RE: [Samba] security domain/server
On Tue, 2003-03-04 at 08:07, [EMAIL PROTECTED] wrote: Mat, Even though Rational (Now IBM) says this claims that the samba security = domain should work, We got the same issue here. So, I changed it to security = server. If you make this to work with domain, let me know... As far as the clients are concerned, there is no difference between security=server and security=domain. So check the simple stuff - use smbclient for testing and ensure you have actually joined the domain correctly. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sybiz Accounting + 2.2.7 = ????
Hi all, Got some hassles with a client running Sybiz accounting. This is a FoxPro application developed in VB6. We're just through the exercise of eliminating all the pieces that might be causing problems and unfortunately that might include Samba. Running Samba 2.2.7 on Red Hat 7.3. All clients are running either Windows 2000 or Win XP. We're getting cases of workstations being able to see files via Win Explorer, update data in various utilities such as the Sybiz eyeball while some functions such as reindexing will occassionaly give a file access error. They're also getting some unusual accounting errors, but I'm inclined to think that this is more of an application problem. Because they're only in a small workgroup, basically every user has full read/write access to all the files in the share. Needless to say, as this is odd ball part of the system, the general advice is to get rid of the Linux/Samba system and use Windows 2000 Server - something I'd rather not do as I don't feel this will be the solution to the problem. Any ideas? Thanks, - Earl -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed
hello I am new to Samba protocol. Our Client software used samba protocol If there is no firewall case , this protocol work properly from remote site. All of firwall configuration open ( this mean is all of port open ). Samba work very well, but if some constrain put in, it doesn't work. would like to know about port usage of samba protocol. I think snmpd, nmpd daemon used some port number. i can see /etc/service file. Client software has no daemon, i think may be server request to some port of client. That means samba protocol used another port except snmpd,nmpd port. My question is 1. I would like to know about port usage of samba protocol. 2. My client want to set exact port number for firewall, because he don't want to open all of port for security isseu. Regards Dharanish _ Cricket World Cup 2003- News, Views and Match Reports. http://server1.msn.co.in/msnspecials/worldcup03/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] port usage
Here are the ports used by samba: netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp# NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp# NETBIOS session service netbios-ssn 139/udp --- dharanesh dharanesh [EMAIL PROTECTED] a écrit : Our Client software used samba protocol,If there is no firewall case , this protocol work properly from remote site.All of firwall configuration open ( this mean is all of port open ). Samba work very well, but if some constrain put in, it doesn't work. 1)I would like to know about port usage of samba protocol. I think snmpd, nmpd daemon used some port number. i can see /etc/service file. Client software has no daemon, i think may be server request to some port of client. That means samba protocol used another port except snmpd,nmpd port. My question is 1. I would like to know about port usage of samba protocol. 2. My client want to set exact port number for firewall, because he don't want to open all of port for security isseu. regards Dandy _ Cricket World Cup 2003- News, Views and Match Reports. http://server1.msn.co.in/msnspecials/worldcup03/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] port usage
Hello, there is an article from the linux magazine, called Understanding the Network Neighborhood available at http://www.linux-mag.com/2001-05/smb_01.html There are ports 137, 138, and 139 mentioned. My /etc/services says netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp Also to mention is microsoft-ds445/tcp microsoft-ds445/udp 445/tcp is netbios-less CIFS used by Windows 2000 clients. I don't know how far the implementation in samba is right now. In 3.0 port 445 will be used by default, IIRC. Yours, Wolfi -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Too many smbd processes?
Hello People, /etc/rc.d/init.d/smb status yields the following output: smbd (pid 31224 31209 31102 31098 31077 31069 31056 3237 3171 3154 3147 3144 3131 3129 3128 3124 3119 3091 3077 2590 2582 2564 2491 2468 1964) is running... nmbd (pid 31062 31061) is running... In total 25 smbd's and 2 nmbd's, while only five or six users actually use the samba-server. This many processes causes my system to have a load around 19 to 25, which prevent my sendmail from sending mail. Does anybody know if this is normal samba behaviour? Restarting Samba doesn't seem to limit the number of servers. Kind regards, Maarten -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem joining samba to a samba-PDC domain
Hi folks, I'm having difficulty getting a samba server to join a domain, the PDC of which is another samba server. I believe I've set everything up correctly but when I run the following command on the client samba box smbpasswd -j DOMAIN -r PDC -U adminuser%adminpasswd I'm told error creating domain user: NT_STATUS_ACCESS_DENIED Unable to join domain DOMAIN. Looking through the log files on the PDC, I find these entries in the log file for the samba client box: [2003/03/04 21:47:38, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1369) unable to open passdb database. [2003/03/04 21:47:38, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(575) add_smbfilepwd_entry: unable to open file. [2003/03/04 21:47:38, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929) Failed to add entry for user client$. What I have done so far: Successfully used smbclient to connect to available shares on the PDC from a client samba box using encrypted passwords (I have a smbpasswd file on the PDC). Added relevant machine accounts to /etc/passwd on the PDC for the client samba boxes. I've made sure they include the $ at the end of the username. Tried the smbpasswd -j ... command both with existing smbpasswd file entries and without (for use with the -U admin%pword option to smbpasswd) Set up the PDC's smb.conf as follows (relevant directives only): [global] security = user encrypt passwords = yes smb passwd file = /path/to/smbpasswd add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u local master = yes domain master = yes wins support = yes domain admin group = user1 Set up the samba client box smb.conf as follows: [global] security = domain password server = My_PDC_Name encrypt passwords = yes local master = no wins server = IP_OF_PDC --- Any suggestions as to how I might proceed from here would be greatly appreciated. I've searched for material covering this type of scenario but so far have only come across discussions that focus on either (a) joining w2k/xp clients to a samba-controlled domain or (b) joining a samba box to a winNT/2k-controlled domain. Many thanks, John john twyman school of geosciences university of sydney m: +61 401 992 836 e: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LinuxMDK 9 file perms oddities?
Buchan Milne wrote: [cut] When a member of group users connects to the [public] or [grp] share and interacts with them by creating dirs and/or files, something strange happens because file permissions change to: Are you sure it is when a user connects? Not exactly. When a user creates a file or directory, a warning message appears saying that in the future it won't be possible to change the file/dir. In a short words: the file/dir is rightly created but they won't be modifiable in the future. [cut] What security level are you running? 2 [bgmilne:/home/users/bgmilne]# cat /etc/sysconfig/msec If you are running security level 2 or higher, msec will reset permissions to not be group writeable on directories under /home. So, you should run draksec to customise this, or not use msec. I supposed so :( [bgmilne:/usr/share/msec]# grep home perm.? |awk '{print $1 \t $2 \t $3}' perm.0:/home/ root.root 755 perm.0:/home/* current 755 perm.1:/home/ root.root 755 perm.1:/home/* current 755 perm.2:/home/ root.root 755 perm.2:/home/* current 755 perm.3:/home/ root.root 755 perm.3:/home/* current 711 perm.4:/home/ root.adm751 perm.4:/home/* current 700 perm.5:/home/ root.root 711 perm.5:/home/* current 700 After making your changes in draksec, run: # msec security level to have msec set the permissions as it thinks they should be, or set them the way you want them, and run # msec to see if it leaves them alone now. Thanks :) Tomorrow morning I'll try on another pc. In the meanwhile I changed the OS (FreeBSD) and I have to say that everything works well ;) P.S. I normally search the digests of this list for mandrake, I would not have found your post since I do not search for MDK/mdk/md etc. It is also a good idea not to abbreviate if you intend other searches (Google etc) to find your post ... I'm sorry :-/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] port usage
On Tue, Mar 04, 2003 at 10:59:49AM +0100, Wolfram Quester wrote: Hello, there is an article from the linux magazine, called Understanding the Network Neighborhood available at http://www.linux-mag.com/2001-05/smb_01.html There are ports 137, 138, and 139 mentioned. My /etc/services says netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp Also to mention is microsoft-ds445/tcp microsoft-ds445/udp 445/tcp is netbios-less CIFS used by Windows 2000 clients. I don't know how far the implementation in samba is right now. In 3.0 port 445 will be used by default, IIRC. Hello again, I forgot to mention port 901, wich is used by SWAT. Of course you need this port only if you want to use swat from another machine than localhost Wolfi -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles and home directory - Samba PDC
Nick Gale wrote: I have sucessfully got a windows 2K machine to join the domain but I can not get it to run a logon script, map the drive letter to the home directory or create a roaming profile. All my smb.conf setting look correct as per the samples and How To's so I'm stuck! smb.conf is as follows: # Global parameters [global] netbios name = LINUX1 [cut] logon path = \\Lunux1\profiles\%U ^^^ smb.conf error or you made a mistake when you edited your message to the list? BTW...Check permissions on your /home/netlogon directory, as well as on your logon.bat (it should be executable). Moreover, that batch must be in a MSDOD form: every line must end with CR+LF. Good luck :) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Too many smbd processes?
What is in your smb script? What does smbstatus show? What happens when you forget the fancy startup script and just use: smbd -D nmbd -D Here is all I use to start my daemons: #!/bin/bash case $1 in start) killall smbd killall nmbd /usr/local/samba/bin/smbd -D /usr/local/samba/bin/nmbd -D ;; stop) killall smbd killall nmbd ;; reload) kill -SIGHUP `cat /usr/local/samba/var/locks/smbd.pid` kill -SIGHUP `cat /usr/local/samba/var/locks/nmbd.pid` ;; *) echo Usage: echo start stop reload ;; esac exit 0 Joel On Tue, Mar 04, 2003 at 11:47:48AM +0100, Maarten Buiter wrote: Hello People, /etc/rc.d/init.d/smb status yields the following output: smbd (pid 31224 31209 31102 31098 31077 31069 31056 3237 3171 3154 3147 3144 3131 3129 3128 3124 3119 3091 3077 2590 2582 2564 2491 2468 1964) is running... nmbd (pid 31062 31061) is running... In total 25 smbd's and 2 nmbd's, while only five or six users actually use the samba-server. This many processes causes my system to have a load around 19 to 25, which prevent my sendmail from sending mail. Does anybody know if this is normal samba behaviour? Restarting Samba doesn't seem to limit the number of servers. Kind regards, Maarten -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple VFS modules per Share
Hi, I would like to setup a share with two VFS modules : recycle and vscan. I've done some test but it doesn't work. Any suggestion ? Is it possible or not ? see you -- Raphaël Berghmans [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multiple VFS modules per Share
On Tue, 2003-03-04 at 22:30, Raphaël Berghmans wrote: Hi, I would like to setup a share with two VFS modules : recycle and vscan. I've done some test but it doesn't work. Any suggestion ? Is it possible or not ? Only in Samba 3.0, where this has been rewritten to add a stackable VFS. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Default settings for print drivers
I had this working in 2.2.8pre2. What server platform are you using? RH 7.2 linux on s390 (2.4.9-38 kernel) glibc-2.2.4-31 yeah. that would be an affected system. 2.2.8pre2 should correct this for you. Jerry, thanks, it fixed the biggest problem. Device settings (installed options) are now remembered and applications picked them up correctly, so the appropriate printing preferences can now be set. There is still a problem with remembering printing preferences though. Though the preferences are set on the samba server, when the client installs the driver the printing preferences are lost (though device settings are retained). It gets a little stranger, in that when a printer admin installs the printer on the client, printing preferences are lost on the samba server too. Our windows print guy assured me that with the w2k server, the clients would inherit the printing preferences that were set on the server at the time the printer was installed. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem of access samba from rh8
Hi Patrick, Had I paid closer attention to your original e-mail I would have noticed that you were using KDE and Konqueror whereas I am using GNOME and Nautilus. I tried using the settings that Shane Kennedy suggested but I still get the same result. Is there some way to get more information to find out's going on here? I don't see anything happening in the log files when I try to access the shares. Thanks, Steve On 2003.03.03 20:44 Patrick Kwan wrote: Hi Steve, I do another test today, I changed my desktop to Gnome and use Nautilus to access the samba server, I can access all shares this times. It show that some wrong with the KDE's Konqueror or something else, I will search the KDE's website wheather it's known problems or only my problem. Right now, I'm using LinuxNeihgbourhood to browse the network and access shares because I like to use KDE Desktop. Patrick Hey Patrick, I have a similar issue that I have reported here before but I never got an answer. The only difference I see between what you describe and what I see, is that I get an error dialog saying: You do not have sufficient permission to view Share. This is strange to me since I appear to log on OK because I can see all the shares but I get this message when I try to access one of them. I'm using RH8 with all the latest updates and these samba rpms samba-common-2.2.7-2 samba-2.2.7-2 samba-client-2.2.7-2 I haven't had time to investigate this further so I would be interested in anything that you find out. Steve. On 2003.03.02 20:45 Patrick Kwan wrote: Hello, I already setup a samba server as PDC for windows client to logon and working fine now with the following config: - redhat 7.3 - samba 2.2.7a Then I try to access the samba share from Redhat 8, I can use smbclient to access the share without problem but I can't access the share with KDE's Konqueror (smb://NetbiosName/), it can show all shares, when I double one of share, it can show the login dialogue box, then I enter the correct username and password but nothing displayed, it seem to try connecting the share. So, I check the samba.log file, but it show that the user is connected to the service successfully. Any body have this issue before? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Request for help
Hi I have a SCO Open Server system (5.0.5) running Samba 2.2.2. with shared security. I am running pc's with win2000 installed and they can see all the files on the share ok. However when they come to save the files the system reports the files as being read only. The log reports various messages the main two being: [2003/03/04 12:35:28, 0] smbd/nttrans.c:call_nt_transact_ioctl(1762) call_nt_transact_ioctl: Currently not implemented. [2003/03/04 12:37:05, 0] smbd/posix_acls.c:create_canon_ace_lists(762) create_canon_ace_lists: unable to map SID S-1-5-21-1147943395-1069960187-114164586-132068 to uid or gid. Would you give a pointer as to where the problem might be and how I can fix it? Thanks. Nigel Ware -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Active Diectory
How do I keep users and passwds in sync. ie when an nt user changeshis/her passwd on the wintel desktop client? -regards Rich - Original Message - From: Christopher Odenbach [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 04, 2003 2:25 AM Subject: Re: [Samba] Samba and Active Diectory Hi, problem: I wish to implement samba on a solaris 8 with authentication from a win2k active directory server. I wish to have user dorectories mounted to AD server via samba and authenticated via AD. Anyone knows an easy/doable way to do this? If you have all the windows users also defined on the solaris box (locally in /etc/passwd, via nis or ldap), then just - set security = domain - join the samba server to the AD domain If you don't want to define the users on solaris, use winbind. Christopher -- == Dipl.-Ing. Christopher Odenbach HNI Rechnerbetrieb [EMAIL PROTECTED] Tel.: +49 5251 60 6215 == -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with WinXP (one more !)
Hello, I had my network working perfectly for months with SAMBA PDC alpha20. I reinstalled FreeBSD 5.0-RELEASE two days ago, and also reinstalled SAMBA alpha20, I copied smbpasswd, secrets.tdb and all others files (*.tdb in /var/lock for exemple). The domain were up for all my machines, exept for one : the XP machine. If I start my XP machine, with the domain configured and samba UP, all the XP deamons lauched after SERVER (the daemon for the network shares and for joining the domain in winXP) crach !!! If I unjoin the domain, XP work fine, if I unplug the network cable during the boot of XP, XP work fine and I can log on to the domain !!! If anyone knew what it happens, I would be very happy ! Sincerely, Laurent (France) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with WinXP (one more !)
Hello, I had my network working perfectly for months with SAMBA PDC alpha20. I reinstalled FreeBSD 5.0-RELEASE two days ago, and also reinstalled SAMBA alpha20, I copied smbpasswd, secrets.tdb and all others files (*.tdb in /var/lock for exemple). The domain were up for all my machines, exept for one : the XP machine. If I start my XP machine, with the domain configured and samba UP, all the XP deamons lauched after SERVER (the daemon for the network shares and for joining the domain in winXP) crach !!! If I unjoin the domain, XP work fine, if I unplug the network cable during the boot of XP, XP work fine and I can log on to the domain !!! If anyone knew what it happens, I would be very happy ! Sincerely, Laurent (France) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 3 Mar 2003, Kristyan Osborne wrote: Our printer server has been up for the past 2 years and we haven't had one problem. I'm running samba 2.2.7 with lprng. I wanted to make the printer installation on windoz 2000 boxes easier by putting the printer drivers on the server and using the [print$] share. I had it all working nicely and u could just click on a printer on the print sever and it would install along with the drivers. However when another user logs on to the same machine they do not see the printer. We are using profiles here, and my first thought was it could be saving it in my profile. However if I or another one of my collegues logon (Domain Admins) they can see the printer but no one else can (normal users). Printer connections are stored in user profiles. The is by design in Windows. You can connect to printers in logon scripts using con2prt.exe (included with the Windows RK). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZLjjIR7qMdg1EfYRArEYAKDFpHr1PsmCBJzvrssFs9T/oD0CCwCeJDYk 0IBEp7TxHSLgZwwEVPHp76A= =Aj4d -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Profiles and home directory - Samba PDC
On Tue, 4 Mar 2003 10:55:28 -, Nick Gale wrote: I have sucessfully got a windows 2K machine to join the domain but I can not get it to run a logon script, map the drive letter to the home directory or create a roaming profile. All my smb.conf setting look correct as per the Try giving a look at this IBM tutorial, I used it and found it simple and effective, and it covers what you are asking for: http://www-1.ibm.com/servers/esdd/tutorials/samba.html Please note that the short registration required is free. -- Ciao, Marco. ...1978 gli dèi se ne vanno, gli arrabbiati restano!, Area 1978 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems installing Samba on Redhat 8.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 3 Mar 2003, Laura West wrote: Hello, I have tried to install Samba-2.2.7a in Redhat 8.0 but am having difficulty. I tried to make the source unsuccessfully. It gave me the message: In file include from include/includes.h:164. from nmbd/nmbd_namerelease.c:25: /usr/include/ctype.h:151: Internal error: Illegal instuction [ Submit Bug report ] make: *** [nmbd/nmod_nameelease.o] Error 1 Looks liks a RH 8.0 or a gcc bug. Try searching RH's support site. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZLlQIR7qMdg1EfYRAsPIAJ42E8AnedJBvVnbY4NiwCsXXACFOACfZtLp 6Hb7ejydt3WRcI7wJKh8KxM= =3mga -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Active Diectory
At 9:09 AM -0500 3/4/03, News wrote: How do I keep users and passwds in sync. ie when an nt user changeshis/her passwd on the wintel desktop client? eww. password syncing. I'd look into nss_ldap in order to grab users from AD. You'll need Services for Unix or one of its free equivilents in order to get the right schema in place. -- http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh [EMAIL PROTECTED] 303.517.0272 Denver, CO The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently. - -- Nietzsche Think Different. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb_panic ntdrivers.tdb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 3 Mar 2003, Luca Massarenti wrote: Hi, we have a mandrake 8.2, and samba 2.2.3a installed on intel p4 based computer with 256Mb ram and 2 ide hd 40Gb (raid software) Please report back if you can reproduce this against 2.2.8pre2 cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZLo2IR7qMdg1EfYRAtrLAJ9uV7Zk/eJmi53NLgLMo0Wa4/FO2QCgyOCa vTLfw39+/ksjYZX52lUGQOA= =90mf -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printer drivers on Samba server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 27 Feb 2003, maq wrote: Hi, have a printer connected to a Samba server. I'd prefer clients to use the linux drivers instead of the windows' Doesn't work that way. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZLuXIR7qMdg1EfYRAksqAJ9P3hzE3tXksUya/ng7h7OQdc23GwCeKlhn LEGAcbnt+0mQbKlwCe6pKlg= =tLAW -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Cannot sync browser lists
I was also under the impression that wins allowed a server on a different subnet to show up in network-neighborhood, by syncing browse lists with the domain master browser (in this case, an nt wins server and pdc). not correct. If I understand this correctly wins provides the address of the pdc so the local-subnet-master-browsers can sync their browse-lists with it. Okay, well samba isn't syncing browse lists anymore: [2003/03/04 09:30:27, 0] nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262) domain_master_node_status_fail: Doing a node status request to the domain master browser for workgroup [DOMAIN_NAME] at IP [PDC/WINS Server IP] failed. Cannot sync browser lists. By point to point I mean a network where there are two ends, A and B. B is in its own subnet, no broadcast, it uses A as its gateway/router. There is nothing else in that subnet. B access the network through A. The samba server is B. B is a local master, but not a domain master. I assume routing from the pdc back to samba is ok. Did you specify your ppp interface in interfaces = .. ? We used a samba box to share a dialup a couple of years back with similar unreliable browse-lists. From memory if samba was restarted AFTER the ppp interface came up it worked quicker. hope this helps, Yup, routing is okay, and winbind domain authentication works to the Same pdc. The interface is defined in smb.conf. Smbd/nmbd is started after the network, so that shouldn't be the problem, and restarting it does not help. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Separate mailing list for printing problems ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 28 Feb 2003, Peter Carpenter wrote: Is there any chance of getting a separate mailing list just for Printing issues e.g. [EMAIL PROTECTED]. Printing is a world of its own within Samba, at least once you get past the very basic stuff. And there's _so_ much traffic in the main samba list now... I find it pretty hard to keep up with the samba mailing lists as it is (along with other daily duties). I'm not sure about creating a separate mailing list. I find that too much time gets spent posting things like repost on the xx ml when you get split up a lot. It seems like most of the kernel sub-mailing lists I used to read got very low traffic and everyone just kept posting to lkml. I know that printing can be a pain (believe me, i know), but i think splitting resources (the people that field most of the questions) across mutliple lists won't help out much. Of course, i could be wrong cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZL2NIR7qMdg1EfYRAv4gAKC95Oacz5XOPyGzkJrbZgwQa5fVXQCffNpC meSNIfm0oWYDblXJHgJzlmU= =RQx6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] edit winbindd_idmap.tdb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 25 Feb 2003, Daniel Wittenberg wrote: Is there a tool to edit the idmap to cleanup old entries? I have entries in there that aren't needed anymore and wanted to delete the files and cleanup the user info. not yet. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZL5DIR7qMdg1EfYRAjNOAKDgcTPCamK6GplcfdR8vxrFU2Xl9gCgk3g3 aFp9R5FhKZD2Bjy/Mv+t+yk= =EjWa -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SWAT login - is password entry secure?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 26 Feb 2003, Dan Rickhoff wrote: Samba group members, Is the password that I specify when logging into SWAT handled securely? no. but you can use stunnel. There's a short howto linked on http://samba.org/samba/docs/ cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZL7gIR7qMdg1EfYRAuGgAKCQ3HiNiaft4G5zwYQv3gtPwF+dKQCePO23 /nCUOwDlokFyLYiYz8+LdSU= =7/UP -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] updated: managing acl's via windows in samba 3.0 alpha21
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 20 Feb 2003, Rick Segeberg wrote: One trick: to change rights on a file, you must own it or be root. This is where the force user = root comes in handy, but obviously you need to be very careful who can use that share. admin users might help here. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZL9KIR7qMdg1EfYRAiMxAJwOhgUX99W3VIQ005/5jqlyOzgJUQCg1p0k 6matLpZHrI2HnypaNpzSrIk= =c2K3 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] how to delete profiles after user logout ( win 2000/xp)
Hi How could I set up 2000/xp workstations so that after domain user logs out , his profile gets removed from workstation machine? I know how to do it under NT (poledit) , but I havent found way to solve it with 2k/xp .. John -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] authentication protocols supported by samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 3 Mar 2003, Francois Beretti wrote: Hello all I am preparing a document for my chief, about samba and its functionnalities, in order to use it as a NT4 PDC and then, maybe, a member server in a Active Directory environnement, and then to develop security architectures based on samba He asked me which are the authentication protocols used by Samba I am new to Microsoft network technologies, so I am quite confused... He spoke me about SMB, NTLM, NTLMv2, Kerberos SMB is the resource sharing protocol; not an authentication protocol. NTLMv1 support by Samba 2.2 NTLMv2 shoudl be working in SAMBA_3_0 now. I know that kerberos is supported by Samba 3 Correct. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZMMDIR7qMdg1EfYRAgU8AJ9toBOOXe0Va4vpKkD2g8Mma2IwZwCffhG0 Eqg6o9XwmYsa8ceGW8AVRcM= =Wqeb -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba server side printer driver, how?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 1 Mar 2003, Tor Bechmann Sørensen wrote: How do I put windows clients drivers on my samba server to eliminate the need for users to choose printer drivers (and to have the windows cd around) when they add the samba shared printers? There's a HOWTO included with current Samba distributions. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZMNRIR7qMdg1EfYRAqm3AJ0cg7Tpjq60ecIhjXv3plBNdabnzgCguvN3 wHRtE5zdJ7IbQMalh+b8EdI= =4Zgv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] server = works domain = no work
All, I rejoined the Samba server to the domain and it still fails to recognize users from the PDC. From Windows Network Neighborhood: As Samba running as a security = domain Name: Location: Suntst1 Unknown From Windows Network Neighborhood: As Samba running as a security = server Name: Location: Comment: Suntst1 AM Samba 2.2.3a From a DOS prompt I got this error when I do a dir: Logon failure: unknown user name or bad password. #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = AM netbios name = SUNTST1 server string = SUNTST1 load printers = yes printing = lprng log file = /var/log/samba/%m.log max log size = 0 security = domain password server = 40.1.142.11 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote browse sync = 40.25.17.9 40.25.12.26 remote announce = 40.25.17.9 40.25.12.26 wins proxy = yes dns proxy = yes # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 Mathew Spurgeon Eli Lilly and Company Software Engineering Support Team Phone: (317) 276-7436 Mobile: (317) 716-7789 http://mcntstep03.d51.lilly.com/SEST [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] POSIX to NT ACL bug
On Mon, 3 Mar 2003, Brad Sagowitz wrote: I JUST got over this problem with help here on the mailing list... what version/distro of linux are you running? Brad Sagowitz I use samba 2.2.7a downloaded from samba.org on Suse 8.0 Sergey Zhitomirsky wrote: Hello recently I set up XFS share under samba , and played from Win2K with ACL entries of shared files, and noticed that Win2K never DENY ACL entries , so for example for a XFS file with acl: # owner: a user::r-- group::rwx other::rwx Win2K security tab shows for user a: Read exec = nothing here Read= Allowed Write = nothing here But in fact, POSIX ACL will allow user a to read from the file and deny write or execute the file , as posix acl will not consult any other ACL entries, after founding appropriate user: entry. So, shown by Win2K flags are wrong, and must be instead : Read exec = Deny Read= Allowed Write = Deny as NT ACL logic suppose, as far as know(?), that in case nothing here father ACL entries will be consulted, so in this case NT user suppose that he has rwx rights on the file due to other::rwx rule (- Everybody, Full Access=Allowed) but when tried to write - receive Permission Denied. So that is a samba bug, as samba must have send DENY for write and execute and ALLOW for read for this user's file (user::r--) , but now it just sends ALLOW for read. I have samba-2.2.7a, ./configure --with-acl-support --with-ssl --with-smbmount --disable-cups --with-smbwrapper --with-vfs --with-libsmbclient --disable-swat Sergey. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Large (3000+ users) NT to Samba migration
Thanks Gerald Many thanks and kind regards. David Wilson DcData/LinuxBox S.A. +27 83 787 7424 ICQ#: 114636368 http://www.dcdata.co.za http://www.linuxbox.co.za NOTICE: Please note that as of 31/01/2003 all service requests must be sent to [EMAIL PROTECTED] - Original Message - From: Gerald (Jerry) Carter [EMAIL PROTECTED] To: Jim [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: 04 March 2003 03:37 Subject: Re: [Samba] Re: Large (3000+ users) NT to Samba migration -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 24 Feb 2003, Jim wrote: What is the platform (i.e. what distrobution of Linux)? A client of mine is seriously investigating migrating their 7 NT servers and 3000+ users to Linux running Samba. I've read one or two documents so far about the migration, but I'm still a little unclear about a number of things. When you have a chance I'd really appreciate your guidance on the following items. 1.) LDAP, /etc/passwd or MySQL backend (if supported). The standard backend should be ldbm. I would reccomend sticking with it unless you have specific needs that dictate otherwise. Custom front ends can be written using Java. Assuming you are referring to OpenLDAP. In that case, the Berkeley backend (bdb) is now the recommended one. 4.) Configuration of BDC(s). That is out of my area. There's a HOWTO included with Samba. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZKwcIR7qMdg1EfYRAkvkAKDhNuAUQ+D8FBqoflhMhZHD7FFkWACfSOiM rmV9v0ZEpfMiHeVUgd7NyWA= =OPy3 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Active Diectory
Hi, How do I keep users and passwds in sync. ie when an nt user changeshis/her passwd on the wintel desktop client? If you use the unix boxes just for storing data, you don't need user passwords there - the samba server just forwards the authentication to the domain controller. If users also work under unix you can a) install the Services for Unix from M$ b) have a try with https://sourceforge.net/projects/acctsync Look at a tool called passwdHK.dll. This lib can be called everytime a user changes his/her password and can then forward it to any program you like (e.g. perl script). c) use kerberos trusts (sounds complicated and certainly is - don't ask me about details, I don't use kerberos). I prefer solution b). Regards, Christopher -- == Dipl.-Ing. Christopher Odenbach HNI Rechnerbetrieb [EMAIL PROTECTED] Tel.: +49 5251 60 6215 == -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [bug] ldap server missing from swat in 3.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 26 Feb 2003, Farkas Levente wrote: hi, in 3.0alpha form swat the ldap server parameter is missing (although it can be important:-) the other ldap parameters are there. it has been replaced. See the passdb backends parameter in smb.conf(5). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZMuvIR7qMdg1EfYRAr3MAKCWuhuAjNMdNhjKY2fSB9KPh1M+UgCg8515 HzRTACBlLFeIVzN/J2hUe7A= =yx94 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Static Winbind SID to uid gid mapping
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 27 Feb 2003, Matthew Ridley wrote: Hi, Winbind currently allocates uid gid's on a first found first allocated basis. When new users get added the get tacked on the end seqentially etc Forgive me if I'm wrong but couldn't the the last set of digits in the SID be used to generate the unix uid's and gid's We've already been down there. Doesn't handle trusted domains for one thing. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZMxeIR7qMdg1EfYRAi2GAJ9cC+jRh1bUf91hhT+02HP9rX+b4wCgv7We dKR6TeIb/LVB1GYUI3intIw= =nCVQ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: how to delete profiles after user logout ( win 2000/xp)
[John Newhouse] How could I set up 2000/xp workstations so that after domain user logs out , his profile gets removed from workstation machine? I know how to do it under NT (poledit) , but I havent found way to solve it with 2k/xp .. Allegedly the poledit thing should still work with win2k clients, if the domain controller is still operating in NT4 mode. (With an AD DC, you apparently need to use Group Policies.) I haven't tried it, myself, but that's what my local poledit guru just told me. Peter -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba + LDAP + Win2k Server problem
Hello, I have a problem with my network confuguration, it does work completely but it seems that there is a problem with the resolving of user names on the win2k server. The domain controller is a samba 2.2.7 (RedHat 8) machine with ldapsam. When i try to set the permissions on a folder on the Win2K server machine it shows the usernames correct, but when i click ok and reopen the permissions panel, the usernames are different, they have a syntax like DOMAIN\unix_user.1010 This isn't normal behaviour because with an Win2K Professional machine it doesn't show this error. Yours sincerely, Hilbert Mostert -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smaba 3.0 - domain groups
i use 'truss' to trace the system calls (nmbd proccess) after 'wbinfo -g' request. it returns ioctl(14,SIOCGIFFLAGS,0xbfbfcdc0) = 0 (0x0) ioctl(14,SIOCGIFNETMASK,0xbfbfcdc0) = 0 (0x0) ioctl(14,SIOCGIFADDR,0xbfbfcde0) ERR#49 'Can't assign requested address' ioctl(14,SIOCGIFADDR,0xbfbfce28) ERR#49 'Can't assign requested address' ioctl(14,SIOCGIFADDR,0xbfbfce70) ERR#49 'Can't assign requested address' close(14) = 0 (0x0) gettimeofday(0xbfbff838,0x0)= 0 (0x0) sigprocmask(0x2,0xbfbff760,0x0)= 0 (0x0) i'm going to check samba logs after 'debug level' change (higher than 2) in smb.conf . anyway. i was thinking that maybe its OS problem. i use FreeBSD 4.7. regards Uki - Original Message - From: Ken Innes [EMAIL PROTECTED] To: Kristyan Osborne [EMAIL PROTECTED]; Lukasz Tomaszewski [EMAIL PROTECTED]; Samba Users [EMAIL PROTECTED] Sent: Monday, March 03, 2003 6:07 PM Subject: RE: [Samba] smaba 3.0 - domain groups I have this problem too with Samba 3.0. I've tried security = domain and security = server (using an NT PDC) and still get the 'Error looking up domain groups.' error. My 2.2.7a Samba server does provide the groups. Anyone have any ideas about this? Its clearly not an entirely isolated problem! -Ken _ Ken Innes Chief Information Officer EKOS Research Associates Inc. 99 Metcalfe St., Suite 1100 Ottawa, Ontario K1P 6L7 www.ekos.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kristyan Osborne Sent: Monday, March 03, 2003 10:42 AM To: Lukasz Tomaszewski; Samba Users Subject: RE: [Samba] smaba 3.0 - domain groups Hi, I've had exactly the same problem since august 2002, after several emails it was not resolved so i gave up and i thought i would leave it until someone else (like u) had the same problem. Maybe then it might be answered - Kristyan Osborne IT Technician Longhill High School 01273 391672 -Original Message- From: Lukasz Tomaszewski [mailto:[EMAIL PROTECTED] Sent: 02 March 2003 19:17 To: Samba Users Subject: [Samba] smaba 3.0 - domain groups few day ago, i've asked about mapping unix-windows groups under samba 2.2.7a. now, i know that it is impossible. so i've changed samba on my PDC to 3.0 version (smbgroupedit). but still i've got problems with groups. before - from another machine when i've used 'wbinfo -g'i've got response from my PDC: Domain Admins Domain Users after change to samaba 3.0 with the same config file 'wbinfo -g' returns: Error looking up domain groups. any suggestions? regards Uki -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba over IPX/NetBeui
Hello: Is it possible to run SAMBA over IPX/NetBeui? (I will thank any suggestion) I hava an small LAN of 3 computers, connected to the Internet through a Cable-modem with DHCP (the cablemodem and the computers are all connected to a hub). The CableModem assigns every computer a random public IP adress, but usually from diferent range (ie: 212.78.x.x, 62.57.x.x, etc), so I cannot get SAMBA or NetBIOS over TCP/IP to work. I used to share some files with Windows using NetBios over IPX (and eventually NetBeui), while being connected to the Internet. But now my computer only has Linux installed, and the only way I have find to share files, is to assign manually an IP adress to every computer (192.168.0.x) to get SAMBA working. That's tedious, because I have to do it on every computer. My mid-term/long-term solution is to get a router with a Wireless AP, and switch included. Thanks everybody, and excuse my English. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] security = server and password server sometimes rejectspassword
Hi, I have two samba servers, PDC (3.0a21) , which has only [netlogon] share and FSERVER (samba 2.2.5), which uses PDC as password server and also shares out [homes] and [profile] . Time to time it happens that when I log in from WS I get error message that \\fserver\profiles can't be accessed. And when I look into FSERVER log then it complains: password server PDC rejected the password. but I know that password is right , because i typed it right and also I could log on into WS (but profile loading does not work). And in logon script \\fserver\homes is mapped as U: drive, but time-to-time this does'nt work either and logon script windows prompts me for password , and when I type right password there it rejects it. My PDC gets all user information from Ldap (nsswitch also lives 100% on ldap), so maybe it's just some kind of timeout accessing infomation from LDAP/ ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Support for AD native mode.
Hello All! I was trying to find out which version of samba, if any is supported in an Active Directory native mode environment? We currently are running mixed mode with NT4 domain controllers but want to switch over ASAP. I was curious if samba authenticated to a kerberos WIN2K domain controller. Thanks in advance for your help. Regards, David Tony Perea Unix System Administrator Computer Systems Engineering(CSE) Lockheed Martin-Kirtland AFB NM Phone:(505)256-6722 email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help! Can browse from one subnet but not another.
I'm having some difficulties setting up browsing across networks and domains and was hoping some of you folks out there could help. We have two domains on two physically separate networks, connected via a firewall/router. To my knowledge the firewall system is not set to block anything between the two segments, just to route them. Network 192.168.18.0, CH domain 192.168.18.14 ch1 (rh7.3, CH domain controller, wins server) 192.168.18.15 ch2 (w2k, app server, set ch1 for wins manually) 192.168.18.18 mtoal (w2k, my computer, set ch1 for wins manually) Network 192.168.20.0, PW domain 192.168.20.8 pw1 (rh7.3, samba, PW domain controller) 192.168.20.5 pw2 (w2k, app server, set ch1 for wins manually) 192.168.20.61 streetsmary (w2k, example machine, ch1 for wins via dhcp) ch1 is set up as the WINS server for the whole WAN: netbios name = ch1 workgroup = ch os level = 64 preferred master = yes domain master = yes local master = yes wins support = yes remote announce = 192.168.18.255 192.168.20.255 remote browse sync = 192.168.18.255 192.168.20.255 name resolve order = wins lmhosts pw1 is set up to use ch1 as it's WINS server, and is set up to be the local master browser on its subnet: netbios name = pw1 workgroup = pw domain master = no local master = yes preferred master = yes os level = 64 wins support = no wins server = 192.168.18.14 name resolve order = wins lmhosts I can be at machine mtoal and I can browse the CH workgroup in network neighborhood just fine. I can also browse to \\pw1 and \\pw2 in network neighborhood if I type in their names in the address bar, but the PW workgroup does not appear by itself. I can browse to the machine streetsmary from my machine but only if I type in the ip number: \\192.168.20.61 The situation from machine ch2 is the same. Now, at the PW network, I can control pw2 via VNC. I can readily see both the PW and CH workgroups in network neighborhood. I can browse into shares on any machine in either workgroup. I call Mary who is using the machine streetsmary at PW and she can not see any evidence of the CH network. When she goes to ch1 via IP by typing \\192.168.18.14, she is prompted for a password which is expected since she is not an admin. So, the big question: Why can I see both networks from machine pw2 when I can NOT see them from either ch2 or mtoal (my machine)??? Of course, I would like to be able to get the full browse list on any machine on either network. Does each network need it's own WINS server since they are in different domains? Then we use remote browse sync and/or remote announce to get them to talk to each other? I've spent a couple days on this now and I'd really appreciate some advice. Thanks! mtoal -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] user entries in LDAP, group mapping (samba 3.0alpha cvs -LDAP)
Hello everybody, I'm experimenting with samba 3.0 but something is not very clear to me, especially the user entries in the OpenLDAP server. On my samba server, I configured NSS_LDAP to lookup passwd, group and shadow entries. Now I have to add some entries to my LDAP: uid=Administrator and uid=nobody. According to http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html a user with uidNumber 0 should also be present in the ldap. I decided to add uid: Administrator uidNumber: 0 gidNumber: 0 primaryGroupID: 512 (..) uid: nobody uidNumber: 65534 gidNumber: 65534 primaryGroupID: 514 (...) I mapped the 'nogroup' group (under debian gid 65534) with smbgroupedit, so I think the guest stuff is ok, but what about the Administrator entry? Is it save to create such an entry with uidNumber and gidNumber 0 ??? Or do I have to create another entry? My intention is to use Administrator as a domain admin with all user rights. Must this user have uidNumber 0? Probably I have to create an extra group in LDAP (ex. domadmin) and map this GROUP RID 512, but which gidNumber must have this group (also gidNumber 0 ???)? Because I have 2 entries with uid=0 (root in /etc/passwd and uid=Administrator in ldap via NSS), sometimes 'su' doesn't work on my linux server, I get pam_authenticate: Authentication service cannot retrieve authentication info. Note, I don't have PAM configured to use LDAP. Also creating user entries as Administrator with NT USRMGR gives some error. Has somebody some advice for me? A working example (LDAP entries (users + groups?))? Thanx for your answers!! Tom Van Overschelde /etc/nsswitch.conf : -- passwd: compat ldap group: compat ldap shadow: compat ldap (...) -- I've imported the following in my LDAP : --- dn: uid=Administrator, ou=People, o=hogent,c=be logonTime: 0 objectClass: sambaAccount objectClass: posixAccount lmPassword: 2ACFE0DCD4F90C9728D41 primaryGroupID: 512 acctFlags: [U ] userPassword:: e1NTSEF9S05lbXBPaVQxZVI uid: Administrator uidNumber: 0 cn: Administrator loginShell: /dev/null logoffTime: 0 gidNumber: 0 kickoffTime: 0 pwdLastSet: 1046643900 rid: 500 gecos: Samba Admin description: Domain Administrator homeDirectory: /home/administrator pwdCanChange: 1 pwdMustChange: 1048458300 ntPassword: 8A05EB5942D5E619D9EA6 dn: uid=nobody, ou=People, o=hogent,c=be logonTime: 0 displayName: Nobody objectClass: sambaAccount objectClass: posixAccount primaryGroupID: 514 acctFlags: [NU ] userPassword:: e1NTSEF9cG9HdXF3W uid: nobody uidNumber: 65534 cn: Nobody loginShell: /dev/null logoffTime: 2147483647 gidNumber: 65534 kickoffTime: 2147483647 pwdLastSet: 1046644586 rid: 501 gecos: Nobody or Guest description: Domain Guest homeDirectory: /dev/null pwdCanChange: 0 pwdMustChange: 1048458986 --- My current configuration: --- /usr/local/samba/bin/testparm Load smb config files from /usr/local/samba/lib/smb.conf Processing section [homes] Processing section [temp] Processing section [printers] Processing section [Netlogon] Processing section [Profile] Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions # Global parameters [global] unix charset = CP850 workgroup = LOKAALNETWERK server string = %h server (Samba %v) map to guest = Bad User null passwords = Yes passdb backend = ldapsam:ldap://enterprise.lokaalnetwerk.thuis log level = 1 log file = /var/log/samba/log.%m max log size = 1000 time server = Yes socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No add user script = /usr/local/sbin/smbldap-useradd.pl -a %U delete user script = /usr/local/sbin/smbldap-userdel.pl -r %U add machine script = /usr/local/sbin/smbldap-useradd.pl -w -g machines %u logon script = logon.bat logon path = \\%N\profile\%U logon drive = X: domain logons = Yes os level = 255 preferred master = Yes domain master = Yes wins support = Yes ldap suffix = o=hogent,c=be ldap machine suffix = ou=Computers,o=hogent,c=be ldap user suffix = ou=People,o=hogent,c=be ldap admin dn = cn=Manager,o=hogent,c=be ldap passwd sync = Yes lock dir = /var/run/samba socket address = 192.168.1.1 127.0.0.1 invalid users = root [homes] comment = Home Directories read only = No create mask = 0600 directory mask = 0700 browseable = No [temp] comment = Temporary disk space path = /tmp read only = No guest ok = Yes [printers] comment = All Printers path = /tmp create mask = 0600 printable = Yes
[Samba] samba PDC
Hello, is this possible to use a samba server as PDC and authenticate users against other samba server. So, there are two samba PDC-s: one is local and another is remote. local is in same subnet as clients and hosts machine accounts and local user accounts and is PDC in local domain. local is linux. remote is also Samba PDC, on solaris. Problem is that although i can use local shares with my username and password from windows 2000 computer, I can not login to domain from windows 2000 workstation, from there only local computer accounts that have password in local smbpasswd can log in. Unix account information is replicated via nisplus, so this is not a problem. configuration from local is here: [global] workgroup = SOLARIS client code page = 775 character set = ISO8859-15 netbios name = KOGER server string = Samba Server printcap name = /etc/printcap load printers = no printing = lprng log file = /var/log/samba/%m.log max log size = 0 log level = 3 security = server password server = raud.ut.ee encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = No passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = no obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\koger\Profiles\%U wins support = yes wins proxy = yes dns proxy = no [netlogon] comment = Network Logon Service path = /usr/local/samba/netlogon guest ok = yes writable = no share modes = no [Profiles] path = /usr/local/samba/profiles browseable = no guest ok = yes writable = yes -- Lauri Jesmin ([EMAIL PROTECTED]) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smaba 3.0 - domain groups : OS info
I'm using Red Hat 7.3 on both the Samba 2.2.7 and 3.0 installations -Ken -Original Message- From: ukasz Tomaszewski [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 04, 2003 11:57 AM To: Ken Innes; Kristyan Osborne; Samba Users Subject: Re: [Samba] smaba 3.0 - domain groups i use 'truss' to trace the system calls (nmbd proccess) after 'wbinfo -g' request. it returns ioctl(14,SIOCGIFFLAGS,0xbfbfcdc0) = 0 (0x0) ioctl(14,SIOCGIFNETMASK,0xbfbfcdc0) = 0 (0x0) ioctl(14,SIOCGIFADDR,0xbfbfcde0) ERR#49 'Can't assign requested address' ioctl(14,SIOCGIFADDR,0xbfbfce28) ERR#49 'Can't assign requested address' ioctl(14,SIOCGIFADDR,0xbfbfce70) ERR#49 'Can't assign requested address' close(14) = 0 (0x0) gettimeofday(0xbfbff838,0x0)= 0 (0x0) sigprocmask(0x2,0xbfbff760,0x0)= 0 (0x0) i'm going to check samba logs after 'debug level' change (higher than 2) in smb.conf . anyway. i was thinking that maybe its OS problem. i use FreeBSD 4.7. regards Uki - Original Message - From: Ken Innes [EMAIL PROTECTED] To: Kristyan Osborne [EMAIL PROTECTED]; Lukasz Tomaszewski [EMAIL PROTECTED]; Samba Users [EMAIL PROTECTED] Sent: Monday, March 03, 2003 6:07 PM Subject: RE: [Samba] smaba 3.0 - domain groups I have this problem too with Samba 3.0. I've tried security = domain and security = server (using an NT PDC) and still get the 'Error looking up domain groups.' error. My 2.2.7a Samba server does provide the groups. Anyone have any ideas about this? Its clearly not an entirely isolated problem! -Ken _ Ken Innes Chief Information Officer EKOS Research Associates Inc. 99 Metcalfe St., Suite 1100 Ottawa, Ontario K1P 6L7 www.ekos.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kristyan Osborne Sent: Monday, March 03, 2003 10:42 AM To: Lukasz Tomaszewski; Samba Users Subject: RE: [Samba] smaba 3.0 - domain groups Hi, I've had exactly the same problem since august 2002, after several emails it was not resolved so i gave up and i thought i would leave it until someone else (like u) had the same problem. Maybe then it might be answered - Kristyan Osborne IT Technician Longhill High School 01273 391672 -Original Message- From: Lukasz Tomaszewski [mailto:[EMAIL PROTECTED] Sent: 02 March 2003 19:17 To: Samba Users Subject: [Samba] smaba 3.0 - domain groups few day ago, i've asked about mapping unix-windows groups under samba 2.2.7a. now, i know that it is impossible. so i've changed samba on my PDC to 3.0 version (smbgroupedit). but still i've got problems with groups. before - from another machine when i've used 'wbinfo -g'i've got response from my PDC: Domain Admins Domain Users after change to samaba 3.0 with the same config file 'wbinfo -g' returns: Error looking up domain groups. any suggestions? regards Uki -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smaba 3.0 - domain groups : OS info
I dont think its a OS problem, Im using suse 8.1. If you log into the windows box as root you can see the groups and the users in the groups. Any other user including domain admins can not. This would indicate that there is a problem with samba, either with ACLs accessing group information or passing group/user information from the system to a smbd process owned by a user other than root. Still no closer to an answer Cheers - Kristyan Osborne - IT Technician Longhill High School 01273 391672 -Original Message- From: Ken Innes [mailto:[EMAIL PROTECTED] Sent: Tue 04/03/2003 18:20 To: Lukasz Tomaszewski; Kristyan Osborne; Samba Users Cc: Subject: RE: [Samba] smaba 3.0 - domain groups : OS info I'm using Red Hat 7.3 on both the Samba 2.2.7 and 3.0 installations -Ken -Original Message- From: ukasz Tomaszewski [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 04, 2003 11:57 AM To: Ken Innes; Kristyan Osborne; Samba Users Subject: Re: [Samba] smaba 3.0 - domain groups i use 'truss' to trace the system calls (nmbd proccess) after 'wbinfo -g' request. it returns ioctl(14,SIOCGIFFLAGS,0xbfbfcdc0) = 0 (0x0) ioctl(14,SIOCGIFNETMASK,0xbfbfcdc0) = 0 (0x0) ioctl(14,SIOCGIFADDR,0xbfbfcde0) ERR#49 'Can't assign requested address' ioctl(14,SIOCGIFADDR,0xbfbfce28) ERR#49 'Can't assign requested address' ioctl(14,SIOCGIFADDR,0xbfbfce70) ERR#49 'Can't assign requested address' close(14) = 0 (0x0) gettimeofday(0xbfbff838,0x0)= 0 (0x0) sigprocmask(0x2,0xbfbff760,0x0)= 0 (0x0) i'm going to check samba logs after 'debug level' change (higher than 2) in smb.conf . anyway. i was thinking that maybe its OS problem. i use FreeBSD 4.7. regards Uki - Original Message - From: Ken Innes [EMAIL PROTECTED] To: Kristyan Osborne [EMAIL PROTECTED]; Lukasz Tomaszewski [EMAIL PROTECTED]; Samba Users [EMAIL PROTECTED] Sent: Monday, March 03, 2003 6:07 PM Subject: RE: [Samba] smaba 3.0 - domain groups I have this problem too with Samba 3.0. I've tried security = domain and security = server (using an NT PDC) and still get the 'Error looking up domain groups.' error. My 2.2.7a Samba server does provide the groups. Anyone have any ideas about this? Its clearly not an entirely isolated problem! -Ken _ Ken Innes Chief Information Officer EKOS Research Associates Inc. 99 Metcalfe St., Suite 1100 Ottawa, Ontario K1P 6L7 www.ekos.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kristyan Osborne Sent: Monday, March 03, 2003 10:42 AM To: Lukasz Tomaszewski; Samba Users Subject: RE: [Samba] smaba 3.0 - domain groups Hi, I've had exactly the same problem since august 2002, after several emails it was not resolved so i gave up and i thought i would leave it until someone else (like u) had the same problem. Maybe then it might be answered - Kristyan Osborne IT Technician Longhill High School 01273 391672 -Original Message- From: Lukasz Tomaszewski [mailto:[EMAIL PROTECTED] Sent: 02 March 2003 19:17 To: Samba Users Subject: [Samba] smaba 3.0 - domain groups few day ago, i've asked about mapping unix-windows groups under samba 2.2.7a. now, i know that it is impossible. so i've changed samba on my PDC to 3.0 version (smbgroupedit). but still i've got problems with groups. before - from another machine when i've used 'wbinfo -g'i've got response from my PDC: Domain Admins Domain Users after change to samaba 3.0 with the same config file 'wbinfo -g' returns: Error looking up domain groups. any suggestions? regards Uki -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To
[Samba] samba and limit the number of access to a share
hi, I'm running samba 2.99 (debian) and I would like to limit simultanous access to a share. Is it possible, and what must I do. I tried : level2 oplocks = Yes path = /media strict locking = Yes max connections = 2 for a particulary share but htat doesnt work ... anybody got idea ? thanx -- ___ __ ( O O ) ( ) | ) \_/.. --oOOo--( )--oOOo/V\--- Sebastien Person // \\ tel.: 06 70 00 08 95 /( )\ [EMAIL PROTECTED] ^'~'^ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem of access samba from rh8
On 2003.03.04 19:52 Patrick Kwan wrote: Hello Steve, You can set the log level=1 (or 1) in smb.conf to see more info. in the log file. Or how about post your smb.conf file and sate your config/problem again here! OK. Here is my smb.conf file. I've taken out all the cruft to make it easier to read. [global] workgroup = My Workgroup server string = Blackwell's development machine local master = no hosts allow = my network address/my netmask 127.0.0.1 log file = /var/log/samba/%m.log max log size = 0 dns proxy = no log level = 1 And that's it. Remember that all I'm trying to do it to use Nautilus to browse a share on the file server which is an NT box. What happens is this: 1) I enter smb:/// into Nautilus, Nautilus shows My Workgroup 2) I double click on My Workgroup, Nautilus shows the computers in the workgroup including the PDC 3) I double click on the PDC, I get a question box asking for my user name and password, 4) I enter my user name and password, Nautilus shows the contents of the PDC including the shared directory 5) I double click on the shared directory, Nautilus displays a dialog, You do not have the permission necessary to view the contents of Share However if I enter smbmount //PDC/Share /home/steve/tmp -o username=username,password=password I can then go to /home/steve/tmp and do an ls and see the contents of Share which means that I have the correct username and password at least. Here is the output of the log files. Clearly there are some errors but I don't know what they mean: log.winbindd ... [2003/04/03 12:09:51, 1] lib/debug.c:debug_message(258) INFO: Debug class all level = 1 (pid 864 from pid 864) [2003/04/03 12:09:52, 1] nsswitch/winbind_util.c:init_domain_list(150) Added domain My workgroup (S-1-5-21-190933-1062429835-2033415169) [2003/04/03 12:09:52, 1] nsswitch/winbind_util.c:init_domain_list(152) Getting trusted domain list [2003/04/03 12:09:52, 0] nsswitch/winbind_util.c:winbindd_param_init(323) winbind uid range missing or invalid log.nmbd ... [2003/04/03 12:09:51, 0] nmbd/nmbd.c:main(794) Netbios nameserver version 2.2.7 started Copyright Andrew Tridell and the Samba Team 1994-2002 [2003/04/03 12:09:51, 1] lib/debug.c:debug_message(258) INFO: Debug class all level = 1 (pid 855 from pid 855) [2003/04/03 12:09:55, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 23267 received with no matching record [2003/04/03 12:09:55, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 23268 received with no matching record -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0 Authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 4 Mar 2003, Matt Schillinger wrote: With an ldap backend, can samba and Unix share the same user/passwords? You still have to maintain the lmPassword and ntPassword attributes (storing the Windows password hashes). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZP/cIR7qMdg1EfYRAlWEAKCVyOj+C5MFdrse+an8TrES1cn9LwCdEDbV sIW6afwuzcEHNNYA2kcFul4= =ZFch -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Support for AD native mode.
On Tue, 2003-03-04 at 11:59, Perea, Tony wrote: I was trying to find out which version of samba, if any is supported in an Active Directory native mode environment? We currently are running mixed mode with NT4 domain controllers but want to switch over ASAP. Samba 2.2 can run in an Active Directory Native Mode environment. It will use the NT-compatiblity pieces of Win2k. Remember that mixed vs. native mode is about Domain Controllers, not member servers. There is a different setting that deals with this, which presents itself in different ways: at dcpromo time, a question is asked if you have any pre-win2k servers; or by inclusion/exclusion of the builtin everyone in the pre windows 2000 compatible access group (this way you can change your mind). Even if you choose this, it doesn't disable the NT-compatibility code. It just requires authenticated connections even for listing resources, getting user lists, etc. which NT doesn't do (but samba 2.2 can do, through a wbinfo setting). I was curious if samba authenticated to a kerberos WIN2K domain controller. A related, but not completely identical, issue. Samba 3.0 (not yet released) will do this. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Q: Avoiding Symlink Dereferences
I've got a problem... I have a CD-ROM jukebox in which is stored some 100+ CDs. They're mounted automatically via the automounter with an executeable map. That part works well. To show people what is available, I have symlinks from another directory to all the possible CD volumes. However, if I look at that directory via Samba, the windoze box hangs for an extended period of time as it does a STAT on all the symlinks, each of which forces the mounting of the disc it references and taking about 10 seconds of time. Any ideas on how I can avoid this or at least cache the result? Brian ( [EMAIL PROTECTED] ) --- DEFN: Computer - A device designed to speed and automate errors. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Throughput Reported by smbclient
Is the throughput reported by smbclient represented in kilobits per second or kilobytes per second? I think this figure is represented as kilobits because of the format of the string. (i.e. 4269.23 kb/s) Because the letters are lowercase (kb) instead of capitals (KB). Is this correct? Thanks, Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security = server and password server sometimes rejectspassword
On Tue, Mar 04, 2003 at 07:16:41PM +0200, John Newhouse wrote: I have two samba servers, PDC (3.0a21) , which has only [netlogon] share and FSERVER (samba 2.2.5), which uses PDC as password server and also shares out [homes] and [profile] . Time to time it happens that when I log in from WS I get error message that \\fserver\profiles can't be accessed. And when I look into FSERVER log then it complains: password server PDC rejected the password. Many people have found security = server to be flakey like that, you would probably be better off with security = domain. -- Michael Heironimus -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2gb file size limit
What possible factors can cause a 2 gig file size limit ? I've verified that the underlying filesystem can handle much larger files. I'm using the standard samba package from Debian testing, version is 2.2.3a-12. Please cc me on responses. Thanks in advance ! -- Josh Litherland ([EMAIL PROTECTED]) pgp0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] problem with dying nmbd
hello, I have samba 2.2.6 version compiled on RH Linux 7.2. It used to work without any problem for some time but all of a sudden I could not see my shares from Windows PC's. One of the samba processes: nmbd is dying. After restarting samba service smb restart nmbd will last about a few second and will stop. Any advice what it could be I will greatly appreciate. best regards Slawomir Orlowski -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] problem with dying nmbd
Any hints in /var/log/samba/log.nmbd or /var/log/messages? I have samba 2.2.6 version compiled on RH Linux 7.2. It used to work without any problem for some time but all of a sudden I could not see my shares from Windows PC's. One of the samba processes: nmbd is dying. After restarting samba service smb restart nmbd will last about a few second and will stop. Any advice what it could be I will greatly appreciate. --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba over IPX/NetBeui
On Tue, 2003-03-04 at 11:16, Tirant wrote: Is it possible to run SAMBA over IPX/NetBeui? (I will thank any suggestion) At this time, no. This question came up on the list not too long ago. Apparently at some time in the past, someone made some patches available to allow an old version of Samba to work over either IPX or NETBEUI (I forget which). However, Samba is pretty much restricted to operation using a TCP socket. It would require a lot of work to modify it to support another protocol. My mid-term/long-term solution is to get a router with a Wireless AP, and switch included. Until you can have all of the computers in the same subnet, I don't think you will find an easy solution. Your idea of getting a router is probably best. Of course, you could just do that using your Linux PC, by adding a 2nd ethernet card. I use a Linux system with 2 ethernet cards as my ADSL router - I tried a Netgear Wireless Router (MR314) for a while, and it was not nearly as reliable as the Linux box when it came to keeping the connection up. -- /--- | Jim Morris | Email: [EMAIL PROTECTED] | |AIM: JFM2001 \--- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] codepages and cross-compiling
I'm working on a packaging of samba for OpenZaurus (http://openzaurus.sf.net). We build on an x86 system cross-compiling for the Zaurus systems (an ARM platform). The part that is giving me trouble is the code pages. Can I safely compile them with the make_smbcodepage and make_unicodemap on the x86 and then use them on the ARM? Or are the platform dependent? Is there anyway I can shrink them? They take up a lot of space on such a tiny system. Any other hints? Ciao! -- So Buddha walks into a pizza parlor and says: Hey, make me one with everything. The Doctor What: Guru to the Godshttp://docwhat.gerf.org/ [EMAIL PROTECTED] KF6VNC -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Fwd: Re: [Samba] Problem of access samba from rh8[steve.blackwell@eer.com]
Oops! meant to cc to the list -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Acces Denied to shared printer on linux using Windows XP
Hi, my problem is to access a shared printer with samba on my WindowsXP workstation When I browse thru my network with Explorer, I can see the shared printer. When I double-clic on the printer, Windows XP ask me if I want to install it. I choose the right driver and click OK. The installation begin and there is no error in the installation. After the installation Windows XP open the printer's printing queue to show the printer's status, but in the window's title there is this notice: Access denied, Cannot connect to printer I would like to know how I can get rid of this problem please. This work really well in Windows 98 but not on XP. Here is my smb.conf (attached file), let me know if you find something to find this problem Note: 2.2.4 is the version of samba I use Jonny [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Acces Denied to shared printer on linux using Windows XP
Hi, my problem is to access a shared printer with samba on my WindowsXP workstation When I browse thru my network with Explorer, I can see the shared printer. When I double-clic on the printer, Windows XP ask me if I want to install it. I choose the right driver and click OK. The installation begin and there is no error in the installation. After the installation Windows XP open the printer's printing queue to show the printer's status, but in the window's title there is this notice: Access denied, Cannot connect to printer I would like to know how I can get rid of this problem please. This work really well in Windows 98 but not on XP. Here is my smb.conf , let me know if you find something to find this problem Note: 2.2.4 is the version of samba I use Jonny [EMAIL PROTECTED] # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command testparm # to check that you have not many any basic syntactic errors. # #=== Global Settings = [global] # protocol protocol = NT1 # workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 workgroup = FAXNET # server string is the equivalent of the NT Description field server string = Serveur FaxNet # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user nobody is used guest account = anonyme # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. NOTE: To get the behaviour of # Samba-1.9.18, you'll need to use security = share. security = share # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes # Where to find the SSL certificates: ssl CA certDir = /etc/ssl/certs # Unix users can map to different SMB User names username map = /etc/samba/smbusers # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details # You may want to add the following on a Linux system: # SO_RCVBUF=8192 SO_SNDBUF=8192 socket options = TCP_NODELAY # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = # Share Definitions == [homes] comment = Home Directories browseable = no create mode = 0755 writable = yes oplocks = false [Documents] comment = Documents guest ok = yes create mask = force create mode = 0777 directory mask = force directory mode = 0777 writable = yes oplocks = false path = /u/GNIDOC [Forms] comment = Forms guest ok = yes create mask = force create mode = 0777 directory mask = force directory mode = 0777 writable = yes oplocks = false path = /u/SYS/FORMS/fondlsr/FAX [Communs] comment = Historiques communes guest ok = yes oplocks = false path = /u/histo_fax/communs [Rejets] comment = Historiques rejets browseable = no oplocks = false path = /u/histo_fax/global/rejets/no_job [Succes] comment = Historiques succes browseable = no oplocks = false path = /u/histo_fax/global/succes/no_job [Recus] comment = Recus browseable = no oplocks = false path = /u/histo_fax/global/recus/no_job [printers] comment = All Printers path = /u/spool/lpd/samba browseable = no guest ok = yes printable = yes print command = lpr -r -s -l -P%p %s -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] PATCH for packaging/RedHat/samba2.spec.tmpl
Please accept my patch for the spec file for RedHat RPM packaging. It fixes problems (warnings / packaging-failures) in the Checking for unpackaged file(s) stage. Patch is made by diff -u to a current SAMBA_2_2 CVS tree. Tested by packaging the rpm files on RedHat 8.0 using the makerpms.sh script. Eirik Thorsnes -- Nothing would please me more than being able to hire ten programmers and deluge the hobby market with good software. -- Bill Gates 1976 We are still waiting --- packaging/RedHat/samba2.spec.tmpl 2003-02-15 01:31:33.0 +0100 +++ packaging/RedHat/samba2.spec.tmpl.new 2003-03-04 22:39:11.0 +0100 @@ -319,6 +319,9 @@ install -m644 packaging/RedHat/samba.xinetd $RPM_BUILD_ROOT/etc/samba/samba.xinetd echo 127.0.0.1 localhost $RPM_BUILD_ROOT/etc/samba/lmhosts +# Remove *.old files +find $RPM_BUILD_ROOT -name *.old -exec rm -f {} \; + %clean rm -rf $RPM_BUILD_ROOT @@ -524,6 +527,8 @@ %{prefix}/sbin/smbmount %{prefix}/sbin/smbumount %{prefix}/sbin/winbindd +%{prefix}/sbin/debug2html +%{prefix}/sbin/samba /sbin/mount.smbfs /sbin/mount.smb %{prefix}/bin/mksmbpasswd.sh @@ -544,6 +549,10 @@ %{prefix}/bin/smbcontrol %{prefix}/bin/smbcacls %{prefix}/bin/wbinfo +%{prefix}/bin/pam_smbpass.so +%{prefix}/bin/smbmount +%{prefix}/bin/smbumount +%{prefix}/bin/tdbbackup %attr(755,root,root) /lib/libnss_wins.s* %attr(755,root,root) %{prefix}/lib/samba/vfs/*.so %{prefix}/include/libsmbclient.h @@ -554,6 +563,7 @@ %{prefix}/share/swat/include/header.html %{prefix}/share/swat/include/footer.html %{prefix}/share/swat/using_samba/* +%{prefix}/share/swat/README %config(noreplace) /etc/samba/lmhosts %config(noreplace) /etc/samba/smb.conf %config(noreplace) /etc/samba/recycle.conf @@ -570,6 +580,7 @@ MANDIR_MACRO/man7/* MANDIR_MACRO/man8/* %dir /etc/codepages/* +%dir /etc/codepages/src/* %attr(755,root,root) %dir /var/cache/samba %dir /var/log/samba %dir /var/run/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Acces Denied to shared printer on linux using Windows XP
Jonny, I had a similar problem last week from Windows 2000 Windows NT: I did not receive your smb.conf file so you can look at the info below to see if it matches. Also See the message from Stephen below in regards to the use client driver = yes option. You may be able to print even though the printers window shows Access denied, Cannot connect to printer I do not have Windows-XP to test this But this might fix your problem From man smb.conf I did a search for /use client which stats that if you do not upload printer drivers into samba then you will get the access denied, unable to connect message in the printer queue window even though jobs may successfully be printed. And it says that disable spoolss = yes does the same behavior as the use client driver = yes option. Regards, Tim === Content-return: prohibited Date: Wed, 19 Feb 2003 20:02:02 -0800 From: Stephen Carville [EMAIL PROTECTED] Subject: Re: [Samba] Need solution to Printers window access denied, unable to connect message. In-reply-to: [EMAIL PROTECTED] To: Tim Kubricht [EMAIL PROTECTED], [EMAIL PROTECTED] Message-id: [EMAIL PROTECTED] Organization: DPSI MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 User-Agent: KMail/1.4.3 References: [EMAIL PROTECTED] I had the same problem after upgrading to 2.2.7. You have to add: use client driver = yes Either globally or for the individual printer share. Read the section on the above in the man page for smb.conf for an explanation. On Wednesday 19 February 2003 07:35 pm, Tim Kubricht wrote: Hi, I hope this is the right list to submit this request to I have the following problem with samba 2.2.2 that I upgraded to samba 2.2.7 to try to see if the problem would go away. But I still have the following problem: When I open the Start-Settings-Printers window It shows the printers that I have connected to from the samba print server printer_name on samba_ip_address It shows opening at 1st then changes to access denied, unable to connect and never shows the ready message that I used to get from a samba 1.9.15p8 server that I updated. * Can someone help me to get rid of the access denied messages from the Printers window? The following is what I have: My OS is Solaris 8 my PCs are either WinNT4 or Win2000 I have set up smb.conf as you can see below With it I can use dos to run net view and it works as expected I can open Network Neighborhood and find my samba print server and it will list all the printer shares along with the Printers folder. If I double click the Printers folder: I can get a list of all the printers and the number of documents that are currently being printed on each printer and If I double-click on a specific printer I can get the name of the job and person that is printing on the queue. This works as expected. I did not see this error in any of the Archives or the troubleshooting section that I found or in any of the 3 books I have. I need your expertise in solving this feature. Thanks, Tim ___ smb.conf:# Samba config file created using SWAT # Date: 2003/02/19 10:54:34 # Global parameters [global] workgroup = Name_Of_My_Workgroup server string = Samba %v on %h security = SERVER encrypt passwords = Yes map to guest = Bad User-- used and not used this option password server = #PDC-Address# #BDC-Address# username map = /usr/local/samba/lib/username.map log file = /usr/local/samba/var/log.samba max log size = 50 printcap name = /etc/samba-printcap os level = 10 preferred master = False local master = No domain master = False dns proxy = No wins server = #Primary-WINs-Address# guest account = ftp -- local acct I also tried lp account hosts allow = ###.###. ###.###. 127. ###=2 subnets at my site printing = bsd [printers] comment = All Printers path = /var/spool/pc-spool -- priv=rwxrwxrwt owner=lp read only = No guest ok = Yes printable = Yes browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Stephen
[Samba] Windows 2K/XP Profile/Homedir replication issue?
Hey there, Just a question for you Samba 2.2.x gurus out there :) We have a contingent (a steadily increasing contingent) of Win2K and WinXP workstations. Does anyone here know how to stop the profiles from replicating? If we create a file in the profile dir, say \\PDC\UserHome\profile.doc. It will replicate that to the profile directory, while one file or two files are not a problem, we use classroom based logins, so they all login at once and it's transferring the whole \\PDC\UserHome dir around everywhere it goes, it does it when you login and logout, so if everyone saves work there, as you can imagine, login/logout times take a long long time. Anyone got a work-around for this or is it just us who are having this problem? Cheers, Mr. K. Hawkes May darkness be your only ally, for in the shadows you can hide - Kris 1998-2002 In darkness, there is strength. - Kris 2002 What we do in life echoes in eternity. - Anon -BEGIN PGP SIGNATURE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQEVAwUBPHjfdSBHjRAjzresAQHZpgf/ZKpt2Nl+8EmIJwT/rLFtx8yhFFKdqVk6 pQGsgeOGN1ZI5kSOU6FBeWkyVS3YKLV6UHhvHVm1MQuBwPyfnjhQGj+OuI9jQPoc qTFb0TRQivOQoOeJq1PfIFcl53RrvRUOFAl8+jdKqZo/IFARdllknkCMTZirvp5l M+7/4a/ua2rx8d46zab1RF5YYNHRjyJRXD913FHty5VXCX31DJ55nAho30lOKOPC TNT+zzO1UC/J+keWSjxSSV3wPeOiOgtUtI5FiuXJmv1IXzsxjogGCTd0HUJ/04mR H623bEhl8M8yF/x6seCNKpHDkDQjoL+ddlQGVezdgbg3z7Jd7Y6VKA== =/whC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba over IPX/NetBeui
I finally managed to make Samba work on my LAN. I only needed to tweak some routes. Thanks El Tue, 4 Mar 2003 18:16:32 +0100 Tirant [EMAIL PROTECTED] escribió: Hello: Is it possible to run SAMBA over IPX/NetBeui? (I will thank any suggestion) I hava an small LAN of 3 computers, connected to the Internet through a Cable-modem with DHCP (the cablemodem and the computers are all connected to a hub). The CableModem assigns every computer a random public IP adress, but usually from diferent range (ie: 212.78.x.x, 62.57.x.x, etc), so I cannot get SAMBA or NetBIOS over TCP/IP to work. I used to share some files with Windows using NetBios over IPX (and eventually NetBeui), while being connected to the Internet. But now my computer only has Linux installed, and the only way I have find to share files, is to assign manually an IP adress to every computer (192.168.0.x) to get SAMBA working. That's tedious, because I have to do it on every computer. My mid-term/long-term solution is to get a router with a Wireless AP, and switch included. Thanks everybody, and excuse my English. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Issues with domain auth
Ver smb 2.2.7a Managers, I am having trouble configuring samba as a domain member authenticating to a win2k domain controller. All other aspects seem to be functioning but samba is generating a log event when attempting to connect to the password server as follows. Machine NDEVDC1 rejected the tconX on the IPC$ share. Error as follows: NT_STATUS_ACCESS_DENIED Any help is appreciated. Aaron Siebert IT Systems Engineer Nagrastar w 303-706-5492 f 303-706-5719 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2gb file size limit
I think this was fixed in 2.2.7a. You will need to upgrade - Kristyan Osborne - IT Technician Longhill High School 01273 391672 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tue 04/03/2003 20:29 To: [EMAIL PROTECTED] Cc: Subject: [Samba] 2gb file size limit What possible factors can cause a 2 gig file size limit ? I've verified that the underlying filesystem can handle much larger files. I'm using the standard samba package from Debian testing, version is 2.2.3a-12. Please cc me on responses. Thanks in advance ! -- Josh Litherland ([EMAIL PROTECTED]) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP logon failure but still logs on -- no roaming profile
I'm having a problem with roaming domains on Samba v3.0-alpha21. I've connected the machine (watertown) to the domain (precidia) via the server (griffon). I've logged on with my userid (bcwhite) and seen my roaming profile get created on the server upon logoff. Future logons grab the roaming profile and everything is fine. However, _sometimes_ I get a window with the message: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causeses of this error include network probelms or insufficient security rights. If this problem persists, contact your network administrator. DETAIL - logon failure: unknown user name or bad password However, the system continues to log me on (presumably with the local copy of my profile). Upon logoff, the copy of my profile on the samba server is not updated. I know I'm using the correct password. If I try the wrong password, I get a different window and no logon: The system could not log you on. Make sure your User name and domain are correct, then type your password again. Letters in passwords must be typed using he correct case. What I don't understand is why this only happens sometimes. I rebooted and then was able to log in fine. Log out, log in fine. Log out, log in fails. Reboot. Log in fine, log out, log in fails every time until I reboot again. I don't understand. I had logging set to level 200 and captured the following logs. start samba login (fail)http://bcwhite.dhs.org/~bcwhite/log.smbd-err.gz reboot login (okay)http://bcwhite.dhs.org/~bcwhite/log.smbd-ok.gz logout login (okay) logout login (fail) logout login (fail) [...] reboot login (okay) logout login (fail) stop samba http://bcwhite.dhs.org/~bcwhite/log.smbd-full.gz Note, the log files are 72kB, 121kB, and 4.3MB (compressed), respectively. All help very much appreciated! Brian ( [EMAIL PROTECTED] ) --- DEFN: Computer - A device designed to speed and automate errors. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Access files through VPN?
I am designing a network that consists of a vpn tunnel between medical labs. There will be a samba server at each end. Files will be copied each day to one main file server (linux to linux) but some people will be accessing files from remote windows machines through the vpn. Are there are issues with samba and vpn's I should be aware of? The files will be 200-700MB in size. Take care, Seth [EMAIL PROTECTED] 727-919-1598 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] codepages and cross-compiling
Hey Doc! How are you? Long time no hear! On Tue, 4 Mar 2003, The Doctor What wrote: I'm working on a packaging of samba for OpenZaurus (http://openzaurus.sf.net). We build on an x86 system cross-compiling for the Zaurus systems (an ARM platform). The part that is giving me trouble is the code pages. Can I safely compile them with the make_smbcodepage and make_unicodemap on the x86 and then use them on the ARM? Or are the platform dependent? Yes, they are not platform dependant. The codepage info is being used on SPARC, Alpha, Intel, PPC, S390 and more. We are not aware of any cross-platform problems. Is there anyway I can shrink them? They take up a lot of space on such a tiny system. Not really, at least not without major changes to Samba in how it opens and reads these files. Have you looked at samba-3.0.0alpha? The codepages have been replaced with a much cleaner interface as part of the move to unicode support. Might be worth looking at. Samba-2.2.8 should be out soon and 3.0 may ship in April. Any other hints? Are you able to run compressed binaries on the Zaurus? Take care. Cheers, John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Ctrl-Alt-Del Password Change
One fixed problem, one new problem. Okay, I fixed the pam_smbpass problem by upgrading to 2.2.7a. So for anyone out there, pam_smbpass won't work with ldap (./configure --with-ldapsam) on 2.2.3a and will work with 2.2.7a. Now, onto the next problem, changing passwords by Ctrl-Alt-Del from a Windows XP Pro machine. Logging onto the samba server from a WinXP machine works just fine. If I try to Ctrl-Alt-Del Change Password... from a WinXP machine where the username or password of the currently logged in (WinXP) user is different from the username or password being used on the samba server, then the password change fails with 1727: the remote procedure call failed and did not execute. If I try it when the username and password of the currently logged in user is the same as the current username and password being used on the samba server, then the password change succeeds. From an strace, I verififed what I suspected which is that its only when samba falls back on the lanman password that authentication succeeds and the password change can go forward, which, of course, explains this behavior. I suppose it could be that pam is misconfigured on some auth component somewhere. But the odd thing is that an strace of the samba daemons while simply connecting to a share shows pam.d files being consulted, while an strace of the daemons during a failed Ctrl-Alt-Del Change Password... session shows no pam.d files consulted. Can anyone help here? Can anyone at least verify that they were able to do Ctrl-Alt-Del Change Password... against a samba/LDAP server? Thanks. Ross Patterson Programmer/Analyst 831-459-2792 [EMAIL PROTECTED] 1156 High St, Barn G, PPC Santa Cruz, CA 95064 On Wed, 19 Feb 2003, [EMAIL PROTECTED] wrote: On a Debian 3.0 system with user accounts stored in openldap, I have unix and windows auth working just fine through ldap. smbpasswd can change the samba passwd attributes, and passwd can change the unix password attributes. I'm trying to get pam_smbpass to work to keep everything in sync, but it only says Failed to find entry for user test0. which indicates to me that its looking in the smbpasswd file which has, of course, nothing. ldd /lib/security/pam_smbpass.so gives libpam and libldap among other things. Can someone tell me if pam_smbpass is using the SAM DB API? If pam_smbpass is hardwired for the smbpasswd file, that would explain my troubles. If it is using the SAM DB API, can anyone give me any direction? Ross Patterson Programmer/Analyst 831-459-2792 [EMAIL PROTECTED] 1156 High St, Barn G, PPC Santa Cruz, CA 95064 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NFS-like file ownership/permissions with Samba
Hello, We use Linux Work Stations that are logged into by several users concurrently. We now use NFS to mount our user accounts from a Linux File Server with a mount point of /home. E.g. /home/martin /home/anotheruser1 /home/anotheruser2 File permissions on /home/* drwx-rwx-r-x martin drwx-- anotheruser1 drwx---r-x anotheruser2 Now the Linux File Server will become Windows 2000, but we want the same function so that all users that log on a Linux Work Station, see the same user accounts with the same file permissions, but it seems that smbmount mounts all files as the same user. Any help appreciated! Thanks, Martin Dahlberg -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help needed
hello i am new to Samba protocol please help. Our Client software used samba protocol If there is no firewall case , this protocol work properly from remote site. All of firwall configuration open ( this mean is all of port open ). Samba work very well, but if some constrain put in, it doesn't work. My client want to set exact port number for firewall, because he don't want to open all of port for security isseu. please give info how to configure samba on firewal. regards Dharanish _ Cricket World Cup 2003- News, Views and Match Reports. http://server1.msn.co.in/msnspecials/worldcup03/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] cross subnet browsing/domain logon problem
Dear all, I'm having great difficulty getting cross-subnet domain logon browsing to work and have nearly reached the end of my sanity trying to figure out what's wrong. Here's my setup and what's happening (apologies if it is convoluted): Subnet A One Samba PDC with encrypted passwords. One samba file server Subnet B One Samba file server (serverB) that is the *local master* for subnet B with encrypted passwords and security=domain. I have added serverB to the domain by successfully running smbpasswd -j DOMAIN -r PDC -U admin%adminpasswd I can run smbclient //serverB/homes from Subnet A with success. I can get Windows 9x machines in Subnet A to successfully mount //serverB/homes via a startup script executed during logon. I can get a WinXP machine in Subnet B to authenticate against the PDC however no startup script is executed. I can run smbclient -L localhost from serverB with success, although no Master is specified for the workgroup DOMAIN. Also, the homes share does not appear in the list of available shares, just a public share, a printer share IPC$ ADMIN$ I canNOT get a Win 9x machine in Subnet B to find the PDC for domain logon authentication, despite it being specified as the WINS server in its networking config. I canNOT run smbclient //serverB/homes from serverB itself, nor smbclient -L //serverB. Here's what I get: Got a positive name query response from PDC_IP ( serverB IP ) session request to serverB failed (Not listening for calling name) Got a positive name query response from PDC_IP ( serverB IP ) session request to *SMBSERVER failed (Not listening for calling name) Looking through the nmbd daemon log files on serverB I find the following: Samba name server serverB is now a local master browser for workgroup DOMAIN find_domain_master_name_query_fail: Unable to find the Domain Master Browser name DOMAIN1b for the workgroup DOMAIN. Unable to sync browse lists in this workgroup. Running nmblookup -MT DOMAIN also fails, stating name_query failed to find name DOMAIN#1d I have the IP address of the PDC specified in serverB's remote browse sync directive in smb.conf Conversely, the IP address of serverB is specified in the PDC's remote browse sync directive. serverB is RedHat 7.3 running the samba 2.2.7-1.7.3 rpm PDC is RedHat 8.0 running the samba 2.2.7-2 rpm There are no firewalls or Access Control Lists in place on the router that might stop packets from travelling between the subnets. Below I've included the relevant directives from the PDC smb.conf and the serverB smb.conf file: PDC smb.conf [global] workgroup = DOMAIN security = user encrypt passwords = yes smb passwd file = /path/to/smbpasswd remote browse sync = a.b.c.d (ip of serverB) remote announce = a.b.c.255 (broadcast address for Subnet B) local master = yes domain master = yes preferred master = yes domain logons = yes logon drive = U: wins support = yes wins proxy = yes serverB smb.conf [global] workgroup = DOMAIN security = domain password server = PDC_Name (I've also tried specifying the IP address of the PDC here too) encrypt passwords = yes smb passwd file = /path/to/smbpasswd (commenting this line out has made no difference either) remote browse sync = a.b.e.f (ip of PDC) remote announce = a.b.e.255 (broadcast address for Subnet A) local master = yes domain master = no preferred master = yes wins server = a.b.e.f (ip of PDC) name resolve order = wins lmhosts host bcast (the PDC is listed in the lmhosts) --- Any help would truly be appreciated. Many thanks, John john twyman school of geosciences university of sydney m: +61 401 992 836 e: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Backups of local shares
I use rsync to backup my linux samba shares to a remote tape backup server. Users periodically have open/locked files within their shares. Other than telling the users to logout ( this doesn't always work - go figure), how can I ensure the files listed in the smbstatus -L are successfully backed up? Are there any other samba related tools to assist with automated backups? Andy --- Vernon A. Fort (Andy) Provident Solutions, LLC (615) 427-4016 http://www.provident-solutions.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] printing - Win95 Win98 not working - NT,2000, XP are ok.
Hi folks - I am having printing problems with our older machines. Printing is working okay for our Windows NT, 2000 and XP clients. However, with windows 95 98, the print job gets put into the Samba spool directory (path = /var/spool/lp/tmp/samba) but doesn't make it to the printer. The print files stay there in the directory - don't get removed. Samba version is 2.2.7a, on Solaris 8 Printers are HP printers - e.g. HP 8100dn All clients including 95/98 were happily printing on a very much older version of Samba (2.0.6) printing directly from Unix to the printer is working ok Has anyone experienced this problem or have any advice on how to get my older boxes printing with the latest Samba? any thoughts welcome... -peter. (p.s. Just for a wild stab in the dark I tried setting the disable spoolss = yes but this stopped all printing from making it to the computer - even from the clients that were originally working.) relevant bits of conf. file included below... note that I don't have print command explicitly stated, but testparm indicates that it is configured properly... [global] printing = sysv lprm command = /usr/bin/cancel %p-%j lppause command = lp -i %p-%j -H hold lpresume command = lp -i %p-%j -H resume load printers = no [hp8100DN1] printer = hp8100dn_1 comment = HP LaserJet hp8100 DN path = /var/spool/lp/tmp/samba guest account = nobody guest ok = yes browseable = yes printable = yes writable = yes Opinions contained in this e-mail do not necessarily reflect the opinions of the Queensland Department of Main Roads, Queensland Transport or National Transport Secretariat, or endorsed organisations utilising the same infrastructure. If you have received this electronic mail message in error, please immediately notify the sender and delete the message from your computer. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Issues with domain auth
On Wed, 2003-03-05 at 09:40, Siebert, Aaron wrote: Ver smb 2.2.7a Managers, I am having trouble configuring samba as a domain member authenticating to a win2k domain controller. All other aspects seem to be functioning but samba is generating a log event when attempting to connect to the password server as follows. Machine NDEVDC1 rejected the tconX on the IPC$ share. Error as follows: NT_STATUS_ACCESS_DENIED Any help is appreciated. Your DC may have 'RestrictAnonymous = 2' set (an NT/Win2k registry setting, also accessible as a group policy). This would cause all non-win2k domain members significant problems, as you then cannot access the NETLOGON pipe required for domain authenticaion (among other things). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Issues with domain auth
On Wed, 2003-03-05 at 09:40, Siebert, Aaron wrote: Ver smb 2.2.7a Managers, I am having trouble configuring samba as a domain member authenticating to a win2k domain controller. All other aspects seem to be functioning but samba is generating a log event when attempting to connect to the password server as follows. Machine NDEVDC1 rejected the tconX on the IPC$ share. Error as follows: NT_STATUS_ACCESS_DENIED Any help is appreciated. Your DC may have 'RestrictAnonymous = 2' set (an NT/Win2k registry setting, also accessible as a group policy). This would cause all non-win2k domain members significant problems, as you then cannot access the NETLOGON pipe required for domain authenticaion (among other things). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: number of groups of NT account causes authenticationproblems
On Tue, 4 Mar 2003, Gopal Bhat wrote: Hi, I did more experiments with this problem and found that 'SMBD' fails to authenticate when the Number of Groups an NT user belongs grows more than 14 (i.e. 15 or more). In my experience this is VERY much a platform issue and not a Samba specific issue. Some Unix platforms allow no more than membership in 8 groups. - John T. Thanks, Gopal Gopal Bhat wrote: I am facing a strange problem related to authentication of NT users accessing the SAMBA server. Here are the details: Server: Solaris 9, SUN Ultra 60, SAMBA 2.2.7a with PAM and WINBIND Client: Windows XP, NT4.0, 2000 Symptoms: Created a share \\server\test (UNIX: /export/SMB/test) with access to group 'TestGoup' where 'TestUser' is a member. 'TestUser' is a member of 14 more groups along with 'TestGroup' (Total number of TestUser's group = 15) With the above settings 'TestUser' can't access the share '\\server\test', and the following message shows up in the Client.log: [2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(244) Unable to initgroups. Error was Not owner [2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(247) This is probably a problem with the account domain\testuser [2003/03/04 13:31:52, 0] smbd/service.c:make_connection(599) client (10.81.105.121) Can't change directory to /export/SMB/test (Permission denied) If I change the number of groups the user 'TestUser' belongs from 15 to 8 ('TestGroup' + 7 other groups), the user can access the share '\\server\test' without any problems. It looks like there is some limitation on number of NT group memberships 'smbd' can handle. Note: 'wbinfo' returns all the right groups of the user without any problems. Is there anyone out there who is aware of this problem and knows a workaround/solution to this? I really appreciate any help from the prestigious SAMBA Team. Thanks, Gopal -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: number of groups of NT account causes authenticationproblems
On Tue, 4 Mar 2003, Gopal Bhat wrote: Hi, I did more experiments with this problem and found that 'SMBD' fails to authenticate when the Number of Groups an NT user belongs grows more than 14 (i.e. 15 or more). Thanks, Gopal I can't have a look until tomorrow, but I wonder, is it possible that Solaris 9 has a restriction that the user cannot be in more that 14 groups? I would think not, but will find it difficult to test tonight. Besides, I can probably only test on Solaris 8. If that is not the problem, then I would have to look at the code that does setgroups and test on our platform. Gopal Bhat wrote: I am facing a strange problem related to authentication of NT users accessing the SAMBA server. Here are the details: Server: Solaris 9, SUN Ultra 60, SAMBA 2.2.7a with PAM and WINBIND Client: Windows XP, NT4.0, 2000 Symptoms: Created a share \\server\test (UNIX: /export/SMB/test) with access to group 'TestGoup' where 'TestUser' is a member. 'TestUser' is a member of 14 more groups along with 'TestGroup' (Total number of TestUser's group = 15) With the above settings 'TestUser' can't access the share '\\server\test', and the following message shows up in the Client.log: [2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(244) Unable to initgroups. Error was Not owner [2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(247) This is probably a problem with the account domain\testuser [2003/03/04 13:31:52, 0] smbd/service.c:make_connection(599) client (10.81.105.121) Can't change directory to /export/SMB/test (Permission denied) If I change the number of groups the user 'TestUser' belongs from 15 to 8 ('TestGroup' + 7 other groups), the user can access the share '\\server\test' without any problems. It looks like there is some limitation on number of NT group memberships 'smbd' can handle. Note: 'wbinfo' returns all the right groups of the user without any problems. Is there anyone out there who is aware of this problem and knows a workaround/solution to this? I really appreciate any help from the prestigious SAMBA Team. Thanks, Gopal -- Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: number of groups of NT account causes authenticationproblems
Hi, I did more experiments with this problem and found that 'SMBD' fails to authenticate when the Number of Groups an NT user belongs grows more than 14 (i.e. 15 or more). Thanks, Gopal Gopal Bhat wrote: I am facing a strange problem related to authentication of NT users accessing the SAMBA server. Here are the details: Server: Solaris 9, SUN Ultra 60, SAMBA 2.2.7a with PAM and WINBIND Client: Windows XP, NT4.0, 2000 Symptoms: Created a share \\server\test (UNIX: /export/SMB/test) with access to group 'TestGoup' where 'TestUser' is a member. 'TestUser' is a member of 14 more groups along with 'TestGroup' (Total number of TestUser's group = 15) With the above settings 'TestUser' can't access the share '\\server\test', and the following message shows up in the Client.log: [2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(244) Unable to initgroups. Error was Not owner [2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(247) This is probably a problem with the account domain\testuser [2003/03/04 13:31:52, 0] smbd/service.c:make_connection(599) client (10.81.105.121) Can't change directory to /export/SMB/test (Permission denied) If I change the number of groups the user 'TestUser' belongs from 15 to 8 ('TestGroup' + 7 other groups), the user can access the share '\\server\test' without any problems. It looks like there is some limitation on number of NT group memberships 'smbd' can handle. Note: 'wbinfo' returns all the right groups of the user without any problems. Is there anyone out there who is aware of this problem and knows a workaround/solution to this? I really appreciate any help from the prestigious SAMBA Team. Thanks, Gopal -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Help with spoolss printing
Hi, I've got a network with an NT4 PDC and a Samba file/print server, running Samba 2.2.3 as packaged with Debian Woody. The machine has been working quite happily for ages (started life with Samba 1.9.18 a long time ago), and the printer sharing has always been done as Lan Manager printers. Having finally found some spare time, I decided to switch to spoolss printing. I created a print$ share as in the docs, and then installed the appropriate drivers. All seemed OK, the drivers were successfully copied to the server, and the printer shares worked as expected. I restarted Samba a couple of times, and suddenly, for no obvious reason, the Printers share on the server emptied itself entirely. Running the rpcclient enumdrivers command returns no output. Inspection of the logfiles shows:- [2003/03/04 12:58:30, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(98) create_policy_hnd: ERROR: too many handles (1025) on this pipe. [2003/03/04 12:58:30, 0] lib/fault.c:fault_report(38) === [2003/03/04 12:58:30, 0] lib/fault.c:fault_report(39) INTERNAL ERROR: Signal 11 in pid 21915 (2.2.3a-12 for Debian) Please read the file BUGS.txt in the distribution [2003/03/04 12:58:30, 0] lib/fault.c:fault_report(41) === [2003/03/04 12:58:30, 0] lib/util.c:smb_panic(1064) PANIC: internal error [2003/03/04 12:59:12, 0] rpc_client/cli_pipe.c:rpc_api_pipe(359) cli_pipe: return critical error. Error was NT_STATUS_PIPE_DISCONNECTED The last message is repeated many times. Is this a known bug? Is there anything I can do about it? Any help gratufully received Mike.
Anonymous domain joining
Hi there. I am trying to achieve something that will let any machine be a member of the domain, without needing authentication as an admin to join. The basic idea is that all machines will be in the domain in the server's opinion, and joining it will be necessary only for Windows to know it is in the domain. So the first thing I want is joining the domain anonymously. What I ultimately strive to is that Samba will have to keep no state or information about machines in the domain - so that a machine joining will get a positive reply from Samba, but no real state will change at the server, at least not on disk. I definitely do not want separate local accounts (/etc/passwd), or for that matter any Unix accounts for machines in the domain. So, right now we have a few ugly source hacks, as well as some script that is called and keeps some state. I am hoping for a cleaner solution. I am working on the Samba sources to achieve this, but I would love any advice on how to do it with as little source modifications as possible. Any advice, then? Thanks, any help appreciated, -- Tom -- Tom Alsberg - hacker (being the best description fitting this space) Web page: http://www.cs.huji.ac.il/~alsbergt/ DISCLAIMER: The above message does not even necessarily represent what my fingers have typed on the keyboard, save anything further.
Re: Anonymous domain joining
Just a few notes I forgot - this is with Windows NT, 2000, and XP clients, and I am working on the post-3.0-HEAD branch. -- Tom On Tue, Mar 04, 2003 at 03:32:24PM +0200, Tom Alsberg wrote: Hi there. I am trying to achieve something that will let any machine be a member of the domain, without needing authentication as an admin to join. snip /... -- Tom Alsberg - hacker (being the best description fitting this space) Web page: http://www.cs.huji.ac.il/~alsbergt/ DISCLAIMER: The above message does not even necessarily represent what my fingers have typed on the keyboard, save anything further.
decode port_type field in enumports
Hi folks, this patch against CVS HEAD provides decoding for the port_type field when you do enumports 2 in rpcclient. Cheers, Waider. Index: include/rpc_spoolss.h === RCS file: /cvsroot/samba/source/include/rpc_spoolss.h,v retrieving revision 1.95 diff -a -u -r1.95 rpc_spoolss.h --- include/rpc_spoolss.h 15 Feb 2003 23:36:18 - 1.95 +++ include/rpc_spoolss.h 4 Mar 2003 14:51:50 - @@ -1302,6 +1302,12 @@ } PORT_INFO_2; +/* Port Type bits */ +#define PORT_TYPE_WRITE 0x0001 +#define PORT_TYPE_READ 0x0002 +#define PORT_TYPE_REDIRECTED0x0004 +#define PORT_TYPE_NET_ATTACHED 0x0008 + typedef struct spool_q_enumports { uint32 name_ptr; Index: rpcclient/cmd_spoolss.c === RCS file: /cvsroot/samba/source/rpcclient/cmd_spoolss.c,v retrieving revision 1.107 diff -a -u -r1.107 cmd_spoolss.c --- rpcclient/cmd_spoolss.c 25 Feb 2003 23:34:57 - 1.107 +++ rpcclient/cmd_spoolss.c 4 Mar 2003 14:51:56 - @@ -396,7 +396,31 @@ rpcstr_pull(buffer, i2-description.buffer, sizeof(buffer), -1, STR_TERMINATE); printf(\tDescription:\t[%s]\n, buffer); - printf(\tPort Type:\t[%d]\n, i2-port_type); +printf(\tPort Type:\t ); +if ( i2-port_type ) { + int comma = 0; /* hack */ + printf( [ ); + if ( i2-port_type PORT_TYPE_READ ) { + printf( Read ); + comma = 1; + } + if ( i2-port_type PORT_TYPE_WRITE ) { + printf( %sWrite, comma ? , : ); + comma = 1; + } + /* These two have slightly different interpretations + on 95/98/ME but I'm disregarding that for now */ + if ( i2-port_type PORT_TYPE_REDIRECTED ) { + printf( %sRedirected, comma ? , : ); + comma = 1; + } + if ( i2-port_type PORT_TYPE_NET_ATTACHED ) { + printf( %sNet-Attached, comma ? , : ); + } + printf( ]\n ); +} else { + printf( [Unset]\n ); +} printf(\tReserved:\t[%d]\n, i2-reserved); printf(\n); } -- [EMAIL PROTECTED] / Yes, it /is/ very personal of me. It's a poor workman who blames his tools, unless they're WINTEL-based. - Conor Bob
smb.conf inside ldap
Hello, I would like to hold the smb.conf inside an ldap server. Is there any work going on in implementing a ldap-config-file-backend? Do people already think about a schema for this? If not where can I ask to get help in designing that schema? I thought of something like this: Auxiliary Class: sambaServer (may contain Share) + All those [global] options. Class: Share + All those [share] options. What about extra classes for Printers, Profiles, etc? Where to specify the connection properties of the ldap server (egg/chicken)? regards Stefan
Re: smb.conf inside ldap
hi, On Tue, Mar 04, 2003 at 04:05:26PM +0100, Stefan Voelkel wrote: Hello, I would like to hold the smb.conf inside an ldap server. Is there any work going on in implementing a ldap-config-file-backend? not that i know. but there was some effort in samba-tng for this. you might have a look in their mail-archives (must be two years ago). maybe i still have the schema somewhere... thanks, guenther -- Guenther Deschner [EMAIL PROTECTED] SuSE Linux AGGnuPG: 8EE11688 Berliner Str. 27 phone: +49 (0) 30 / 430944778 D-13507 Berlin fax: +49 (0) 30 / 43732804 pgp0.pgp Description: PGP signature
Re: CVS update: samba/source/printing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Mar 2003 [EMAIL PROTECTED] wrote: Date: Tue Mar 4 09:33:34 2003 Author: abartlet Update of /data/cvs/samba/source/printing In directory dp.samba.org:/tmp/cvs-serv25296/printing Modified Files: nt_printing.c Log Message: Fix another 'off by one' bug with safe_strcpy(). It is unclear if the intent was to limit the string to 31 or 32 characters (excluding the null term), so I've assumed for now that 32 is fine, as this matches current behaviour (well, current behaviour would crash, but anyway...) Jerry: Can you look at this for me? The devicename is truncated at 32 characters (including NULL). See spool_io_devmode() for details. This probably should be a memcpy of MAX size 32 instead of a string copy. You change won't break anything I don't think, but i'll fix it up so the intent of the code is a little more clear. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZKlsIR7qMdg1EfYRAm5RAKCXW+XAz91RTeL7EnSYNd5RQlqF7gCgpmkf dEHvZ+v2VNtrkPw+Y+ENgVs= =qS3b -END PGP SIGNATURE-
Re: file descriptors consumed by printing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 2 Mar 2003, Richard Sharpe wrote: On Mon, 3 Mar 2003, Tim Potter wrote: On Sun, Mar 02, 2003 at 10:10:53PM -0800, Richard Sharpe wrote: This seems like a good way to do it. Does anyone have any objections if I do so? Why do we need it? Just call lp_default_server_announce() and check if the SV_TYPE_PRINTQ_SERVER bit is set. If no print shares are exported then don't call nt_printing_backend_init(). Hmmm, Samba 2.2.x sets SV_TYPE_PRINTQ_SERVER unconditionaly. It's fixed in HEAD. Yeah, well someone forgot their janitorial duties :-) No. I asked Tim not to merge it since it was more of a change than I wanted to chance in 2.2 at the time. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZLE6IR7qMdg1EfYRApvPAKCgk72wlxQVo80Vq4PYnF6RsfSUDwCg0QbE TQRIxoOSBMzvXGHLFCQcdIE= =3a+F -END PGP SIGNATURE-
RE: mount points / free disk space / dfree command
I went and read some of the CIFS spec[1], and it seems to me that the QUERY_FS_INFO trans2 request only includes an identifier for the current connection. Given this information, samba can only attempt to determine the amount of space on the root of the share. This explains why using the dfree command did not give me any different numbers than not using it. If I really understand what is going on here, then what we would have to do is create a new share for each mounted device. That would be hard because the root that is exported happens to be an automounter directory, which changes. [1] http://ubiqx.org/cifs/rfc-draft/draft-leach-cifs-v1-spec-02.html#s4.1.6 -Original Message- From: Panko, Kevin [mailto:[EMAIL PROTECTED] Sent: Thursday, February 20, 2003 3:27 PM To: '' Subject: mount points / free disk space / dfree command We have a share with mount points beneath it. Free disk space is incorrect because samba always returns the free space in the top level directory of the share. It is the same problem discussed before in this thread: http://groups.google.com/groups?hl=enlr=ie=UTF-8oe=UTF-8th=4c04c4aeb2405 d4dseekm=9q2iee%242s7r%241%40FreeBSD.csie.NCTU.edu.twframe=off I was hoping to use the dfree command smb.conf option, as the df command reports the correct amount of free space for each subdirectory. I found that my dfree command was always given the directory name of the top level of the share, regardless of the current directory on the Win2k client, so the answer I get with dfree is the same as the internal samba routines. Why does that happen? Does the call have knowledge of the current directory of the client, or is that not included in the client's request? If not, then I must admit that this may be impossible. If it does, and if that directory were passed to the df command, then what I need can be done via samba. I do not want to use recursion and add up the amount of free space as the sum of each mount point. I only care about the current directory. We do have a need to determine the amount of free space from Win2k, and creating a samba share for each subdirectory would be impractical. TIA, Kevin Panko
Re: Help with spoolss printing
Gerald (Jerry) Carter wrote: Please retest against 2.2.8pre2. OK - I'll need to build my own packages, which I was hoping to avoid, so testing against the new version will probably take me a day or so. Running the rpcclient enumdrivers command returns no output. Inspection of the logfiles shows:- [2003/03/04 12:58:30, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(98) create_policy_hnd: ERROR: too many handles (1025) on this pipe. Can you describe your configuration a little more? Are you using a WIN2k TSE box by chance? No, nothing like that. Config is very simple really, PDC is running NT4 server, and does domain control and nothing else (will get retired when Samba 3 arrives). The main file/print server is an x86 box running Debian Woody, with security=domain. All the users on on boxes running NT 4.0 workstation service pack 6a. Mike.
Re: Help with spoolss printing
Mike Brodbelt wrote: Gerald (Jerry) Carter wrote: Please retest against 2.2.8pre2. OK - I'll need to build my own packages, which I was hoping to avoid, so testing against the new version will probably take me a day or so. Having tried this, 2.2.8 doesn't compile for me. Found the files in packaging/Debian (very nice, make this *lots* easier), but no go:- Compiling lib/util.c lib/util.c: In function `state_path': lib/util.c:1876: `STATEDIR' undeclared (first use in this function) lib/util.c:1876: (Each undeclared identifier is reported only once lib/util.c:1876: for each function it appears in.) lib/util.c: In function `cache_path': lib/util.c:1896: `CACHEDIR' undeclared (first use in this function) make[1]: *** [lib/util.o] Error 1 make[1]: Leaving directory `/usr/local/local_pkg/samba/samba-2.2.8pre2/source' make: *** [build-stamp] Error 2 I know more or less why this is happening, but can't see the easy way to fix it. The build script for a Debianised package applies a patch to the source (packaging/Debian/debian/patches/fhs.patch) which adds two functions to util.c that make use of STATEDIR and CACHEDIR. From what I can see, the patch should define these if FHS_COMPATIBLE is defined, which should be set, as configure gets passed --with-fhs. I could remove the patch, or just build outside the Debian package setup, but I've got a strong preference for keeping the Debian paths, as this will end up on a live server, and I *really* don't want to break the packaging system. Is there a quick fix? Thanks, Mike.
reply_read_and_X and is_locked
Hello Samba Hackers! I am debugging a performance problem associated with backing samba with a distributed filesystem. On this filesystem, querying whether a file is locked may involve a network roundtrip. Locking a file is substantially less likely to involve a roundtrip, at least if the file is locked and unlocked repeatedly. I'd like to ask a question about the following code in read_and_reply_X: if(is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos,READ_LOCK,False)) { END_PROFILE(SMBreadX); return ERROR_DOS(ERRDOS,ERRlock); } So if I understand this correctly, we wish to fail the request if someone has an exclusive lock on this region of the file (please correct me if I'm wrong). However, this seems wrong, in that there is a race here. Why is it in this case that for the duration of the read we don't acquire a read lock on this region of the file? Or do we? Maybe I'm missing something here (?) :) Cheers, Peter Godman
Re: Help with spoolss printing
On Tue, Mar 04, 2003 at 03:46:17PM +, Mike Brodbelt wrote: Mike Brodbelt wrote: Gerald (Jerry) Carter wrote: Please retest against 2.2.8pre2. OK - I'll need to build my own packages, which I was hoping to avoid, so testing against the new version will probably take me a day or so. Having tried this, 2.2.8 doesn't compile for me. Found the files in packaging/Debian (very nice, make this *lots* easier), but no go:- Compiling lib/util.c lib/util.c: In function `state_path': lib/util.c:1876: `STATEDIR' undeclared (first use in this function) lib/util.c:1876: (Each undeclared identifier is reported only once lib/util.c:1876: for each function it appears in.) lib/util.c: In function `cache_path': lib/util.c:1896: `CACHEDIR' undeclared (first use in this function) make[1]: *** [lib/util.o] Error 1 make[1]: Leaving directory `/usr/local/local_pkg/samba/samba-2.2.8pre2/source' make: *** [build-stamp] Error 2 As you deduced, this means the Debian-specific patches don't apply cleanly against 2.2.8pre2. Have you tried the backported 2.2.7a packages available at http://people.debian.org/~peloy/samba/? Jerry, have there been more printing fixes since then that he'll need in order to get this working? -- Steve Langasek postmodern programmer pgp0.pgp Description: PGP signature
2.2.8pre2 Won't Configure On Digital Unix 4.0D
I decided to have a look at 2.2.8pre2 on a Digital Unix box we run here - and configure runs fine like this : ./configure --with-winbind ... checking whether or not getgroups returns EGID too many times... no checking whether struct passwd has pw_comment... yes checking whether struct passwd has pw_age... no checking for poptGetContext in -lpopt... no checking whether to use included popt... ./popt checking configure summary... yes updating cache ./config.cache creating ./config.status creating include/stamp-h creating Makefile creating script/findsmb creating include/config.h include/config.h is unchanged But because I'm also interested in making use of winbind to fully integrate some of our Unixen into an NT domain, I decided I should configure Samba to use PAM as well, like this : ./configure --with-winbind --with-pam and this configure run fails : ... checking whether or not getgroups returns EGID too many times... yes checking whether struct passwd has pw_comment... yes checking whether struct passwd has pw_age... no checking for poptGetContext in -lpopt... no checking whether to use included popt... ./popt checking configure summary... configure: error: summary failure. Aborting config I'm just reporting this as a test result, though of course I'd be interested in any solution there may be (or explanation of error: summary failure). I'm happy to try any further tests you folks may want. Cheers Nick Boyce EDS Southwest Solution Centre, Bristol, UK
Norton Ghost, rpc_server
Hi List! It's some time ago now that I asked wether it is possible to join a domain with a Windows 2000 client using the Norton Ghost console and Samba as pdc. I now found some info in Samba's logfiles, and so I can ask now for the feature that would be needed. Ghost uses an account that is to be specified before joining the domain, and I used an account here that is a admin user in Samba, so mapped to root. This works fine. However, Ghost uses rpc later to make the client join the domain, and these calls are not supported by samba yet. That's from my log: rpc_server/srv_samr_nt.c: _samr_unknown_2d (4231) _samr_unknown_2d: not yes implemented I have all user data in /etc/passwd, /etc/group and private/smbpasswd, I have Samba 3.0 pre21 installed here. I wonder if this missing rpc will be implemented to make Samba and Ghost work together. When I asked my question the first time (with less information available), there was some interest in this kind of functionality, however, I am not a programmer (but a student of architecture) and I can only offer to test here if someone wants to develop anything around this. Thank you, CU, Lars O. Grobe. -- +++ GMX - Mail, Messaging more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!