[Samba] VFAT filesystem and large files
Hello I have used samba for many years, and it worked great (thanks!). Anyway, I recently decided to add a USB drive to the server. Currently running 2.6.29.2 linux kernel, debian etch. samba version 3.0.24 The USB drive is VFAT I am able to write small files remotely to the USB drive (a few Kb, 10's of Kb) without a problem. However, whenever I try to write something "larger" (like 1 Mb), the client machine "freezes" for a while (about 1 minute or so), then returns an error saying the file could not be written. However, if I look at the share under which the USB drive is mounted, a file exist, however, it is all "0"'s. If I log onto the server with ssh, i can cp large files from ext3 drive to the VFAT USB drive without problems. I found a post about this somewhere (I can't seem to find it again), which said this was a problem with the VFAT code, not samba. I was wondering, is this is the case? is the is a work-around? Basically, is there a way to write large files via samba to a VFAT USB drive? thanks bye - ted -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] installing Samba as non-root user at work - please help.
Hi, I've recently started at a new company that doesn't have a system in place to map my Linux home directory within Windows. I have my own Linux box (a recent Redhat install), and my own Windows XP PC. I will get no help from a system admin here, so my only option is to try installing Samba myself on my Linux box. To my surprise, I've found little or no information on installing Samba as a non-root user. All I wish to achieve is being able to map my Linux home directory on my Windows PC. We are on a Windows domain called "ENGINEERING". It's on " engineering.company.com" (where company is my real company's name). I have a username, lets say "userpc", and a password, "passpc", on my PC. My linux machine is also part of the "engineering.company.com" network, but I use a different username, "userlinux", and password, "passlinux". I had no problems doing a local Samba install by changing the 'prefix' during configure and install. It's at that point that I am lost what to do. I have started by editing the smb.conf file, and allow host access only by the ip address of my windows box. I also attempt to use a username map file, since I'm using different usernames on my Windows PC and my Linux box. It's not entirely clear to me what to do with regards to the workgroup/domain. In some ways it'd be nice if I can just implement SMB over TCP/IP and not worry about NT-Domains or Workgroups. Afterall, all I am trying to accomplish is to map my Linux home directory to only one other computer, my Windows PC, on the same network. It'd be nice if I could just kick off an smb server on my Linux box, and have my windows box map the home directory by specifying the ip address of the linux box and correct port. But perhaps such a setup, even for my simple scenario, is not possible with Samba. Speaking of ports, I specify ports of 1445 and 1139 for smdb, since I cannot use a port below 1024 without having root access. Similarly, I attempt to use higher port when I start nmdb. I try to start both the smdb and nmdb daemons, but even that doesn't appear to work correctly, as it appears that a non-root, local install is not truly supported. At least not with more tinkering. >From my log.smbd: [2007/09/19 17:00:16, 0] smbd/server.c:main(944) smbd version 3.0.26a started. Copyright Andrew Tridgell and the Samba Team 1992-2007 [2007/09/19 17:00:16, 0] lib/debug.c:reopen_logs(625) Unable to open new log file /usr/local/samba/var/log.smbd: No such file or directory [2007/09/19 17:00:16, 0] lib/debug.c:reopen_logs(625) Unable to open new log file /usr/local/samba/var/log.smbd: No such file or directory [2007/09/19 17:00:16, 1] smbd/files.c:file_init(193) file_init: Information only: requested 1 open files, 1004 are available. [2007/09/19 17:00:16, 0] auth/auth_util.c:create_builtin_administrators(792) create_builtin_administrators: Failed to create Administrators [2007/09/19 17:00:16, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users >From my log.nmbd: [2007/09/19 16:44:02, 0] nmbd/nmbd.c:main(697) Netbios nameserver version 3.0.26a started. Copyright Andrew Tridgell and the Samba Team 1992-2007 [2007/09/19 16:44:02, 0] lib/util_sock.c:set_socket_options(261) Failed to set socket option SO_BROADCAST (Error Bad file descriptor) [2007/09/19 16:44:02, 0] nmbd/nmbd_subnetdb.c:make_subnet(107) nmbd_subnetdb:make_subnet() Failed to open dgram socket on interface 10.30.102.110 for port 138. Error was Permission denied [2007/09/19 16:44:02, 0] nmbd/nmbd.c:main(771) ERROR: Failed when creating subnet lists. Exiting. And even once I get these daemons up and running on my Linux box, it's not clear to me what I need to do on the Windows side to establish a connection. What port would I use, since I am not using the standard ports? Given the information I've provided, and knowing that I do not have root access, can anyone provide any information to at least steer me in the right direction? I greatly appreciate your help. Thank you, Ben -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Migrating to LDAP
Felipe Augusto van de Wiel wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Tim Bates wrote, On 20-09-2007 20:46: Felipe Augusto van de Wiel wrote: [...] Check sambaldap-tools (smbldap-tools) from IdealX, it probably has what you want. :-) Already looked. Doesn't seem to. I always thought they did it aswell, but it seems they don't. Something is wrong, last time I used them, they did it. Yep. In this case it was the LDAP database. I gave it another go after deleting the database, and it worked fine. So the lesson is don't assume LDAP is doing the right thing just because it looks like it is :-) TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Fwd: Re: [Samba] acl permissions not staying]
On 9/21/07, Neil Wilson <[EMAIL PROTECTED]> wrote: > Please if anyone has any info... That really doesn't help dude (neither does top-posting, btw). -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] acl permissions not staying
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Neil Wilson wrote, On 20-09-2007 14:28: > Hi guys, > > I've got a problem where if I set permissions on a folder(Admin) > "setfacl -R -d -m u::rwx,g::wrx,o::- Admin/" and "setfacl -m o:- Admin" > > I get the following. > > mail:/data/samba/shared # getfacl Admin/ > # file: Admin > # owner: BCP+administrator > # group: samba > user::rwx > user:samba:rwx > group::rwx > group:BCP+admin:r-x > mask::rwx > other::--- > default:user::rwx > default:group::rwx > default:group:BCP+admin:r-x > default:mask::rwx > default:other::--- > > If I then browse to the share through windows and look at the > permissions for "everyone(other)", they have "none" which is what I want. > I only want the user and group to have rwx on the folder(recursively) > and I want everyone to have no access. > > If I then go and change any of the permissions through windows eg: > adding/removing a group/user etc. then suddenly "everyone(other) gets > the following permissions. May I suggest that you then stop changing permission from Windows? :-) Seriously, it seems like some "default" of Windows when changing something. > mail:/data/samba/shared # getfacl Admin/ > # file: Admin > # owner: BCP+administrator > # group: samba > user::rwx > user:samba:rwx > group::rwx > group:BCP+admin:r-x > mask::rwx > other::r-x > default:user::rwx > default:group::rwx > default:group:BCP+admin:r-x > default:mask::rwx > default:other::r-- > > No matter what I do through windows I cant remove access for "everyone" > unless I use the setfacl coomand again like above. That's strange and it seems more a Windows problem than a Samba one. Did you tried with other versions with Windows? I remember having managed directories under MS Windows clients without such behaviour. Maybe your inheriting something from parent folder or some option from the tool you are using. > Another thing is that the permissions I'm applying aren't being applied > recursively, even though I'm applying them to recursively. > > mail:/data/samba/shared/Admin/Pippa # getfacl Wills/ > # file: Wills > # owner: BCP+administrator > # group: samba > user::rwx > group::rwx > other::--- > default:user::rwx > default:group::rwx > default:other::--- > > Please could someone shed some light here as I'm very baffled. > Thanks in advance. Just to be sure, do you have ACL support compiled in Samba? We are using ACLs with Samba in Debian etch (4.0), without any problems and with the expected behaviour. Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG9BD0Cj65ZxU4gPQRCP4/AKC4tOCFv/vUh0lw5/QS9Sz9ETf1UQCgyZSt P7uMp0zvEBtijdOoKA+T6Yc= =qRTn -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Winbindd on a pdc??
On 9/20/07, Frank Van Damme <[EMAIL PROTECTED]> wrote: > Hello, Replying to myself here. Some more brainwork and a clarifying conversation on IRC have shed more light on these affairs. Also, in some part I must have skipped or overlooked, the LDAP directory in the example was provisioned with Posix accounts. Which changes matters :-) *SNIP* > I'm not sure I understand this part and could be helped if someone > did a sanity check on my reasoning below. As far as I understood, > there are two ways to resolve a windows sid to a Unix uid: > > 1. if your users are in a Windowsy database, like Active Directory, or > if we're speaking about Samba member servers, your unix users do not > exist in the local passwd database. In these cases, you can use > winbind to authenticate users and to get (via nsswitch?) a unix user > id that matches your windows user (and it saves those mapping in the > passdb for reuse). Clear question mark after nsswitch. All username-to-uid resolving goes through nsswitch on a Linux box. > 2. You use LDAP, and (I expected it to function like this) Samba > authenticates the incoming connections to LDAP (it searches for a > "sambaSamAccount" object with the correct "cn"). It knows what the > unix uid is, because the very same object is also a posixAccount and > shadowAccount with a "uidNumber" - so there we are, samba nor nsswitch > need winbind, since all the information is in LDAP. Earlier on in the > chapter, nsswitch.conf is configured to look up passwd, shadow and > group information through LDAP (see 5.4.2, PAM and NSS Client > Configuration). Not quiet correct, Samba never looks up the uidNumber directly in ldap but only uses the Samba attributes of the object to do Windows authentication. Then, it asks the OS (which uses nss on Linux/Unix) to return an uid for the username. NSS uses nss_ldap to get this info from the LDAP directory. > But then again, I first fiddled with LDAP to put my unix id's in the > database. So, what I believe is that in the example, unix user id's > are still generated "old style" in the same way as with eg tdbsam, so > user connects, samba looks up the user in LDAP, authenticates him, > then uses winbindd to resolve the Unix uid of that Windows user. It > will first look in the idmap ou of our LDAP directory if there's > allready a mapping for that user, else create one, then return the uid > value. So no, that's not what happens. If the Unix box is a Samba PDC with an LDAP backend, the posix accounts apparently MUST be in LDAP. Winbindd is only used to return a uid on member servers of an MS or Samba domain. > So, come to think of it, nsswitch is probably configured to use files > and ldap so winbindd can do a proper, reliable job of choosing the > right uid to chain to the windows sid. Or does winbindd not use > nsswitch? I can imagine so because it would probably create a nice > infinite loop if you're also trying to use winbind to let your users > which are, let's say, in Active Directory or on an NT server, log in > to the Unix machine. NSS is using files and ldap but not for winbind, it simply returns the uid and period. Winbind is used by NSS (sometimes), not the other way around. > How many mistakes did I make? :-) A few :-p -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] log rotation in samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Felipe Augusto van de Wiel wrote: > Tomasz Chmielewski wrote, On 21-09-2007 11:10: >> Melanie Pfefer schrieb: >>> Could you please share how you used logadm/logrotate >>> to rotate samba logs? >> Hmm, doesn't Samba rotate the logs by itself? I.e.: > >> log level = 3 >> syslog = 0 >> log file = /var/log/samba/log.%m >> max log size = 5000 > > AFAIK, no. This only tells samba how much information to > keep in each file and how detailed they are. If you want to have > history, you need to rotate it using something like logrotate. It keeps one old revision, marked .old or something like that. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8+zBmb+gadEcsb4RAr/YAJ45tRSRht9G7LnW2n3OY46A7FUpRACgiKSY e1DKjw6Gb6iintf6eL4CS0U= =QJK9 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] log rotation in samba
Felipe Augusto van de Wiel schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Tomasz Chmielewski wrote, On 21-09-2007 11:10: Melanie Pfefer schrieb: Could you please share how you used logadm/logrotate to rotate samba logs? Hmm, doesn't Samba rotate the logs by itself? I.e.: log level = 3 syslog = 0 log file = /var/log/samba/log.%m max log size = 5000 AFAIK, no. This only tells samba how much information to keep in each file and how detailed they are. If you want to have history, you need to rotate it using something like logrotate. Yes and no. With the above setting, Samba keeps two logs per machine: /var/log/samba/log.%m and /var/log/samba/log.%m.old. Each of them having 5000 kB. If you want to use just logrotate for that, you'd have to set "max log size = 0", so that Samba doesn't rotate the files on its own. However, to keep some "reasonable history" with "log level = 3", one would have to reserve gigabytes for each machine... Also, it wouldn't be that great for performance. -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Migrating to LDAP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Tim Bates wrote, On 20-09-2007 20:46: > Felipe Augusto van de Wiel wrote: [...] >> Check sambaldap-tools (smbldap-tools) from IdealX, it >> probably has what you want. :-) > > Already looked. Doesn't seem to. I always thought they did it aswell, > but it seems they don't. Something is wrong, last time I used them, they did it. >> Ignaciou Coupeau tutorials are also nice (even if they are somewhat >> out-of-date). > > Seems more interested in starting from scratch or migrating from older > LDAP based installs. Nothing about going from another backend to LDAP. If you want to understand more about the LDAP process in Samba and how they evolve, that's a very good documentation, YMMV. >> And of course, the Samba By Example and Samba Official HOWTO are the >> best and official source of information about it. > > Same as above... Unfortunately. Yes, it seems unfortunately, even if I heard of quite a few people on this list talking about these tools and docs to migrate their bases. A pity. :-( Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8+idCj65ZxU4gPQRCJaBAJ9DS/HGt/pAvLSPZWPlaspUEOOCuACff7TQ dIj01mBbGcSjs21xtyfwTK0= =Bblc -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC - How to disable system locking on Windows XP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Adam Tauno Williams wrote, On 21-09-2007 09:20: >> > > I have tried many approaches and am out of idea. I would like my >> > > Windows XP to stop locking the screen when I leave for 10 minutes or >> > > so. I know this is an XP question, but I feel it is related to Samba >> > > PDC since all suggestions that I have found indicate I should not be >> > > seeing this >> > This is purely a Windows question and has nothing at all to do with >> > Samba >> > Unless you have domain policies (via an Samba server in NT4 PDC mode) >> > that define screen saver preferences this is entirely a workstation >> > configuration or user profile issue. >> What what what, Samba can do policies > > NT4 domain policies, yes. NT4 domain policies are entirely passive and > are really just a shared file. Samba cannot do AD policies / GPO > policies. > > This is well documented in the official Samba Guide and HOWTO. Although > this is really entirely a Windows issue as Samba doesn't really 'do > anything' when using NT4 policies. Hmmm, using LDAP (at least) you can do a few "Domain Policies" (I really don't know how to call it) to define number of logon tries before lock, Password History, minimum password size. Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8+fNCj65ZxU4gPQRCJgtAKC9hatcLIY7LKACETf4lalM7aLfQwCbBBRs sA3trhPdao+rEPFAoTjtzks= =rXH1 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] log rotation in samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Tomasz Chmielewski wrote, On 21-09-2007 11:10: > Melanie Pfefer schrieb: >> Could you please share how you used logadm/logrotate >> to rotate samba logs? > > Hmm, doesn't Samba rotate the logs by itself? I.e.: > > log level = 3 > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 5000 AFAIK, no. This only tells samba how much information to keep in each file and how detailed they are. If you want to have history, you need to rotate it using something like logrotate. Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8+dNCj65ZxU4gPQRCK/LAJ9Yy7acWPrLshH/DU104uz31j7jeACeJV4K 77vSctYnY48GC84NHhjV+WE= =s8aW -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] What management of samba is available for large scale deployment
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 D G Teed wrote, On 21-09-2007 08:17: > Thanks for the response, Felipe. You are welcome. > I mean something like this: the Windows user would > right click on their folder which they have full access to, > and select users to which they would like to assign > read/modify/write access. In what I understand, this > is possible from Novell Netware - probably via the client > driver. As it is faculty, it is difficult to take away freedoms > without complaints. As Adam already pointed, I also thinks that works from the Windows clients, probably just needs some test. But be aware (and keep in mind) that SMB networks are quite different from Novell Netware. I remember that one can use MARS_NWE to provide Netware access, and if I'm not wrong Samba has some support for it also, but it is far from the Novell proprietary solution or from something like NDS (Novell Directory). > The LDAP suggestion is a good one for controlling departments, > but there are always lots of other associations we cannot predict, > like who becomes a Teaching Assistant for some faculty member > and needs access to grade assignments. In these scenarios, > self-administer is ideal. No, this is very relative. Although you can't predict, you can always react, you can even give group control over LDAP tools for some people, once somebody appears in the group it inherits the permissions, but this is a design story and it is a complete different one. :-) Kind regards, - -- Felipe Augusto van de Wiel <[EMAIL PROTECTED]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG8+aiCj65ZxU4gPQRCIW1AKC6Kkv7C2g/rGPvzSle+S5Z3H+iAQCgyC80 nnV1kq5cySU6fsuIIS5SLFE= =LaRr -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and local groups
On Fri, 2007-21-09 at 00:30 +0200, Philipp Wagner wrote: > Hello, > > I got a Samba setup with an samba server being part of a Windows Domain, > which is working great. I can authenticate using all domain users and so > on without any problem. > Now I added a local group named "rai-additional" to my samba system and > added a domain user to that group (using DOMAIN+username). > "getent passwd DOMAIN+username" the domain groups and "rai-additional" > as groups, which is exactly what I want. > Unfortunately, when I set "valid users = @rai-additional", the user > DOMAIN+username cannot access the share. It works if I use a domain > group, e.g. "valid users = @DOMAIN+some-group". So it seems Samba just > ignores local groups. That also seems the conclusion made some other > times in the past (unfortunately, all of them around two years ago) [1]. > Did you do a groupmap of your local group? Something like: net groupmap add ntgroup="Windows group" unixgroup=yourunixgroup type=d rid=yourunixgroupid Example: net groupmap add ntgroup="Domain Admins" unixgroup=wheel type=d rid=512 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Fwd: Re: [Samba] acl permissions not staying]
Please if anyone has any info... Neil Wilson wrote: Hi guys, I've got a problem where if I set permissions on a folder(Admin) "setfacl -R -d -m u::rwx,g::wrx,o::- Admin/" and "setfacl -m o:- Admin" I get the following. mail:/data/samba/shared # getfacl Admin/ # file: Admin # owner: BCP+administrator # group: samba user::rwx user:samba:rwx group::rwx group:BCP+admin:r-x mask::rwx other::--- default:user::rwx default:group::rwx default:group:BCP+admin:r-x default:mask::rwx default:other::--- If I then browse to the share through windows and look at the permissions for "everyone(other)", they have "none" which is what I want. I only want the user and group to have rwx on the folder(recursively) and I want everyone to have no access. If I then go and change any of the permissions through windows eg: adding/removing a group/user etc. then suddenly "everyone(other) gets the following permissions. mail:/data/samba/shared # getfacl Admin/ # file: Admin # owner: BCP+administrator # group: samba user::rwx user:samba:rwx group::rwx group:BCP+admin:r-x mask::rwx other::r-x default:user::rwx default:group::rwx default:group:BCP+admin:r-x default:mask::rwx default:other::r-- No matter what I do through windows I cant remove access for "everyone" unless I use the setfacl coomand again like above. Another thing is that the permissions I'm applying aren't being applied recursively, even though I'm applying them to recursively. mail:/data/samba/shared/Admin/Pippa # getfacl Wills/ # file: Wills # owner: BCP+administrator # group: samba user::rwx group::rwx other::--- default:user::rwx default:group::rwx default:other::--- Please could someone shed some light here as I'm very baffled. Thanks in advance. Regards. Neil -- This email and all contents are subject to the following disclaimer: http://www.dcdata.co.za/emaildisclaimer.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] What management of samba is available for large scale deployment
> I mean something like this: the Windows user would > right click on their folder which they have full access to, > and select users to which they would like to assign > read/modify/write access. In what I understand, this > is possible from Novell Netware - probably via the client > driver. As it is faculty, it is difficult to take away freedoms > without complaints. Setting ACLs on shares from a Windows client? I think that works currently. -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to find the Domain Master Browser
I have samba with this global [global] workgroup = DEPANIZZA interfaces = eth1 bind interfaces only = Yes obey pam restrictions = Yes passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = lmhosts wins host bcast dns proxy = No wins support = Yes panic action = /usr/share/samba/panic-action %d invalid users = root from some days it is not possible to open the workgroup list from Windows pcs. The error in nmd.log is [2007/09/21 18:01:35, 0] nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351) find_domain_master_name_query_fail: Unable to find the Domain Master Browser name DEPANIZZA<1b> for the workgroup DEPANIZZA. Unable to sync browse lists in this workgroup. thanks -- ing. Paolo Mastromarco tel. +39.3482560898 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] log rotation in samba
Melanie Pfefer schrieb: Could you please share how you used logadm/logrotate to rotate samba logs? Hmm, doesn't Samba rotate the logs by itself? I.e.: log level = 3 syslog = 0 log file = /var/log/samba/log.%m max log size = 5000 -- Tomasz Chmielewski http://blog.wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] log rotation in samba
Could you please share how you used logadm/logrotate to rotate samba logs? many thanks for your assistance. --- Mogens Kjaer <[EMAIL PROTECTED]> wrote: > Melanie Pfefer wrote: > > how to enable log rotation in samba? > > You don't. The log rotation is normally done > by other programs. > > In some Linuxdistributions this is done by the > logrotate program. > > Mogens > > -- > Mogens Kjaer, Carlsberg A/S, Computer Department > Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark > Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 > Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk > -- > To unsubscribe from this list go to the following > URL and read the > instructions: > https://lists.samba.org/mailman/listinfo/samba > ___ Want ideas for reducing your carbon footprint? Visit Yahoo! For Good http://uk.promotions.yahoo.com/forgood/environment.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Understanding Backtrace - ????
Hi all, Can some one take out few mins from your busy schedule and explain me how to understand backtrace of samba. I am trying to learn the same and need a bit starting point i have never done this before ... but its never too late. Any links where i can read about this, i am ready to do my home work but let me know what to look for. == BACKTRACE: 27 stack frames: #0 winbindd(smb_panic2+0x18c) [0x80c074f] #1 winbindd(smb_panic+0x10) [0x80c05c1] #2 winbindd [0x80b0572] #3 winbindd [0x80b05c7] #4 /lib/tls/libc.so.6 [0x138eb8] #5 /lib/tls/libc.so.6(abort+0x1d5) [0x13a4e5] #6 winbindd [0x80dddf7] #7 winbindd [0x80de145] #8 winbindd(cli_krb5_get_ticket+0x1c6) [0x80de456] #9 winbindd(spnego_gen_negTokenTarg+0x2f) [0x80def66] #10 winbindd [0x814d663] #11 winbindd [0x814d902] #12 winbindd(ads_sasl_bind+0xfe) [0x814dec6] #13 winbindd(ads_connect+0x218) [0x8148bda] #14 winbindd [0x808222d] #15 winbindd [0x80840da] #16 winbindd [0x807758b] #17 winbindd [0x807776a] #18 winbindd [0x8078952] #19 winbindd(winbindd_lookup_sid_by_name+0x46) [0x80756a8] #20 winbindd(winbindd_getpwnam+0x236) [0x80708ab] #21 winbindd(strftime+0x1320) [0x806f314] #22 winbindd(winbind_process_packet+0x1d) [0x806f5d0] #23 winbindd(strftime+0x19c2) [0x806f9b6] #24 winbindd(main+0x4df) [0x80703cf] #25 /lib/tls/libc.so.6(__libc_start_main+0xda) [0x12678a] #26 winbindd(chroot+0x31) [0x806ece5] == Regards, kitu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] file not found on cifs mount
Hello, i currently have this problem: i have a samba server acting as a fileshare. One share contain a file "test.txt". My problem : 1) on the linux client: i mount the share using mount.cifs 2) on the linux client: the file can be seen: [client:root] > ls -l /mnt/test.txt -rw-r--r-- 1 root root 0 Sep 21 13:54 /mnt/test.txt 3) on the samba server: i delete the file 4) on the linux client: the file can't be seen anymore => ok [client:root] > ls -l /mnt/test.txt ls: /mnt/test.txt: No such file or directory 5) on the samba server: i create the same file [master:root] > touch test.txt 6) on the linux client: the file still can't be found: [client:root] > ls -l /mnt/test.txt ls: /mnt/test.txt: No such file or directory Is this normal ? I this related to a inode cache table ? If yes, how can i make this to work ? 7) on the linux client: doing a 'ls' on the mount point show me the file [client:root] > ls -l /mnt/ -rw-r--r-- 1 root root 0 Sep 21 13:54 /mnt/test.txt ... 8) now the 'ls' on the file is correct [client:root] > ls -l /mnt/test.txt -rw-r--r-- 1 root root 0 Sep 21 13:54 /mnt/test.txt Any suggestions ? NB: using smbfs don't show this problem Thanks ! -- Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC - How to disable system locking on Windows XP
> > > I have tried many approaches and am out of idea. I would like my > > > Windows XP to stop locking the screen when I leave for 10 minutes or > > > so. I know this is an XP question, but I feel it is related to Samba > > > PDC since all suggestions that I have found indicate I should not be > > > seeing this > > This is purely a Windows question and has nothing at all to do with > > Samba > > Unless you have domain policies (via an Samba server in NT4 PDC mode) > > that define screen saver preferences this is entirely a workstation > > configuration or user profile issue. > What what what, Samba can do policies NT4 domain policies, yes. NT4 domain policies are entirely passive and are really just a shared file. Samba cannot do AD policies / GPO policies. This is well documented in the official Samba Guide and HOWTO. Although this is really entirely a Windows issue as Samba doesn't really 'do anything' when using NT4 policies. -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] What management of samba is available for large scale deployment
Thanks for the response, Felipe. I mean something like this: the Windows user would right click on their folder which they have full access to, and select users to which they would like to assign read/modify/write access. In what I understand, this is possible from Novell Netware - probably via the client driver. As it is faculty, it is difficult to take away freedoms without complaints. The LDAP suggestion is a good one for controlling departments, but there are always lots of other associations we cannot predict, like who becomes a Teaching Assistant for some faculty member and needs access to grade assignments. In these scenarios, self-administer is ideal. --Donald Teed On 9/20/07, Felipe Augusto van de Wiel <[EMAIL PROTECTED]> wrote: > "Self administer" their share? You mean the share available > in the server? Sounds odd. But it probably can be done with some LDAP > ACLs. > > > Kind regards, > - -- > Felipe Augusto van de Wiel <[EMAIL PROTECTED]> > Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE > http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFG8pWRCj65ZxU4gPQRCJWcAKDGECnV/4ov9f90B3s5EfWHqsGqTQCeJwJj > VUluxzW4SRPvV3kp+NLdapM= > =NIxY > -END PGP SIGNATURE- > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] acl permissions not staying
Sorry to repost but I'm getting desperate here. Neil Wilson wrote: Hi guys, I've got a problem where if I set permissions on a folder(Admin) "setfacl -R -d -m u::rwx,g::wrx,o::- Admin/" and "setfacl -m o:- Admin" I get the following. mail:/data/samba/shared # getfacl Admin/ # file: Admin # owner: BCP+administrator # group: samba user::rwx user:samba:rwx group::rwx group:BCP+admin:r-x mask::rwx other::--- default:user::rwx default:group::rwx default:group:BCP+admin:r-x default:mask::rwx default:other::--- If I then browse to the share through windows and look at the permissions for "everyone(other)", they have "none" which is what I want. I only want the user and group to have rwx on the folder(recursively) and I want everyone to have no access. If I then go and change any of the permissions through windows eg: adding/removing a group/user etc. then suddenly "everyone(other) gets the following permissions. mail:/data/samba/shared # getfacl Admin/ # file: Admin # owner: BCP+administrator # group: samba user::rwx user:samba:rwx group::rwx group:BCP+admin:r-x mask::rwx other::r-x default:user::rwx default:group::rwx default:group:BCP+admin:r-x default:mask::rwx default:other::r-- No matter what I do through windows I cant remove access for "everyone" unless I use the setfacl coomand again like above. Another thing is that the permissions I'm applying aren't being applied recursively, even though I'm applying them to recursively. mail:/data/samba/shared/Admin/Pippa # getfacl Wills/ # file: Wills # owner: BCP+administrator # group: samba user::rwx group::rwx other::--- default:user::rwx default:group::rwx default:other::--- Please could someone shed some light here as I'm very baffled. Thanks in advance. Regards. Neil -- This email and all contents are subject to the following disclaimer: http://www.dcdata.co.za/emaildisclaimer.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] idmap backend questions
Hello I have some questions regarding the idmap backend. Does this only work when you've have joined your samba server to the AD domain (security = ADS)? I would like to map SID to uids/gids on a samba server that has a trust with an AD server. In my setup I have established a trust between samba and AD; they are both PDC's. smb.conf idmap domains = PCLABTEST idmap config PCLABTEST:backend = ad idmap config PCLABTEST:default = yes idmap config PCLABTEST:range = 100 - 30 idmap alloc backend = tdb idmap alloc config:range = 100 - 3 ==> /var/log/samba/winbindd.log [2007/09/21 09:56:31, 1] nsswitch/idmap_ad.c:ad_idmap_cached_connection_internal(115) ad_idmap_init: failed to connect to AD [2007/09/21 09:56:31, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(514) ADS uninitialized [2007/09/21 09:56:31, 2] nsswitch/idmap.c:idmap_backends_sids_to_unixids(1148) ERROR: NTSTATUS = 0xc001 ps: I have configured samba with these options included (--with-shared-modules=idmap_ad --with-ads) and have installed "Identity management for Unix" on the AD server. I have given a user a uid & gid in AD. If I do an strace of the winbind proces, I can see both the uidNumer and gidNumber, both samba does not pick it up. uidNumber1\204\0\0\0\7\4\00510\204\0\0\0\30\4\tgidNumber1\204\0\0\0\7\4\00510\204\0\0\0%\4\2 Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Dos filemode and group rights to change permissions (even when group has read only permissions)
Already found it... Using "admin users" can get the wanted functionality. On Fri, 2007-09-21 at 10:37 +0200, S. J. van Harmelen wrote: > Hi, > > I'm using the "dos filemode" option to get Windows like acl handling. > Now I noticed the following line: > > "Note that a user belonging to the group owning the file will not be > allowed to change permissions if the group is only granted read access" > > Is there anyway to achive this so the group can change permissions even > when the group has read-only rights? This is exacly what a customer of > us would want to have as a possibility. Don't ask me why, has something > to do with the way they hanlde some files. > > Sander > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Dos filemode and group rights to change permissions (even when group has read only permissions)
Hi, I'm using the "dos filemode" option to get Windows like acl handling. Now I noticed the following line: "Note that a user belonging to the group owning the file will not be allowed to change permissions if the group is only granted read access" Is there anyway to achive this so the group can change permissions even when the group has read-only rights? This is exacly what a customer of us would want to have as a possibility. Don't ask me why, has something to do with the way they hanlde some files. Sander -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with two subnets
[EMAIL PROTECTED] wrote: Hello A really annoying question. I'm managing a high school network with two WinXP subnets (192.168.1.X and 192.168.3.X). These subnets are linked by a SUSE 9.3 server with two network cards and a Samba server (version 3.0.12-5 SUSE) acting as PDC. The /etc/smb/smb.conf has next lines: wins support = yes hosts allow = 192.168.3. 192.168.1. 127.0.0.1 interfaces = 192.168.3.2/24 192.168.1.2/24 Now, for the problem: In the morning first hour, the first user must log on at a 192.168.3.X host. If I try first with a 192.168.1.X host, next message appears: --System cannot log you on because Domain x is not available--- Next, I log on at a 192.168.3.X host without any problem, and everything works OK in the two subnets for the rest of the day. Problem repeats netx day, and so on. I can't understand what's the matter. It seems that 192.168.3. subnet acts as a "starter" for the Samba server, but I don't know why. Please can anyone help me?? Thanks in advance. In netbios, there can only be one interface IP address for any netbios name. Old MS problem, although I don't have any links. I like to assign samba to only one of the interfaces and I assign the same interface to the DNS name. Other interfaces get different DNS names. This is useful in the kerberos world as well as paranoid ssh. smb.conf interfaces = 192.168.3.x, 127.0.0.1 The 127.0.01 address doesn't register in wins or broadcasts and solves some broadcast issues, or at least it did a long time ago and I haven't experimented lately. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: idmap backend questions
for you information: because I use security=user, I don't have kerberos enabled on my samba server Hello I have some questions regarding the idmap backend. Does this only work when you've have joined your samba server to the AD domain (security = ADS)? I would like to map SID to uids/gids on a samba server that has a trust with an AD server. In my setup I have established a trust between samba and AD; they are both PDC's. smb.conf idmap domains = PCLABTEST idmap config PCLABTEST:backend = ad idmap config PCLABTEST:default = yes idmap config PCLABTEST:range = 100 - 30 idmap alloc backend = tdb idmap alloc config:range = 100 - 3 ==> /var/log/samba/winbindd.log [2007/09/21 09:56:31, 1] nsswitch/idmap_ad.c:ad_idmap_cached_connection_internal(115) ad_idmap_init: failed to connect to AD [2007/09/21 09:56:31, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(514) ADS uninitialized [2007/09/21 09:56:31, 2] nsswitch/idmap.c:idmap_backends_sids_to_unixids(1148) ERROR: NTSTATUS = 0xc001 ps: I have configured samba with these options included (--with-shared-modules=idmap_ad --with-ads) and have installed "Identity management for Unix" on the AD server. I have given a user a uid & gid in AD. If I do an strace of the winbind proces, I can see both the uidNumer and gidNumber, both samba does not pick it up. uidNumber1\204\0\0\0\7\4\00510\204\0\0\0\30\4\tgidNumber1\204\0\0\0\7\4\00510\204\0\0\0%\4\2 Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC - How to disable system locking on Windows XP
On 9/21/07, Adam Tauno Williams <[EMAIL PROTECTED]> wrote: > > I have tried many approaches and am out of idea. I would like my > > Windows XP to stop locking the screen when I leave for 10 minutes or > > so. I know this is an XP question, but I feel it is related to Samba > > PDC since all suggestions that I have found indicate I should not be > > seeing this. > > This is purely a Windows question and has nothing at all to do with > Samba. > > Unless you have domain policies (via an Samba server in NT4 PDC mode) > that define screen saver preferences this is entirely a workstation > configuration or user profile issue. What what what, Samba can do policies -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with two subnets
Hello A really annoying question. I'm managing a high school network with two WinXP subnets (192.168.1.X and 192.168.3.X). These subnets are linked by a SUSE 9.3 server with two network cards and a Samba server (version 3.0.12-5 SUSE) acting as PDC. The /etc/smb/smb.conf has next lines: wins support = yes hosts allow = 192.168.3. 192.168.1. 127.0.0.1 interfaces = 192.168.3.2/24 192.168.1.2/24 Now, for the problem: In the morning first hour, the first user must log on at a 192.168.3.X host. If I try first with a 192.168.1.X host, next message appears: --System cannot log you on because Domain x is not available--- Next, I log on at a 192.168.3.X host without any problem, and everything works OK in the two subnets for the rest of the day. Problem repeats netx day, and so on. I can't understand what's the matter. It seems that 192.168.3. subnet acts as a "starter" for the Samba server, but I don't know why. Please can anyone help me?? Thanks in advance. F. Latras Ahora también puedes acceder a tu correo Terra desde el móvil. Infórmate pinchando aquí. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba