how about redirecting the smbpasswd file to the older version (assuming you have one) using smbpasswd file = /file/path/smbpasswd , I replaced my copy of smbpasswd for 3.09 with a 2.216 and the smbpasswd command stopped working, (no new entry added to the smbpasswd file), but when i used that it worked again
"Izo" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Not only nobody reads news://linux.samba, nobody obviously reads this > newsgroup also ! This is just the 5th time I am sending the same or > similar message in last 7 days with no response... > > I would like to point out that *I really need" help on this - either > appointment to prompter resource either an answer about what is going on > with my Samba installation > > Platform: SuSE-9.1, kernel-2.6.5, samba-3.0.4 > > I have recently upgraded from 3.0.2a to 3.0.4 and I have just noticed > that using the same smb.conf as with previous version, the system just > does not work anymore for me ! > Furthermore, smbpasswd utility appears to be dropped ! > > Afterwards, I have noticed that I had to join the domain once again > (security = > DOMAIN). Yet, I still could not log in on to my machine. Before joining > again, every attempt to access shared resources on MYHOST failed with: > > session setup failed: NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE > > This behaviour was just the same even if I tried to used local samba > user. This indicates, that the smbpasswd file is either ignored (despite > passdb backend being set to smbpasswd) either changed the structure > either being displaced. Anyway, browsing the samba docs I could only > realize it was rather outdated (it refered to samba 3.0, obviously not > to samba-3.0.4 and later), wasn't it ? > > # smbclient -U me -L MYHOST -d3 > lp_load: refreshing parameters > Initialising global parameters > params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" > Processing section "[global]" > Unknown parameter encountered: "character set" > Ignoring unknown parameter "character set" > Unknown parameter encountered: "client code page" > Ignoring unknown parameter "client code page" > added interface ip=172.22.110.137 bcast=172.22.255.255 nmask=255.255.0.0 > added interface ip=192.168.74.1 bcast=192.168.74.255 nmask=255.255.255.0 > Client started (version 3.0.2a-SUSE). > Connecting to 172.22.110.137 at port 139 > Password: > Doing spnego session setup (blob length=58) > got OID=1 3 6 1 4 1 311 2 2 10 > got principal=NONE > Got challenge flags: > Got NTLMSSP neg_flags=0x60890215 > NTLMSSP: Set final flags: > Got NTLMSSP neg_flags=0x60080215 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x60080215 > SPENGO login failed: Trust relationship failure > session setup failed: NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE > > > > As I've already said, I realized that I should have joined domain again. > Why so if none of samba admin files changed during upgrade ? Anyway, net > join went smoothly - I got reported Joined to domain OURDOMAIN so I > supposed I was joined, wasn't I ? > > Now I could perform net user -L MYHOST with DOMAIN authentication, yet I > could > not map or browse any of served shares from MYHOST (see the smbclient > dump below) > > And more - where has support for local user/passwords gone ? I had > previously > configured few users which had not been configured within OURDOMAIN (using > smbpasswd -a FOOUSER) and authentication was performed locally even when > MYHOST was joined into OURDOMAIN. It seems that this functionality has > just been dropped, hasn't it ? > > > > Smbclient dump: smbclient notoriously reports as follows (see also > testparm dump after smbclient dump): > > # smbclient -d3 -L me -U MYHOST > lp_load: refreshing parameters > Initialising global parameters > params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" > Processing section "[global]" > added interface ip=172.22.110.137 bcast=172.22.255.255 nmask=255.255.0.0 > added interface ip=192.168.74.1 bcast=192.168.74.255 nmask=255.255.255.0 > Client started (version 3.0.2a-SUSE). > resolve_lmhosts: Attempting lmhosts lookup for name kiztok<0x20> > resolve_wins: Attempting wins lookup for name kiztok<0x20> > resolve_wins: using WINS server 172.22.0.8 and tag '*' > Got a positive name query response from 172.22.0.8 ( 192.168.74.1 > 172.22.110.137 ) > Connecting to 192.168.74.1 at port 139 > Password: > Doing spnego session setup (blob length=58) > got OID=1 3 6 1 4 1 311 2 2 10 > got principal=NONE > Got challenge flags: > Got NTLMSSP neg_flags=0x60890215 > NTLMSSP: Set final flags: > Got NTLMSSP neg_flags=0x60080215 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x60080215 > SPENGO login failed: Logon failure > session setup failed: NT_STATUS_LOGON_FAILURE > > > > > > # testparm -v > Load smb config files from /etc/samba/smb.conf > Processing section "[homes]" > Processing section "[printers]" > Processing section "[print$]" > Processing section "[movies]" > Loaded services file OK. > Server role: ROLE_DOMAIN_MEMBER > Press enter to see a dump of your service definitions > > # Global parameters > [global] > dos charset = CP850 > unix charset = UTF-8 > display charset = ISO8859-15 > workgroup = OURDOMAIN > realm = > netbios name = MYHOST > netbios aliases = > netbios scope = > server string = My Linux host > interfaces = > bind interfaces only = No > security = DOMAIN > auth methods = > encrypt passwords = Yes > update encrypted = No > client schannel = Auto > server schannel = Auto > allow trusted domains = Yes > hosts equiv = > min passwd length = 5 > use cracklib = No > map to guest = Never > null passwords = No > obey pam restrictions = No > password server = ourpasswordserver > smb passwd file = /etc/samba/smbpasswd > private dir = /etc/samba > passdb backend = smbpasswd > algorithmic rid base = 1000 > root directory = > guest account = nobody > pam password change = No > passwd program = > passwd chat = *new*password* %n\n *new*password* %n\n *changed* > passwd chat debug = No > passwd chat timeout = 2 > username map = > password level = 0 > username level = 0 > unix password sync = No > restrict anonymous = 0 > lanman auth = Yes > ntlm auth = Yes > client NTLMv2 auth = No > client lanman auth = Yes > client plaintext auth = Yes > preload modules = > log level = 0 > syslog = 1 > syslog only = No > log file = > max log size = 5000 > timestamp logs = Yes > debug hires timestamp = No > debug pid = No > debug uid = No > smb ports = 445 139 > protocol = NT1 > large readwrite = Yes > max protocol = NT1 > min protocol = CORE > unicode = Yes > read bmpx = No > read raw = Yes > write raw = Yes > disable netbios = No > acl compatibility = > nt pipe support = Yes > nt status support = Yes > announce version = 4.9 > announce as = NT > max mux = 50 > max xmit = 16644 > name resolve order = lmhosts wins host bcast > max ttl = 259200 > max wins ttl = 518400 > min wins ttl = 21600 > time server = No > unix extensions = Yes > use spnego = Yes > client signing = auto > server signing = No > client use spnego = Yes > change notify timeout = 60 > deadtime = 0 > getwd cache = Yes > keepalive = 300 > kernel change notify = Yes > lpq cache time = 10 > max smbd processes = 0 > paranoid server security = Yes > max disk size = 0 > max open files = 10000 > socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY > use mmap = Yes > hostname lookups = No > name cache timeout = 660 > load printers = Yes > printcap name = cups > disable spoolss = No > enumports command = > addprinter command = > deleteprinter command = > show add printer wizard = Yes > os2 driver map = > mangling method = hash2 > mangle prefix = 1 > stat cache = Yes > machine password timeout = 604800 > add user script = > delete user script = > add group script = > delete group script = > add user to group script = > delete user from group script = > set primary group script = > add machine script = > shutdown script = > abort shutdown script = > logon script = > logon path = \\%N\%U\profile > logon drive = > logon home = \\%N\%U > domain logons = No > os level = 65 > lm announce = Auto > lm interval = 60 > preferred master = Auto > local master = No > domain master = Auto > browse list = Yes > enhanced browsing = Yes > dns proxy = Yes > wins proxy = No > wins server = 172.22.0.8 > wins support = No > wins hook = > wins partners = > kernel oplocks = Yes > lock spin count = 3 > lock spin time = 10 > oplock break wait time = 0 > ldap suffix = > ldap machine suffix = > ldap user suffix = > ldap group suffix = > ldap idmap suffix = > ldap filter = (uid=%u) > ldap admin dn = > ldap ssl = > ldap passwd sync = no > ldap delete dn = No > ldap replication sleep = 1000 > add share command = > change share command = > delete share command = > config file = > preload = > lock directory = /var/lib/samba > pid directory = /var/run/samba > utmp directory = > wtmp directory = > utmp = No > default service = > message command = > dfree command = > get quota command = > set quota command = > remote announce = > remote browse sync = > socket address = 0.0.0.0 > homedir map = auto.home > afs username map = > time offset = 0 > NIS homedir = No > panic action = > host msdfs = No > enable rid algorithm = Yes > idmap backend = > idmap uid = > idmap gid = > template primary group = nobody > template homedir = /home/%D/%U > template shell = /bin/false > winbind separator = \ > winbind cache time = 300 > winbind enable local accounts = Yes > winbind enum users = Yes > winbind enum groups = Yes > winbind use default domain = No > winbind trusted domains only = No > comment = > path = > username = > invalid users = > valid users = > admin users = > read list = > write list = > printer admin = > force user = > force group = > read only = Yes > create mask = 0744 > force create mode = 00 > security mask = 0777 > force security mode = 00 > directory mask = 0755 > force directory mode = 00 > directory security mask = 0777 > force directory security mode = 00 > inherit permissions = No > inherit acls = No > guest only = No > guest ok = No > only user = No > hosts allow = > hosts deny = > nt acl support = Yes > profile acls = No > map acl inherit = No > afs share = No > block size = 1024 > max connections = 0 > min print space = 0 > strict allocate = No > strict sync = No > sync always = No > use sendfile = No > write cache size = 0 > max reported print jobs = 0 > max print jobs = 1000 > printable = No > printing = cups > printing cups options = > print command = > lpq command = > lprm command = > lppause command = > lpresume command = > queuepause command = > queueresume command = > printer name = > use client driver = No > default devmode = No > default case = lower > case sensitive = No > preserve case = Yes > short preserve case = Yes > mangle case = No > mangling char = ~ > hide dot files = Yes > hide special files = No > hide unreadable = No > hide unwriteable files = No > delete veto files = No > veto files = /*.eml/*.nws/riched20.dll/*.{*}/ > hide files = > veto oplock files = > map system = No > map hidden = No > map archive = Yes > mangled names = Yes > mangled map = > browseable = Yes > blocking locks = Yes > csc policy = manual > fake oplocks = No > locking = Yes > oplocks = Yes > level2 oplocks = Yes > oplock contention limit = 2 > posix locking = Yes > strict locking = Yes > share modes = Yes > copy = > include = > exec = > preexec close = No > postexec = > root preexec = > root preexec close = No > root postexec = > available = Yes > volume = > fstype = NTFS > set directory = No > wide links = Yes > follow symlinks = Yes > dont descend = > magic script = > magic output = > delete readonly = No > dos filemode = No > dos filetimes = No > dos filetime resolution = No > fake directory create times = No > vfs objects = > msdfs root = No > msdfs proxy = > > [homes] > comment = Home Directories > valid users = %S > read only = No > create mask = 0640 > directory mask = 0750 > browseable = No > > [printers] > comment = All Printers > path = /var/tmp > create mask = 0600 > printable = Yes > browseable = No > > [print$] > comment = Printer Drivers > path = /var/lib/samba/drivers > write list = @ntadmin, root > force group = ntadmin > create mask = 0664 > directory mask = 0775 > > [movies] > comment = Movies > path = /srv/smbshare/movies > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
