Re: [Samba] Migrating Profiles: Revisited
I was in the same boat as you , and found an easy way to do this. So long as you have a PDC that resists roaming profiles, it should go like this: 1) Join the computer and log on with the domain account. 2) Log off the domain account and log on again as administrator (I think I used the local admin, though it shouldn't matter). 3) Go to where you manage the profiles in System Properties, and set the new profile (marked by the domain name) to Local if it isn't already, and then copy the previous workgroup/local profile to the place on your HD where the new domain local profile is. That's it. When you log on, it should be back, though I did have problems with losing Outlook account passwords (I hate that program) and a bug in Office 2K prevents you from opening graphics using Photo Editor, but there is a M$ KB article on that, as it gives you a specific error that you will find an easy search result for (I'm just forgetting what it is). My best, Dan Gapinski - Original Message - From: Jason Williams [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, May 29, 2003 2:53 PM Subject: [Samba] Migrating Profiles: Revisited Hello everyone. Well, i've tried to figure this out on my own by asking questions and reading the how-to provided by John. I've followed the directions accordingly, but there are a few catches i've noticed that seem to be throwing me a curve or to. Let me recap. Basically, i've setup our samba PDC with LDAP. I originally was going to use roaming profiles, but decided against it this morning as I felt it would not benefit us for what we are doing. So I decided to stick with local profiles. Now, as it is at this moment, each user logs into their workstation and uses their local profile. Our network is currenty setup in a peer-to-peer. But, soon, everyone will be joining the domain. It is at this point, that I want to make sure that once the computer has been joined to the domain and the user logs onto the domain, that user(s) will continue to use their original local profile. According to the How-To, I need to disable roaming profiles, which I have done in smb.conf. Also, I was told that I need to copy the users local profile as in the .pdf, chapter 22, 2.2.4. My question is, if im going to copy the profile to a certain location (lets say c:\profiletest), that is no problem. The problem I am failing to understand is how to make sure, when the user logs on, they will be able to use that profile. I dont need to copy the profile to the PDC since I am not using roaming profiles. I've tried copying the profile to a temp location on the local computer, but when I log in with my testuser, into the domain, it creates a new profile and does not use my original local profile. So i'm missing a step somewhere on how to get the original local profile back up and running when the user logs into the domain. I apologize if this seems redundant, but im very close to getting this solved and moving along to my next task. I appreciate everyones input. Cheers, Jason -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Migrating Profiles: Revisited
Did you copy using File Manager or Windows 2000 Profile Manager? The latter seems to work far better, aside from the aforementioned snags. I used the former and had to do it all over. Dan - Original Message - From: Jason Williams [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, May 29, 2003 4:13 PM Subject: Re: [Samba] Migrating Profiles: Revisited That almost works. I ran into a few different things, but it almost works. Basically, this is what I did; 1) Joined the computer to the domain with the correct account 2) logged into the domain with the user (this created the initial profile on the local machine) 3) logged back into the machine with the local administrator account (did not log into the domain) 4) verified the new profile was local, which it was 5) navigated to c:\documents and settings (all machines are Windows 2000) 6) in there, there were two profiles: testuser and testuser.PDCSERVER (.PDCSERVER was the newly created profile when the user first logs into the domain) 7) I copied all the contents of testuser folder into the testuser.PDCSERVER folder When I logged back in, it seemed like it was working, but ran into a few snags. 1) The background image did not copy over 2) It wanted me to re-establish my network connection I'm not exactly sure why it did that, but it does. Seems like a lot of work to make sure my users are using local profiles. You would think there would be a easier way to do this. Is there another way to do this, or is this the only way? Thanks! Jason At 03:39 PM 5/29/2003 -0500, you wrote: I was in the same boat as you , and found an easy way to do this. So long as you have a PDC that resists roaming profiles, it should go like this: 1) Join the computer and log on with the domain account. 2) Log off the domain account and log on again as administrator (I think I used the local admin, though it shouldn't matter). 3) Go to where you manage the profiles in System Properties, and set the new profile (marked by the domain name) to Local if it isn't already, and then copy the previous workgroup/local profile to the place on your HD where the new domain local profile is. That's it. When you log on, it should be back, though I did have problems with losing Outlook account passwords (I hate that program) and a bug in Office 2K prevents you from opening graphics using Photo Editor, but there is a M$ KB article on that, as it gives you a specific error that you will find an easy search result for (I'm just forgetting what it is). My best, Dan Gapinski - Original Message - From: Jason Williams [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, May 29, 2003 2:53 PM Subject: [Samba] Migrating Profiles: Revisited Hello everyone. Well, i've tried to figure this out on my own by asking questions and reading the how-to provided by John. I've followed the directions accordingly, but there are a few catches i've noticed that seem to be throwing me a curve or to. Let me recap. Basically, i've setup our samba PDC with LDAP. I originally was going to use roaming profiles, but decided against it this morning as I felt it would not benefit us for what we are doing. So I decided to stick with local profiles. Now, as it is at this moment, each user logs into their workstation and uses their local profile. Our network is currenty setup in a peer-to-peer. But, soon, everyone will be joining the domain. It is at this point, that I want to make sure that once the computer has been joined to the domain and the user logs onto the domain, that user(s) will continue to use their original local profile. According to the How-To, I need to disable roaming profiles, which I have done in smb.conf. Also, I was told that I need to copy the users local profile as in the .pdf, chapter 22, 2.2.4. My question is, if im going to copy the profile to a certain location (lets say c:\profiletest), that is no problem. The problem I am failing to understand is how to make sure, when the user logs on, they will be able to use that profile. I dont need to copy the profile to the PDC since I am not using roaming profiles. I've tried copying the profile to a temp location on the local computer, but when I log in with my testuser, into the domain, it creates a new profile and does not use my original local profile. So i'm missing a step somewhere on how to get the original local profile back up and running when the user logs into the domain. I apologize if this seems redundant, but im very close to getting this solved and moving along to my next task. I appreciate everyones input. Cheers, Jason -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Why not seeing samba server
Make sure that you modify all XP client registries to be able to connect to Samba, as outlined in this article: http://hr.uoregon.edu/davidrl/samba/samba-pdc.html where it says: To allow Windows XP Professional (not W2K) to join a Samba Domain, you will need to first make the following changes to your registry and reboot: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] requiresignorseal=dword: signsecurechannel=dword: My best, Dan - Original Message - From: David Morel [EMAIL PROTECTED] To: Leopard [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, May 30, 2003 10:11 AM Subject: Re: [Samba] Why not seeing samba server -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Leopard wrote: | Hello, | | I'm using samba-2.2.8a and this conf file : | | [global] | | netbios name = Moua7 | workgroup = EPI | server string = Moua7 - FreeBSD 4.8 | guest account = samba | security = share | name resolve order = bcast | create mask = 0600 | directory mask = 0700 | os level = 255 os level = 10 | preferred master = Yes | domain master = Yes | wins support = Yes did you put the address in the wins server tab of your clients' network properties ? | [partage] | | comment = Dossier de partage sur moua7 | path = /home/leopard/partage | guest ok = yes | read only = no | | I can access to samba server from win XP but can't see it on network | neighbourd! | Do someone knows why? | Also got nothing when typing: | | ([EMAIL PROTECTED] ~)nmblookup -A 127.0.0.1 | Looking up status of 127.0.0.1 | | ([EMAIL PROTECTED] ~) | | ([EMAIL PROTECTED] ~)smbclient -L moua7 -N | added interface ip=192.168.1.42 bcast=192.168.1.255 nmask=255.255.255.0 | Connection to moua7 failed | ([EMAIL PROTECTED] ~) | | | Thank tou for your help. | | | Ali - [EMAIL PROTECTED] | http://www.moua7.com | - -- *** [EMAIL PROTECTED] OpenPGP public key: http://www.amakuru.net/dmorel.asc 28192ef126bc871757cb7d97f4a44536 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+13Slqr7QF98duCMRAiiDAJ9ubkaNbhwtghoSZp7RtZZoSoynCgCfThRb aL7ncxL9VRiZ42mtCNjXeac= =M5QO -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem joining an XP workstation to a domain
Hello, I am using Red Hat 9 with the default version of Samba (2.2.7a) and I screwed up the naming of one of my computers by running a SID's whilst giving birth to a sick man's brain fart. I'd like to restore the SID database to an older, known-good one, but when I have tried to restore an older secrets.tdb restart the Samba service, I get the same The specified user does not exist error. Any thoughts on what I should do now? Thanks for your time, Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problem joining an XP workstation to a domain
Didn't hear anything on this - hope this doesn't bother anyone if I resubmit the question. Hello, I am using Red Hat 9 with the default version of Samba (2.2.7a, no LDAP authentication) and I screwed up the naming of one of my computers by running a SID's whilst giving birth to a sick man's brain fart. I'd like to restore the SID database to an older, known-good one, but when I have tried to restore an older secrets.tdb restart the Samba service, I attempt to connect the client to the domain continue to get the same The specified user does not exist error. Any thoughts on what I should do now? Thanks for your time, Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How long before Samba's NetBIOS name cache expires?
Hello, I'd like to re-add a computer to my domain after reloading Windows, and while I could re-apply the SID with a program like Ghostwalker, I'd rather use the technique of deleting the machine account and letting the workstation's entry in the Samba PDC's NetBIOS name cache expire. But how long does that take? Thanks for your time, Dan G -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] A PDC migration postmortem (and SIDs Novell-style)
Hello, I just migrated a Samba PDC from one computer to another without too much complaining from Samba itself, but had to rejoin my computers (fortunately this is a small office) to the domain thereafter, which caused a litttle problem in getting the profiles back to where they were supposed to be. (Windows, not seeing the proper domain, cannot copy the profile in the profile manager, listing the old domain profiles as Account Deleted). My question is: 1) Aside from having the forethought to offload the previous profiles to a temp area, was there any way I could have recreated the client account database to rejoin automatically? Ans is the SID tied directly to the PDC's hostname? 2) Is there any way to have Samba ignore the workstation SID as Novell does, which could be a help in this case as well as when an admin might wish to clone a whole batch of PC's? Thanks a lot for your input, Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] disabling roaming profiles in windows 2000?
I had this issue too. Go into the system properties, user profiles tab. Select the profile you want to make local. Click the Change Type button. Then Check Local Profile, OK. My best Dan - Original Message - From: Adam Williams [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, September 15, 2003 2:30 PM Subject: [Samba] disabling roaming profiles in windows 2000? How do you disable roaming profiles in Windows 2000? I know in Windows XP you use gpedit.msc but I don't see where in windows 2000 to disable roaming profiles. Any suggestions? Thanks, Adam -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Rejoining an XP workstation to a domain
Hello, I have been trying to rejoin a computer to a newly remade PDC on the same domain name using Samba 2.2.7 on RedHat 9. I get this error message everytime I try: Title: Computer Name Changes The following error occurred attempting to join the domain Quasar: Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again... I had gone as far as disabling the network interface, then reenabling it, and rejoining - it still gives the same error. Any thoughts at this point? Thanks, Dan Gapinski -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Rejoining an XP workstation to a domain
My bad - I found that I had a couple drives mapped on the client to the PDC. This is a good argument for non-persistent NET USE commands in one's logon script. Dan - Original Message - From: Dan Gapinski To: Lista Samba Sent: Wednesday, September 24, 2003 3:18 PM Subject: Rejoining an XP workstation to a domain Hello, I have been trying to rejoin a computer to a newly remade PDC on the same domain name using Samba 2.2.7 on RedHat 9. I get this error message everytime I try: Title: Computer Name Changes The following error occurred attempting to join the domain Quasar: Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again... I had gone as far as disabling the network interface, then reenabling it, and rejoining - it still gives the same error. Any thoughts at this point? Thanks, Dan Gapinski -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ghost Create account: procedure number out of range inSamba
I had that problem. I ended up making a regular administrator account for Ghost and then telling the Ghost service to run under that account. Ghost tries to set up it's own limited account on an NT domain with only the right to add and remove machines to and from the domain, which (to my limited knowledge, please correct me if I am wrong) Samba 2.x does not allow. Once I did that, it worked fine. My best, Dan (former employee of Binary Research) Gapinski - Original Message - From: werner maes [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, June 23, 2003 10:07 AM Subject: [Samba] Ghost Create account: procedure number out of range in Samba Hello, I would like to clone a Windows XP workstation that's part of a Samba domain using Norton Ghost. In Ghost you need to create an account in the domain to be able to add your domain to the list of supported domains by the Norton Ghost console. When I try to add such an account, I get this error message: Unable to add DOMAIN to the list of supported domains, The procedure number is out of range. Error code: 2147944145. I use samba 2.2.8a and LDAP for authentication. There's no problem with this authentication as everything else (logging in, adding machines to the domain,...) works fine. Does anybody have an idea? Thanks, Werner Maes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ghost Create account: procedure number out of rangeinSamba
Yes - sorry. I made a regular account for Ghost (which you could make with adduser or useradd or handcoding the passwd file) and added it to a group (in the groups file) that I called admin. In smb.conf, I added a line that went like this: domain admin group = @admin So that worked like a charm. Hope that helps, Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, June 23, 2003 2:21 PM Subject: Re: [Samba] Ghost Create account: procedure number out of range inSamba Hello Dan, Thanks for yor reply ! But what exactly do you mean with making a regular administrator account for Ghost? Is it an entry in /etc/passwd or smbpasswd for administrator? Could you give more specific details? Kind regards, Werner Maes Dan Gapinski wrote: I had that problem. I ended up making a regular administrator account for Ghost and then telling the Ghost service to run under that account. Ghost tries to set up it's own limited account on an NT domain with only the right to add and remove machines to and from the domain, which (to my limited knowledge, please correct me if I am wrong) Samba 2.x does not allow. Once I did that, it worked fine. My best, Dan (former employee of Binary Research) Gapinski - Original Message - From: werner maes [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, June 23, 2003 10:07 AM Subject: [Samba] Ghost Create account: procedure number out of range in Samba Hello, I would like to clone a Windows XP workstation that's part of a Samba domain using Norton Ghost. In Ghost you need to create an account in the domain to be able to add your domain to the list of supported domains by the Norton Ghost console. When I try to add such an account, I get this error message: Unable to add DOMAIN to the list of supported domains, The procedure number is out of range. Error code: 2147944145. I use samba 2.2.8a and LDAP for authentication. There's no problem with this authentication as everything else (logging in, adding machines to the domain,...) works fine. Does anybody have an idea? Thanks, Werner Maes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ghost Create account: procedure number out ofrange inSamba
I see - what type of domain account are you using? Your method is right tho, setting the services to run under a domain account. I just want you to be absolutely sure that the account is administrator. If this is a test environment, you could start by running the service as root, and see if it works then (though I would not do that in production). Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 4:35 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba Sorry to bother you again but in my situation with LDAP authentication it doesn't seem to work. I'll explain the configuration in detail. I have a Samba 2.2.8a domain controller which is compiled and configured with LDAP support. The user and machine accounts are defined in LDAP. I manually added an Windows XP workstation to the domain (no problems here) using a root account also defined in LDAP. Now I would like to clone this machine to other machines using Norton Ghost 7.5. Therefore I have set up a Ghost Multicast Server. Now when I use to Ghost Console on the multicast server and try to add our domain to the list of supported domains in Ghost I get the error Procedure number out of range. On the Ghost Multicast Server there is the ghost configuration server service and on the client machine there is the ghost client agent service. Both of these services only start with a local system account. These services do not run under a domain account. If I try to run them under a domain account I get this error message: The service did not respond to the start or control request in a timely fashion. Like I said, manually adding a machine to the domain gives no problems with the specified root account in LDAP (see below, I did not include all attributes off course). dn: uid=root, ou=xxx, o=xxx, c=xxx objectClass: sambaAccount uid: root rid: 1000 uidNumber: 0 gidNumber: 0 Kind regards, Werner Maes At 15:20 23/06/2003, Dan Gapinski wrote: Yes - sorry. I made a regular account for Ghost (which you could make with adduser or useradd or handcoding the passwd file) and added it to a group (in the groups file) that I called admin. In smb.conf, I added a line that went like this: domain admin group = @admin So that worked like a charm. Hope that helps, Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, June 23, 2003 2:21 PM Subject: Re: [Samba] Ghost Create account: procedure number out of range inSamba Hello Dan, Thanks for yor reply ! But what exactly do you mean with making a regular administrator account for Ghost? Is it an entry in /etc/passwd or smbpasswd for administrator? Could you give more specific details? Kind regards, Werner Maes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ghost Create account: procedure number out ofrange inSamba
Not to ask the annoying ?'s, but the server that you're working from is indeed a member of the Samba domain ( not a separate domain/workgroup)? Dan - Original Message - From: werner maes To: Dan Gapinski Sent: Tuesday, June 24, 2003 10:45 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba Yes, that's right. Werner Dan Gapinski wrote: So in your Ghost services properties, then your 'Log on as' entry looks like this: domain\root ? Thanks, Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 10:12 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba domain admin group = root (in smb.conf) I have defined the user 'root' in LDAP. On the client I added the domain users to the administrators group. I try to run the services under this root account on the domain but the services will only run under a local system account and not under a domain account. That seems to be the problem. With this user 'root' it is possible to manually join the client to the domain and to logon to the domain. I've tried about everything but still no solution Still hoping though :-) Werner Maes At 09:39 24/06/2003, Dan Gapinski wrote: I see - what type of domain account are you using? Your method is right tho, setting the services to run under a domain account. I just want you to be absolutely sure that the account is administrator. If this is a test environment, you could start by running the service as root, and see if it works then (though I would not do that in production). Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 4:35 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba Sorry to bother you again but in my situation with LDAP authentication it doesn't seem to work. I'll explain the configuration in detail. I have a Samba 2.2.8a domain controller which is compiled and configured with LDAP support. The user and machine accounts are defined in LDAP. I manually added an Windows XP workstation to the domain (no problems here) using a root account also defined in LDAP. Now I would like to clone this machine to other machines using Norton Ghost 7.5. Therefore I have set up a Ghost Multicast Server. Now when I use to Ghost Console on the multicast server and try to add our domain to the list of supported domains in Ghost I get the error Procedure number out of range. On the Ghost Multicast Server there is the ghost configuration server service and on the client machine there is the ghost client agent service. Both of these services only start with a local system account. These services do not run under a domain account. If I try to run them under a domain account I get this error message: The service did not respond to the start or control request in a timely fashion. Like I said, manually adding a machine to the domain gives no problems with the specified root account in LDAP (see below, I did not include all attributes off course). dn: uid=root, ou=xxx, o=xxx, c=xxx objectClass: sambaAccount uid: root rid: 1000 uidNumber: 0 gidNumber: 0 Kind regards, Werner Maes At 15:20 23/06/2003, Dan Gapinski wrote: Yes - sorry. I made a regular account for Ghost (which you could make with adduser or useradd or handcoding the passwd file) and added it to a group (in the groups file) that I called admin. In smb.conf, I added a line that went like this: domain admin group = @admin So that worked like a charm. Hope that helps, Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, June 23, 2003 2:21 PM Subject: Re: [Samba] Ghost Create account: procedure number out of range inSamba Hello Dan, Thanks for yor reply ! But what exactly do you mean with making a regular administrator account for Ghost? Is it an entry in /etc/passwd or smbpasswd for administrator? Could you give more specific details? Kind regards, Werner Maes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ghost Create account: procedure number out ofrange inSamba
I'm sorry - I meant the Ghost server - is that a member of the Samba domain? I think that Ghost 7.5 can walk across trusted domains, but I am not sure that is possible in Samba. Anyone else care to comment? Dan - Original Message - From: werner maes [EMAIL PROTECTED] To: Dan Gapinski [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, June 25, 2003 2:51 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba It is a separate domain logon server, see configuration below (relevant entries only). Does it have to be a member of a Samba domain? (security = domain?) [global] security = USER workgroup = DOMAIN netbios name = DOMAINSERVER interfaces = x.y.v.w/24 logon script = scripts\%m.bat os level = 110 preferred master = Yes local master = Yes domain master = True domain logons = Yes domain admin group = @root ldap server = x.y.v.z ldap port = 389 ldap suffix = o=kuleuven,c=be ldap admin dn = cn=master,o=kuleuven,c=be The ldap server is installed with openldap. Werner At 16:42 24/06/2003, Dan Gapinski wrote: Not to ask the annoying ?'s, but the server that you're working from is indeed a member of the Samba domain ( not a separate domain/workgroup)? Dan - Original Message - From: mailto:[EMAIL PROTECTED]werner maes To: mailto:[EMAIL PROTECTED]Dan Gapinski Sent: Tuesday, June 24, 2003 10:45 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba Yes, that's right. Werner Dan Gapinski wrote: So in your Ghost services properties, then your 'Log on as' entry looks like this: domain\root ? Thanks, Dan - Original Message - From: werner maes mailto:[EMAIL PROTECTED][EMAIL PROTECTED] To: Dan Gapinski mailto:[EMAIL PROTECTED][EMAIL PROTECTED] Cc: mailto:[EMAIL PROTECTED][EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 10:12 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba domain admin group = root (in smb.conf) I have defined the user 'root' in LDAP. On the client I added the domain users to the administrators group. I try to run the services under this root account on the domain but the services will only run under a local system account and not under a domain account. That seems to be the problem. With this user 'root' it is possible to manually join the client to the domain and to logon to the domain. I've tried about everything but still no solution Still hoping though :-) Werner Maes At 09:39 24/06/2003, Dan Gapinski wrote: I see - what type of domain account are you using? Your method is right tho, setting the services to run under a domain account. I just want you to be absolutely sure that the account is administrator. If this is a test environment, you could start by running the service as root, and see if it works then (though I would not do that in production). Dan - Original Message - From: werner maes mailto:[EMAIL PROTECTED][EMAIL PROTECTED] To: Dan Gapinski mailto:[EMAIL PROTECTED][EMAIL PROTECTED] Cc: mailto:[EMAIL PROTECTED][EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 4:35 AM Subject: Re: [Samba] Ghost Create account: procedure number out ofrange inSamba Sorry to bother you again but in my situation with LDAP authentication it doesn't seem to work. I'll explain the configuration in detail. I have a Samba 2.2.8a domain controller which is compiled and configured with LDAP support. The user and machine accounts are defined in LDAP. I manually added an Windows XP workstation to the domain (no problems here) using a root account also defined in LDAP. Now I would like to clone this machine to other machines using Norton Ghost 7.5. Therefore I have set up a Ghost Multicast Server. Now when I use to Ghost Console on the multicast server and try to add our domain to the list of supported domains in Ghost I get the error Procedure number out of range. On the Ghost Multicast Server there is the ghost configuration server service and on the client machine there is the ghost client agent service. Both of these services only start with a local system account. These services do not run under a domain account. If I try to run them under a domain account I get this error message: The service did not respond to the start or control request in a timely fashion. Like I said, manually adding a machine to the domain gives no problems with the specified root account in LDAP (see below, I did not include all attributes off course). dn: uid=root, ou=xxx, o=xxx, c=xxx
[Samba] Sharing out a Chrooted jail
Hello, First off, I would like to say that Samba has already beat my uptime record for Windows NT - I couldn't be happier with it! But I am trying to change the environment and am running into trouble. Specifically, I have some users logging on that have their own chrooted homedirs, located in a /home/jail/home/userx type of fashion. I would like to make all the homedirs under /home/jail/home available to my Samba users, yet sharing /home/jail/home brings Samba to halt not accept domain logons. I did made sure that my Samba users' Linux group had permissions to the main folder of homedirs in the chroot jail, but that did not suffice - the next time I reloaded the service, no user logons would happen. SO, what would any of you do in this scenario? I am sure it is a permissions issue, but don't know why. Would you give permissions to the upper-level folders above the chroot jail as well? And the last, most important question, is there something wrong with the RedHat9 gui when you use it to change permissions instead of chmod? Many thanks, Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Moving Samba to a different Linux server.
Hello, I am looking for a second opinion. When moving a Samba PDC service to a different Linux server (we run Redhat 9 here), would you include anything other than the following: /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/samba/* Is there anythings else that I should be paying attention to? Thanks for everything. My best, Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Fw: [Samba] Moving Samba to a different Linux server.
Please help, I am having a problem with a Samba server I have attempted to move to a new Redhat 9 box (it was on Redhat 9 before). Here's the what I did: 1) I transferred the follwing files dirs to the fresh RedHat box : /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/samba/* (the whole dir) /var/cache/samba/* (the whole dir) 2) I stopped SMB services on the old box 3) I started SMB services on the new box 4) I changed its dynamic IP address to static. 5) I stopped the IP tables service I can locate the domain controller from the client, but get an error saying Cannot locate the passdb database. Is this a SID issue? Is there any way to get around that (copy over the SID database)? Any help you may be able to offer would be most appreciated. My best, Dan - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 2:43 PM Subject: RE: [Samba] Moving Samba to a different Linux server. Tdb files... /var/cache/samba/ ~ Daniel -Original Message- From: Dan Gapinski [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 2:02 PM To: Lista Samba Subject: [Samba] Moving Samba to a different Linux server. Hello, I am looking for a second opinion. When moving a Samba PDC service to a different Linux server (we run Redhat 9 here), would you include anything other than the following: /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/samba/* Is there anythings else that I should be paying attention to? Thanks for everything. My best, Dan -- --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Moving Samba to a different Linux server.
Sorry, the error was unable to open passdb database Dan - Original Message - From: Dan Gapinski [EMAIL PROTECTED] To: Samba [EMAIL PROTECTED] Sent: Sunday, September 07, 2003 12:44 AM Subject: Fw: [Samba] Moving Samba to a different Linux server. Please help, I am having a problem with a Samba server I have attempted to move to a new Redhat 9 box (it was on Redhat 9 before). Here's the what I did: 1) I transferred the follwing files dirs to the fresh RedHat box : /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/samba/* (the whole dir) /var/cache/samba/* (the whole dir) 2) I stopped SMB services on the old box 3) I started SMB services on the new box 4) I changed its dynamic IP address to static. 5) I stopped the IP tables service I can locate the domain controller from the client, but get an error saying Cannot locate the passdb database. Is this a SID issue? Is there any way to get around that (copy over the SID database)? Any help you may be able to offer would be most appreciated. My best, Dan - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 2:43 PM Subject: RE: [Samba] Moving Samba to a different Linux server. Tdb files... /var/cache/samba/ ~ Daniel -Original Message- From: Dan Gapinski [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 2:02 PM To: Lista Samba Subject: [Samba] Moving Samba to a different Linux server. Hello, I am looking for a second opinion. When moving a Samba PDC service to a different Linux server (we run Redhat 9 here), would you include anything other than the following: /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/samba/* Is there anythings else that I should be paying attention to? Thanks for everything. My best, Dan -- --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba