttrans.c:call_nt_transact_ioctl(2332)
Jan 2 15:05:49 boothost smbd[27935]: call_nt_transact_ioctl(0x90078):
C
You could do what we do - just replace the local machine policies each time you
rev the policy set. They're stored in c:\windows\system32\grouppolicy.
Using gpscript.exe (Google for it, don't have a specific site) you can dump the
contents of either registry.pol file to text. You can also recomb
All,
I'm using an LDAP backend for a test PDC/BDC setup. Both the PDC and BDC are
using the same LDAP server. Both the PDC and BDC are running 3.0.23c on Sarge,
and I've verified that both the PDC and BDC will authenticate users via
smbclient. XP clients are able to login to the domain fine, a
id" ..
If not on the BDC "net setlocalsid S-1-5-21-x-y-z"
Failing this remove your ldap database on the BDC (backup first)
"slapcat -v -l transfer.ldif" on PDC
Copy to BDC
rm -rf /var/lib/ldap/*
On BDC
"slapadd -v -l transfer.ldif on BDC"
All this is clea
I can state definitively that this works fine. It's an excellent way to reduce
WAN traffic, and makes the login process MUCH faster.
You're looking for the following LDAP attributes (taken from my PDC's smb.conf):
sambaHomePath: \\SERVER\homes
sambaProfilePath: \\SERVER\homes\PROFILE_DIR
In m
If you take a look at the OpenLDAP schema, you'll see the definition of the
sambaSamAccount objectClass; it contains the following:
MUST ( uid $ sambaSID )
sambaSID is a required attribute of sambaSamAccount. Unless that entry is
defined for your LDAP records, you'll get an objectClass violatio
As it turns out, I've got the same problem with the 3.0.23c .debs (I was using
3.0.14a debian stock). Again, to summarize:
Samba 3 PDC, using LDAPSAM.
Group mappings are correct, my domain admins group has privileges:
SeMachineAccountPrivilege
SeRemoteShutdownPrivilege
SePrintOperatorPrivilege
What privileges does your Domain Admins group have?
Run 'net rpc rights list "Domain Admins"' and reply with the results.
>>> David Bear <[EMAIL PROTECTED]> 9/18/2006 6:15:31 PM >>>
I have created a domain controller using samba 3.0.20.
I following howto's from a couple of books and the samba.o
https://bugzilla.samba.org/
On 09/15/2006 11:04 AM, ryan punt escreveu:
> All,
>
> I've got a Samba 3 PDC serving numerous XP clients, and I'm
> getting an error I wouldn't have expected. When trying to
> rename an XP machine joined to the domain (via &
Sorry, forgot the obvious stuff:
Samba 3.0.14a on Debian Sarge (stock install).
LDAP backend, using ldapsam_compat.
Everything else works great, so I don't think it's a Samba config problem.
>>> "ryan punt" <[EMAIL PROTECTED]> 9/15/2006 9:04:09 AM >&
All,
I've got a Samba 3 PDC serving numerous XP clients, and I'm getting an error I
wouldn't have expected. When trying to rename an XP machine joined to the
domain (via "netdom renamecomputer"), the command fails unless the specified
domain user has UID 0.
The command in question:
netdom ren
>>> [EMAIL PROTECTED] 9/1/2006 10:51:13 AM >>>
> ldapsam_compat should work just fine, althought I do not use it for a long
> time
> I remember it work perfectly (but I didn't use group maps at that time).
Then my question is this: is Samba 3, using ldapsam_compat for the passdb
backend, a drop
I'm in the process of replacing a Samba 2.2.12 PDC with Samba 3.0.14a-Debian.
An LDAP database serves as the user data store, and I've made no changes to the
Samba 2.2.x-compatible LDAP records. Since I don't relish LDAP schema changes,
I've specified ldapsam_compat as my passdb backend; I figur
Would the list expect any problems joining a machine running samba 2.2 to a
domain in which the PDC is running samba 3?
Thanks,
Ryan
-
This email transmission and any documents, files or previous
email messages attached to it may contain informati
All:
I'm running Samba 2.2.8 as a PDC, using Netscape Directory Server (don't ask :)
for an LDAP backend. Is there any technical reason why Samba and LDAP services
have to reside on the same server? My predecessors had a lot of trouble getting
the two to play nicely when the services were split
Actually, in the case of disparate usernames between Windows and Unix accounts,
that's exactly how it's done (or CAN be done).
At my previous job, I was using Samba+Winbindd to allow Unix share access to
Windows/AD accounts; the file specified in the "username map" parameter
contained a bunch o
Regarding yesterday's message about repeated "signal 11" errors in 2.2.12, I
was able to capture a backtrace.
#0 0x401543ae in waitpid () from /lib/tls/libc.so.6
#1 0x400e9d12 in system () from /lib/tls/libc.so.6
#2 0x0815ea98 in smb_panic ()
#3 0x0814d885 in fault_report ()
#4 0x0814d8e2 in
Is there a similar configure option (to the "-g" referenced below for Samba 3)
for 2.2.x? I get lots of "signal 11"s in my samba logs.
My current options:
./configure --prefix=$SAMBA_BASEDIR \
--with-netatalk \
--with-smbmount \
--with-syslog \
--with-sambabook \
I'm not even sure this is a problem with Samba, but here goes*
>From smb.conf:
log file = /opt/samba/var/log/%m.log
As I understand it, this option will create $CLIENT_NETBIOS_NAME.log whenever a
client contacts the Samba server in any way.
However, I've got clients from outside this samba ser
Adam:
Your suggestions have been great, and have helped me solve a few other problems
on different servers.
Thanks again!
Ryan
>>> Adam Nielsen <[EMAIL PROTECTED]> 12/19/2005 5:49:04 PM >>>
> I can telnet to 139:
Hmm, that's bizarre. It seems like smbd is ignoring the connection on
purpose.
OK, I've opened port 445 in the iptables config. Further testing shows no
changed after doing this.
I can telnet to 139:
boothost:~# telnet localhost 139
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
Trying to smbclient to
The lower the log level, the lower the level of output you'll see. Try lowering
to "1" for production use.
~rlp
>>> "updatemyself ." <[EMAIL PROTECTED]> 12/16/2005 4:43:10 AM >>>
Thanks Lot Shaun Bolling
i did it.. i configure recycle bin and access log also..
but acess log is bulkey come
Adam:
boothost:~# netstat -lnp|grep smbd
tcp0 0 0.0.0.0:139 0.0.0.0:* LISTEN
2968/smbd
Port 139 is open in the iptables config for both TCP and UDP.
Thanks,
Ryan
>>> Adam Nielsen <[EMAIL PROTECTED]> 12/14/2005 4:58:05 PM >>>
Hi Ryan,
> boothost:~# s
No such luck:
in smb.conf:
name resolve order = host bcast
Results:
boothost:~# smbclient -L 172.21.23.1 -Uvalidusr
added interface ip=172.21.23.1 bcast=172.21.23.255 nmask=255.255.255.0
Password:
session setup failed: Call timed out: server did not respond after 2
milliseconds
Can bad WINS
>> I've got a really odd issue -- a Samba server that can "smbclient -L"
>> everyone but itself.
>> session setup failed: Call timed out: server did not respond after
>> 2 milliseconds
> This looks a lot like a firewall issue - are you sure your machine can
> connect to itself on that interfac
Debian Sarge, Samba 2.2.12 (legacy install), openLDAP 2.2.17, connecting to a
PDC running Samba 2.2.8a. The machine in question failed DIAGNOSIS.txt step 3.
I've got a really odd issue -- a Samba server that can "smbclient -L" everyone
but itself. Samba still serves shares and PDC authentication
34 matches
Mail list logo
