Mukund, I think I very close to getting everything working. Got OpenLDAP setup on another linux box, got lam pointed to it and created a samba domain, group and user. Pointed Openfiler to this ldap and it connected just fine showing the users and groups in openfiler. I created my vg, and volumes/shares (13), making all of them wide open for "guest" access. I've been able to access things with NFS, HTTP/WebDAV and ftp without problem. However, I can't seem to get any windows boxes to see the shares that are available on openfiler. Notice I said windows boxes as I can do it from other linux boxes using smbclient. Basically, if I run smbclient -L <machine DNS name) on another linux box, it presents me with a "Password" prompt. If I just hit enter (blank password), it then shows all of the shares that should be available via Samba. It also shows the netbios name and workgroup for the openfiler box. However, if I try to connect with a windows box (XP) either via the "Search" or just putting "\\nas.c2f.northgrum.com" into the Start/Run, it tries for a while but can't find the box to connect to it. This is what the /var/log/samba/lmvaf11031923.log (my laptop's netbios name) contains: ----------------------- [2006/03/30 22:00:41, 0] auth/auth_domain.c:check_ntdomain_security(284) check_ntdomain_security: could not fetch trust account password for domain 'NEWPORTNEWS' -----------------------
The /var/log/samba/x86blade1.log (linux box) shows: ----------------------- [2006/03/30 21:50:23, 0] smbd/uid.c:is_share_read_only_for_user(67) lp_readonly(conn->service) in service.c is 1 [2006/03/30 21:50:23, 0] smbd/uid.c:is_share_read_only_for_user(68) [2006/03/30 21:50:23, 0] lib/access.c:check_access(309) ret is 1 check_access() in service.c is 1 ------------------------ My guess is that I don't have something in LDAP configured exactly right. If you have any ideas, please let me know. I REALLY need to get the samba support working. Thanks in advance! -Mark > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Mark Hawkins > Sent: Thursday, March 30, 2006 6:27 AM > To: 'Mukund' > Cc: [email protected] > Subject: RE: [OF-users] RE: Re: [Openfiler] #237: NFS Mounts > NotGettingExported > > Mukund, > See answers/comments mixed in below. > > Thanks for a good product and good support as well! > > -Mark > > > -----Original Message----- > > From: Mukund [mailto:[EMAIL PROTECTED] > > Sent: Thursday, March 30, 2006 5:42 AM > > To: Mark Hawkins > > Cc: [email protected] > > Subject: Re: [OF-users] RE: Re: [Openfiler] #237: NFS Mounts Not > > GettingExported > > > > Hi Mark > > > > If you are running Openfiler for a personal server, and > need not use > > authentication, you can configure shares in public/guest mode. > Yes, this is how I had initially configured things before. > The only problem I had was that I couldn't get samba to work > without LDAP. I will try this again. If you have any advice > for that, please let me know. > > > > If you are running Openfiler as part of an office network, it's > > likely that you already have a network accessible directory > service. > > If you don't, for the meantime, it's best you create an external > > OpenLDAP server and configure users and groups on it with LAM > > (lam.sourceforge.net) or some other tool. > I am definatly working in an office network, and vary LARGE > office network. > I work for Northrop Grumman and they have a HUGH AD infrastructure. > However, it is not one that I can join with openfiler. I > have no control over it and it is definalty VERY closely controlled. > > As for an external LDAP, I will look into that. There are > other LDAP's that I have control over but they are setup for > other purposes and specific applications. Not something that > I want or should mess with. I will look into standing up > openldap on another machine but that just seems like a bad > use of network resources. The box I'm running openfiler on > (2x3Gig CPU's, 2Gig RAM) is just barely ticking over with > openfiler running on it. There is PLENTY of resources left > to handle openldap. > > > > As far as the incompatibilities in versions are > concerned, Karan is > > preparing a release based on CentOS 4.3 with all the update > packages. > > We will provide them both as updates and as a new ISO. > I look forward to that. Now, if I could just get yum to work > through the office firewall. Dragging the box home to do the > yum update is a bit of a pain. I'm sure the ISO will be a > destructive load as well, right? > > > > Mukund > > > > > > On Wed, 2006-03-29 at 21:36 -0500, Mark Hawkins wrote: > > > Mukund, > > > Ok, I took the computer home and put it on my broadband > > connection. > > > With that, I was able to start the yum update. It got 18 of 22 > > > updates installed, then in froze the computer. I waited > > for over an > > > hour to make sure. Rebooting and anything to do with NFS > > would lockup the system again. > > > Used the interactive startup to get around those, ran yum > > but it said > > > everything was uptodate. > > > > > > Based on this, I started over and installed it again > > (losing all my shares). > > > Immediately after the clean install, did the yum update. > > This time, > > > it completed and the system rebooted without issue. > > > > > > Now, I'm back to needing to have OpenLDAP installed and running. > > > Doing an rpm -qa I see that you have the base openldap rpm > > installed > > > as well as the client one. Both are at version 2.2.13-3. > > However the > > > server one isn't there nor is it available through your > > repo site (yum > > > list all). Checking out the CentOS mirrors for version > 4, you find > > > that they have incremented to version 2.2.13-4, probably > due to the > > > security issues that you find if you do a google search > on version > > > 2.2.13-3. If I try to install the -4 version, it complains about > > > various out packages either being needed or need the -3 version. > > > > > > So, I guess my question now is whether you have the -3 > > version of the > > > server? If so could you either put it on your repo site so > > I can do a > > > yum install openldap-servers? If that's not possible, > > could you email it to me? > > > > > > If neither of those is possible, perhaps it would be good > > to move up > > > to the the -4 version for openfiler to stay up with CentOS > > as well as > > > cover the security issue that -3 has. > > > > > > Thanks in advance for your help. I'm still hopeful of > getting this > > > resolved and setup soon. > > > > > > Later! > > > > > > -Mark > > > > > > > -----Original Message----- > > > > From: Mukund [mailto:[EMAIL PROTECTED] > > > > Sent: Wednesday, March 29, 2006 5:11 AM > > > > To: [EMAIL PROTECTED] > > > > Cc: [email protected] > > > > Subject: Re: Re: [Openfiler] #237: NFS Mounts Not > Getting Exported > > > > > > > > Hi Mark > > > > > > > > It is futile to report these problems without > using the latest > > > > version as several bugs have been fixed and updates have been > > > > provided since the > > > > beta1 release :). There have been LDAP authentication > > related updates. > > > > You must find a way inside your network to access the > > update servers. > > > > Perhaps Karan can help you out with getting yum working > with your > > > > office proxy. > > > > > > > > Also please CC the openfiler-users mailing lists when > > you reply as > > > > an archive is kept. > > > > > > > > Mukund > > > > > > > > > > > > On Tue, 2006-03-28 at 15:22 -0500, [EMAIL PROTECTED] wrote: > > > > > Makund, > > > > > Thanks for replying quickly. I would LOVE to yum the box > > > > but I'm behind a firewall that requires me to login with > > a username > > > > and password. I can't seem to get that to work. I set the > > > > following environment variable with the proxy info: > > > > > export > > > > > http_proxy="http://<proxyuser>:<proxypwd>@httpe1.northgrum.com:80" > > > > > > > > > > then run yum update. I got the following response for that: > > > > > [EMAIL PROTECTED] samba]# yum update > > > > > Setting up Update Process > > > > > Setting up repositories > > > > > > > > > http://manage.openfiler.com/repo/2/os/i386/repodata/repomd.xml > > > > : [Errno > > > > > 4] IOError: HTTP Error 401: Unauthorized Trying other mirror. > > > > > Cannot open/read repomd.xml file for repository: base > > > > > failure: repodata/repomd.xml from base: [Errno 256] No more > > > > mirrors to try. > > > > > Error: failure: repodata/repomd.xml from base: [Errno 256] > > > > No more mirrors to try. > > > > > > > > > > The company has several proxy servers and I've even gotten > > > > it to work just once. It worked long enough for it to > figure out > > > > what needed to be downloaded, then it went back the > unauthorized > > > > error. > > > > > > > > > > The other problems I'm having are almost exactly he same as > > > > the guy in the Openfiler-users list that was complaining > > about his > > > > Samba interaction being SOOO SLOOOOWWW!! In my case, I > don't see > > > > the users or the groups and getent doesn't show them > > either. I get > > > > the exact same error about it not being able to retrieve the > > > > password from the secrets.tdb. It is: > > > > > ------------------------------ > > > > > ldap_connect_system: Failed to retrieve password from > > > > > secrets.tdb > > > > > [2006/03/28 00:35:26, 1] lib/smbldap.c:another_ldap_try(990) > > > > > ----------------------------- > > > > > > > > > > I followed the exact instructions that Rafu sent for the > > > > settings but still get the same error. > > > > > > > > > > I am pretty sure that I have OpenLDAP working correctly as > > > > I am using LAM to successfully connect to it and create a SAMBA > > > > domain, group and user. I am running slapd by hand and > > when LAM is > > > > doing it's thing I see logs of output. However, when the above > > > > error is being printed out by samba, there is nothing > > hitting slapd. > > > > > > > > > > I've pretty much gotten everything else to work (NFS, HTTP, > > > > WEBDAV, FTP) with everything setup as public. > > > > > > > > > > If you have any ideas, I'd be VERY grateful. This box was > > > > a NAS before but it lost a HD in the SCSI raid 5 array. > I didn't > > > > like the old software and it doesn't suppot the USB HD > that I was > > > > able to backup everything to. So I've been looking around at > > > > various NAS solutions. Openfiler seemed like a good > > replacement but > > > > I've had ALOT of trouble with the ldap stuff. It would > > be very nice > > > > if we could just use the local linux users. If I can get > > the ldap > > > > working it will be fine as well. > > > > > > > > > > Thanks in advance! > > > > > > > > > > -Mark Hawkins > > > > > > > > > > > > > > > > > From: Mukund <[EMAIL PROTECTED]> > > > > > > Date: 2006/03/28 Tue AM 11:42:47 EST > > > > > > To: [EMAIL PROTECTED] > > > > > > CC: [email protected] > > > > > > Subject: Re: [Openfiler] #237: NFS Mounts Not > Getting Exported > > > > > > > > > > > > > > > > > > > > > > > > > > > Found that this had been addressed by "Yanking the > > ACL stuff > > > > > > > out". I downloaded the two files (shares_edit.html & > > > > > > > generate.incl) and things get exported just fine now. > > > > > > > > > > > > > > 1 problem down, many to go. > > > > > > > > > > > > > > > > > > > You didn't yum update the box to get all the newest > updates? > > > > > > This has been fixed in an update RPM. Don't manually update > > > > > > files in /opt/openfiler as modified files won't be > > updated by RPM updates. > > > > > > > > > > > > What are your other problems btw? Please use the > > mailing lists > > > > > > to first report problems.. that way you'll get possible > > > > > > explanations for the problem, and if it is in fact > a bug, we > > > > > > will ask > > > > you to file > > > > > > it or file it ourself. > > > > > > > > > > > > Mukund > > > > > > > > > > > > -- > > > > > > > > > > > > char*a=" > > > > > > > > $#,.';:\n\t",*s="\0000\a\t\031\r1\020\021\005",*d="\215\266\333\ > > > > > > > > > > > > S3\032\004\321\232L\32176\233\346;\346\030J~G\200\317\251\373O\001\2 > > > > > > 37h\ > > > > > > > > > > > > \3371C\233\317\211\274\317\371\023\364\235\033\314\377\221\276a\360\ > > > > > > 371\ > > > > > > > > > > > > \f~\341\342\303\326\361\277\353~O\207\307h\337\365\277\"\034o\304yg\ > > > > > > b\ > > > > > > > > > > > > \3146\317\333|\033\355\003\016\033\306\377\3411\264\004\375\0336\202 > > > > > > a\ > > > > > > > > > > > > \242~\3061",i,j,r=0,b=0;main(){for(i=0;i<98;i++){for(;;){r<<=1;r|=(* > > > > > > (d+i) > > > > > > >>(7-b++))&1;for(j=0;j<10;j++) > > > > > > >>if(*(s+j)==r){putchar(*(a+j));r=0;break;} > > > > > > if(b>=8){b=0;break;}}}} > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > char*a=" > > > > $#,.';:\n\t",*s="\0000\a\t\031\r1\020\021\005",*d="\215\266\333\ > > > > S3\032\004\321\232L\32176\233\346;\346\030J~G\200\317\251\373O > > > > \001\237h\ > > > > \3371C\233\317\211\274\317\371\023\364\235\033\314\377\221\276 > > > a\360\371\ > > > > > > \f~\341\342\303\326\361\277\353~O\207\307h\337\365\277\"\034o\304yg\ > > > > b\ > > > > > > \3146\317\333|\033\355\003\016\033\306\377\3411\264\004\375\0336\202 > > > > a\ > > > > \242~\3061",i,j,r=0,b=0;main(){for(i=0;i<98;i++){for(;;){r<<=1 > > > ;r|=(*(d+i) > > > > >>(7-b++))&1;for(j=0;j<10;j++) > > > > if(*(s+j)==r){putchar(*(a+j));r=0;break;} > > > > if(b>=8){b=0;break;}}}} > > > > > > > > > > > > > > > > > _______________________________________________ > > > Openfiler-users mailing list > > > [email protected] > > > https://lists.openfiler.com/mailman/listinfo/openfiler-users > > -- > > > > char*a=" > > $#,.';:\n\t",*s="\0000\a\t\031\r1\020\021\005",*d="\215\266\333\ > > S3\032\004\321\232L\32176\233\346;\346\030J~G\200\317\251\373O > > \001\237h\ > > \3371C\233\317\211\274\317\371\023\364\235\033\314\377\221\276 > > a\360\371\ > > > \f~\341\342\303\326\361\277\353~O\207\307h\337\365\277\"\034o\304yg\b\ > > > \3146\317\333|\033\355\003\016\033\306\377\3411\264\004\375\0336\202a\ > > \242~\3061",i,j,r=0,b=0;main(){for(i=0;i<98;i++){for(;;){r<<=1 > > ;r|=(*(d+i) > > >>(7-b++))&1;for(j=0;j<10;j++) > > if(*(s+j)==r){putchar(*(a+j));r=0;break;} > > if(b>=8){b=0;break;}}}} > > > > > > > _______________________________________________ > Openfiler-users mailing list > [email protected] > https://lists.openfiler.com/mailman/listinfo/openfiler-users > _______________________________________________ Openfiler-users mailing list [email protected] https://lists.openfiler.com/mailman/listinfo/openfiler-users
