Re: [Samba] Samba 3.2, Samba 3.3 release planning

[Michael Adam]

Hi William, Jerry,

Gerald (Jerry) Carter wrote:
> William Jojo wrote:
> > 
> >> I love that releases are moving very quickly now. My only 
> > concern is keeping up with and determining what is appropriate
> > as I continue to maintain AIX binaries on my web page.
> > 
> >> Presently I have already dropped the 3.0 series and have 
> > 3.2.4 available with the clustering option for AIX 5.3 and 6.1.
> > 
> >> I am trying to determine how best to support a 3.2 and 3.3 
> > parallel set or if I should just drop 3.2 after 3.3.1 is
> > released or some other arbitrary schedule. :-) :-)
> > 
> >> How long after 3.3 is released to production does the Samba 
> > team anticipate supporting the 3.2 line?
> 
> That has not bee decided yet.  The 3.0.x releases are in
> maintenance mode (transitioned as soon as 3.2.0 was released).
> The 3.0.x series will reach EOL on Jul 1, 2009.
> 
> I expect that 3.2.x will be moved to maintenance mode as soon
> as 3.3.0 is released.

Yes that had been decided exactly like this.

> maintenance == "only critical bug fixes and security issues"
> 
> What we've not stated is how long it would be until v3.2.x
> reaches EOL.  Based on past data, I expect 6 - 12 months, but
> that is just a guess and not really up to me.

If I am not completely wrong, this had been decided as well
as follows: A release will reach EOL when the next release
goes into maintenance mode, i.e. when the second next release
comes out. With the aimed release cycle of 6 months, this means
that each release will go into maintenance mode after 6 months
and reach EOL anonther 6 months later. Example: 3.2 will go into
maintenance mode in december 2008, when 3.3 is scheduled for
release, and 3.2 will reach EOL around June 2009 (?) when 3.4 is
scheduled.

At least that is what Karolin had proposed and as far as I
remember at least noone had objected. (Time will tell if the
workload is manageable with such a tight release cycle.)

Please correct me if I am mistaken.

> If I were packaging Samba, I would only focus on the latest
> production release.

Exactly.

Of course it makes sense to try and package the pre-releases of
the next release to see in time whether packaging will require 
adaptions. The pre-release phase is supposed to start roughly half
way through the 6 months period.

Cheers - Michael

-- 
Michael Adam <[EMAIL PROTECTED]>
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.SerNet.DE, mailto: Info @ SerNet.DE


pgpZj5i7lA6C8.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Closing sessions and smbstatus

[Rippl, Steve]

> On Mon, Oct 20, 2008 at 12:52:57PM -0700, Steve Rippl wrote:
> 
> > But checking our server I find that the processes DO still exist!
So
> > I'm getting a user session in smbstatus with a specific PID and when
I
> > ps -ef | grep PID there is the smbd process still running, yet the
user
> > has long since logged out (days ago)?!  It's not just that the .tbd
file
> > hasn't been updated, it's that the /usr/local/bin/smbd process is
still
> > running.  A restart of Samba clears them all up immediately, but why
are
> > they hanging around when the client is gone?  Is this just happening
to
> > me on our particular setup or is this normal behavior?
> 
> No, that's not normal behavior, but it does explain why
> the session id's are hanging around. Once the client
> terminates the TCP session the smbd should die (and
> clean up all resources such as session id's etc.).
> 
> When you find a process in this state attach using
> strace -p  (on Linux) to see what it's up to.
> 
> Jeremy.

So after one day I have ~50 left-over sessions.  Running strace as above
I seem to usually get...

select(32, [5 23 31], [], NULL, {43, 45}) = 0 (Timeout)
gettimeofday({1224652458, 61107}, NULL) = 0
geteuid()   = 0
getegid()   = 0
setgroups(0, [])= 0
setresgid(4294967295, 0, 4294967295)= 0
getegid()   = 0
setresuid(0, 0, 4294967295) = 0
geteuid()   = 0
write(23, "\205\0\0\0", 4)  = 4
gettimeofday({1224652458, 61549}, NULL) = 0
geteuid()   = 0
fstat(25, {st_mode=S_IFREG|0644, st_size=894111, ...}) = 0
gettimeofday({1224652458, 61698}, NULL) = 0
select(32, [5 23 31], [], NULL, {60, 0} 

although a couple of time I got more go by...

...[cut-off]...
getegid()   = 0
setgroups(0, [])= 0
setresgid(4294967295, 0, 4294967295)= 0
getegid()   = 0
setresuid(0, 0, 4294967295) = 0
geteuid()   = 0
fcntl(8, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=244, len=1}) =
0
fcntl(8, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=244, len=1}) =
0
stat("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
open("/etc/pam.d/samba", O_RDONLY)  = 25
fstat(25, {st_mode=S_IFREG|0644, st_size=69, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f2f8db98000
read(25, "@include [EMAIL PROTECTED] co"..., 4096) = 69
stat("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
open("/etc/pam.d/common-auth", O_RDONLY) = 29
fstat(29, {st_mode=S_IFREG|0644, st_size=484, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f2f8db97000
read(29, "#\n# /etc/pam.d/common-auth - aut"..., 4096) = 484
open("/lib/security/pam_unix.so", O_RDONLY) = 30
read(30, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260*\0\0"...,
832) = 832
fstat(30, {st_mode=S_IFREG|0644, st_size=50568, ...}) = 0
mmap(NULL, 2195080, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 30,
0) = 0x7f2f892fd000
mprotect(0x7f2f89309000, 2093056, PROT_NONE) = 0
mmap(0x7f2f89508000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 30, 0xb000) = 0x7f2f89508000
mmap(0x7f2f89509000, 48776, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f2f89509000
close(30)   = 0
open("/etc/ld.so.cache", O_RDONLY)  = 30
fstat(30, {st_mode=S_IFREG|0644, st_size=45774, ...}) = 0
mmap(NULL, 45774, PROT_READ, MAP_PRIVATE, 30, 0) = 0x7f2f8db8b000
close(30)   = 0
access("/etc/ld.so.nohwcap", F_OK)  = -1 ENOENT (No such file or
directory)
open("/lib/libselinux.so.1", O_RDONLY)  = 30
read(30, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240Q\0\0"...,
832) = 832
fstat(30, {st_mode=S_IFREG|0644, st_size=109368, ...}) = 0
mmap(NULL, 2209176, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 30,
0) = 0x7f2f888d4000
mprotect(0x7f2f888ed000, 2097152, PROT_NONE) = 0
mmap(0x7f2f88aed000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 30, 0x19000) = 0x7f2f88aed000
mmap(0x7f2f88aef000, 1432, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f2f88aef000
close(30)   = 0
open("/etc/selinux/config", O_RDONLY)   = -1 ENOENT (No such file or
directory)
statfs("/selinux", 0x7fff960e0250)  = -1 ENOENT (No such file or
directory)
open("/proc/mounts", O_RDONLY)  = 30
fstat(30, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f2f8db8a000
read(30, "rootfs / rootfs rw 0 0\nnone /sys"..., 1024) = 1024
read(30, "dered 0 0\n/dev/mapper/group-mate"..., 1024) = 649
read(30, "", 1024)  = 0
close(30)   = 0
munmap(0x7f2f8db8a000, 4096)= 0
munmap(0x7f2f8d

Re: [Samba] Multiple IP addresses in DNS record

[Frank Gruman]

On Tue, 2008-10-21 at 13:34 -0400, Jarrod Hyder wrote:

> I have a samba server running on Linux that has two ethernet cards (eth0 &
> eth1) that are bonded into a single virtual interface (bond0). This virtual
> interface is connected to the corporate LAN and I have another ethernet card
> (eth2) that is connected to another server that is used for making
> incremental backups. The problem that I am having is that no matter what I
> do, the command "net ads dns register -P' causes both the bond0 and eth2 IP
> addresses to show up in the DNS record on the corporate domain controller.
> 
> I have tried to force samba and winbind to use "interface = bond0" and
> "bind interfaces only = yes" and it doesn't seem to help this situation.
> 
> If anyone can shed some light on what I am doing wrong, I would really
> appreciate it.
> 
> BTW, I am using samba 3.0.28a
> 
> --
> Jarrod Hyder
> [EMAIL PROTECTED]


Jarrod,

Not sure how much help I can be, but give this a try - add the -d # flag
to your 'net ads dns ...' command where # can be something up to 10
(more debug output).  This can at the very least confirm the smb.conf
file being read as well as perhaps point you in a better direction.  If
nothing else, posted the somewhat cleansed output here; it may help
others here to see where your problem lies.



Regards,
Frank
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Create user home directory or user-own folder on samba server on first login to samba

[Michael Heydon]

Русаков Денис wrote:

  I'd like to create user home directory or user-own folder on samba server on 
first login to samba without using PAM
  


I use this along with a "root preexec" (and "preexec close") setting on 
the homes share.


*Michael Heydon - IT Administrator *
[EMAIL PROTECTED] 

/*
 *  Program Name: smbmkhome
 *  Version: 1.0
 *  Author: Michael Heydon
 *  Purpose: This program is designed to be run by samba prior to a user
 *   accessing their home directory. Since the users are set up in LDAP
 *   it is possible (probable) that their home directory was not created
 *   when their account was. This program will create the user's home
 *   directory and fix ownership and permissions if necessary.
 * 
 *   The program should be called with 1 parameter
 * 
 *   smbmkhome 
 * 
 *is the user to create/fix the home directory for.
 * 
 *   smbmkhome will return: 0 - success
 *  1 - incorrect parameters
 *  2 - invalid user
 *  3 - home exists but is not a directory
 *  4 - mkdir/chown failed
 * 
 *  Notes: compile with "gcc -o smbmkhome smbmkhome.c"
 * tested under slackware linux 10.2
 * requires cpio to copy skel when creating a directory
 */

#include 
#include 
#include 
#include 
#include 
#include 
#include 

void printUsage(char* argv0);
int createHomeDir(struct passwd* user, char* skel);
void fixPerms(struct passwd* user);

int main (int argc, char* argv[]) {

  char* skel = "/etc/skel";
  struct passwd* userpw = 0;
  struct stat dirstat;
  char* homedir = 0;
  int returnval = 0;

  if ( argc != 2 ) {
printUsage(argv[0]);
returnval = 1;
  } else {
userpw = getpwnam(argv[1]);
if ( userpw != 0 ) {
  homedir = userpw->pw_dir;
} else {
  // Since this is unlikely to occur if the program is being called by
  // samba as I intended we will allow a little bit of user interaction
  // here.
  printf ("%s: User does not exist.\n", argv[0]);
  returnval = 2;
}
  }

  if ( returnval == 0 ) 
if ( stat(homedir, &dirstat) == 0 ) {

  if ( (dirstat.st_mode & S_IFMT) == S_IFDIR ) {

// Make sure the user and the users primary group are the owners of the
// home directory and make sure at least the user has RWX permissions.
//
// The last comparison isn't terrible intuitive it just happens that
// the bitmask S_IRWXU is exactly equal to the bits we want set. Rather
// than or'ing together the bits for RWX to get exactly the same value
// I decided to use the mask itself.
if ( (dirstat.st_uid != userpw->pw_uid) || \
 (dirstat.st_gid != userpw->pw_gid) || \
 ( (dirstat.st_mode & S_IRWXU) != S_IRWXU) )
  fixPerms(userpw);

  } else {

// stat returned, meaning the home "directory" exists on the FS, but 
// the st_mode variable indicates that its not a directory. Oops :/
// We won't try and force things because this could be used by admins
// to stop a particular user from having a home directory (guest users
// etc).
returnval = 3;

  }

} else {
  // home directory does not exist at all, try and create it and chown it
  // to the user and their primary group. copy skel to the new home dir if
  // possible but dont worry if that bit fails.
  if ( ! createHomeDir(userpw, skel) == 0 )
returnval=4;
}

  return returnval;

}

void printUsage (char* argv0) {
  printf ("Usage: %s \n\n", argv0);
  printf ("Create/fix a user's home directory (prior to accessing via 
samba).\n");
}

int createHomeDir(struct passwd* user, char* skel) {

  int returnval=0;
  char command[255];

  if ( (mkdir(user->pw_dir, 0755) == 0) ) {
returnval=chown(user->pw_dir, user->pw_uid, user->pw_gid);
  } else {
returnval=1;
  }

  if ( returnval == 0 ) {
// Don't worry if this fails, the directory exists and is owned by the user
// this is really just a courtesy.
sprintf(command, "cd %s && find . -print | cpio -pd %s 2>&1 > /dev/null"
 ,skel, user->pw_dir);
system(command);
sprintf(command, "chown -R %s. %s", user->pw_name, user->pw_dir);
system(command);
  }

  return returnval;

}

void fixPerms(struct passwd* user) {

  // We don't return anything here, since the directory already exists its
  // possible that who ever created the directory set things up in such a way
  // that this function fails but the share works the way they want, we don't
  // want to tell samba to drop the user's connection just because their admin
  // is being wierd :)

  if ( (chmod(user->pw_dir, 0755) == 0) ) {
chown(user->pw_dir, user->pw_uid, user->pw_gid);
  }

}
-- 
To unsubscribe from this list g

Re: [Samba] Samba 3.2, Samba 3.3 release planning

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

William Jojo wrote:
> 
>> I love that releases are moving very quickly now. My only 
> concern is keeping up with and determining what is appropriate
> as I continue to maintain AIX binaries on my web page.
> 
>> Presently I have already dropped the 3.0 series and have 
> 3.2.4 available with the clustering option for AIX 5.3 and 6.1.
> 
>> I am trying to determine how best to support a 3.2 and 3.3 
> parallel set or if I should just drop 3.2 after 3.3.1 is
> released or some other arbitrary schedule. :-) :-)
> 
>> How long after 3.3 is released to production does the Samba 
> team anticipate supporting the 3.2 line?

That has not bee decided yet.  The 3.0.x releases are in
maintenance mode (transitioned as soon as 3.2.0 was released).
The 3.0.x series will reach EOL on Jul 1, 2009.

I expect that 3.2.x will be moved to maintenance mode as soon
as 3.3.0 is released.

maintenance == "only critical bug fixes and security issues"

What we've not stated is how long it would be until v3.2.x
reaches EOL.  Based on past data, I expect 6 - 12 months, but
that is just a guess and not really up to me.

If I were packaging Samba, I would only focus on the latest
production release.



cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI/laiIR7qMdg1EfYRAmcbAJ4pcc9a2mJvpMhvB29WapolX6YH9wCgtu6y
TXcKxtS7V/Gt+G0Vo1LUhy0=
=nkM3
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.2, Samba 3.3 release planning

[William Jojo]

 Original message 
>Date: Tue, 21 Oct 2008 13:46:14 -0500
>From: "Gerald (Jerry) Carter" <[EMAIL PROTECTED]>  
>Subject: Re: [Samba] Samba 3.2, Samba 3.3 release planning  
>To: Andreas Ladanyi <[EMAIL PROTECTED]>
>Cc: samba@lists.samba.org
>
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>Andreas Ladanyi wrote:
>
>> Is samba 3.2 development stopped and all concentration 
>> given to Samba 3.3 ? Because there isnt any further release
>> note available for 3.2, but instead there are some notes for 3.3 ?
>
>Any future Samba 3.2.x release will be bug fix releases only.
>New develeopment is on-going in the 3.3 branch which is due
>for release mid-december.
>
>

I love that releases are moving very quickly now. My only concern is keeping up 
with and determining what is appropriate as I continue to maintain AIX binaries 
on my web page.

Presently I have already dropped the 3.0 series and have 3.2.4 available with 
the clustering option for AIX 5.3 and 6.1.

I am trying to determine how best to support a 3.2 and 3.3 parallel set or if I 
should just drop 3.2 after 3.3.1 is released or some other arbitrary schedule. 
:-) :-) 

How long after 3.3 is released to production does the Samba team anticipate 
supporting the 3.2 line?

Much appreciation and thanks to all on the Team!


Cheers,
Bill


>
>
>
>cheers, jerry
>- --
>=
>Samba--- http://www.samba.org
>Likewise Software  -  http://www.likewisesoftware.com
>"What man is a man who does not make the world better?"  --Balian
>-BEGIN PGP SIGNATURE-
>Version: GnuPG v1.4.6 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFI/iN2IR7qMdg1EfYRAinOAJ9XqGIi8selGvRTrPAfTumNJxTupwCgwn1K
>+6VSHinH8qJkRl9/FnlxURA=
>=+eBo
>-END PGP SIGNATURE-
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Windows not being able to see all samba groups

[Gustavo Lima]

Hi there,

I´m working on a samba server 3.0.24 based on openldap 2.3.30, instaled onde
Debian Etch 64 fully updated.

This installation have been working fine about 2 years and lately I´m trying
to find some groups on my Windows file server and it doesn´t find them.

Some groups show up others don´t.

Since I can list all my groups using smbldap-groupshow or with getent group
I believe it´s not exactly an ldap issue.

When looking for some debug information on ldap logs I don´t see any errors.
The groups are retrieved fine from ldap.

Samba doesn´t show any errors too.

Any idea about what could be happening?


Thank´s in advance.

Gustavo
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Elder Souza]

No prob Jeremy, thanx for your help!

Elder Souza
(71) 9972-7573 / (71) 8801-5734


On Tue, Oct 21, 2008 at 5:47 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote:

> On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote:
> > It has been fixed after what version? Do you know?
>
> Don't have the time to check the release
> notes right now, but it's definately fixed
> in 3.0.32 and 3.2.4.
>
> Jeremy.
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Jeremy Allison]

On Tue, Oct 21, 2008 at 05:44:05PM -0300, Elder Souza wrote:
> It has been fixed after what version? Do you know?

Don't have the time to check the release
notes right now, but it's definately fixed
in 3.0.32 and 3.2.4.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Elder Souza]

It has been fixed after what version? Do you know?


Elder Souza
(71) 9972-7573 / (71) 8801-5734


On Tue, Oct 21, 2008 at 5:41 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote:

> On Tue, Oct 21, 2008 at 05:33:09PM -0300, Elder Souza wrote:
> > Ok, but it's a production server and I will create another and test 3.2.4
> > version.
>
> If you want to stay on 3.0.x 3.0.32 is the latest version.
>
> > Another question: Why winbind can't free connections and how can I
> set/change a
> > timeout value for these connections?
>
> It's a bug that has been fixed.
>
> Jeremy.
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Jeremy Allison]

On Tue, Oct 21, 2008 at 05:33:09PM -0300, Elder Souza wrote:
> Ok, but it's a production server and I will create another and test 3.2.4
> version.

If you want to stay on 3.0.x 3.0.32 is the latest version.

> Another question: Why winbind can't free connections and how can I set/change 
> a
> timeout value for these connections?

It's a bug that has been fixed.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Elder Souza]

Ok, but it's a production server and I will create another and test 3.2.4
version.

Another question: Why winbind can't free connections and how can I
set/change a timeout value for these connections?

Elder Souza
(71) 9972-7573 / (71) 8801-5734


On Tue, Oct 21, 2008 at 5:19 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote:

> On Tue, Oct 21, 2008 at 05:17:19PM -0300, Elder Souza wrote:
> > Linux CentOS 5 Final with:
> >
> >- samba-common-3.0.25b-1.el5_1.4
> >- samba-client-3.0.25b-1.el5_1.4
> >- samba-3.0.25b-1.el5_1.4
> >
> >
> > Elder Souza
> > (71) 9972-7573 / (71) 8801-5734
>
> Ancient. Please upgrade to at least 3.0.32.
>
> Jeremy.
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Jeremy Allison]

On Tue, Oct 21, 2008 at 05:17:19PM -0300, Elder Souza wrote:
> Linux CentOS 5 Final with:
> 
>- samba-common-3.0.25b-1.el5_1.4
>- samba-client-3.0.25b-1.el5_1.4
>- samba-3.0.25b-1.el5_1.4
> 
> 
> Elder Souza
> (71) 9972-7573 / (71) 8801-5734

Ancient. Please upgrade to at least 3.0.32.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Elder Souza]

Linux CentOS 5 Final with:

   - samba-common-3.0.25b-1.el5_1.4
   - samba-client-3.0.25b-1.el5_1.4
   - samba-3.0.25b-1.el5_1.4


Elder Souza
(71) 9972-7573 / (71) 8801-5734


On Tue, Oct 21, 2008 at 4:11 PM, Jeremy Allison <[EMAIL PROTECTED]> wrote:

> On Tue, Oct 21, 2008 at 02:40:55PM -0300, Elder Souza wrote:
> > Hi!
> >
> > Somebody knows how can i fix this error? My squid allways show user/pass
> > popup in ADS+Squid authentication scheme (auth_proxy).
> >
> > I got a lot of "winbindd: Exceeding 200 client connections, no idle
> > connection found" message in winbind.log
>
> What Samba version are you using ? This is something that
> has been fixed in the 3.2.4 release.
>
> Jeremy.
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Jeremy Allison]

On Tue, Oct 21, 2008 at 02:40:55PM -0300, Elder Souza wrote:
> Hi!
> 
> Somebody knows how can i fix this error? My squid allways show user/pass
> popup in ADS+Squid authentication scheme (auth_proxy).
> 
> I got a lot of "winbindd: Exceeding 200 client connections, no idle
> connection found" message in winbind.log

What Samba version are you using ? This is something that
has been fixed in the 3.2.4 release.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba server authenticating to W2k3 ADS

[Matthew Arguin]

I am looking for some info on an issue I have authenticating Samba
3.0(Centos 5) to a W2k3 AD.

Server info:
Samba server:  HP DL 365, Centos 5 linux:
samba-3.0.28-1.el5_2.1
samba-common-3.0.28-1.el5_2.1
pam_krb5-2.2.11-1
krb5-workstation-1.6.1-25.el5_2.1
krb5-libs-1.6.1-25.el5_2.1
pam_krb5-2.2.11-1
krb5-libs-1.6.1-25.el5_2.1

KRB libs were installed and then updated via YUM.

Windows server: Same hardware, Win2k3 R2 Ent.


 I have followed the instructions that I found on samba.org and seem to have
the krb stuff working and I am pretty sure the first time that I tried
joining the domain I got no error, but it did not seem to complete.And
when I try to join the domain again I get the following error:

[EMAIL PROTECTED] ~]# net ads join -U Administrator
Administrator's password:
[2008/10/21 18:38:52, 0] libads/sasl.c:ads_sasl_spnego_bind(330)
  kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials
Failed to join domain: Invalid credentials


Although I have confirmed the creditials repeatedly...and KRB seems to be
working:

[EMAIL PROTECTED] ~]# kinit [EMAIL PROTECTED]
Password for [EMAIL PROTECTED]:
[EMAIL PROTECTED] ~]#


krb5.conf:

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm =JPRINC.NET

[realms]
 JPRINC.NET = {
  kdc = ad1.jprinc.net
 }

[domain_realm]
 .kerberos.server = JPRINC.NET

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }





And smb.conf:

#
# smb.conf - configuration to allow for all MPR file sharing requirements
#
[global]
large readwrite = no
workgroup = JPRINC.NET
realm = JPRINC.NET
netbios name = AD1
preferred master = no
server string = %h Linux File Server (Samba)
log file = /var/log/samba/log.%m
log level = 5
max log size = 1000
security = ADS
password server = ad1.jprinc.net
encrypt passwords = yes
winbind separator = -
printcap name = cups
printing = cups
idmap uid = 1-2
idmap gid = 1-2

[public]
comment = Marketplace Rewards Public Share
writable = yes
path = /fileshare/public
public = yes
guest account = nobody
map to guest = bad user
only guest = yes
browsable = yes
[homes]
comment = User Home Directories
valid users = %S
browseable = No
read only = No
writable = Yes


I seem to have some sort of connectivity to the domain because the info
below is correct:


[EMAIL PROTECTED] ~]# net ads info
LDAP server: A.B.C.D
LDAP server name: ad1.jprinc.net
Realm: JPRINC.NET
Bind Path: dc=JPRINC,dc=NET
LDAP port: 389
Server time: Tue, 21 Oct 2008 18:39:58 UTC
KDC server: A.B.C.D
Server time offset: -108








--
Matthew Arguin
Production Support
Jackpotrewards, Inc.
275 Grove St
Newton, MA 02466
617-795-2850 x 2325
www.jackpotrewards.com

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.2, Samba 3.3 release planning

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Andreas Ladanyi wrote:

> Is samba 3.2 development stopped and all concentration 
> given to Samba 3.3 ? Because there isnt any further release
> note available for 3.2, but instead there are some notes for 3.3 ?

Any future Samba 3.2.x release will be bug fix releases only.
New develeopment is on-going in the 3.3 branch which is due
for release mid-december.





cheers, jerry
- --
=
Samba--- http://www.samba.org
Likewise Software  -  http://www.likewisesoftware.com
"What man is a man who does not make the world better?"  --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI/iN2IR7qMdg1EfYRAinOAJ9XqGIi8selGvRTrPAfTumNJxTupwCgwn1K
+6VSHinH8qJkRl9/FnlxURA=
=+eBo
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Bad passwords from Vampire / NT migration

[Cooper S. Blake]

> I started looking at all the password hashes using pdbedit -Lw, and
> found the following:
>
> * There are no LanMan password hashes (all set to ...)
> * Most machine accounts have neither LanMan nor NT password hashes:
> WS6$:576::
>   :[W  ]:LCT-48D8EC0E:
> * The NT hashes for the user accounts appear to be incorrect.

Can anyone tell me why net rpc samdump gets the correct LM and NT
password hashes, but net rpc vampire gets incorrect hashes?  What's
funny is that vampire seems to produce consistent results, but
they're consistently wrong.

Is it possible that the NT PDC doesn't trust the Samba server so
it gives it bad hashes?

If there was an easy way to update the NT password hashes in the
passdb tdb file then I would do it.  I could import the samdump via
the pdbedit import feature, but then I have to remap SIDs, which I
have been unable to do.  Perhaps using tdbtool I could locate the NT
hash bytes and replace them, but this would be tedious.

Any thoughts?  Suggestions?

thanks,
Cooper
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba 3.2, Samba 3.3 release planning

[Andreas Ladanyi]

Hi,

i visited wiki.samba.org and read the "Release Planning for Samba 3.2" 
information and the "Release Planning for Samba 3.3" information.


So my question is:

Is samba 3.2 development stopped and all concentration given to Samba 
3.3 ? Because there isnt any further release note available for 3.2, but 
instead there are some notes for 3.3 ?


Bye and thanks for your information :-)

Andy

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Problem with Save-As in Photoshop/InDesign on a samba server.

[Kristian Davies]

> I have a quite "interesting" problem on a samba server:
>
> We (or better: our client) had a WinXP-system with a shared folder with
> lots of data, which has been replaced with a dedicated fileserver using
> Samba (on Linux).
> All data has been migrated and everything seemed to be fine, however
> Photoshop (CS3) and InDesign have some problems on WinXP:
> - files can be opened and modified just fine (using "Save")
> - however when the user tries to use "Save as", he is unable to save
> (user says that he can browse directories just fine, however "Save" is
> grayed out).
> - CS3 on Vista works.
> - Saving the file locally and moving it with explorer works too.
> - Behaviour is not consistent across directories, i.e. there is a Folder
> "Projects" with ~30 subfolders. Saving to the first 4 works, the others
> do not work.
> - On the old WinXP "server", everything worked
>
> I have currently no / only limited control on the server.
> (I'm not on-site currently, I have only remote-access by ssh to the server)
>
> Has anybody an idea what this can be?

Maybe In CS in the save dialog box, bottom left I think there is a
button says something like "use OS save" and if you press it again
"use adobe save", I think OS save is the way to go.

I have quite a few CS users using samba.

-Kristian
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] winbindd: Exceeding 200 client connections, no idle connection found

[Elder Souza]

Hi!

Somebody knows how can i fix this error? My squid allways show user/pass
popup in ADS+Squid authentication scheme (auth_proxy).

I got a lot of "winbindd: Exceeding 200 client connections, no idle
connection found" message in winbind.log
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problem with Save-As in Photoshop/InDesign on a samba server.

[Tim Riemenschneider]

Hi,

I have a quite "interesting" problem on a samba server:

We (or better: our client) had a WinXP-system with a shared folder with
lots of data, which has been replaced with a dedicated fileserver using
Samba (on Linux).
All data has been migrated and everything seemed to be fine, however
Photoshop (CS3) and InDesign have some problems on WinXP:
- files can be opened and modified just fine (using "Save")
- however when the user tries to use "Save as", he is unable to save
(user says that he can browse directories just fine, however "Save" is
grayed out).
- CS3 on Vista works.
- Saving the file locally and moving it with explorer works too.
- Behaviour is not consistent across directories, i.e. there is a Folder
"Projects" with ~30 subfolders. Saving to the first 4 works, the others
do not work.
- On the old WinXP "server", everything worked

I have currently no / only limited control on the server.
(I'm not on-site currently, I have only remote-access by ssh to the server)

Has anybody an idea what this can be?

cu
Tim

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Multiple IP addresses in DNS record

[Jarrod Hyder]

I have a samba server running on Linux that has two ethernet cards (eth0 &
eth1) that are bonded into a single virtual interface (bond0). This virtual
interface is connected to the corporate LAN and I have another ethernet card
(eth2) that is connected to another server that is used for making
incremental backups. The problem that I am having is that no matter what I
do, the command "net ads dns register -P' causes both the bond0 and eth2 IP
addresses to show up in the DNS record on the corporate domain controller.

I have tried to force samba and winbind to use "interface = bond0" and
"bind interfaces only = yes" and it doesn't seem to help this situation.

If anyone can shed some light on what I am doing wrong, I would really
appreciate it.

BTW, I am using samba 3.0.28a

--
Jarrod Hyder
[EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Closing sessions and smbstatus

[Jeremy Allison]

On Tue, Oct 21, 2008 at 12:21:12AM -0200, Norberto Bensa wrote:
> Quoting Jeremy Allison <[EMAIL PROTECTED]>:
>
>> On Mon, Oct 20, 2008 at 10:03:46PM -0200, Norberto Bensa wrote:
>>> Locked files:
>>> Pid  UidDenyMode   Access  R/WOplock
>>>  SharePath   Name   Time
>>> --
>>> 747  4036   DENY_ALL   0x2019f RDWR   NONE
>>>  /home/mjoddone   .Correo/retina/addr2a3a.pmr   Thu Oct 16 17:44:15 2008
>>
>> Can you gdb and break at print_share_mode()
>> and see why the call at :
>
> Hm. I'm affraid I don't know gdb good enough, and BTW, and correct me if 
> I'm wrong, but shouldn't I be running a debug-enabled binary of  
> smbstatus to do what you're asking me for?

Yes, but I already assumed that, sorry :-).
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba idmap ldap backend

[Sébastien Prud'homme]

In nsswitch.conf, replace "ldap" by "winbind"

2008/10/21 Johan Hendriks <[EMAIL PROTECTED]>:
> Hello all
>
>
>
> First of all Sorry for the long e-mail
>
>
>
> I am trying to get samba working as a domain member and store the idmap in a 
> ldap database.
>
>
>
> The join is successful and all commands are working like it should wbinfo –u, 
> wbinfo –g   kinit enz
>
> But the id administrator command gives me the following
>
>
>
> # id administrator
>
> id: administrator: no such user
>
>
>
> If I do not use the ldap backend it works well.
>
>
>
> This is on FreeBSD 7_RELEASE with samba 3.0.32 and openldap 2.3.43
>
> I did do all the things mentioned in chapter 7 of the by example doc.
>
> Also the smbpasswd –w 12345
>
>
>
> I am working on this for over 3 days now but my ldap understanding is not 
> that much I guess.
>
> What am I forgetting or doing wrong.
>
>
>
> Best regards,
>
> Johan Hendriks
>
>
>
>
>
> My slapd.conf file
>
>
>
> #
>
> # See slapd.conf(5) for details on configuration options.
>
> # This file should NOT be world readable.
>
> #
>
> include /usr/local/etc/openldap/schema/core.schema
>
> include /usr/local/etc/openldap/schema/cosine.schema
>
> include /usr/local/etc/openldap/schema/inetorgperson.schema
>
> include /usr/local/etc/openldap/schema/misc.schema
>
> include /usr/local/etc/openldap/schema/nis.schema
>
> include /usr/local/etc/openldap/schema/openldap.schema
>
> include /usr/local/etc/openldap/schema/samba.schema
>
>
>
> loglevel 256
>
>
>
> pidfile /var/run/openldap/slapd.pid
>
> argsfile/var/run/openldap/slapd.args
>
>
>
> # Load dynamic backend modules:
>
> modulepath  /usr/local/libexec/openldap
>
> moduleload  back_bdb
>
>
>
> ###
>
> # BDB database definitions
>
> ###
>
>
>
> databasebdb
>
> suffix  "dc=double-l,dc=local"
>
> rootdn  "cn=Manager,dc=double-l,dc=local"
>
> rootpw = 12345
>
>
>
>
>
>
>
> directory   /usr/local/var/db/openldap-data
>
>
>
> # Indices to maintain
>
> index   objectClass eq
>
> index   cn  pres,sub,eq
>
> index   sn  pres,sub,eq
>
> index   uid pres,sub,eq
>
> index   displayName pres,sub,eq
>
> index   uidNumber   eq
>
> index   gidNumber   eq
>
> index   memberUID   eq
>
> index   sambaSIDeq
>
> index   sambaPrimaryGroupSIDeq
>
> index   sambaDomainName eq
>
> index   default sub
>
>
>
> my ldap.con and nss_ldap.conf file
>
>
>
>
>
> base dc=double-l,dc=local
>
> binddn cn=Manager,dc=double-l,dc=local
>
> bindpw 12345
>
>
>
>
>
> pam_password exop
>
>
>
> bind_policy soft
>
> bind_timelimit 10
>
>
>
> host 127.0.0.1
>
> idle_timelimit 3600
>
> ldap_version 3
>
>
>
> nss_base_group  ou=Groups,dc=double-l,dc=local?one
>
> nss_base_passwd ou=People,dc=double-l,dc=local?one
>
> nss_base_shadow ou=People,dc=double-l,dc=local?one
>
>
>
> nss_connect_policy persist
>
> nss_paged_results yes
>
>
>
> pagesize 1000
>
> port 389
>
> timelimit 30
>
>
>
> my vi /etc/nsswitch.conf
>
> group: files ldap
>
> group_compat: nis
>
> hosts: files dns
>
> networks: files
>
> passwd: files ldap
>
> passwd_compat: nis
>
> shells: files
>
> services: compat
>
> services_compat: nis
>
> protocols: files
>
> rpc: files
>
>
>
> my idmap.ldiff file
>
>
>
> dn: dc=snowshow,dc=com
> objectClass: dcObject
> objectClass: organization
> dc: snowshow
> o: The Greatest Snow Show in Singapore.
> description: Posix and Samba LDAP Identity Database
>
> dn: cn=Manager,dc=snowshow,dc=com
> objectClass: organizationalRole
> cn: Manager
> description: Directory Manager
>
> dn: ou=Idmap,dc=snowshow,dc=com
> objectClass: organizationalUnit
> ou: idmap
>
>
>
>
>
> and finally my smb.conf file
>
>
>
> [global]
>
> workgroup = DOUBLE-L
>
> netbios name = BEASTY
>
> realm = DOUBLE-L.LOCAL
>
> server string = Samba Server
>
> security = ADS
>
> log level = 1 ads:10 auth:10 sam:10 rpc:10
>
> ldap admin dn = cn=Manager,dc=DOUBLE-L,dc=LOCAL
>
> ldap idmap suffix = ou=Idmap
>
> ldap suffix = dc=DOUBLE-L,dc=LOCAL
>
> idmap backend = ldap:ldap://127.0.0.1
>
> idmap uid = 15-55
>
> idmap gid = 15-55
>
> template shell = /usr/local/bin/bash
>
> winbind use default domain = Yes
>
>
>
> [share1]
>
>comment = Data Directory
>
>path = /mnt
>
>#write list = @mr70
>
>read only = no
>
>create mask = 0777
>
>directory mask = 0777
>
>
>
> and my /etc/krb5.conf file
>
>
>
> [libdefaults]
>
>default_realm = DOUBLE-l.LOCAL
>
>clockskew = 300
>
>
>
> [realms]
>
>DOUBLE-l.LOCAL = {
>
>kdc = w2003s01.double-l.local
>
>}
>
>
>
> [domain_realm]
>
>.double-l.local = DOUBLE-l.LOCAL
>
>
>
>
>
> This is a part of my slapd.log file after a 

[Samba] read only issue

[Frank Uccello]

I have a XP machine using a xcopy scribe with /r option (over right read
only files)   to a debain machine via samba

Every once in a while a file becomes read only from the windows side.

I look at the linux side and it still shows as read, writeable

It does not happen often about once a month 

I can not attrib +r to fix it.

The only way to fix it  is to login on linux box and chmod the file and
rerun the batch


How can I fix this issue or have a work around so it does not happen




Thanks



Frank



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba idmap ldap backend

[Johan Hendriks]

Hello all 

 

First of all Sorry for the long e-mail

 

I am trying to get samba working as a domain member and store the idmap in a 
ldap database.

 

The join is successful and all commands are working like it should wbinfo –u, 
wbinfo –g   kinit enz

But the id administrator command gives me the following

 

# id administrator

id: administrator: no such user

 

If I do not use the ldap backend it works well.

 

This is on FreeBSD 7_RELEASE with samba 3.0.32 and openldap 2.3.43

I did do all the things mentioned in chapter 7 of the by example doc.

Also the smbpasswd –w 12345

 

I am working on this for over 3 days now but my ldap understanding is not that 
much I guess.

What am I forgetting or doing wrong.

 

Best regards,

Johan Hendriks

 

 

My slapd.conf file

 

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include /usr/local/etc/openldap/schema/core.schema

include /usr/local/etc/openldap/schema/cosine.schema

include /usr/local/etc/openldap/schema/inetorgperson.schema

include /usr/local/etc/openldap/schema/misc.schema

include /usr/local/etc/openldap/schema/nis.schema

include /usr/local/etc/openldap/schema/openldap.schema

include /usr/local/etc/openldap/schema/samba.schema

 

loglevel 256

 

pidfile /var/run/openldap/slapd.pid

argsfile/var/run/openldap/slapd.args

 

# Load dynamic backend modules:

modulepath  /usr/local/libexec/openldap

moduleload  back_bdb

 

###

# BDB database definitions

###

 

databasebdb

suffix  "dc=double-l,dc=local"

rootdn  "cn=Manager,dc=double-l,dc=local"

rootpw = 12345

   

 

 

directory   /usr/local/var/db/openldap-data

 

# Indices to maintain

index   objectClass eq

index   cn  pres,sub,eq

index   sn  pres,sub,eq

index   uid pres,sub,eq

index   displayName pres,sub,eq

index   uidNumber   eq

index   gidNumber   eq

index   memberUID   eq

index   sambaSIDeq

index   sambaPrimaryGroupSIDeq

index   sambaDomainName eq

index   default sub

 

my ldap.con and nss_ldap.conf file

 

 

base dc=double-l,dc=local

binddn cn=Manager,dc=double-l,dc=local

bindpw 12345

 

 

pam_password exop

 

bind_policy soft

bind_timelimit 10

 

host 127.0.0.1

idle_timelimit 3600

ldap_version 3

 

nss_base_group  ou=Groups,dc=double-l,dc=local?one

nss_base_passwd ou=People,dc=double-l,dc=local?one

nss_base_shadow ou=People,dc=double-l,dc=local?one

 

nss_connect_policy persist

nss_paged_results yes

 

pagesize 1000

port 389

timelimit 30

 

my vi /etc/nsswitch.conf

group: files ldap

group_compat: nis

hosts: files dns

networks: files

passwd: files ldap

passwd_compat: nis

shells: files

services: compat

services_compat: nis

protocols: files

rpc: files

 

my idmap.ldiff file 

 

dn: dc=snowshow,dc=com
objectClass: dcObject
objectClass: organization
dc: snowshow
o: The Greatest Snow Show in Singapore.
description: Posix and Samba LDAP Identity Database
 
dn: cn=Manager,dc=snowshow,dc=com
objectClass: organizationalRole
cn: Manager
description: Directory Manager
 
dn: ou=Idmap,dc=snowshow,dc=com
objectClass: organizationalUnit
ou: idmap

 

 

and finally my smb.conf file

 

[global]

workgroup = DOUBLE-L

netbios name = BEASTY

realm = DOUBLE-L.LOCAL

server string = Samba Server

security = ADS

log level = 1 ads:10 auth:10 sam:10 rpc:10

ldap admin dn = cn=Manager,dc=DOUBLE-L,dc=LOCAL

ldap idmap suffix = ou=Idmap

ldap suffix = dc=DOUBLE-L,dc=LOCAL

idmap backend = ldap:ldap://127.0.0.1

idmap uid = 15-55

idmap gid = 15-55

template shell = /usr/local/bin/bash

winbind use default domain = Yes

 

[share1]

comment = Data Directory

path = /mnt

#write list = @mr70

read only = no

create mask = 0777

directory mask = 0777

 

and my /etc/krb5.conf file

 

[libdefaults]

default_realm = DOUBLE-l.LOCAL

clockskew = 300

 

[realms]

DOUBLE-l.LOCAL = {

kdc = w2003s01.double-l.local

}

 

[domain_realm]

.double-l.local = DOUBLE-l.LOCAL

 

 

This is a part of my slapd.log file after a restart of samba and a id 
administrator command

 

Oct 21 16:47:34 beasty slapd[60723]: conn=7 fd=13 closed (connection lost)

Oct 21 16:47:34 beasty slapd[60723]: conn=8 fd=15 closed (connection lost)

Oct 21 16:47:34 beasty slapd[60723]: conn=6 fd=12 closed (connection lost)

Oct 21 16:47:35 beasty slapd[60723]: conn=13 fd=12 ACCEPT from 
IP=127.0.0.1:58176 (IP=127.0.0.1:389)

Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=0 BIND 
dn="cn=Manager,dc=double-l,dc=local" method=128

Oct 21 16:47:35 beast

RE: [Samba] Remote announce

[Alex Harrington]

> Is there anything else that I need to add or could debian be 
> confgiured to send multicast traffic on mutiple interfaces so 
> that a broadcast (192.168.1.255) get to both eth1 and ppp0. 

192.168.1.255 is the broadcast address on 192.168.1.0/255.255.255.0 network. 
Your ppp0 interface is a point-to-point address 192.168.1.128/255.255.255.255 
in a completely different network (despite sharing its ip address with one in 
your existing network).

Broadcasts for one network are not going to appear on another...

Cheers

Alex
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] valid users and file permissions

[Dennis B. Hopp]

Yes, you just have to precede the group name with an '@', i.e.

write list = @parents

--Dennis

Quoting Mike Gallamore <[EMAIL PROTECTED]>:


I believe you'd need to add a line:
write list = parents

write list = mum dad

I'm not sure if the top would work, anyone is samba group aware? The
bottom should work but the problem would be if the members of the group
were to change you'd have to change the smb.conf file too which isn't
the cleanest solution.


On Oct 20, 2008, at 11:37 PM, Kyle wrote:


Hi people,

I'd like to understand valid users and file permissions better. I   
have a share which is not behaving as I expect.


[family]
path = /home/shares/family
create mask = 0664
directory mask = 0775
force group = parental
guest ok = No
valid users = @parental, @family
writeable = Yes

in Group parental are mum & dad; in group family are mum, dad and offspring.

With file permissions of 0664 and force group parental, I would   
expect the offspring to be able to browse the share but not write   
to or delete from it. Unfortunately, they can both write and delete.


How do I achieve this please?
--

Kind Regards

Kyle

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Remote announce

[Bengt Werstén]

I have a Samba server on debian acting as a WINS server as well. It is the 
master browser and all connected machines can see and browse the network of 
192.168.1.X. When I connect to this network using a L2TP VPN connection from 
Vista I cannot browse the network. A new interface, ppp0, is created fro the 
VPN connection for the new ip 192.168.1.128. The problem seems to be that all 
packets sent from SAMBA is sent only to eth1 (the 192.168.1.x).

I tried to add 

remote announce= 192.168.1.128

But I don't get all the information, only one host announcement at samba 
startup and then nothing.

Is there anything else that I need to add or could debian be confgiured to send 
multicast traffic on mutiple interfaces so that a broadcast (192.168.1.255) get 
to both eth1 and ppp0. 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Question about switching from Windows 2k Server to SAMBA 3 under Centos

[Norberto Bensa]

On Tuesday October 21 2008 05:03:05 Michael Heydon wrote:
> >> My understanding is that vampire will NOT work with a Windows 2k server,
> >> only an NT4 server...
> >
> > That's my understanding too. Samba (3.x) can't act as a AD domain
> > server. It can be a member of an AD domain, thou.
>
> I've never actually tried this myself, so take it with a grain of salt,
> but isn't 2k capable or running in two different modes? One where it is
> pure AD and one where it is compatible with NT4? If it was in NT4 mode
> then might not vampire have a chance?

Mixed and native modes. 

I don't know this for sure but AFAIK w2k in mixed mode can only be a BDC for a 
NT4-style domain. 


Regards,
Norberto

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

WG: [Samba] Create user home directory or user-own folder on sambaserver on first login to samba

[Daniel Müller]

Hello

In the [homes] section at first with root preexec=/path/to/script
Ex:
[homes]
Root preexec=/scripts/./firstlogon

In the firstlogon this could be:
#!/bin/bash
#probe if $1=user exist and his home share
If test -d /users/$1
Then 
#write only to log file 
Echo "$1 User and Share exist" >> /somewhere/logfile
#if not exist make it
Else
Mkdir /users/$1
Chmod -R 700 /users/S1
Chown -R $1:"Domain Users" /users/$1
Echo "made /users/$1" >> /somewhere/logfile
Fi

This is my way suite it to your needs

Greetings
Daniel 


-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im
Auftrag von Ðóñàêîâ Äåíèñ
Gesendet: Dienstag, 21. Oktober 2008 12:08
An: samba@lists.samba.org
Betreff: [Samba] Create user home directory or user-own folder on
sambaserver on first login to samba


Hello,
  I'd like to create user home directory or user-own folder on samba
server on first login to samba without using PAM, so how could I do
this?

Thank you,
Denis
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba + kerberos

[Marek Janowski]

 Hello
I set samba to use kerberos password backend  (without ldap)

   use kerberos keytab = yes
   security = user
   realm = DOM.COM
   encrypt passwords = yes
   unix password sync = no

And generally it works ...

when (on the linux client) I put

kinit
and type the password
and then
smbclient -k //smbserv/files

I am logged in and I can see the files

But I would like to mount it automatically (for ex. in /etc/fstab)
so how to do it?
In usual samba without kerberos I can write password and username in mount
options - but it is different situation.

And next question - what if I would like to use windows client?

thanks for any help
MarO
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Create user home directory or user-own folder on samba server on first login to samba

[Русаков Денис]

Hello,
  I'd like to create user home directory or user-own folder on samba server on 
first login to samba without using PAM, so how could I do this?

Thank you,
Denis
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] valid users and file permissions

[Mike Gallamore]

I believe you'd need to add a line:
write list = parents

write list = mum dad

I'm not sure if the top would work, anyone is samba group aware? The  
bottom should work but the problem would be if the members of the  
group were to change you'd have to change the smb.conf file too which  
isn't the cleanest solution.



On Oct 20, 2008, at 11:37 PM, Kyle wrote:


Hi people,

I'd like to understand valid users and file permissions better. I  
have a share which is not behaving as I expect.


[family]
path = /home/shares/family
create mask = 0664
directory mask = 0775
force group = parental
guest ok = No
valid users = @parental, @family
writeable = Yes

in Group parental are mum & dad; in group family are mum, dad and  
offspring.


With file permissions of 0664 and force group parental, I would  
expect  the offspring to be able to browse the share but not write  
to or delete from it. Unfortunately, they can both write and delete.


How do I achieve this please?
--

Kind Regards

Kyle

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] 3.2.4 CreateDirectory panic

[Peter Rindfuss]

Hi,
For some reason I am not able to send the level 10 debug output as an 
attachment to the list. Therefore, I have prepared a download link:


http://www.wzb.eu/wzb/dv/downloads/log.smbd.gz

Cheers, Peter

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Question about switching from Windows 2k Server to SAMBA 3 under Centos

[Michael Heydon]

My understanding is that vampire will NOT work with a Windows 2k server,
only an NT4 server...


That's my understanding too. Samba (3.x) can't act as a AD domain 
server. It can be a member of an AD domain, thou.




I've never actually tried this myself, so take it with a grain of salt, 
but isn't 2k capable or running in two different modes? One where it is 
pure AD and one where it is compatible with NT4? If it was in NT4 mode 
then might not vampire have a chance?


Or am I thinking of some 2k->2k3 change maybe?


*Michael Heydon - IT Administrator *
[EMAIL PROTECTED] 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba