Been there:
1. Compile Samba by yourself, remove WITH_DNS_UPDATE flag.
2. Disallow allow insecure update from DNS server.
3. Edit /etc/hosts, use shortname for your Samba server, then upon net ads
join
it will complain domain name not found hence will not update DNS.
Cheers
-David
2012/2/4
One question: amongst all those other servers, how do we find which
server is the preferred one (by locality), in a programmatic way?
Cheers
-David
2012/1/17 Daniel Müller muel...@tropenklinik.de
THis is what is working:
Msdfs root and host msdfs and msdfs proxy are the things you need.
You
Ever since upgrade to 3.6, wbinfo -u working but wbinfo -i hitting
WBC_ERR_DOMAIN_NOT_FOUND has been a headache, seems winbind always fails to
get the domain info for individual idmap the VERY FIRST TIME you start it
after upgrade or join a domain. Most of times I manage to solve it by
using:
Add following line to /etc/hosts
client-IPclient-hostname.domain-full-name
2011/12/24 Mike Howard m...@dewberryfields.co.uk
Hi All,
I've got samba4 set up as AD domain controller (from latest git), works
fine. I'm now attempting to use a separate samba3 box as the file server
(as I'm
https://bugzilla.samba.org/show_bug.cgi?id=8676.
Robert
On Wed, Dec 21, 2011 at 5:33 PM, David Roid datar...@gmail.com wrote:
Been there, you can try to add either idmap config DOMAIN : default =
yes, or use old-fashion idmap backend = ... + idmap uid = ... + idmap
gid = ... to replace idmap
Hello Lantukh,
Domain controller, LDAP server and kdc can be found by DNS, Samba consults
DNS server to find them. Therefore DNS server itself can be a single-point.
I'm guessing your myserver1 is used as the DNS server in this case and when
it's down you are in trouble.
Cheers
-David
Been there, you can try to add either idmap config DOMAIN : default =
yes, or use old-fashion idmap backend = ... + idmap uid = ... + idmap
gid = ... to replace idmap config * : ..., I don't know which one
actually fixed it.
2011/12/22 Dale Schroeder d...@briannassaladdressing.com
Originally
Hi Steve,
Do you have
idmap config * : backend = ...
idmap config * : range = ...
in your smb.conf (besides domain specific backend and range)?
Regards
-David
2011/12/21 steve st...@steve-ss.com
Works for a while, then falls over:
wbinfo -u
hh3$
administrator
dns-hh3
krbtgt
guest
Have you considered you may have already reached the best under your
network condition?
Cheers
-David
2011/12/15 sathishkumar kanagaraj sathish.kanaga...@gmail.com
Hi,
i am using smb2 max read/write/credits value 5 times the default
value in smb.conf file. Even this changes i am getting
Hi Jeremy,
I can understand the limit of acl_xattr because every specific file system
may impose a limit on number of extended attributes. But now that with
acl_tdb ACLs are stored in tdb file, should not there be nothing to do with
file system?
Regards
-David
2011/12/6 Jeremy Allison
Got it, thanks for the clarification.
2011/12/6 Jeremy Allison j...@samba.org
On Tue, Dec 06, 2011 at 02:16:34AM +0800, David Roid wrote:
Hi Jeremy,
I can understand the limit of acl_xattr because every specific file
system may
impose a limit on number of extended attributes. But now
I think multiple Samba servers running in VMs is only as good as multiple
Samba servers running on different physical hosts. The fact of VMs inside
one physical host doesn't provide any special IPC between Samba servers
inside VMs, they are independent and unaware of each other, so you have to
Do you enable LDAP in NSS?
2011/11/21 tony archibald t...@dutyfreestores.com.au
OS = RHEL 5
samba version 3.0.33-3.29
openldap 2.3
is it possible to have linux users stored in an ldap directory and still
use the passdb backend = smbpasswd.
I have an existing smbpasswd password db and an
Greetings list,
This sounds sort of twisted but in its essence Windows ADS has an LDAP
server too, so here is what I do hoping it'll work:
1. Install Utilities and SDK for UNIX-based application and Identity
Management for UNIX on Windows server 2003, create a new OU named idmap.
2. Configure
I suppose this number is subject to both file system and Samba vfs object,
whichever comes first to its limit.
-David
2011/11/15 adrian.berlin adrian.ber...@o2.pl
Many thanks for response.
Do you recommend any good tool to backup ACLs?
I have another question about how many ACLs can be
I don't think your configuration is right, map untrusted domain, allow
trusted domains are not supposed to work with security = user.
2011/11/5 schlit...@bluewin.ch schlit...@bluewin.ch
Hi
I have a question/problem about winbind and the map untrusted to domain
(=yes) parameter.
I use samba
Greetings list,
I just upgraded to samba 3.6.0 trying SMB2. Though Windows 2008 R2 can work
with SMB2 shares just fine, I'm unable to access SMB2 shares with mount.cifs
or smbclient, even with -m smb2 specified -- I get this
Unrecognised protocol level smb2, whereas smbclient comes with
Thanks, Michael. But in my case, neither of smbclient/mount.cifs works with
SMB2.
-David
2011/10/17 Michael Wood esiot...@gmail.com
Hi
On 17 October 2011 11:35, David Roid datar...@gmail.com wrote:
Greetings list,
I just upgraded to samba 3.6.0 trying SMB2. Though Windows 2008 R2 can
Check out what does /var/log/samba/log say about logon failure? Also do you
enable ntlm auth?
-David
2011/9/1 Bruno Martins bmomart...@gmail.com
On 08/31/2011 06:57 PM, Dale Schroeder wrote:
Bruno,
This is not a valid option:
idmap backend = 192.168.0.2
The default is tdb, but
Try a really long username then you'll see the difference.
-David
2011/8/11 Linda Walsh sa...@tlinx.org
I realized in looking at my smb.conf, I'm not using these in
a consistent manner, and well I just don't understand what the
differences are between them.
Sure I can read the
Hello list,
The issue is as the topic says, following are details: the Samba server
running as ADS member, NBT enabled on Windows machines, no WINS. Windows
machines can find each other by 'nbtstat -a' but cannot find the Samba
server. The Samba server can't find neither Windows machines nor
Ok, thanks for your replies, frankly I still don't understand why Samba
behaves like this, sounds like an inherent issue, then I can live with that.
2011/6/25 Linda Walsh sa...@tlinx.org
Dale Schroeder wrote:
On 06/24/2011 12:11 AM, Linda W wrote:
David was trying to view and change
Hello everyone,
Got a weird ACL issue:
First of all, my Linux host is fully ACL enabled (kernel support, file
system support, mount with xattr, library support, samba compilation
support, all set).
Then a share is created with vfs acl_xattr and ea support on, got mounted on
a Windows client as
Greetings list,
After my Samba 3.5.8 server left then rejoined the same Windows 2003 AD, I
found that some Windows users, to be exact, those who has got their ACE
explicitly set in the ACL are displayed as UIDs, instead of their names.
This can be observed by getfacl or Windows explorer, and it
Greetings list,
I was looking at the wiki samba and clustering and a ctdb.pdf, admittedly
both are quite old (2006 or 2007) and I don't know how things change over
years, but I just have two questions about LMASTER:
this is from pdf
LMASTER fixed
● LMASTER is based on record key only
● LMASTER
I think what you really need is clusterd file system..
2011/1/8 Emiliano Bonassi benazh...@gmail.com
Hi,
i'm Emiliano this is my first mail to samba mailing list.
I have to solve this issue for a company. They need to had a folder, shared
over CIFS for windows/mac clients, that is always
Hello list,
I've got a question from reading Using Samba 3rd, where it puts:
... the final permission is caculated by below filters in the order used by
Samba:
1. Apply any DOS attribute mapping options I take this as
either map DOS attributes to execute bits, or store DOS
Thanks for the clarification.
2010/12/29 TAKAHASHI Motonobu mo...@monyo.com
2010/12/29 David Roid datar...@gmail.com:
Further experiment reveals that if vfs objects is removed then create
mask works. I know vfs_acl_xattr is needed to keep windows ACL here ( I
suppose it's step1 ), but why
Hello list,
I am trying an environment with Samba 3.5 running as a WIN2003 AD member,
which (say MYAD) is mutually trusted with another YAAD, plus an openldap
server as idmap backend, winbind is also used. So my concerns are
two-folded.
1. Why users from trusted domain can do nothing
From samba
Hello list,
I'm running a samba 3.5.3 CTDB cluster, found the output is different
Q1: What does the 0: mean in pid column? There was no such stuff in
non-CTDB smbstatus output.
snip
samba_01:~ # smbstatus -S 2/dev/null
Service pid machine Connected at
It works! Thanks Harry!
2010/10/26 Harry Jede walk2...@arcor.de
On 18:33:12 wrote David Roid:
Q2: How to parse smbstatus to capture service column and pid column?
as in case of homes share the service is named as username, while
domain username may contain whitespace(s)?
snip
Greetings list,
Have a situation that doesn't fail but with inconsistent results:
With a Samba 3.5.4 running as AD member, and map an AD user into a local
user on Samba server, configurations are like below:
smb.conf: username map = /usermap.txt
usermap.txt: foo = MYDOM\bar
Then try to
Hello, no one dealt with this before? Short question, can I get smbclient
-L //localhost -U% without authenticate against AD controller (when network
down), if I'm local samba server root user.
2010/9/7 David Roid datar...@gmail.com
Hello list,
Accidentally I found that when network is down
Hello list,
Accidentally I found that when network is down smbclient -L localhost -U%
became slow however it still succeeded after like half a minute.
This is weird because my Samba server is running inside AD,
Q1. How can smbclient authenticate without talking to AD controller? I think
in this
Hello list,
I noticed that connections from the same client to different shares have got
the same pid on samba server, please refer to the out put below:
# net status shares
Service pid machine Connected at
---
foo 1751
Hello list,
I'm running a samba server in AD domain, with some AD users explicitly
mapped into local users by username map = sambauser.map, which is a text
file.
Problem is found with explicitly mapped user, I can only access home share
by //server/ADusername, not //server/homes (using windows
-CODE10]
smb: \ ls
do_list: [\*] NT_STATUS_OBJECT_PATH_NOT_FOUND
Error in dskattr: NT_STATUS_OBJECT_PATH_NOT_FOUND
smbclient //localhost/ADusername -U works just fine, again.
Samba ver = 3.5.3 and the homes share is a msdfs root.
2010/8/10 David Roid datar...@gmail.com
Hello list,
I'm
Hello all,
I have a Samba 3.5 server running in an AD domain and domain users can
access nonpublic shares with their credentials. Good since this is what I
want.
However accidentally I found that local users (of the server itself) could
also access nonpublic shares with their credentials. Is
38 matches
Mail list logo