[Samba] Fwd: Force group gid
Addition to my previous post... There are also instances where the use of force user responding to a uid would be advantageous. E.g. a local users account conflicting with a domain account of the same name. e.g. force user = lewis results in access denied on writes as the service connects to the share using the account MYDOMAIN\lewis with uid 10007 instead of the local unix lewis with uid 1007 account Just my $.02 worth... -- Forwarded Message -- Subject: Force group gid Date: Friday 22 September 2006 12:19 pm From: Lewis Shobbrook <[EMAIL PROTECTED]> To: samba@lists.samba.org Hi All, I note from previous posts that the uid & gid are not supported in smb.conf. My issue is that I have mysql auth backend for ftp sites, that I'd like to share directories for internal access. There is currently no way I can see to force the user or group using uid & gid for this type of backend. Can anyone offer any suggestions as a work around to this? Cheers, Lewis --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Manually authenticate single user?
Hi there, Firt off, Im new to the word of samba and windbind (and AD for that matter) so I apologise if my problem has had attention before. Ill try to articulate whats happening as best I can. I beleive my issue is with winbind in particular. If Ive neglected anything that would be helpful in finding a solution please let me know. Ive several linux machines using samba and winbind to share on an Active Directory domain. Recently I was asked to create two distinct new user groups specifically for two upcoming projects. Until these projects become active there are only two guys doing pre-production on them - one guy for each project. So I created the two security groups in active directory and placed the two workers in each's relevant group. Over to the linux machines: "getent group" shows the two new groups and their (lone) members. However I tried to set group permissions on a directory and they only work for one of the groups (group1, user1, say) . [I should note here that directly applying permissions for each user works fine] When I do "wbinfo -r user2" I see the groups user2 is a member of - EXCLUDING the new group I created with him in. "wbinfo -r user1" shows his new group fine. Also, doing "groups user1" works fine. "groups user2", again, excludes the new group I created. When I do "wbinfo -a user2%user2passwd" on a machine it authenticates user2 and seems to update. Now "wbinfo -r" and "groups" show the new groups and the permissions work fine. And it seems that in the case of user2, I have to do this manually after every change I make, whereas user1 works fine. These two accounts in active directory are identical - apart from the two new groups. I cannot see where one user account trips up whereas the other is OK. Can anyone suggest what might be the culprit here? While the "wbinfo -a" route works, Id rather know more! Thanks you for any help, Kris Monstad -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba printer share
Hello, dear colleagues using SAMBA. Who could possibly tell me what I am missing in order to make my SAMBA printer share visible on the windows network( i.e., accessing it from a MS Windows machine's explorer, for example )? It is SAMBA 3.0.23 on Linux 2.4.33 machine(originally RedHat 7.3. based, but so much upgraded, even to GLIBC-2.3.6). here are the linked libraries: = #ldd /usr/local/samba/sbin/smbd libcups.so.2 => /usr/lib/libcups.so.2 (0x40023000) libpthread.so.0 => /lib/libpthread.so.0 (0x40056000) libm.so.6 => /lib/libm.so.6 (0x400a8000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x400cb000) libresolv.so.2 => /lib/libresolv.so.2 (0x400f8000) libnsl.so.1 => /lib/libnsl.so.1 (0x40109000) libdl.so.2 => /lib/libdl.so.2 (0x4011d000) libpopt.so.0 => /usr/lib/libpopt.so.0 (0x40121000) libc.so.6 => /lib/libc.so.6 (0x40128000) libpthread.so.20 => /usr/lib/libpthre And here, at last, my smb.conf: [global] log file = /usr/local/samba/var/log.%m load printers = yes socket options = TCP_NODELAY username map = /etc/samba/user.map interfaces = 192.168.0.1/27 domain master = yes null passwords = yes public = yes wins support = true guest account = nobody dns proxy = no netbios name = Samba netbios aliases = Samba printing = cups server string = Samba default = global local master = yes workgroup = QUBICA os level = 65 printcap name = cups security = share max log size = 50 [Server_files] map archive = no writeable = yes path = /mnt/nfs hide dot files = no public = yes case sensitive = yes [printers] postscript = yes printer = hp_LaserJet_3015 lpq command = lpstat -o %p browseable = yes printable = yes print command = lpr -P %p -o raw %s -r comment = All Printers lprm command = cancel %p-%j printer admin = root === My printer here is installed via HPLIP, CUPS is running OK, everything's OK, except that I can't see the printer through windows network browsing, neither from linux, nor from windows machines. Of course, I did the RTFM search and corrected everything accordingly, but still. The [Server_files] share IS visible, the [printers] is NOT. ANY IDEAS? THANKS IN ADVANCE FOR YOUR KIND SUPPORT AND YOUR PRECIOUS TIME! Kostya pgpYy4LEwTH0E.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Poor performance getting lots of small files with WinXP/Win2k vs OS2
Hi, We're doing some of performance tests with Linux Samba v3. We're comparing WinXP/Win2k clients vs OS2 clients accessing a samba server. For one test, we're coping 10.000 small files. Let's say, we run the command copy \\sambaserver\1files\*.* c:\data\1files With an OS2 client it takes 23 seconds to complete. With an Windows client it takes 460 seconds to complete. Doing a Ethereal capture, the network usage is very different. OS2 : No. TimeSourceDestination Protocol Info 15 0.58876610.16.43.123 10.240.47.86 SMB Open AndX Request, Path: \1\0511_3008.IN; Read AndX, FID: 0x, 4096 bytes at offset 0 16 0.58900810.240.47.86 10.16.43.123 SMB Open AndX Response, FID: 0x2a81; Read AndX, FID: 0x, 74 bytes 17 0.58925110.16.43.123 10.240.47.86 SMB Close Request, FID: 0x2a81 18 0.58949410.240.47.86 10.16.43.123 SMB Close Response WinXP SP2: Trace Windows XP: No. TimeSourceDestination Protocol Info 16 1.00173410.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000\0D02_1707.IN 17 1.00196810.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 18 1.00245410.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000\0D02_1707.IN 19 1.00269710.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 20 1.00294010.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000 21 1.00318410.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 22 1.00342710.16.37.96 10.240.47.86 SMB Trans2 Request, FIND_FIRST2, Pattern: \1000\0D02_1707.IN 23 1.00367010.240.47.86 10.16.37.96 SMB Trans2 Response, FIND_FIRST2, Files: 0D02_1707.IN 24 1.00391310.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000\0D02_1707.IN 25 1.00415710.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 26 1.00440010.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Standard Info, Path: \1000\0D02_1707.IN 27 1.00440210.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 28 1.00488610.16.37.96 10.240.47.86 SMB NT Create AndX Request, Path: \1000\0D02_1707.IN 29 1.00512910.240.47.86 10.16.37.96 SMB NT Create AndX Response, FID: 0x1cf0 30 1.00537310.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_FILE_INFO, FID: 0x1cf0, Query File Internal Info 31 1.00561510.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_FILE_INFO 32 1.00610210.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_FILE_INFO, FID: 0x1cf0, Query File Basic Info 33 1.00610410.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_FILE_INFO 34 1.00634510.16.37.96 10.240.47.86 SMB Trans2 Request, SET_FILE_INFO, FID: 0x1cf0 35 1.00658910.240.47.86 10.16.37.96 SMB Trans2 Response, SET_FILE_INFO 36 1.00707510.16.37.96 10.240.47.86 SMB Read AndX Request, FID: 0x1cf0, 222 bytes at offset 0 37 1.00731810.240.47.86 10.16.37.96 SMB Read AndX Response, FID: 0x1cf0, 222 bytes 38 1.00780410.16.37.96 10.240.47.86 SMB Close Request, FID: 0x1cf0 39 1.00829210.240.47.86 10.16.37.96 SMB Close Response 40 1.00829410.16.37.96 10.240.47.86 SMB NT Create AndX Request, Path: \1000\0D02_1707.IN 41 1.00877810.240.47.86 10.16.37.96 SMB NT Create AndX Response, FID: 0x1cf1 42 1.00878010.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_FILE_INFO, FID: 0x1cf1, Query File Basic Info 43 1.00902110.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_FILE_INFO 44 1.00926310.16.37.96 10.240.47.86 SMB Close Request, FID: 0x1cf1 45 1.00975010.240.47.86 10.16.37.96 SMB Close Response 46 1.00999410.16.37.96 10.240.47.86 SMB NT Create AndX Request, Path: \1000\0D02_1707.IN 47 1.01023610.240.47.86 10.16.37.96 SMB NT Create AndX Response, FID: 0x1cf2 48 1.01047910.16.37.96 10.240.47.86 SMB Read AndX Request, FID: 0x1cf2, 222 bytes at offset 0 49 1.01072310.240.47.86 10.16.37.96
[Samba] Using samba server on a tiny embedded system
Hi there, We are developing an embedded multimedia system and after reaching a stage of development, the next stage will be turning it to be a multimedia center. Therefore, supporting samba is a very good design of it. Considering the restricted resource, a tiny samba is more suitable. How can I get a tiny samba server? Is there any project for a "tiny" samba server? Or can I produce a tiny one by disabling almost all of advanced options? By the way, our embedded system is MIPS Linux + uClibc + busybox. Regards, Colin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: Support of Samba on RHEL4?
The only reason I stepped into RHEL4 was the hardware support. I have a new Dell PE2900 server with SAS drives and for RHL9 no drivers are available, so I had to step forward to RHEL4 (which is obvious for me). I have almost 100 Linux servers running with Red Hat Linux 9, you know, the obsolete version. ;) All these servers are running flawlessly with Samba 3.0.14a from samba.org I can't remember I ever signed a contract with you to support my servers :-) However, my opinion is that I the support I receive from samba.org is (up until now) sufficient for me; if I may quote the patch for W2k3 SP1, that came out a few hours after the release of SP1. What took more effort concerning the support of Samba, was the flaw of LDAP failover with W2k3 DC's. I was banging my head regarding this issue and entering a bug on bugzilla about this issue didn't help me. I was however actively involved to tackle that issue and it was solved with a proposed patch of "my partner in crime". So I was not only consuming support from Samba but also contributing support to Samba. :-) When RHEL5 is released I'll take a look which version of Samba they will use as default and hopefully this will be one of the latest Samba versions. I can change at any time the Samba packages from samba.org to the RH Samba packages, which give me full support from RH then... :-) Maybe I have to consider CENTOS instead of RHEL4, because I didn't need RHEL4 for support from Red Hat, I only needed for hardware reasons. Regards, Alex. -Original Message- From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] Sent: Monday 18 September 2006 2:15 To: Alex de Vaal Cc: samba@lists.samba.org Subject: Re: Support of Samba on RHEL4? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alex de Vaal wrote: > Is there any technical reason NOT to use the packages of samba.org on > RHEL4? Nope. No reason at all other than RH support. > Regarding the above info I'd like to use the original samba packages > on RHEL4. If I only void support for Samba at Red Hat, so be it. I'm > convinced I'm better off with Samba support at samba.org... For those with more complex setups that a single PDC or standalone server, I would agree. But I'm not signing a contract to support you servers :-) cheers, jerry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Support of Samba on RHEL4?
Hello Aaron, It is always good that people are thinking along and actually you ask right questions to me, which I asked myself too. To answer your questions: 1) No. 2) Yes 3) No, not yet. 4) They do that anyway ;) 5) YES! I have almost 100 Linux servers running with Red Hat Linux 9, you know, the obsolete version. ;) All these servers are running with Samba, which I tested and tested in our test environment against a real copy of our Active Directory. With RHL9 and Samba I have no support anyway and I'm "on my own" for support. Whenever a new update comes out I test it thoroughly in my test environment before I install it on all other servers. Before I roll-out an updated version of Samba I test it for a month on 1 or 2 production sites anyway. On my production servers I still run 3.0.14a of Samba, because that version works great against W2k3 server SP1. As soon as SP1 came out, samba.org immediately came up with a patch for Samba and this is the kind of support I need... Not how to install and configure it... ;) The only reason I stepped into RHEL4 was the hardware support. I have a new Dell PE2900 server with SAS drives and for RHL9 no drivers are available, so I had to step forward to RHEL4 (which is obvious for me). Maybe I have to consider CENTOS instead of RHEL4, because I didn't need RHEL4 for support from Red Hat, just for technical reasons. CENTOS4 is a 1:1 copy of RHEL4, but without the RedHat logo... (and the Red Hat support) Regards, Alex. -Original Message- From: Aaron Kincer [mailto:[EMAIL PROTECTED] Sent: Friday 15 September 2006 18:17 To: Alex de Vaal Cc: samba@lists.samba.org Subject: Re: [Samba] Support of Samba on RHEL4? Alex, I tried running Samba on RHEL4 Update 2 (on VMWare) and ran into some issues and I can provide you my opinion. Take care when making any decisions. There are quite a few things to consider: 1) Is having support from Red Hat on Samba necessary? 2) Are you confident enough in yourself to go off the beaten path from Red Hat? 3) Have you considered other vendors for support on Samba itself? 4) Would upper management (if any) hold you responsible for going off the support path in the event of an issue? 5) Do you have an adequate test environment? If you are going away from Red Hat support, #5 is critical. They test and test and test (or at least should) packages prior to pushing them out. They will know or be able to quickly find solutions to common problems with their packages. There are some caveats to that statement, so let me get to a bit more meat. Let's face it--the packages in RHEL4 for Samba are just plain old. Red Hat has back-ported security fixes and even some bug fixes, but I know without a doubt that not all bugs have been addressed. RHEL5 will be out in the coming future. Perhaps it will provide newer packages. I urge you to investigate and consider that route if you are extremely nervous about losing support on Samba from them. In my case, I've chosen to move my production File Server to Ubuntu 6.06 Server (well, I have loaded the latest distro upgrade) running Samba 3.0.22 after I complete quite a bit of testing. I just found myself banging my head against the wall with my smb.conf in ways that I shouldn't have to since the problems were with bugs in the older Samba that haven't been back-ported. The instant I transferred my smb.conf over to the new Ubuntu server, my bugs went away. The one exception is the archive bit issue I've been posting about lately. The bottom line in my humble opinion is that if you go your own way, you shift burden of responsibility more to yourself than Red Hat. Of course, if you have the hardware (or a VMWare/Xen virtual server) you could always run parallel using two servers with a Red Hat approved Samba version as a control and your own Samba server with identical configurations (minus Samba version) for production and work out non-bug related issues with their help on your reference server. This won't help you in resolving bug-related issues, but it could help provide you with a warm fuzzy-feeling. This would be less than ideal since the versions are so far apart. I know you asked for technical reasons, but you should be aware that not all of the factors in the equation are technical when considering a production server. Hope that helps. Aaron Kincer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: Support of Samba on RHEL4?
Hello Gianluca, The "rpm -q --changelog package" command was known to me, but the original Samba packages doesn't contain a changelog. As for the RHEL4 Samba packages; the changes are applied by RedHat engineers, but if you are looking into the patches itself, they come mostly from samba.org How can otherwise statements of Jeremy Allison of samba.org be in patches of RedHat... ;) and the only way to find out is to dig in the patches themselves... Regards, Alex. -Original Message- From: Gianluca Cecchi [mailto:[EMAIL PROTECTED] Sent: Friday 15 September 2006 15:42 To: [EMAIL PROTECTED] Cc: samba@lists.samba.org Subject: re: Support of Samba on RHEL4? Alex, I could not agree more with you. BTW, perhaps you already know, but just in case: If you want to see the patches applied to a package during its history, and you don't need to dig into the sources themselves, you can query the changelog for an rpm package without having to download sources: rpm -q --changelog package for example for my samba-3.0.10-1.4E.2 rpm -q --changelog samba * Wed May 11 2005 Jay Fenlason <[EMAIL PROTECTED]> 3.0.10-1.4E.2 - include the -bug157208 patch. to close bz#157208 CRM 511318 - smbfs dont respect uid and gid options when mounting * Fri Apr 29 2005 Jay Fenlason <[EMAIL PROTECTED]> - include the -smbspool pattch from RHEL-3, to close bz#155350 SAMBA client working, printer configuration not working - include the -winbindd_2k3sp1 patch to allow Samba to authenticate against a Windows 2003 SP1 machine. This closes bz#154558 Winbind refuses to authenticate against Windows 2003 SP1 * Wed Mar 30 2005 Jay Fenlason <[EMAIL PROTECTED]> 3.0.10-1.4E.1 - try the -gcc4 patch, to see if it solves problems with nmbd crashing. bz#150582 ? nmbd dies when windows client requests browse list * Tue Jan 04 2005 Jay Fenlason <[EMAIL PROTECTED]> 3.0.10-1.4E - Upgrade to 3.0.10, to close bz#143983 This obsoletes the -CAN-2004-1154 patch. - Include the -64bit patch from Nalin. This closes bz#142873 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Force group gid
Hi All, I note from previous posts that the uid & gid are not supported in smb.conf. My issue is that I have mysql auth backend for ftp sites, that I'd like to share directories for internal access. There is currently no way I can see to force the user or group using uid & gid for this type of backend. Can anyone offer any suggestions as a work around to this? Cheers, Lewis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount failed
> execvp of smbmnt failed. Error was No such file or directory.smbmnt > failed: > 1 Did you compile and install the helper program 'smbmnt'? On my system it appears in /usr/bin/smbmnt Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows Application Overriding Samba Settings
> directory mask = 0750 > create mask = 0750 > My understanding is that this should LIMIT the maximum permissions > that can be set for a file or folder created by Windows or a Windows > application. AFAIK, these options only set the default permissions, a program can still change them if it wants. > In addition, I have also played with specifying the following options: > force directory mode = 2040 > force create mode = 2040 Again, these force the permissions to a certain value when creating a file, but they don't stop the permissions from being changed once the file exists. > But NOW The Windows application seems to be completely getting around > the limits that I imposed with Samba and Linux. All files and folders > are getting set as: 0777 There are two things that could be happening - it's possible that the attributes are being mapped to UNIX permissions (so if the program sets the archive bit, that's translated to the execute permission) or more likely, the program is checking which users have access to the file and is granting them all access (similar to what would happen if you right-click on a file, go to the Security tab and grant all users access there.) I'm not sure of a way around this, but if there is one I'm sure it'll involve restricting the changing of permissions on files that already exist (I'm pretty sure there are options related to this, check out the smb.conf manpage.) Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Intermittent problems connecting to Samba share-Domain Ctlr issue
Hi everyone, We've been having intermittent problems connecting to Samba shares from Windows machines. I wrote a test program that tries to connect to the share and get a list of all of the files in it. It tries to do this every second. On some occasions this test program succeeds 14 times in a row before failing. It then fails once, and then succeeds 14 or so more times. It keeps repeating this pattern. Other times, this test program can consistently connect to that same share every second for over an hour. The error in the log seems to indicate that the problem happens when the Samba machine is talking to the Windows Domain Controller to authenticate the user. Here's the error from from the Linux machine's syslog(PGIDomainController is our Windows Domain Controller): --- Sep 18 20:50:12 scstor003 winbindd[1226]: cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON, fnum 0x4006 to machine PGIDomainController. Error was Write error: Connection reset by peer --- We've also seen this block of error msgs: --- Sep 18 15:45:23 scstor008 winbindd[5195]: [2006/09/18 15:45:23, 0] lib/util_sock.c:write_data(559) Sep 18 15:45:23 scstor008 winbindd[5195]: write_data: write failure. Error = Connection reset by peer Sep 18 15:45:23 scstor008 winbindd[5195]: [2006/09/18 15:45:23, 0] libsmb/clientgen.c:write_socket(138) Sep 18 15:45:23 scstor008 winbindd[5195]: write_socket: Error writing 446 bytes to socket 15: ERRNO = Connection reset by peer Sep 18 15:45:23 scstor008 winbindd[5195]: [2006/09/18 15:45:23, 0] libsmb/clientgen.c:cli_send_smb(168) Sep 18 15:45:23 scstor008 winbindd[5195]: Error writing 446 bytes to client. -1 (Connection reset by peer) Sep 18 15:45:23 scstor008 winbindd[5195]: [2006/09/18 15:45:23, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) Sep 18 15:45:23 scstor008 winbindd[5195]: rpc_api_pipe: Remote machine PGIDomainController pipe \NETLOGON fnum 0x6returned critical error. Error was Write error: Connection reset by peer --- Any feedback on this would be greatly appreciated. Thanks, Greg Sheridan - Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2¢/min or less. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: current master browser = UNKNOWN / failing WINS test #1 on 3.0.23c
There is also this which I don't understand dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0: ON2_UK(1) current master browser = UK_PDC UK_PDC 408c9b0b (UK PDC) [2006/09/21 16:15:00, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.10.20.1: ON2_UK(1) current master browser = UNKNOWN UK_PDC 40899b0b (UK PDC) Does anyone have any ideas? I really need to get this up and working. Thanks! Dan wrote: Here is my smb.conf also, maybe it is something silly I have set in that. [global] workgroup = DOMAIN_UK netbios name = UK_PDC interfaces = eth0 bind interfaces only = Yes admin users = root administrator server string = UK PDC security = user enable privileges = Yes load printers = yes printing = cups printcap = cups printcap name = cups show add printer wizard = yes log file = /var/log/samba/log.%m remote announce = 10.10.20.1 10.1.0.11 10.1.0.12 10.10.80.15 remote browse sync = 10.10.20.1 10.1.0.11 10.1.0.12 10.1.10.80.15 max log size = 1 ldap ssl = on passdb backend = ldapsam:ldaps://uk_pdc:636 ldap admin dn = uid=root,ou=users,o=uk.on2.com ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap suffix = o=uk.on2.com ldap idmap suffix = ou=idmap ldap delete dn = no add user script = /usr/local/sbin/smbldap-useradd -m '%u' delete user script = /usr/local/sbin/smbldap-userdel %u add group script = /usr/local/sbin/smbldap-groupadd -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel '%g' add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/local/sbin/smbldap-useradd -t 5 -w '%u' dos charset = 850 unix charset = ISO8859-1 ldap passwd sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 128 domain master = yes domain logons = yes local master = yes preferred master = yes logon script = logon.bat encrypt passwords = yes unix password sync = no passwd program = /usr/local/sbin/smbldap-passwd -o %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*successfully* logon path = c:\Documents and Settings\%U wins support = yes map to guest = Never nt acl support = true Dan wrote: I am having trouble with one of my samba PDC's. It does not recognize itself as the domain master browser even though it is set to be so. I can not add machines to this domain and I suspect this is why. Has anybody seen this or know what causes it? Notice this: DOMAIN_ALBANY(3) current master browser = ALBANY_PDC DOMAIN_NYC(2) current master browser = NYC_PDC DOMAIN_UK(1) current master browser = UNKNOWN but right above it there is dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0: DOMAIN_UK(1) current master browser = UK_PDC So I am lost as to what is going on. Here is the the coorsponding part of the nmbd log: [2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777) Sending a packet of len 176 to (10.1.0.11) on port 138 [2006/09/21 12:35:25, 5] nmbd/nmbd_sendannounce.c:browse_sync_remote(576) announce_remote: Doing remote browse sync announce for server UK_PDC to IP 10.1.0.12. [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:send_mailslot(1921) send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from UK_PDC<00> IP 10.10.20.1 to *<00> IP 10.1.0.12 [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:debug_browse_data(100) debug_browse_data(): 0 char .UK_PDC. hex 0d 55 4b 5f 50 44 43 00 [2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777) Sending a packet of len 176 to (10.1.0.12) on port 138 [2006/09/21 12:35:25, 5] nmbd/nmbd_sendannounce.c:browse_sync_remote(576) announce_remote: Doing remote browse sync announce for server UK_PDC to IP 0.0.0.0. [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:send_mailslot(1921) send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from UK_PDC<00> IP 10.10.20.1 to *<00> IP 0.0.0.0 [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:debug_browse_data(100) debug_browse_data(): 0 char .UK_PDC. hex 0d 55 4b 5f 50 44 43 00 [2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777) Sending a packet of len 176 to (0.0.0.0) on port 138 [2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282) dump_workgroups() dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0: DOMAIN_UK(1) current master browser = UK_PDC UK_PDC 408c9b0b (UK PDC) PAULP4 40011207 () [2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282) dump_workgroups() dump workgroup on subnet UN
[Samba] Re: Windows Application Overriding Samba Settings
Oops, sorry. I had a typo in my posting. I wrote: Until this new version of the Windows application came out, I never had any issues. ANY folder or file created by the application always had the same permissions: 2750 or 570 (respectively) I should have written: Until this new version of the Windows application came out, I never had any issues. ANY folder or file created by the application always had the same permissions: 2750 or 750 (respectively) I switched a 7 and a 5. Andy Liebman Check out the new AOL. Most comprehensive set of free safety and security tools, free access to millions of high-quality videos from across the web, free AOL Mail and more. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows Application Overriding Samba Settings
I have just encountered a strange situation. A new version of a Windows application that I use was just released. Unlike previous versions of this application, when it writes data to my Samba share, it is setting permissions to be 777 on all files and folders. In contrast, previous versions of this application set permissions to be 2750 as I specify in the "share definition" in my smb.conf file. In smb.conf, in the share definition I specify: directory mask = 0750 create mask = 0750 My understanding is that this should LIMIT the maximum permissions that can be set for a file or folder created by Windows or a Windows application. The file or folder should never be group writable, or even accessible by "others". In addition, I have also played with specifying the following options: force directory mode = 2040 force create mode = 2040 Until this new version of the Windows application came out, I never had any issues. ANY folder or file created by the application always had the same permissions: 2750 or 570 (respectively) But NOW The Windows application seems to be completely getting around the limits that I imposed with Samba and Linux. All files and folders are getting set as: 0777 I even have the root directory of the share (in which files and folders are getting created) set to SGID -- yet Windows is managing to override this and is not preserving the SGID on new folders. Does anybody have a clue what's going on here? How can Windows or a Windows Application override my Linux and Samba settings? And is there anything I can do about it? FYI... In this case I am running Samba 3.0.13. The Windows version is XP SP2. Please don't suggest that I upgrade to Samba 3.0.2x (unless you know that it specifically solves this problem). That is not an option at the moment. Thanks in advance for the help. Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Fw: Poor performance getting lots of small files with WinXP/Win2k vs OS2
On Thu, Sep 21, 2006 at 11:31:57AM +0200, [EMAIL PROTECTED] wrote: > Hi, > We're doing some of performance tests with Linux Samba v3. > We're comparing WinXP/Win2k clients vs OS2 clients accessing a samba > server. > > For one test, we're coping 10.000 small files. > Let's say, we run the command copy \\sambaserver\1files\*.* > c:\data\1files > > With an OS2 client it takes 23 seconds to complete. > With an Windows client it takes 460 seconds to complete. > > Doing a Ethereal capture, the network usage is very different. > OS2 : > No. TimeSourceDestination Protocol > Info > > So, the performance difference is easy to explain > > Is there a way to avoid such network usage on a winXP client ? At the > client side ? At the Samba server side ? > Looks like it's related to the Windows NTFS environment This is breakage on the Windows XP client. There's nothing you can do except not use Windows, sorry. This is just what those clients do. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] create_builtin_(administrators|users): Failed to create (Administrators|Users)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bert van de Grift wrote: > Hi, > > Since I upgraded Samba from 3.0.23b,1 to 3.0.23c,1 on my FreeBSD > 6.2-PRERELEASE system I've the following messages in my logfile: > > Sep 20 17:02:46 snoozy smbd[58430]: create_builtin_administrators: > Failed to create Administrators > Sep 20 17:02:46 snoozy smbd[58430]: create_builtin_users: Failed to > create Users This is normal if you are using an idmap backend other than tdb or ldap. The annoying error message will be fixed in the next release. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFFEtrDIR7qMdg1EfYRAhKFAJ9UoLHKDdnOzv8jYdsQA9GUzg/IXQCgzLXI dB0Q6+fCsmfhLZqGKU8EigE= =xOBQ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How do I hide [Homes] share?
Add the following to your homes definition browseable = no Jon Theil Nielsen wrote: I don't know if I can actually make an attachement, but I'll try. Otherwise, I'll put it into the text message next time. Best regards, Jon On 09/20/2006 01:16 PM, Jon Theil Nielsen escreveu: > I have setup a samba pdc for my domain and it's working fine. The users > also get a network share as I would like. But when I go to the network > neighborhood, I see both the users home directory but also a "Homes" > share. As far as I can see, the content is the same, but I don't like > that way to do it. Is there a way to only show the home directory? Jon, something sounds wrong here. Could you please attach your smb.conf and the version of your Samba and your clients so we can have more info to try to help you? [homes] share is usually hidden. > Best regards, Jon Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> [global] workgroup = MFL server string = MFLSERVER2 log level = 10 logon script = netlogon.bat logon path = logon drive = H: domain logons = Yes os level = 80 preferred master = Yes domain master = Yes wins support = Yes ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 [NETLOGON] browseable = no path = /usr/local/lib/samba/netlogon available = no [homes] comment = Home directory on server writeable = yes delete readonly = yes user = % -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Transfer rates faster than 23MBps?
I wanted to follow up to my email to provide at least a partial answer to my problem. The stock RedHat AS4-U3 Samba config has SO_SNDBUF and SO_RCVBUF set to 8k. With this value, I can transfer a 1GB file in about 70-75 seconds, about 14MBps. If I increase those buffers to their max value of 64k, that same 1GB file transfers in 45-50 seconds, about 23MBps. That is the _ONLY_ configuration value I've found that made any difference in my setup. All the other tweaks I'd done, when removed, seemed to make no difference at all. I was playing with oplocks, buffers, max xmit sizes, you name it. But the socket option buffers was the only thing that made a difference. I'm still looking for more speed. I'll report if I find anything else that helps. In response to Jeremy's suggestion of using smbclient, I ran a test from a Linux client using smbclient and it reported a transfer rate of 21MBps, about the same as a normal smbfs mount. I haven't tried porting smbclient to Windows yet, and probably won't until we get more info on what the server is doing. Thanks everyone. -Mark Mark Smith wrote: We use SMB to transfer large files (between 1GB and 5GB) from RedHat AS4 Content Storage servers to Windows clients with 6 DVD burners and robotic arms and other cool gadgets. The servers used to be Windows based, but we're migrating to RedHat for a host of reasons. Unfortunately, the RedHat Samba servers are about 2.5 times slower than the Windows servers. Windows will copy a 1GB file in about 30 seconds, where as it takes about 70 to 75 seconds to copy the same file from a RedHat Samba server. I've asked Dr. Google and gotten all kinds of suggestions, most of which have already been applied by RedHat to the stock Samba config. I've opened a ticket with RedHat. They pointed out a couple errors in my config, but fixing those didn't have any effect. Some tweaking, however, has gotten the transfer speed to about 50 seconds for that 1GB file. But I seem to have hit a brick wall; my fastest time ever was 44 seconds, but typically it's around 50. I know it's not a problem with network or disk; if I use Apache and HTTP to transfer the same file from the same server, it transfers in about 15 to 20 seconds. Unfortunately, HTTP doesn't meet our other requirements for random access to the file. Do you folks use Samba for large file transfers at all? Have you had any luck speeding it up past about 23MBps (the 44 second transfer speed)? Any help you may have would be fantastic. Thanks. -Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Creating many subgroups in my domain
Hi Everybody, I'm a bit newbie for this solution and the solution will be: Samba-3.0.23c (Working with PDC) + OpenLDAP 2.3.27 so far SQUID and CUPS In my network I had a Domain call "HEADOFFICE" but I wanna create many subgroups for my departments, cause my network has more than 10 departments and I wanna subdivide in many subgroups machine. I already read the documentation http://us5.samba.org/samba/docs/man/Samba-Guide/happy.html and http://us5.samba.org/samba/docs/man/Samba-Guide/2000users.html but i coudn't find the solution for my challange so far I though the best ideia was writing in the samba list. Thks _ MSN Messenger: instale grátis e converse com seus amigos. http://messenger.msn.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount failed
Hi all, I am trying to cross compile samba version 2.2.12 to an ARM platform (kernel 2.4.20) using arm-tools chain 3.4.2. I get the smbmount compiled, however, when I want to mount a directory that is located in a Windows XP PC, I get the following message: WARNING: The "strip dot"option is deprecated unrecognized character set handle_source_env: Failed to open file , Error was Success WARNING: The "alternate permissions"option is deprecated WARNING: The "status"option is deprecated WARNING: The "postscript"option is deprecated WARNING: The "printer driver"option is deprecated WARNING: The "printer driver file"option is deprecated WARNING: The "printer driver location"option is deprecated Unable to copy service - source not found: execvp of smbmnt failed. Error was No such file or directory.smbmnt failed: 1 And I cannot mount the directory. I do not think that it is related the permission problem because when I use wrong username/password or try in some wrong target paths, it can report me the corresponding error message. I have tried another tool - smbclient, which works perfectly! Seems that I am just not able to mount with smbmount. Can anyone one elp me to solve this problem? Thanks a lot! Hei -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: current master browser = UNKNOWN / failing WINS test #1 on 3.0.23c
Here is my smb.conf also, maybe it is something silly I have set in that. [global] workgroup = DOMAIN_UK netbios name = UK_PDC interfaces = eth0 bind interfaces only = Yes admin users = root administrator server string = UK PDC security = user enable privileges = Yes load printers = yes printing = cups printcap = cups printcap name = cups show add printer wizard = yes log file = /var/log/samba/log.%m remote announce = 10.10.20.1 10.1.0.11 10.1.0.12 10.10.80.15 remote browse sync = 10.10.20.1 10.1.0.11 10.1.0.12 10.1.10.80.15 max log size = 1 ldap ssl = on passdb backend = ldapsam:ldaps://uk_pdc:636 ldap admin dn = uid=root,ou=users,o=uk.on2.com ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap suffix = o=uk.on2.com ldap idmap suffix = ou=idmap ldap delete dn = no add user script = /usr/local/sbin/smbldap-useradd -m '%u' delete user script = /usr/local/sbin/smbldap-userdel %u add group script = /usr/local/sbin/smbldap-groupadd -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel '%g' add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/local/sbin/smbldap-useradd -t 5 -w '%u' dos charset = 850 unix charset = ISO8859-1 ldap passwd sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 128 domain master = yes domain logons = yes local master = yes preferred master = yes logon script = logon.bat encrypt passwords = yes unix password sync = no passwd program = /usr/local/sbin/smbldap-passwd -o %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*successfully* logon path = c:\Documents and Settings\%U wins support = yes map to guest = Never nt acl support = true Dan wrote: I am having trouble with one of my samba PDC's. It does not recognize itself as the domain master browser even though it is set to be so. I can not add machines to this domain and I suspect this is why. Has anybody seen this or know what causes it? Notice this: DOMAIN_ALBANY(3) current master browser = ALBANY_PDC DOMAIN_NYC(2) current master browser = NYC_PDC DOMAIN_UK(1) current master browser = UNKNOWN but right above it there is dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0: DOMAIN_UK(1) current master browser = UK_PDC So I am lost as to what is going on. Here is the the coorsponding part of the nmbd log: [2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777) Sending a packet of len 176 to (10.1.0.11) on port 138 [2006/09/21 12:35:25, 5] nmbd/nmbd_sendannounce.c:browse_sync_remote(576) announce_remote: Doing remote browse sync announce for server UK_PDC to IP 10.1.0.12. [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:send_mailslot(1921) send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from UK_PDC<00> IP 10.10.20.1 to *<00> IP 10.1.0.12 [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:debug_browse_data(100) debug_browse_data(): 0 char .UK_PDC. hex 0d 55 4b 5f 50 44 43 00 [2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777) Sending a packet of len 176 to (10.1.0.12) on port 138 [2006/09/21 12:35:25, 5] nmbd/nmbd_sendannounce.c:browse_sync_remote(576) announce_remote: Doing remote browse sync announce for server UK_PDC to IP 0.0.0.0. [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:send_mailslot(1921) send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from UK_PDC<00> IP 10.10.20.1 to *<00> IP 0.0.0.0 [2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:debug_browse_data(100) debug_browse_data(): 0 char .UK_PDC. hex 0d 55 4b 5f 50 44 43 00 [2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777) Sending a packet of len 176 to (0.0.0.0) on port 138 [2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282) dump_workgroups() dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0: DOMAIN_UK(1) current master browser = UK_PDC UK_PDC 408c9b0b (UK PDC) PAULP4 40011207 () [2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.10.20.1: DOMAIN_ALBANY(3) current master browser = ALBANY_PDC DOMAIN_NYC(2) current master browser = NYC_PDC DOMAIN_UK(1) current master browser = UNKNOWN UK_PDC 40899b0b (UK PDC) [2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171) find_workgroup_on_subnet: workgroup search for DOMAIN_UK on subnet UNICAST_SUBNET: found. [2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171) find_workgroup_on_subnet: workgroup search for DO
[Samba] current master browser = UNKNOWN / failing WINS test #1 on 3.0.23c
I am having trouble with one of my samba PDC's. It does not recognize
itself as the domain master browser even though it is set to be so. I
can not add machines to this domain and I suspect this is why. Has
anybody seen this or know what causes it? Notice this:
DOMAIN_ALBANY(3) current master browser = ALBANY_PDC
DOMAIN_NYC(2) current master browser = NYC_PDC
DOMAIN_UK(1) current master browser = UNKNOWN
but right above it there is
dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0:
DOMAIN_UK(1) current master browser = UK_PDC
So I am lost as to what is going on.
Here is the the coorsponding part of the nmbd log:
[2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777)
Sending a packet of len 176 to (10.1.0.11) on port 138
[2006/09/21 12:35:25, 5] nmbd/nmbd_sendannounce.c:browse_sync_remote(576)
announce_remote: Doing remote browse sync announce for server UK_PDC
to IP 10.1.0.12.
[2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:send_mailslot(1921)
send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from UK_PDC<00> IP
10.10.20.1 to *<00> IP 10.1.0.12
[2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:debug_browse_data(100)
debug_browse_data():
0 char .UK_PDC. hex 0d 55 4b 5f 50 44 43 00
[2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777)
Sending a packet of len 176 to (10.1.0.12) on port 138
[2006/09/21 12:35:25, 5] nmbd/nmbd_sendannounce.c:browse_sync_remote(576)
announce_remote: Doing remote browse sync announce for server UK_PDC
to IP 0.0.0.0.
[2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:send_mailslot(1921)
send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from UK_PDC<00> IP
10.10.20.1 to *<00> IP 0.0.0.0
[2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:debug_browse_data(100)
debug_browse_data():
0 char .UK_PDC. hex 0d 55 4b 5f 50 44 43 00
[2006/09/21 12:35:25, 5] libsmb/nmblib.c:send_udp(777)
Sending a packet of len 176 to (0.0.0.0) on port 138
[2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282)
dump_workgroups()
dump workgroup on subnet 10.10.20.1: netmask= 255.255.255.0:
DOMAIN_UK(1) current master browser = UK_PDC
UK_PDC 408c9b0b (UK PDC)
PAULP4 40011207 ()
[2006/09/21 12:35:25, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(282)
dump_workgroups()
dump workgroup on subnet UNICAST_SUBNET: netmask= 10.10.20.1:
DOMAIN_ALBANY(3) current master browser = ALBANY_PDC
DOMAIN_NYC(2) current master browser = NYC_PDC
DOMAIN_UK(1) current master browser = UNKNOWN
UK_PDC 40899b0b (UK PDC)
[2006/09/21 12:35:25, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171)
find_workgroup_on_subnet: workgroup search for DOMAIN_UK on subnet
UNICAST_SUBNET: found.
[2006/09/21 12:35:25, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171)
find_workgroup_on_subnet: workgroup search for DOMAIN_UK on subnet
UNICAST_SUBNET: found.
[2006/09/21 12:35:25, 10] lib/util_sock.c:read_udp_socket(294)
read_udp_socket: lastip 10.10.20.1 lastport 138 read: 176
[2006/09/21 12:35:25, 5] libsmb/nmblib.c:read_packet(755)
Received a packet of len 176 from (10.10.20.1) port 138
[2006/09/21 12:35:25, 7] nmbd/nmbd_packets.c:listen_for_packets(1833)
discarding own dgram packet from 10.10.20.1:138
[2006/09/21 12:35:25, 9] nmbd/nmbd_namelistdb.c:find_name_on_subnet(127)
find_name_on_subnet: on subnet 10.10.20.1 - found name DOMAIN_UK<1d>
source=2
[2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:process_dgram(1270)
process_dgram: datagram from UK_PDC<00> to DOMAIN_UK<1d> IP 10.10.20.1
for \MAILSLOT\BROWSE of type 1 len=39
[2006/09/21 12:35:25, 8] lib/util.c:is_myname(2036)
is_myname("UK_PDC") returns 1
[2006/09/21 12:35:25, 0] nmbd/nmbd_packets.c:process_browse_packet(1061)
process_browse_packet: Discarding datagram from IP 10.10.20.1. Source
name UK_PDC<00> is one of our names !
[2006/09/21 12:35:25, 9] nmbd/nmbd_namelistdb.c:find_name_on_subnet(127)
find_name_on_subnet: on subnet 10.10.20.1 - found name *<00> source=5
[2006/09/21 12:35:25, 4] nmbd/nmbd_packets.c:process_dgram(1270)
process_dgram: datagram from UK_PDC<00> to *<00> IP 10.10.20.1 for
\MAILSLOT\BROWSE of type 13 len=8
[2006/09/21 12:35:25, 8] lib/util.c:is_myname(2036)
is_myname("UK_PDC") returns 1
[2006/09/21 12:35:25, 0] nmbd/nmbd_packets.c:process_browse_packet(1061)
process_browse_packet: Discarding datagram from IP 10.10.20.1. Source
name UK_PDC<00> is one of our names !
[2006/09/21 12:35:25, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171)
find_workgroup_on_subnet: workgroup search for DOMAIN_UK on subnet
10.10.20.1: found.
[2006/09/21 12:35:25, 10]
nmbd/nmbd_sendannounce.c:announce_myself_to_domain_master_browser(382)
announce_myself_to_domain_master_browser: t (1158856525) -
last(1158856321) < 900
[2006/09/21 12:35:25, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171)
find_workgroup_on_subnet: workgroup search for DOMAIN_UK on subnet
UNIC
Re: [Samba] How do I hide [Homes] share?
I don't know if I can actually make an attachement, but I'll try. Otherwise, I'll put it into the text message next time. Best regards, Jon On 09/20/2006 01:16 PM, Jon Theil Nielsen escreveu: > I have setup a samba pdc for my domain and it's working fine. The users > also get a network share as I would like. But when I go to the network > neighborhood, I see both the users home directory but also a "Homes" > share. As far as I can see, the content is the same, but I don't like > that way to do it. Is there a way to only show the home directory? Jon, something sounds wrong here. Could you please attach your smb.conf and the version of your Samba and your clients so we can have more info to try to help you? [homes] share is usually hidden. > Best regards, Jon Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> [global] workgroup = MFL server string = MFLSERVER2 log level = 10 logon script = netlogon.bat logon path = logon drive = H: domain logons = Yes os level = 80 preferred master = Yes domain master = Yes wins support = Yes ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 [NETLOGON] browseable = no path = /usr/local/lib/samba/netlogon available = no [homes] comment = Home directory on server writeable = yes delete readonly = yes user = % -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbindd 3.0.23c crash after 'getent group'
Hi list, I've just upgrade my current samba config to 3.0.23c on Suse 9.1. x86 I join my active directory 2003 domain and 'getent passwd' works fine but each time I run 'getent group' winbind crash I deleted the winbindd_cache.tdb but nothing better wbinfo -u / wbinfo -g works wbinfo -t tells "checking the trust secret via RPC calls succeeded" Can someone help me I try a lot of thing but I'm still here! Thank you this is the log for: echo "" > /var/log/samba/log.winbindd; winbindd -d3; getent passwd; getent group -- [2006/09/21 18:09:57, 1] nsswitch/winbindd.c:main(953) winbindd version 3.0.23c started. Copyright The Samba Team 2000-2004 [2006/09/21 18:09:57, 3] param/loadparm.c:lp_load(4945) lp_load: refreshing parameters [2006/09/21 18:09:57, 3] param/loadparm.c:init_globals(1410) Initialising global parameters [2006/09/21 18:09:57, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/09/21 18:09:57, 3] param/loadparm.c:do_section(3687) Processing section "[global]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[homes]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[users]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[groups]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[pdf]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[printers]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[print$]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[c$]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[commun]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[domain_master_commun]" [2006/09/21 18:09:57, 2] param/loadparm.c:do_section(3704) Processing section "[web]" [2006/09/21 18:09:57, 3] param/loadparm.c:lp_add_ipc(2629) adding IPC service [2006/09/21 18:09:57, 2] lib/interface.c:add_interface(81) added interface ip=192.168.3.5 bcast=192.168.3.255 nmask=255.255.255.0 [2006/09/21 18:09:57, 2] lib/interface.c:add_interface(81) added interface ip=192.168.3.5 bcast=192.168.3.255 nmask=255.255.255.0 [2006/09/21 18:09:57, 2] lib/tallocmsg.c:register_msg_pool_usage(61) Registered MSG_REQ_POOL_USAGE [2006/09/21 18:09:57, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2006/09/21 18:09:57, 2] nsswitch/winbindd_util.c:add_trusted_domain(175) Added domain DOMAIN DOMAIN.COM S-1-5-21-1275210071-1343024091-725345543 [2006/09/21 18:09:57, 2] nsswitch/winbindd_util.c:add_trusted_domain(175) Added domain COMPIERE S-1-5-21-1073812646-762281468-2107077839 [2006/09/21 18:09:57, 2] nsswitch/winbindd_util.c:add_trusted_domain(175) Added domain BUILTIN S-1-5-32 [2006/09/21 18:09:57, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(474) [0]: request interface version [2006/09/21 18:09:57, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(507) [0]: request location of privileged pipe [2006/09/21 18:09:57, 3] nsswitch/winbindd_user.c:winbindd_setpwent_internal(432) [0]: setpwent [2006/09/21 18:09:57, 3] nsswitch/winbindd_user.c:winbindd_getpwent(622) [0]: getpwent [2006/09/21 18:09:57, 3] lib/util.c:fcntl_lock(1965) fcntl_lock: lock failed at offset 0 count 1 op 13 type 0 (Resource temporarily unavailable) [2006/09/21 18:09:58, 3] nsswitch/winbindd_cm.c:cm_get_ipc_userpass(91) cm_get_ipc_userpass: Retrieved auth-user from secrets.tdb [DOMAIN\Administrator] [2006/09/21 18:09:58, 3] libsmb/cliconnect.c:cli_session_setup_spnego(723) Doing spnego session setup (blob length=115) [2006/09/21 18:09:58, 3] libsmb/cliconnect.c:cli_session_setup_spnego(748) got OID=1 2 840 48018 1 2 2 [2006/09/21 18:09:58, 3] libsmb/cliconnect.c:cli_session_setup_spnego(748) got OID=1 2 840 113554 1 2 2 [2006/09/21 18:09:58, 3] libsmb/cliconnect.c:cli_session_setup_spnego(748) got OID=1 2 840 113554 1 2 2 3 [2006/09/21 18:09:58, 3] libsmb/cliconnect.c:cli_session_setup_spnego(748) got OID=1 3 6 1 4 1 311 2 2 10 [2006/09/21 18:09:58, 3] libsmb/cliconnect.c:cli_session_setup_spnego(757) got [EMAIL PROTECTED] [2006/09/21 18:09:58, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(546) Doing kerberos session setup [2006/09/21 18:09:58, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(488) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect] expiration Fri, 22 Sep 2006 04:09:58 CEST [2006/09/21 18:09:58, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine domain_master pipe \lsarpc fnum 0x800d bind request returned ok. [2006/09/21 18:09:58, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine domain_master pipe \lsarpc fnum 0
[Samba] Failed to add computers to domain since samba 3.0.23
Dear All, I have a Samba PDC, backend with LDAP. After I upgrade samba from 3.0.22 to 3.0.23c, I cannot add any computer into this domain. The log is showed below: [2006/09/21 23:04:25, 0] auth/auth_util.c:create_builtin_administrators(785) create_builtin_administrators: Failed to create Administrators [2006/09/21 23:04:25, 0] auth/auth_util.c:create_builtin_users(751) create_builtin_users: Failed to create Users [2006/09/21 23:04:25, 0] auth/auth_util.c:create_builtin_administrators(785) create_builtin_administrators: Failed to create Administrators [2006/09/21 23:04:25, 0] auth/auth_util.c:create_builtin_users(751) create_builtin_users: Failed to create Users Do I need to create some group mapping? Can I map Domain Admins and Administrators to the same unix group? Thank you in advance. With Best Regards, Jui-Nan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: winbindd + mod_ntlm_winbind, why do we need "net join ..." ?
On 9/21/06, Juan Rodriguez <[EMAIL PROTECTED]> wrote:
Hello,
I would like to use NTLM authentication on my Apache2 server, and I've
found
out this link which works very well for me,
http://download.samba.org/ftp/unpacked/lorikeet/mod_ntlm_winbind
I'm newbie to samba, and to make this stuff work, I had to execute
"net join -S -U ", because winbindd complained about
"did we join ?"... (all of this can be found on man winbindd).
I've managed to avoid this message using:
"net rpc getsid", but then I get the following error when I try to
authenticate
through mod_auth_winbind:
(this is the output of winbindd)
...
process_request: request fn AUTH_CRAP
[11189]: pam auth crap domain: user:
is_myname("") returns 0
secrets_fetch failed!
get_trust_pw: could not fetch trust account password for domain
could not open handle to NETLOGON pipe (error:
NT_STATUS_CANT_ACCESS_DOMAIN_INFO)
--
JFRH
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] workgroup drive mapping
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2006 06:28 AM, Rob Shepherd escreveu: > Hi All, > > I have samba serving homes and group shares in my workgroup. 30% of > client systems are portables and spend >50% of their time off site. > Others are fixed single user workstations. > > I have no need to operate a domain, however what options do I have to > simplify mapping drives once local network or VPN access is restored. > > Is there some logon script type stuff I can use just for the workgroup? > or some windows client software? I see two alternatives (at least): 1) Windows 2000 and XP should be able to deal with online/offline shares "automagically" 2) DOS Scripts to remap the share using 'net use'. > Thanks > Rob Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFErNgCj65ZxU4gPQRAr1LAJ4gDTRFZ4V+0c5qn1/QssJex+79AACgo1eJ FDmSdjc75nlKcSf4xk5j50U= =4Zl2 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] administrative shares
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2006 07:39 AM, Luca Ferrari escreveu: > Hi all, > I cannot find a good description of how to use the windows administrative > shares. If you find it, let us all know about it. :-) > Since I'd like to mount them from a Linux box, using samba, to > perform backup of the user client, I'd like to know how can I > access them. In particular, in a computer where I've got a > single user, without password, what are the share credentials? > And how can I set permissions for such share? Any good document? You should use something like: \\server\c$ When accessing use the "Administrator" account, something like the below line should work: $ smbclient -U Administrator -L "\\server\c$" You can't do lots of things with administrative shares, in some cases you can't change it (and you can't unshare it). The permissions usually point to the Domain Administrators and Machine Administrators. > Thanks, > Luca For backups, search cwrsync, is a nice tool that allow you to run rsync in Windows Machines, it could really help you out. :) - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFErMACj65ZxU4gPQRAlbWAJ9yRPR7RAbBoryCHXjSU4JpewZswwCdEL5b qSjbaNEz01nfE8ZoJEtdGJg= =n1e6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [BUG?] Re: [Samba] Adding Printer via "Run" vs "Printers and Faxes"
Felipe Augusto van de Wiel wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2006 12:36 PM, Patrick McLean escreveu: Hi I am having a problem where if I try to add a printer by simply typing \\server\printer in the Run dialog, I get a rather verbose error message ending in "Incorrect Function". If I add the printer with "Add Printer" in "Printers and Faxes" everything works fine. (It looks like the same problem mentioned here: http://lists.samba.org/archive/samba/2006-September/125147.html) I am running samba 3.0.23c. I can provide full "log level = 10" logs of both methods of adding the printer, my smb.conf and any other information that you might need. It could be a bug, I'm changing the Subject and our beloved Samba Developers can see it, but it was working in any early version of Samba (before 3.0.23)? I haven't tried it in earlier versions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[BUG?] Re: [Samba] Adding Printer via "Run" vs "Printers and Faxes"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2006 12:36 PM, Patrick McLean escreveu: > Hi > > I am having a problem where if I try to add a printer by simply typing > \\server\printer in the Run dialog, I get a rather verbose error message > ending in "Incorrect Function". If I add the printer with "Add Printer" > in "Printers and Faxes" everything works fine. > > (It looks like the same problem mentioned here: > http://lists.samba.org/archive/samba/2006-September/125147.html) > > I am running samba 3.0.23c. > I can provide full "log level = 10" logs of both methods of adding the > printer, my smb.conf and any other information that you might need. > > > PS: Please keep me on the CC as I am not subscribed to this list. It could be a bug, I'm changing the Subject and our beloved Samba Developers can see it, but it was working in any early version of Samba (before 3.0.23)? Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFErGvCj65ZxU4gPQRAsqDAKCselWGo8tdR5H/n2vC1juy1jM3dACcDxbQ RQdAhLq4iwGJsyMCGyi/q3k= =0kLK -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] re: smb.conf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2006 12:55 PM, Gerald Humphreys escreveu: > Hi guys Don't forget the girls... they are always around. :) > My client is really bugging me to get this working. > I create a folder called "private" and added this into my smb.conf file, > but when i browse to the folder "private" using wendy or pierre i get > access denied. soneone told me i must make sure the filesystem of the > folder private is set to nobody. Is that correct and how will i go on by > doing this. Who is the owner (and group) of "/home/samba/private"? What are the groups of pierre and wendy? > [private] > writeable = yes > public = no > guest ok = no > path = /home/samba/private > valid users = pierre, wendy > write list = pierre, wendy > force user = nobody If you use "force user" than you need to proper setup the owner and group on the filesystem. > Regards > Gerald Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFErEhCj65ZxU4gPQRAh/7AJ9gOuHwM0eLIH0R68QMLio3spmalgCdHUEC tGTsgXjU83wW5bSmDfrRGN4= =wBsF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Hung XFS filesystems on Samba server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2006 01:17 PM, Weber, Charles (NIH/NIA/IRP) [C] escreveu: > This is probably a hardware problem but I am posting here in case anyone > else has seen it or it is actually software. > If you have seen anything like it please let me know. > Chuck [...] > Software: > I started with Fedora Core2 X86_64 and have worked my way to Fedora Core > 5 and samba 3.0.22-1.fc5, acl 2.2.34 and xfsprogs 2.7.3-1.2.1. No > software changes have made any difference that I can see in this > problem. Samba shares support ACLs. > Hardware possiblities: > This has occurred in the same 2 disk carriers. I could change the disk > carriers or U320 modules. I worry also about the mix of U320 and U3 > disks. I setup a test server dl385 with a 6404 from the problem server > and a disk carrier with mix of drives. I could not recreate the problem. > Software possiblities: > Kernel, Samba, ACLs and XFS. But I have tried many versions and not seen > any logged errors or change in behavior. I don't have such powerful infrastructure, I have 0.6 TB using XFS and I don't have any problems. But I'm using Debian Sarge with Samba 3.014a and Debian Kernel. But maybe this information could be an useful reference, at least I hope so. ;) Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFErCcCj65ZxU4gPQRAuhaAJ9tamwV7H8cDXuA6tK33TR6Bke/8wCeNrck GA1/XWU89kd7q8moEfOTCdw= =AixS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Excel Save Problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/20/2006 04:37 PM, Christian Nekola escreveu: > a upgrade is a nice idea ;-) Indeed. And it is a recommended one. ;) > the problem is, the version 3.0.10 is the default red hat enterprise 4 > packet. > redhat doesn't offer any updates. Hmmm, maybe FC compatible RPMs? Or Samba RPMs? > today i want update to 3.0.14a with a rpm packet, but there were too > many failed dependencies :-( > > now i think, i build samba myself, but i don't know which problems can > happen if i do this. > the server is in production 3.0.14 and 3.0.2x have big changes, you should read the NEWS/Changes about versions and check how it could impact you and your server. > my running smb.conf: > #=== Global Settings > = > > [global] > server string = Samba Server > workgroup = xionitag > netbios name = miraculix > interfaces = 10.1.1.203 > smb ports = 139 > passdb backend = tdbsam > > #---Browsing und WINS-Server > os level = 65 > local master = yes > domain master = yes > preferred master = yes > wins support = no > name resolve order = lmhosts host dns > dns proxy = no > > #---Domaenen-Login, Login-Skript, Profil-Pfad --- > domain logons = yes > logon script = login.cmd > logon home = \\%L\%U > logon drive = I: > > username map = /etc/samba/smbusers > add user script = /usr/local/bin/useradd -m %u > delete user script = /usr/sbin/userdel -r %u > add group script = /usr/sbin/groupadd %g > delete group script = /usr/sbin/groupdel %g > add user to group script = /usr/sbin/usermod -G %g %u > add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g > xion %u > > #---Log-Dateien anlegen- > log file = /var/log/samba/%m.log > # all log information in one file > #log file = /var/log/samba/smbd.log > max log size = 5000 > > #---Druckereinstellungen-- > printcap name = cups > load printers = yes > printing = cups > cups options = raw > > #Zeit-Server- > time server = yes > > #Tuning Options > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE Maybe you can turn the SO_KEEPALIVE, *maybe*. :) > # socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > getwd cache = yes > read raw = yes > write raw = yes > dead time = 5 > keepalive = 150 These are default options of a stock samba or did you "tune" it? Maybe you could revert for the default options (check the manpage for reference). [...] Good luck. Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFEp4ECj65ZxU4gPQRAj9cAKCXGLs4XyXTexREoOQ9lcTlHWb1NQCfSs4U VCjYz5JP8zL+1Y+p5DqO2CE= =5WZ6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Other domain sequence numbers are -1
Everyone,
I have configured a new SLES 10 server exactly the same as I
had previously configured a SLES 9 server. The only difference is the
version of samba. On the SLES 10 server, I am running the 3.0.23c
level, the SLES 9 server is behind a little. My problem is with
connecting to other AD domains. Only my default domain has a valid
sequence number. All the other domains are showing up as a -1. This
information was retrieved from the logs since the wbinfo -sequence
command times out.
Here are the relevant pieces of information. Can someone
suggest what I may be doing wrong? This is very confusing to me since
it works perfectly on my SLES 9 server and I copied the configuration
from there.
Thanks,
Ron
>From krb5.conf:
[libdefaults]
default_tgs_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC
default_tkt_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC
preferred_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC
default_realm = NA.UIS.UNISYS.COM
dns_lookup_kdc = true
[realms]
NA.UIS.UNISYS.COM = {
kdc = 192.63.225.67:88
admin_server = 192.63.225.67:749
}
EU.UIS.UNISYS.COM = {
kdc = 192.61.146.133:88
admin_server = 192.61.146.133:749
}
AP.UIS.UNISYS.COM = {
kdc = 192.61.146.132:88
admin_server = 192.61.146.132:749
}
LAC.UIS.UNISYS.COM = {
kdc = 192.61.146.131:88
admin_server = 192.61.146.131:749
}
[domain_realm]
.na.uis.unisys.com = NA.UIS.UNISYS.COM
na.uis.unisys.com = NA.UIS.UNISYS.COM
.eu.uis.unisys.com = EU.UIS.UNISYS.COM
eu.uis.unisys.com = EU.UIS.UNISYS.COM
.ap.uis.unisys.com = AP.UIS.UNISYS.COM
ap.uis.unisys.com = AP.UIS.UNISYS.COM
.lac.uis.unisys.com = LAC.UIS.UNISYS.COM
lac.uis.unisys.com = LAC.UIS.UNISYS.COM
>From smb.conf:
[global]
workgroup = NA
realm = NA.UIS.UNISYS.COM
netbios name = M1016
encrypt passwords = yes
security = ADS
password server = 192.63.225.67 192.63.225.68
passdb backend = smbpasswd
log level = 2 winbind:10 ads:10 auth:10
syslog = 0
log file = /var/log/samba/%m.log
max log size = 5000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
winbind use default domain = no
winbind uid = 16777216-33554431
winbind gid = 16777216-33554431
winbind enum users = no
winbind enum groups = no
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [SOLVED]Re: Problem with large files
On 9/19/06, Valerio daelli <[EMAIL PROTECTED]> wrote: On 9/19/06, Valerio daelli <[EMAIL PROTECTED]> wrote: > > Hi > we have samba 3.0.14a on FreeBSD 5.4. > We tried with different kind of locking and oplocks (both enabled and disabled). > If we try to copy from a Windows XP client a file larger than 3g, we get these error: > Hi we solved removing the option 'strict allocate=yes' from the smb.conf file. Now everything works as expected. Bye Valerio -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to connect samba server using hostname [2]
Hi, I've got th same problem than in this tread (no solution found) : http://lists.samba.org/archive/samba/2005-November/113914.html except I've got the problem on all stations. I am unable to connect to samba server using it's hostname, whereas it's work with IP address. When I use the hostname, Samba always request for login/password. [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows Server 2003 3790 Service Pack 1] NativeLanMan=[] [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 2 840 48018 1 2 2 [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 2 840 113554 1 2 2 [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 3 6 1 4 1 311 2 2 10 [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(388) Got secblob of size 1201 [2006/09/21 12:59:04, 10] passdb/secrets.c:secrets_named_mutex(697) secrets_named_mutex: got mutex for replay cache mutex [2006/09/21 12:59:04, 10] libads/kerberos_verify.c:ads_verify_ticket(310) ads_verify_ticket: enc type [16] failed to decrypt with error Bad encryption type [2006/09/21 12:59:04, 3] libads/kerberos_verify.c:ads_verify_ticket(310) ads_verify_ticket: enc type [3] failed to decrypt with error Decrypt integrity check failed [2006/09/21 12:59:04, 10] libads/kerberos_verify.c:ads_verify_ticket(310) ads_verify_ticket: enc type [1] failed to decrypt with error Bad encryption type [2006/09/21 12:59:04, 10] passdb/secrets.c:secrets_named_mutex_release(709) secrets_named_mutex: released mutex for replay cache mutex [2006/09/21 12:59:04, 3] libads/kerberos_verify.c:ads_verify_ticket(317) ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type) [2006/09/21 12:59:04, 1] smbd/sesssetup.c:reply_spnego_kerberos(172) Failed to verify incoming ticket! Samba has been correctly register in the domain. Samba use Windows 2003 server as NTP server. I could obtain user list and group list from winbind. I could resolve workstations name from Samba server. There is no IP restriction on Samba server. When I use IP address, log is different : [2006/09/21 13:04:23, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] [2006/09/21 13:04:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 3 6 1 4 1 311 2 2 10 [2006/09/21 13:04:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(388) Got secblob of size 40 [2006/09/21 13:04:23, 5] auth/auth.c:make_auth_context_subsystem(484) Making default auth method list for security=ADS [...] I've got something like "auth/auth.c:make_auth_context_subsystem" with IP and "passdb/secrets.c:secrets_named_mutex" with hostname. Any ideas ? Kindest regards, David. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Foreign SID's and winbind use default domain
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi In the Samba HOWTO (ch. 24 section 24.3.2) is written "When winbind is used, the default condition is that the local user george will be treated as the account DOMAIN\george and the foreign (non-member of the domain) account will be treated as MACHINE\george because each has a different SID." I have enable 'winbind use default domain' in smb.conf in the hope that it changes the above stated behaviour to treat local user george as DOMAIN\george Is this correct to hope for (it seems to work in some cases)? - -- MVH / Best regards Mikael M. Hansen IT-administrator Computer Science Dept. Email: [EMAIL PROTECTED] Aalborg University Phone: +45 9635 8905 Fredrik Bajers Vej 7E Room: E2-121 DK-9220 Aalborg, Denmark -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFEnTD1ZklRSLjnxgRAnXGAJ9+9jvRJ+aRA9lLRYPWLNqxkeMb+QCaAuDR 7F5Ki4BHn7ruMrln0486OPc= =ss8V -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd + mod_ntlm_winbind, why do we need "net join ..." ?
Hello, I would like to use NTLM authentication on my Apache2 server, and I've found out this link which works very well for me, http://download.samba.org/ftp/unpacked/lorikeet/mod_ntlm_winbind I'm newbie to samba, and to make this stuff work, I had to execute "net join -S -U ", because winbindd complained about "did we join ?"... (all of this can be found on man winbindd). I'm wondering why do you have to exec "net join". Can't winbindd forward all authentication requests to the domain controller without doing "nej join" ? Isn't there other options ? I've checked "Apache2::AuthenNTLM" and this module seems to be able to authenticate NTLM requests without joining the DC. Maybe I am wrong, any explanation about all this would be very useful. I plan to use NTLMv2 and the perl module doesn't do that so that's the reason I would like to work with mod_ntlm_winbind (without "net join") I'm looking forward to your replies. Thanks in advance. -- JFRH -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Fw: Poor performance getting lots of small files with WinXP/Win2k vs OS2
Hi, We're doing some of performance tests with Linux Samba v3. We're comparing WinXP/Win2k clients vs OS2 clients accessing a samba server. For one test, we're coping 10.000 small files. Let's say, we run the command copy \\sambaserver\1files\*.* c:\data\1files With an OS2 client it takes 23 seconds to complete. With an Windows client it takes 460 seconds to complete. Doing a Ethereal capture, the network usage is very different. OS2 : No. TimeSourceDestination Protocol Info 15 0.58876610.16.43.123 10.240.47.86 SMB Open AndX Request, Path: \1\0511_3008.IN; Read AndX, FID: 0x, 4096 bytes at offset 0 16 0.58900810.240.47.86 10.16.43.123 SMB Open AndX Response, FID: 0x2a81; Read AndX, FID: 0x, 74 bytes 17 0.58925110.16.43.123 10.240.47.86 SMB Close Request, FID: 0x2a81 18 0.58949410.240.47.86 10.16.43.123 SMB Close Response WinXP SP2: Trace Windows XP: No. TimeSourceDestination Protocol Info 16 1.00173410.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000\0D02_1707.IN 17 1.00196810.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 18 1.00245410.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000\0D02_1707.IN 19 1.00269710.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 20 1.00294010.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000 21 1.00318410.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 22 1.00342710.16.37.96 10.240.47.86 SMB Trans2 Request, FIND_FIRST2, Pattern: \1000\0D02_1707.IN 23 1.00367010.240.47.86 10.16.37.96 SMB Trans2 Response, FIND_FIRST2, Files: 0D02_1707.IN 24 1.00391310.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \1000\0D02_1707.IN 25 1.00415710.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 26 1.00440010.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_PATH_INFO, Query File Standard Info, Path: \1000\0D02_1707.IN 27 1.00440210.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_PATH_INFO 28 1.00488610.16.37.96 10.240.47.86 SMB NT Create AndX Request, Path: \1000\0D02_1707.IN 29 1.00512910.240.47.86 10.16.37.96 SMB NT Create AndX Response, FID: 0x1cf0 30 1.00537310.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_FILE_INFO, FID: 0x1cf0, Query File Internal Info 31 1.00561510.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_FILE_INFO 32 1.00610210.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_FILE_INFO, FID: 0x1cf0, Query File Basic Info 33 1.00610410.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_FILE_INFO 34 1.00634510.16.37.96 10.240.47.86 SMB Trans2 Request, SET_FILE_INFO, FID: 0x1cf0 35 1.00658910.240.47.86 10.16.37.96 SMB Trans2 Response, SET_FILE_INFO 36 1.00707510.16.37.96 10.240.47.86 SMB Read AndX Request, FID: 0x1cf0, 222 bytes at offset 0 37 1.00731810.240.47.86 10.16.37.96 SMB Read AndX Response, FID: 0x1cf0, 222 bytes 38 1.00780410.16.37.96 10.240.47.86 SMB Close Request, FID: 0x1cf0 39 1.00829210.240.47.86 10.16.37.96 SMB Close Response 40 1.00829410.16.37.96 10.240.47.86 SMB NT Create AndX Request, Path: \1000\0D02_1707.IN 41 1.00877810.240.47.86 10.16.37.96 SMB NT Create AndX Response, FID: 0x1cf1 42 1.00878010.16.37.96 10.240.47.86 SMB Trans2 Request, QUERY_FILE_INFO, FID: 0x1cf1, Query File Basic Info 43 1.00902110.240.47.86 10.16.37.96 SMB Trans2 Response, QUERY_FILE_INFO 44 1.00926310.16.37.96 10.240.47.86 SMB Close Request, FID: 0x1cf1 45 1.00975010.240.47.86 10.16.37.96 SMB Close Response 46 1.00999410.16.37.96 10.240.47.86 SMB NT Create AndX Request, Path: \1000\0D02_1707.IN 47 1.01023610.240.47.86 10.16.37.96 SMB NT Create AndX Response, FID: 0x1cf2 48 1.01047910.16.37.96 10.240.47.86 SMB Read AndX Request, FID: 0x1cf2, 222 bytes at offset 0 49 1.01072310.240.47.86 10.16.37.96
[Samba] net command and modifying groups in AD
Hi, On my SuSE 10.1 linux server, I have successfully joined an AD server (which I setup) and am able to create users and groups etc.. on the ADS using the net command. My problem is I cannot (or at least I don't know how) to add/remove users to groups on the AD from my linux box. Is it possible to do this as I can't seem to find any literature on this? I am running samba (and client) version 3.0.22. If anyone has any other ideas on how to manipulate group memberships from Linux on an AD server, that would be also greatly appreciated. Thanks, //Norbert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] grant access to a file inside a forbidden directory
We have a directory where only one person can enter, but there is a file inside which needs to be accessed by other people (that person doesn't want to put that file in a common directory). I have found that if I make a hard link to that file it can be accessed, if the hard link and the directory where it lies have the right permissions. But hard links have a problem, they get "unlinked" when they are written. I guess the program that writes it instead of updating the file it creates a new one and then deletes the old one, which is the one I linked, so that there are two different files after that, and not one. I think a symlink wouldn't do this but the symlink can't enter the directory because of the permissions. I thought of putting that file into a separate subdirectory and linking to that directory, but I can't hard link a directory. Can you think of any other possibilities? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] create_builtin_(administrators|users): Failed to create (Administrators|Users)
Hi, Since I upgraded Samba from 3.0.23b,1 to 3.0.23c,1 on my FreeBSD 6.2-PRERELEASE system I've the following messages in my logfile: Sep 20 17:02:46 snoozy smbd[58430]: create_builtin_administrators: Failed to create Administrators Sep 20 17:02:46 snoozy smbd[58430]: create_builtin_users: Failed to create Users Anybody knows a fix? Thanks in advance, -- Bert van de Grift http://www.vdgrift.org GPG Key: http://www.vdgrift.org/0x306DE560.asc Fingerprint: 3E79 1F71 6699 619E 8BCC B21A E1ED 76E0 306D E560 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
