' so that we can see where the problem
actually is. Setup a 'panic action = /bin/sleep 9000' in your smb.conf,
then attach to the dead process with gdb. Get a 'bt full', and post it
back to the list.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
)
===
[2003/01/08 12:10:23, 0] lib/util.c:(1092)
PANIC: internal error
The first thing to do is try and upgrade to Samba 2.2.7a. There are
serious security issues with earlier versions anyway, and it might just
solve your issue.
Andrew Bartlett
--
Andrew Bartlett
. Are
you using winbind?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
) but
it does exist.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
On Fri, 2003-01-17 at 08:20, [EMAIL PROTECTED] wrote:
On Fri, Jan 17, 2003 at 08:18:42AM +1100, Andrew Bartlett wrote:
It is used, and I think it's even on the automated testing system.
Certainly I refactored this code in Samba HEAD/3.0, and it's no longer
available under that option
/password.c:server_validate(1175)
password server TYR.IMAGE.COM rejected the password
I found in the mailing list archives the following tidbit
from Andrew Bartlett, dated 13 Aug 2002:
Don't use 'security=server' when you have a real PDC.
That's what security=domain is for. Furthermore, due to
bugs only
rewrite of
the auth code. We now specificly keep that data around for exactly that
reason.
Andrew Bartlett
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
secrets.tdb to store the password.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
to give some more info on the join, and any
particular errors in the logs.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
a Samba
member server to do MSCHAPv2 authentication against a NT4 or AD domain.
Unfortunately I don't know of any patches at present (MSCHAPv1 is
possible with current infrastructure) - and I havn't had a chance to
make the mods to Samba needed for the MSCHAPv2 part.
Andrew Bartlett
--
Andrew
got much closer to MS semantics in 3.0, so I would give that a try.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
at the end of this also.
Very helpful with all the restarts I had to do when making changes.
5) If I think of or discover anything else, I will post it.
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
complete, behaves a bit better
compared to 2.2, and we have some new optional features, but there
shouldn't be any 'upgrade issues'.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
to mount a directory?
pam_mount. I have seen reports of it being hacked up to function
correctly.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
, Samba 3.0 works very nicely being trusted by NT4 at my site).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
On Thu, 2003-02-06 at 04:22, John H Terpstra wrote:
On Wed, 5 Feb 2003, Andrew Bartlett wrote:
If you want a 'real' read only profile, look into the
'vfs_fake_perms.so' VFS module in Samba HEAD. It fakes up the
permissions on the files being sent to the client, so that you don't
need
). However, if you are just needing to run this WinXP
server as a 'slave', then making your Samba machine a PDC and joining
the WinXP machine to the domain should work. Your existing clients can
still access the Samba server as-before, they are not forced to use
domain logons etc.
Andrew Bartlett
join under a different name.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
it doesn't handle authentication etc at all.
For many organizations, the need to install an optional client on each
computer kills things off pretty quickly.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL
help you.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
the
'pwdMustChange' LDAP attribute to 0.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
an issue that caused
that error on the 'setdriver' command. (2.2 changes had not been
merged to HEAD).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker
set 'mangle method =
hash2' in your smb.conf to 'fix' it. (chances of a hash collision are
greatly reduced). This setting is now the default in Samba 3.0, but
make sure you read the smb.conf manpage section on this, as it *will*
change all your mangled (short) names.
Andrew Bartlett
--
Andrew
that name and so we can
only use the IP address. If the logon is via NTLMSSP, we might get the
name later, but if it is kerberos, we would never get another name.
If you set 'hostname lookups = yes' we will use the reverse DNS name for
%m and %M, instead of the IP address.
Andrew Bartlett
--
Andrew
, or a GUI?
Scripts. I also use 'GQ' as an LDAP GUI admin tool.
4. Is it LDAP/Samba integration possible?
It's the only way to go. Our LDAP backend currently doesn't deal with
Groups and Privileges at present, but this is being worked on.
Andrew Bartlett
--
Andrew Bartlett
(currently alpha) and use the pdb_ldap backend to
store your passwords, which fully supports password expiry, based on our
own 'pwdMustChange' attribute.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED
MIT, with a couple of hacks for NT compatibility
with how NT has historically been organized. Plus they added the PAC,
which they have now documented.
Running winbindd on your clients and joining the domain will certainly
allow you to log into the workstation with domain passwords.
Andrew Bartlett
going on..
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
it back to the old value.
Pin down that it isn't a 'real' file permissions issue - check you can
get to the profile with smbclient etc.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
into writing a VFS module to make out that call).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
I give
slightly different details each time).
Your two options are to use PAM, or to use Samba 3.0alpha and pdb_ldap.
In pdb_ldap, you want to set the 'pwdMustChange' attribute to 0.
This works well in my production environment.
Andrew Bartlett
--
Andrew Bartlett
client is linux, then just look into
the novell ncp clients. (which are not related to samba).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
? ( using 3.0 Alpha 21 )
Thanks a lot
Samba 3.0 uses unicode when requested by the client, and not explicitly
disabled in the smb.conf.
What problems are you having?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team
Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
as the clients are concerned, there is no difference between
security=server and security=domain. So check the simple stuff - use
smbclient for testing and ensure you have actually joined the domain
correctly.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
domain members significant problems, as you then cannot access
the NETLOGON pipe required for domain authenticaion (among other
things).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
domain members significant problems, as you then cannot access
the NETLOGON pipe required for domain authenticaion (among other
things).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
it in both
places. This would then require that you manually create the account in
the KDC.
How you then get windows machines to get the tickets etc is up to you
:-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team
Dominion Diagnostics
Andrew Bartlett
[EMAIL PROTECTED]
rg
want to set the 'pwdMustChange' attribute to 0.
(Andrew Bartlett)
Good people, would like that they thought which is the way most easy to
make this for a person who understands of SAMBA but she does not
understand of LDAP and nor of PAM...
My net is small simple e (~60 machines) and will only
domain SID too).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
. (fortunately, the code is
relatively small)
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
, and will mean that they use the name
in the form 'domain\username' if you used winbind or 'username' if you
didn't. (Effectively).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
On Sat, 2003-03-08 at 06:51, Andrew Bartlett wrote:
On Sat, 2003-03-08 at 04:12, Wolfgang Ratzka wrote:
-BEGIN PGP SIGNED MESSAGE-
Im currently running some tests for a samba/CUPS based print server.
The print server is a member of an NT domain and uses winbind to import
NT
and password (smbpasswd -r
cleo -j SURSON -Uadministrator) and set a username into 'wbinfo
-Ausername%password' to allow winbind to use authenticate it's
connection to the DC.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems
= No
csc policy = disable
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL
is, if is possible to configure all of services
(login, telnet, ftp, ssh, samba, kde...) centrally in one file or
somewhere. Or it is not possible?
That's what the system-auth stuff is about.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
a pretty lame excuse for almost complete incompatibility with
out-of-the-box installations.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL
these warnings *can* indicate bugs, we compile samba after every
checkin on over 30 different compiler/arch combinations at
build.samba.org, and developers are encouraged to study the compiler
output presented there.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
On Thu, 2003-03-13 at 08:18, [EMAIL PROTECTED] wrote:
They do not need local accounts, however the company do not want to
support winbind
Is there any reason you cannot run 'security=domain' against the local
accounts, as indicated in the documentation?
Andrew Bartlett
--
Andrew Bartlett
Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
advantage is we get kerberos, which works much better anyway
:-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
to do with rpc-call and there authentication,
but i'm absolutly not sure.
Only the network and logfile traces will really tell you.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network
userID do I need to define on the Samba server to
allow LocalSystem to access files on a Samba share?
I think the way you do this is to add a domain user, with the right
privs, and then start the service as that user, with that password.
However, I've never played with this myself.
Andrew Bartlett
with the 'offline
file cache'. Either way, I think that ignoring the smbecho as
'activity' would probably be a bad idea.
In this case it's a bit of a pity that the cost of processing that echo
is so high, but I can't really see a good way around it.
Andrew Bartlett
--
Andrew Bartlett
and pam_winbind or ntlm_auth (new in 3.0 alpha).
smblib has had a number of issues over the years, and I understand that
the authentication is usually just LM based (case-insensitive). More
particularly, there is no way for it to tell if it's actually talking to
the DC.
Andrew Bartlett
--
Andrew Bartlett
have been chasing this one for a while, and I'm pretty sure we came
to some resolution since 2.2.6 or 2.2.7. You should upgrade to 2.2.8
for the security fixes anyway, and see if the problem persists.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
these generated files in CVS.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
not be
that hard - and could be quite useful...
Maybe just a warning along the lines of about to overwrite your
smb.conf, would you like to save your original?
Ok. I'll implement that one.
Or what about just calling RCS on the file?
Andrew Bartlett
--
Andrew Bartlett
' password on Win9X. Not
quite (because we map to unix users) but pretty close.
Note that setting 'security=share' will affect other shares on the
server, so you might want to look into a %L include to host this on a
separate virtual hostname.
Andrew Bartlett
--
Andrew Bartlett
the authentication (both Samba and FTP) redirected to the PDC.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
the option to turn this off was rather pointless,
so it's always enabled.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
environment - but they neglect to mention that
you also have the opportunity to integrate it into your environment -
not integrate your environment into it!
(This is what makes a Samba NAS more than a rack-mounted Windows install
IMHO).
Andrew Bartlett
--
Andrew Bartlett
browseable = yes
printable = yes
writable = yes
Well, I'll start by saying that this last statement will probably just
confuse things - it might turn it back into a disk share.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems
point the way to this information?
It's possible with System policies. These are 'shell dirs'. If you
grab the NT system policy editor, and things like the office resource
kit for policy templates.
I did it with PowerToys (tweak ui) and a mandatory profile myself.
Andrew Bartlett
--
Andrew
' in your smb.conf).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
.
Is there anyway to verify that these mails are getting to the list?
If you are subscribed, then you will get your posting back. Or just
wait for a reply :-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL
Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description
, it was decided a *long* time ago that also executing it (ie,
the same script and parameter) for 'no homedir' was just plain silly.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator
you enable encrypted passwords.
(and you need to apply the registry patch).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED
a 'stable' release out the door, but it's a slow process.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
possible for NT4 and above with PAM and 'obey pam restrictions =
yes', but not quite as clean. (Naturally, this requires 'unix passwd
sync = yes'.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED
username/pw pair.
Fundementally, any restriction imposed by logon script/.pol files can be
avoided - you must never trust the client to actually follow their directions...
Andrew Bartlett
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org
:
/usr/include/linux - /usr/src/linux/include/linux
/usr/include/asm - /usr/src/linux/include/asm-i386
everything worked.
You should not do this - you should get the kernel that your glibc
was compiled against, and use that. Redhat has a glibc-kernel-headers
for exactly this task.
Andrew
On Thu, Mar 27, 2003 at 01:27:26AM +, Andrew Bartlett wrote:
On Wed, Mar 26, 2003 at 04:11:13PM -0800, Shawn Wright wrote:
Ok, stupid me. Somehow I missed updating /lib/libnss_winbind.so on both
these machines. Presumably this would have also caused corruption of the
winbind idmap
), or to disable it.
However, setting this only really works for Samba 3.0 - for 2.2 you
really can't run with this set.
If you already have a username/pw set (by wbinfo -A), then I would
suspect that you have SMB signing required, on a 'fixed' DC (MS did not
used to enforce this).
Andrew Bartlett
?
No.
And, is there a better way
to deal with spaces in usernames than User Name ?
Note: The same thing happens with write list =.
This should be fixed in Samba 3.0, due to a change to the way we process
such lists, but you are much advised to use a group on the server.
Andrew Bartlett
--
Andrew
- they often 'fall back' in parts of the protocol. It may well
be possible to create such policies - In the end, they are just a file
in a particular file share.
It would be an interesting challenge for somebody to work on. :-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL
notebooks etc.
connecting to the network and then disappearing off home with sensitive data
from the server on their drives.
Really, the best you can do is per-user passwords, strong passwords,
correctly set permissions, and policies (human policies, not computer
ones :-).
Andrew Bartlett
--
Andrew
'smbpasswd -t' it should do it on demand.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
On Fri, 2003-03-28 at 23:44, Eric Boehm wrote:
On Fri, Mar 28, 2003 at 10:00:47PM +1100, Andrew Bartlett wrote:
Andrew == Andrew Bartlett [EMAIL PROTECTED] writes:
Andrew On Fri, 2003-03-28 at 19:44, Hansjoerg Maurer wrote:
Andrew If you run 'smbpasswd -t' it should do
...
The only secure computer is turned off, disconnected from the world,
under 5 feet of concrete with an armed guard standing on top. And then
somebody will probably just bribe the guard...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
available
via telnet from the Internet.
More info, for anyone who's interested, here:http://www.testdrive.compaq.com/
We have a number of testdrive machines already participating on the
'build farm' (build.samba.org). It's on my list to expand this, but
it's a long list :-)
Andrew Bartlett
/msg00060.html
You could add to your list there.
I've 'fixed' this in 3.0, by only doing this paranoid check for %U - all
other uses of the username are direct off-the-wire (charset conversion
only).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
be ptrace'ed...
I'm glad jelmer added that backtrace() code...
Andrew Bartlett
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
to correct the problem, but I'm having a hell of a
time figuring this one out. We use msdfs with security = server.
This is probably your problem. Never use 'security=server' if you can
help it. Use 'security=domain'.
Andrew Bartlett
--
Andrew Bartlett [EMAIL
a real bug, not
a misconfiguration).
However, if it is real, and somebody at Samba-TNG wants to propose a
patch that makes us (Samba 3.0) detect this situation properly, it might
get considered.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
implemented in Samba 3.0, for pdb_ldap, pdb_tdbsam.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
), then there isn't anything much you can do.
However, this isn't a usual configuration, even for 'native mode' DCs.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator
On Sat, 2003-04-05 at 03:01, Dariush Forouher wrote:
Hi,
after upgrading samba 3.0 from ~ Jan. 03 cvs - today's cvs, samba
crashes while contacting an LDAP server.
Sorry about that - I fixed it in HEAD but only just merged it to 3.0.
Andrew Bartlett
--
Andrew Bartlett
= no'.
(yes, we need to make this easier)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
On Sat, 2003-04-05 at 15:53, samah Ibrahim wrote:
can samba v 2.2.5 server function as a windows 2000 PDC with active
No. See the samba.org website for the progress of Samba 3.0 as an
Active Directory member server.
Andrew Bartlett
--
Andrew Bartlett [EMAIL
of the connection. (I use it for a wireless
gateway).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
. Check the output of wbinfo -t and wbinfo -a
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
module, I'll try to see what's
different about it.
I'm also quite interested in the idea that we could pass pam_mount some
of the information we get from the logon request - like the location of
the home directory, if somebody wants to work with me on developing such
features.
Andrew Bartlett
and links to /dev/null will
do the job nicely :-)
This could be considered a bug in finger as much as anything :-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator
parameter in smb.conf.
So I want to add a Win2K and XP-Client to the net without changing the
smb.conf (encrypt passwords = no).
'real' domain logins and 'encrypt passwords = no' are not compatible.
Win9X is not a 'real' domain member.
Andrew Bartlett
--
To unsubscribe from this list go
1 - 100 of 4979 matches
Mail list logo