[Samba] Samba slow over WAN.
Morning. I recently set up a Samba server serving a smaller company of 5-6 people. They previously used to be in a domain (windows 2003 server), but as they are using laptops and running around like mad, we skipped the domain on this one. Everything works great over the LAN (Or it's just too fast for them to notice it's slow) but over WAN it takes them a couple of minutes to open an Excel file (for instance). So we sent a reinstalled XP down to them to test what speeds it got, and it got full speed. It only took a few seconds to open the same file. All client machines are running XP SP3. Samba version Version 3.0.33-3.7.el5. WAN connection is a 20/20 fiber. Client connection is 6/2 (the test PC was on that connection aswell). Samba send/receive buffers are at the maximum (It gave the best performance over WAN when my colleague and i tested it). Does anyone have a clue as to what is going on here? With regards, Kasper -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Failed to send packet on .255
Todd Chester kirjoitti: Hi All, On my first internal NIC, Samba is working perfectly. On my new, second internal NIC, I am getting the following in my messages log: libsmb/nmblib.c:send_udp(793) Packet send failed to 192.168.254.255(138) ERRNO=Operation not permitted nmbd/nmbd_packets.c:send_netbios_packet(163) send_netbios_packet: send_packet() to IP 192.168.254.255 port 137 failed I though .255 was a reserved address. What is the error all about? There is only one computer on my new second nic: 192.168.254.12 and it is in test phase. Sounds like firewall issue to me. what iptables -L -v print on root? -- Eero, RCHE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] bash change from "r...@myserver" to "administra...@myserver"
On Thu, Jul 9, 2009 at 1:28 AM, supha...@gmx.com wrote: > Hello Norberto, > > Why it change back and forth automatically between root and Administrator ? sometimes nss reads from /etc/password and sometimes from ldap. I don't know why. > Will it lead to any problem in the future? Maybe. If you do: id root id Administrator you'll get back uid=0 So who is uid=0, root or administrator? You know they are the same entity, but machines are too stupid. Regards, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] editposix: winbind -u: Error looking up domain users
On Wed, Jul 8, 2009 at 11:29 PM, Aaron Jambu wrote: > Just wondering why you are using winbind. > > When I use ldap to pull info from Active Directory I dont need to use winbind. > please, read my first post -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Failed to send packet on .255
Hi All, On my first internal NIC, Samba is working perfectly. On my new, second internal NIC, I am getting the following in my messages log: libsmb/nmblib.c:send_udp(793) Packet send failed to 192.168.254.255(138) ERRNO=Operation not permitted nmbd/nmbd_packets.c:send_netbios_packet(163) send_netbios_packet: send_packet() to IP 192.168.254.255 port 137 failed I though .255 was a reserved address. What is the error all about? There is only one computer on my new second nic: 192.168.254.12 and it is in test phase. Many thanks, -T -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] scary fill_share_mode_lock failed message
I'm still working on figuring out why some accesses to profile data are failing. We are running 3.3.2-0.33.fc11 (the latest release for FC11). I saw this in the log file stat_cache_lookup: lookup succeeded for name [USER/STARTMENU] -> [user/StartMenu] [2009/07/08 17:39:59, 3] locking/locking.c:fetch_share_mode_unlocked(857) fill_share_mode_lock failed I saw Volker had a fix which went into 3.2.8 (I'm looking at the 3.2.9 maintenance release notes). It would be a big help if I could get a little clarification on this. The files being accessed are on an NFS share from a large file server, since I have people who want to put 10G on their desktop. Locking and NFS seem a likely culprit. I would like to know if this is a scary message to ignore, if a newer version of Samba is required, or if this likely unrelated to any of my problems. I see 3.4.0 is available, and if it isn't critical to install I'd rather wait for an official package. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] editposix: winbind -u: Error looking up domain users
On Wed, Jul 8, 2009 at 6:38 PM, Dale Schroeder wrote: > According to the creator, you do configure nss for both ldap and winbind. > http://lists.samba.org/archive/samba-technical/2006-March/045787.html Many thanks for the link but I tried that and nope: wbinfo -u still can't list users. Oh well. Maybe it works like this. Don't worry, this is only a test, not a production box. Best regards, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] editposix: winbind -u: Error looking up domain users
On Wed, Jul 8, 2009 at 5:11 PM, Dale Schroeder wrote: > A question for you - the link does not mention nsswitch.conf. Is it > required to list both ldap and winbind > for passwd and group? For example, > passwd: compat ldap winbind > group: compat ldap winbind I don't know. That's why I'm asking. As I said, everything works except "wbinfo -u" and "wbinfo -g". Maybe it's normal with editposix, but I want to be sure. > I would be curious to know the answer. Me too :-) > If you're using PAM, I assume that is configured for ldap and winbind also. Nope. I'm not using PAM as I don't authenticate users via PAM in this machine. However, I use LDAP in nss. Thanks for your help. Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] nmbd issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sometime after I installed samba and got everything working, one of my colleagues changed the IP address on the box I did the install on. So after I got passed all the other issues that plaqued me after moving over to fedora 11, I discovered that I could not added Win clients to the domain. I dug into the log files: Jul 8 15:24:03 ldap2 nmbd[13552]: [2009/07/08 15:24:03, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(337) Jul 8 15:24:03 ldap2 nmbd[13552]: become_domain_master_browser_wins: Jul 8 15:24:03 ldap2 nmbd[13552]: Attempting to become domain master browser on workgroup LDAP2, subnet UNICAST_SUBNET. Jul 8 15:24:03 ldap2 nmbd[13552]: [2009/07/08 15:24:03, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(351) Jul 8 15:24:03 ldap2 nmbd[13552]: become_domain_master_browser_wins: querying WINS server from IP 192.168.155.22 for domain master browser name LDAP2<1b> on workgroup LDAP2 Jul 8 15:24:04 ldap2 nmbd[13552]: [2009/07/08 15:24:04, 0] nmbd/nmbd_become_dmb.c:become_domain_master_query_success(235) Jul 8 15:24:04 ldap2 nmbd[13552]: become_domain_master_query_success: Jul 8 15:24:04 ldap2 nmbd[13552]: There is already a domain master browser at IP 192.168.155.21 for workgroup LDAP2 registered on subnet UNICAST_SUBNET. Jul 8 15:24:27 ldap2 nmbd[13552]: [2009/07/08 15:24:27, 0] nmbd/nmbd_browsesync.c:domain_master_node_status_fail(247) Jul 8 15:24:27 ldap2 nmbd[13552]: domain_master_node_status_fail: Jul 8 15:24:27 ldap2 nmbd[13552]: Doing a node status request to the domain master browser Jul 8 15:24:27 ldap2 nmbd[13552]: for workgroup LDAP2 at IP 192.168.155.21 failed. Jul 8 15:24:27 ldap2 nmbd[13552]: Cannot sync browser lists. the .21 address was the original address for the box, it was changed to .22. It looks like the old .21 address is still registered by nmbd as the server for the LDAP2 domain. Not knowing much about netbios it would appear this is the reason I can't add a win client to the domain. How do I remove the reference to the old address, as I assume other samba servers on the network running WINS are caching this old address. Correct me if I am on the wrong track. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpVA44ACgkQ5B+8XEnAvqtWBgCfSUAUcaoPgpVv+n9Q/AR6b4zy ZjsAoIeac/UUv/+/IANMB3TVn7Hi2fcN =yXhh -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] editposix: winbind -u: Error looking up domain users
On Wed, Jul 8, 2009 at 4:29 PM, Dale Schroeder wrote: > Are you in a domain trust? Otherwise, for a single domain, pdc's don't need > winbind. Nope. This is a PDC. But from the link I posted: "A running winbind daemon is required to use ldapsam:editposix EVEN ON A SAMBA PDC." Also. On this list someone told me that I "need windbind for ACL to work correctly" Oh BTW, "winbind enum users = yes" didn't do anything. zool...@kvm-test-samba1:/var/log/samba$ wbinfo -p Ping to winbindd succeeded on fd 3 zool...@kvm-test-samba1:/var/log/samba$ wbinfo -t checking the trust secret via RPC calls succeeded zool...@kvm-test-samba1:/var/log/samba$ wbinfo -g BUILTIN\administrators BUILTIN\users zool...@kvm-test-samba1:/var/log/samba$ wbinfo -u Error looking up domain users zool...@kvm-test-samba1:/var/log/samba$ testparm -s | grep winbind winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] net user add . is there any way to specify destination ou ?
net user add . is there any way to specify destination OU when security=ads ? -- Michael Joyner ᏩᏯ System Administrator/Edward Waters College 1658 Kings Road, Jacksonville, FL 32209 904-470-8170 (V) / 904-470-8170 (F) ᏩᏙ HOW TO SUBMIT A WORK REQUEST TO INFORMATION TECHNOLOGY Via the web: http://otrs.ewc.edu/otrs/customer.pl Via email: supp...@ewc.edu * It is imperative that you submit each problem as a new item. * Please do NOT combine multiple problem reports in a single workorder. * PLEASE DO NOT EMAIL SUPPORT STAFF REQUESTS DIRECTLY. * PLEASE USE THE JOB TRACKING SYSTEM. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Inherit groups
Hey guys, samba seems to have a share level "inherit owner" option to propagate the ownership of the current folder to any new files/folders created directly under it. Is there an equivalent command to do this at the group level? I know you can do it using the SUID/SGID bits but I'm worried about the security risk that comes with doing it this way. Thanks for the help, Nick -- W. Nick Pappin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] editposix: winbind -u: Error looking up domain users
Hello list, I'm trying this configuration: http://wiki.samba.org/index.php/Ldapsam_Editposix Everything works. I can add users, list users, delete users (and groups) with "net rpc user..." I can join clients, etc. *But* wbinfo -u and -g gives: zool...@kvm-test-samba1:~$ wbinfo -u Error looking up domain users zool...@kvm-test-samba1:~$ wbinfo -g BUILTIN\administrators BUILTIN\users Is this normal behavior? Many thanks in advance, Norberto PS: smb.conf just in case: [global] workgroup = PRUEBA passdb backend = ldapsam domain logons = Yes os level = 65 domain master = Yes wins support = Yes ldap admin dn = cn=admin,dc=prueba,dc=dominio ldap delete dn = Yes ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap suffix = dc=prueba,dc=dominio ldap user suffix = ou=users idmap domains = DEFAULT idmap alloc backend = ldap idmap alloc config:range = 5-50 idmap alloc config:ldap_url = ldap://localhost idmap alloc config:ldap_user_dn = cn=admin,dc=prueba,dc=dominio idmap alloc config:ldap_base_dn = ou=idmap,dc=prueba,dc=dominio idmap config DEFAULT:range = 5-50 idmap config DEFAULT:ldap_url = ldap://localhost idmap config DEFAULT:ldap_user_dn = cn=admin,dc=prueba,dc=dominio idmap config DEFAULT:ldap_base_dn = ou=idmap,dc=prueba,dc=dominio idmap config DEFAULT:default = yes idmap config DEFAULT:readonly = no idmap config DEFAULT:backend = ldap ldapsam:editposix = yes ldapsam:trusted = yes winbind use default domain = yes ea support = Yes map acl inherit = Yes hide unreadable = Yes map archive = No map readonly = no store dos attributes = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Re: Trying to join RHEL to Win2k3 Active Directory domain.
On Wed, 27 May 2009 15:33:08 -0400, Tim Lewis wrote: On Wed, 27 May 2009 12:27:34 -0400, Dimitri Yioulos wrote: On Wednesday 27 May 2009 11:22:19 am Tim Lewis wrote: Trying to join a RHEL server to Win2K3 domain. I followed the directions specified here: http://kbase.redhat.com/faq/docs/DOC-4735 and here: http://kbase.redhat.com/faq/docs/DOC-3051 Confirmed that I have the edited the smb.conf and krb5.conf files correctly. Ran: /etc/rc.d/init.d/smb stop and /etc/rc.d/init.d/winbind stop Ran: net ads join -U administrator and got: [2009/05/20 13:23:59, 0] utils/net_ads.c:ads_startup(186) ads_connect: No such file or directory Any help? -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Did you run "kinit administrator" prior to running "net ads join -U administrator"? Dimitri I am able to run kinit with no errors. The fix for this to use -S with the net ads join. -- Santa Claus ain't legal and he's around! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error packet at smbd/blocking.c(318) cmd=36 (SMBlockingX) NT_STATUS_FILE_LOCK_CONFLICT
Frank, What about veto oplock files = /*.doc/*.xls/*.mdb/*.ldb/ (or one of the other "lock" parameters)? Dale Frank Bonnet wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello I'm still in trouble with Word and Excel file on Samba shares that are read-only opened only I've increased the log level to 5 and then I get those error message error packet at smbd/blocking.c(318) cmd=36 (SMBlockingX) NT_STATUS_FILE_LOCK_CONFLICT Does this sounds familiar to anybody here ? Thanks a lot. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.11 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpUivEACgkQ6f7UMO5oSsWjeQCdHYhafyXgjVFZDOOYqpqfotGj 4LQAn1ZHE+RzuP7vtMcFiml0BXLxaKA/ =ab8j -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows 98 compatibility
On Wed, Jul 08, 2009 at 07:44:15PM +0200, Andrea Zagli wrote: > what is the last samba version that can works as pdc with windows 98 as > client? Current Samba (3.4.0) should work. > some time ago i read that from a certain samba version onwards samba > breaks the compatibility with windows 9x (i seem to remember that clear > passwords are not yet supported) but i cannot find that info again No, cleartext passwords are supported, but you'll have to set some smb.conf options to make that happen. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] windows 98 compatibility
what is the last samba version that can works as pdc with windows 98 as client? some time ago i read that from a certain samba version onwards samba breaks the compatibility with windows 9x (i seem to remember that clear passwords are not yet supported) but i cannot find that info again thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba configuration error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jonathon Doran wrote: >> On Wed, Jul 8, 2009 at 11:41 AM, David >> Christensen wrote: > I took a look at the /var/log/message log and see: with ldap ssl = off ??? >>> Yes, as soon as I enable ldapsam as the password DB, even with ldap ssl >>> = off, smb keeps trying to do a StartTLS. > > Did you put "ssl off" in ldap.conf? I finally got StartTLS turned off, not sure if I had an extra character in the smb.conf file near ldap ssl, but rewriting the conf file fixed it. Question, is there a minimum length requirement for the local SID, when I run net getlocalsid it seems rather short. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpU2YMACgkQ5B+8XEnAvqvyfACeMXV8T1bddPgsh9TcVBTgTnP5 NVMAn0qDCpeTe4YfI5AcDTrUTdWeDPnt =oWsQ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [maybe semi OT] samba deny execution of files on novell shares to novell clients
that's the situation: - a novell server that shares some disks - a samba pdc, with ldap backend, that mounts novell shares via ncpfs and ipx and then exports them - some client computers authenticate to novell - some client computers (without novell client) authenticate to samba - samba clients view novell shares through the samba server (via ip) that's the problem: - when a samba client opens first an exe file that resides on novell shares it deny to execute the same file to all novell's clients (but it doesn't deny the execution to other samba clients) it seems that the lock is on dll which the executable depends on and not on the exe file, beacause i have an executable that doesn't depend on dll and it is not locked the error that i recieve is "application failed to initialize properly" i tried to set no locks on samba share without result what can the problem be? samba server: debian etch samba version: 3.0.24 thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Slow connection and browsing
Il giorno lun 06 lug 2009 15:51:33 CEST, Charles Marcus ha scritto: On 7/6/2009 9:43 AM, Matthew Daubenspeck wrote: Now, if I remove the Novell client completely, things work _perfectly_. I can browse and connect, disconnect, reconnect, the works, all at normal speed. A shot in the dark, but there was a bug reported on the NOD32 forums dealing specificalyy with Novell Clients... So, maybe this is an AV issue? I have no AntiVirus software on the client PCs Like I said, it was a shot in the dark... sorry, no other ideas... i have the same problem but i have trendmicro offiscan antivirus (on windows client, but no av on samba server) i have tried to install the last novell client (4.91 sp5) but without result -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Ubuntu Jaunty samba 3.3.2 print$ no write rights even though I do; -)
I did the suggested updates to app armor and this did not solve the problem. -Glenn - Original Message - From: "Glenn T. Arnold" To: "Harry Jede" Cc: samba@lists.samba.org Sent: Monday, July 6, 2009 10:05:14 AM GMT -05:00 US/Canada Eastern Subject: Re: [Samba] Ubuntu Jaunty samba 3.3.2 print$ no write rights even though I do; -) Well, I did read the fine documentation and the documentation for this current situation it was no help. The reason I am using the registry for the smb.conf is memory savings, instance changes of smb.conf going into effect, and maybe future clustering. Also, I will state if using the samba registry method is not the proper way of doing things then why would the Samba developers add this feature into Samba? ;-) The reason I set the share with the current rights, is to troubleshoot the problem and prove that my file rights were correct. When I setup the print$ share "the proper way" it is still read-only even though I had writelist in effect. I currently have 1200 pc connect to a samba-ldap servers with the proper setup with no problems. I will investigate the app armor settings Thanks -Glenn - Original Message - From: "Harry Jede" To: samba@lists.samba.org Sent: Friday, July 3, 2009 3:22:19 PM GMT -05:00 US/Canada Eastern Subject: Re: [Samba] Ubuntu Jaunty samba 3.3.2 print$ no write rights even though I do; -) On Thursday, 2. Juli 2009 wrote Glenn T. Arnold: > I just made my print$ share settings to match my print drivers share > which should work same This is what you believe. > and I still cannot create folders or files on > the print$ share, but I can all day on the print drivers share. Would > someone explain why this is happening? Here is my share settings. > > [HKEY_LOCAL_MACHINE\SOFTWARE\Samba\smbconf\print$] > "path"="/var/lib/samba/printers" > "comment"="Printer Drivers" > "read only"="no" > > > [HKEY_LOCAL_MACHINE\SOFTWARE\Samba\smbconf\printer drivers] > "path"="/var/lib/samba/printers" > "read only"="no" Why are you doing this? I think you should reread the excellent Samba docu again. > Thanks > -Glenn > > - Original Message - > From: "Glenn T. Arnold" > To: "samba" > Sent: Thursday, July 2, 2009 3:29:29 PM GMT -05:00 US/Canada Eastern > Subject: Re: [Samba] Ubuntu Jaunty samba 3.3.2 print$ no write rights > even though I do;-) > > Harry, > > You did give me an idea though. For grins I just set rights to 0777 > even on the extended acls and I still get access denied when trying > to upload print drivers. Here is the updated rights on > /var/lib/samba/printers. You make your own changes. That's really fine. -- Gruss Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4.0 in Debian unstable
On Tue, Jul 7, 2009 at 10:46 PM, Christian Perrier wrote: > Quoting Karolin: > > > Release Announcements > > = > > > > > > This is the first stable release of Samba 3.4. > > > As of yesterday, Samba 3.4.0 is now available in Debian unstable. It > means that the next release of Debian (codename "squeeze", due > out...when it's ready, probably around the end of 2010) will have at > least this version. > > Besides everything that's new in Samba 3.4 and which Samba Team > members are more qualified than me to talk about, I'd like to point > out that, again, the gap between Samba packages in Debian/Ubuntu and > upstream code has shrinked again. There is nearly no more code patch > in our package that hasn't been integrated upstream. > > The efforts of the samba package maintainers in Debian are now focused > on getting this package to enter Debian "testing", which is what will > become the final Debian release. That requires other packages samba is > depending upon to enter testing themselves...which might take > time..but will happen within the next weeks, I hope. > > For Ubuntu users, it means that the next Ubuntu release will have > Samba 3.4.something. > > We would like to express public thanks to the Samba Team for > publishing such good quality code and very specific thanks to Karolin > Seeger for managing to assemble the pieces and succeed in publishing > releases on a timely manner, and to Michael Adam for his work work > integrating the Debian patches, particularly in the build system. The > good work we're (hopefully) doing in publishing packages is because > you are doing such good work. > > I would also like to add my appreciation to the Debian Samba team for providing excellent packages and having it released and patched soon after a release. Thank you, Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Re: Winbind Password Problem
On Wed, Jul 8, 2009 at 11:05 AM, Linux Addict wrote: > Hello there, I am having weird issue. The problem is when a wrong password > entered when I login or use sudo as AD user, the system uses the same wrong > password next three times and exits , and does not prompt for password > again. > > This is not the case when winbind is not used. I suspect this is something > to do with PAM for winbind. Please somene look at my PAM config and let me > know if there is anything worng. Any hint is appreciated. > > > authrequired pam_env.so > authsufficientpam_unix.so nullok try_first_pass > authrequisite pam_succeed_if.so uid >= 500 quiet > authsufficientpam_winbind.so cached_login use_first_pass > authrequired pam_deny.so > > > account required pam_access.so > account required pam_unix.so broken_shadow > account sufficientpam_localuser.so > account sufficientpam_succeed_if.so uid < 500 quiet > account [default=bad success=ok user_unknown=ignore] pam_winbind.so > cached_login > account required pam_permit.so > > > passwordrequisite pam_cracklib.so try_first_pass retry=3 > passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass > use_authtok > passwordsufficientpam_winbind.so cached_login use_authtok > passwordrequired pam_deny.so > > > session optional pam_mkhomedir.so skel=/etc/skel/ > session required pam_limits.so > session required pam_unix.so > When I enable winbind to debug, I see the following messages on syslog. pam_winbind(sshd): PAM_REINITIALIZE_CRED not implemented -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba configuration error
On Wed, Jul 8, 2009 at 11:41 AM, David Christensen wrote: I took a look at the /var/log/message log and see: with ldap ssl = off ??? Yes, as soon as I enable ldapsam as the password DB, even with ldap ssl = off, smb keeps trying to do a StartTLS. Did you put "ssl off" in ldap.conf? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Authentication requests being handled by PDC not local BDC
I have a PDC+LDAP as well as a BDC+LDAP in another subnet setup with a domain member in the same subnet as the BDC. From my understanding the domain member should be hitting the BDC for all authentication but watching the logs I see the PDC is the one handling it all. The BDC just sits there. Am I missing something? Here are the smb.conf for each servers: PDC: [global] workgroup = X.X.X netbios name = Ross server string = PDC %v map to guest = Bad User encrypt passwords = yes passdb backend = ldapsam:ldap://ldap1.x.x.x enable privileges = yes log level = 2 syslog = 0 time server = Yes socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=32768 SO_SNDBUF=32768 add user script = /usr/sbin/smbldap-useradd -m '%u' delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-group-del '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' logon path = \\%L\profiles\%U logon script = netlogin.bat #logon drive = M: #logon home = \\cajal.x.x.x\%U domain logons = Yes os level = 225 domain master = Yes local master = Yes wins support = Yes # remote announce = x.x.x.255/X.X.X #bishop subnet ldap admin dn = cn=samba,ou=DSA,dc=x,dc=x,dc=x ldap group suffix = ou=group ldap idmap suffix = ou=Idmap ldap machine suffix = ou=machines ldap passwd sync = Yes ldap suffix = dc=x,dc=x,dc=x ldap ssl = start tls ldap user suffix = ou=people create mask = 0640 directory mask = 0750 case sensitive = No dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd interfaces = eth0 lo bind interfaces only = yes hosts deny = ALL hosts allow = xxx.xxx.0.0/255.255.0.0 BDC: [Global] workgroup = X.X.X netbios name = BISHOP server string = BDC %v interfaces = eth0 lo bind interfaces only = yes hosts deny = ALL hosts allow = xxx.xxx.0.0/255.255.0.0 passdb backend = ldapsam:ldap://ldap2.x.x.x domain master = no domain logons = yes ldap suffix = dc=x,dc=x,dc=x ldap user suffix = ou=people ldap group suffix = ou=group ldap machine suffix = ou=machines ldap admin dn = cn=manager,dc=x,dc=x,dc=x encrypt passwords = yes enable privileges = yes log level = 3 syslog = 0 domain master = no wins server = ross.x.x.x wins proxy = yes remote announce = xxx.xxx.xxx.255/X.X.X #Ross subnet remote browse sync = xxx.xxx.xxx.xxx #ross ip ntlm auth = yes lanman auth = yes ldap ssl = start tls local master = yes os level = 65 preferred master = yes Domain Member: [Global] workgroup = X.X.X server string = CAJAL %v security = domain password server = * lanman auth = Yes encrypt passwords = yes enable privileges = yes loglevel = 2 syslog = 0 deadtime = 5 os level = 8 local master = No domain master = No remote announce = xxx.xxx.xxx.255/X.X.XXX interfaces = ce0 lo0 bind interfaces only = yes hosts allow = xxx.xxx.0.0/255.255.0.0 hosts deny = ALL -- Personally, I liked the university. They gave us money and facilities, we didn't have to produce anything! You've never been out of college! You don't know what it's like out there! I've worked in the private sector. They expect results. -Ray Ghostbusters -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba configuration error
On Wed, Jul 8, 2009 at 11:41 AM, David Christensen wrote: >>> I took a look at the /var/log/message log and see: >> >> with ldap ssl = off ??? > > Yes, as soon as I enable ldapsam as the password DB, even with ldap ssl > = off, smb keeps trying to do a StartTLS. I'm out of ideas and I don't use Fedora. Maybe you want to post your config files. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind Password Problem
Hello there, I am having weird issue. The problem is when a wrong password entered when I login or use sudo as AD user, the system uses the same wrong password next three times and exits , and does not prompt for password again. This is not the case when winbind is not used. I suspect this is something to do with PAM for winbind. Please somene look at my PAM config and let me know if there is anything worng. Any hint is appreciated. authrequired pam_env.so authsufficientpam_unix.so nullok try_first_pass authrequisite pam_succeed_if.so uid >= 500 quiet authsufficientpam_winbind.so cached_login use_first_pass authrequired pam_deny.so account required pam_access.so account required pam_unix.so broken_shadow account sufficientpam_localuser.so account sufficientpam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_winbind.so cached_login account required pam_permit.so passwordrequisite pam_cracklib.so try_first_pass retry=3 passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass use_authtok passwordsufficientpam_winbind.so cached_login use_authtok passwordrequired pam_deny.so session optional pam_mkhomedir.so skel=/etc/skel/ session required pam_limits.so session required pam_unix.so -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba configuration error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Norberto Bensa wrote: > On Tue, Jul 7, 2009 at 8:52 PM, David > Christensen wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> Norberto Bensa wrote: >>> On Tue, Jul 7, 2009 at 8:27 PM, Norberto Bensa wrote: On Tue, Jul 7, 2009 at 8:18 PM, David Christensen wrote: > passdb backend = ldapsam:ldap://127.0.0.1 That should be plain. I.e. no tls/ssl. >>> I'm sorry. That could be TLS if the server supports it. >> I took a look at the /var/log/message log and see: > > with ldap ssl = off ??? Yes, as soon as I enable ldapsam as the password DB, even with ldap ssl = off, smb keeps trying to do a StartTLS. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpUsA8ACgkQ5B+8XEnAvqsCBACgjZBrPSL6isf4Z8oDzFj++u+r OqwAn3toI2Wsd9t8DMbK4zWLkZtEyY/X =jj/h -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [samba] Problem accessing a share on a W2008 server via smbclient
Le Wed, 08 Jul 2009 16:10:09 +0200, Volker Lendecke a écrit: On Wed, Jul 08, 2009 at 03:14:00PM +0200, Jacques Bratières wrote: Hi We just installed a W server 2008 server as antivirus server. As this server is heavily underused we created a share to backup files from other servers. This share is easily accessed from XP pro Pc's via \\ipadr\share and giving a user/password name on the W 2008 server. We then try to use it from an open suse 9.3 linux server via smbclient. smbclient //ipadr/share -U user%password Can you try with a recent Samba? 3.4 was released a couple of days ago. Thanks, Volker This is not easy , since both servers are production ones. We shall do it if no other ideas arise. Thanks for your answer -- JB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [samba] Problem accessing a share on a W2008 server via smbclient
On Wed, Jul 08, 2009 at 03:14:00PM +0200, Jacques Bratières wrote: > > Hi > > We just installed a W server 2008 server as antivirus server. > > As this server is heavily underused we created a share to backup files > from other servers. > This share is easily accessed from XP pro Pc's via \\ipadr\share and > giving a user/password name on the W 2008 server. > We then try to use it from an open suse 9.3 linux server via smbclient. > smbclient //ipadr/share -U user%password Can you try with a recent Samba? 3.4 was released a couple of days ago. Thanks, Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[samba] Problem accessing a share on a W2008 server via smbclient
Hi We just installed a W server 2008 server as antivirus server. As this server is heavily underused we created a share to backup files from other servers. This share is easily accessed from XP pro Pc's via \\ipadr\share and giving a user/password name on the W 2008 server. We then try to use it from an open suse 9.3 linux server via smbclient. smbclient //ipadr/share -U user%password smblient exits with message "session setup failed: SUCCESS - 0 " with debug=10 , ends with SPNEGO login failed error smbclient -L //ipadr gives: Error returning browse list: NT_STATUS_ACCESS_DENIED session request to 192.168.1.101 failed (Called name not present) session request to 192 failed (Called name not present) session request to *SMBSERVER failed (Called name not present) NetBIOS over TCP disabled -- no workgroup available smbclient -V -> 3.0.12.5-suse Thanks for any help. -- JB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Re:can't get Samba users from Windows
Hello! I have solved problem with access rights, but I can't solve problem with users. When I try get Samba users from Windows I get error: "Next error don't allow look any elements: Many connects to server or share dont't allow. Please disconnect preview and try again". Can you help me? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] No Error When Trying To Delete Protected Files WithWindows Explorer
Thanks Volker. I've gone back to the 'coders' and they've now seen the same problem and will port over the necessary code to deal with Mr Gates. Cheers, Rob. -Original Message- From: Volker Lendecke [mailto:volker.lende...@sernet.de] Sent: 08 July 2009 13:31 To: Atkinson, Robert Cc: samba@lists.samba.org Subject: Re: [Samba] No Error When Trying To Delete Protected Files WithWindows Explorer On Wed, Jul 08, 2009 at 01:10:32PM +0100, Atkinson, Robert wrote: > I have a file on a VMS system that I'm accessing using a SAMBA share. When I > delete the file, the icon disappears from the browser window as if it's been > deleted. > > On the VMS host, the file is still there, and cannot be deleted because it's > protected (no delete privilege). If I then press F5 to refresh the Browser > window, the fie re-appears. > > A trace of the IP packets show that SAMBA is returning an 'Access Denied' > message, but Windows doesn't seem to see it. Has anyone else come across > this? Is it a known bug with Windows? You probably need a recent Samba version, with XP SP2 Windows changed the way to delete a file. Probably you're seeing the "Access Denied" on the close request, Windows ignores it there. Recent Samba gives the error message on the open call preceding that. Volker *** Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquir...@randomhouse.co.uk Name & Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] No Error When Trying To Delete Protected Files With Windows Explorer
On Wed, Jul 08, 2009 at 01:10:32PM +0100, Atkinson, Robert wrote: > I have a file on a VMS system that I'm accessing using a SAMBA share. When I > delete the file, the icon disappears from the browser window as if it's been > deleted. > > On the VMS host, the file is still there, and cannot be deleted because it's > protected (no delete privilege). If I then press F5 to refresh the Browser > window, the fie re-appears. > > A trace of the IP packets show that SAMBA is returning an 'Access Denied' > message, but Windows doesn't seem to see it. Has anyone else come across > this? Is it a known bug with Windows? You probably need a recent Samba version, with XP SP2 Windows changed the way to delete a file. Probably you're seeing the "Access Denied" on the close request, Windows ignores it there. Recent Samba gives the error message on the open call preceding that. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] No Error When Trying To Delete Protected Files With Windows Explorer
I have a file on a VMS system that I'm accessing using a SAMBA share. When I delete the file, the icon disappears from the browser window as if it's been deleted. On the VMS host, the file is still there, and cannot be deleted because it's protected (no delete privilege). If I then press F5 to refresh the Browser window, the fie re-appears. A trace of the IP packets show that SAMBA is returning an 'Access Denied' message, but Windows doesn't seem to see it. Has anyone else come across this? Is it a known bug with Windows? Rob. *** Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquir...@randomhouse.co.uk Name & Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] error packet at smbd/blocking.c(318) cmd=36 (SMBlockingX) NT_STATUS_FILE_LOCK_CONFLICT
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello I'm still in trouble with Word and Excel file on Samba shares that are read-only opened only I've increased the log level to 5 and then I get those error message error packet at smbd/blocking.c(318) cmd=36 (SMBlockingX) NT_STATUS_FILE_LOCK_CONFLICT Does this sounds familiar to anybody here ? Thanks a lot. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.11 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpUivEACgkQ6f7UMO5oSsWjeQCdHYhafyXgjVFZDOOYqpqfotGj 4LQAn1ZHE+RzuP7vtMcFiml0BXLxaKA/ =ab8j -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] recognizing netbios name
July 8, 2009 Nick Pappin npap...@latahfcu.org François Legal de...@thom.fr.eu.org samba@lists.samba.org Subject: [Samba] recognizing netbios name F Legal suggested: > If there is a router between your samba machine and your > windows machines (which all 3 are on the same subnet if > I understood correctly), then you probably need some > sort of name resolution service (either WINS as provided > by samba or DNS), as the broadcast packets used by the > machines to announce themselves to the network probably > won't traverse your router. Another option is building > an lmhosts file and distributing it all over the > machines. However, I think wins should work fine in > your case, so just add wins support = yes in smb.conf > then setup your windows machines to use the wins at the > address of your samba machine. W Nick Pappin asked: > Is the linux system and the windows boxes on the same subnet and network. Gentlemen: The hardware configuration is a router connected to a modem and the outside internet, and also connected to each of four computers by ethernet cables, so all computers are on the same subnet. Enabling WINS in smb.conf made no difference. Establishing an lmhosts file on a windows computer associating 192.168.0.4 with dell allowed ping dell to produce the same result as ping 192.168.0.4, but otherwise there was no improvement. One more drastic test. After becoming skeptical of smb.conf because no log files showed up where specified, I made a backup and deleted it entirely -- rm /etc/samba/smb.conf . On rebooting, there was no change, the Linux system could still read all windows computers, though they could not see the Linux system. So it seems Samba is paying no attention to smb.conf. Is there a way to communicate directly with Samba to find out what it is relying on? Robert T McQuaid original request below: July 6, 2009 Samba samba@lists.samba.org Subject: recognizing netbios name I have a Fedora 10 Linux system connected through a router to three windows computers (XP+XP+Vista). The Linux computer seems unable to present a netbios name to the rest of the network. The Linux computer can read files from all of the Windows computers, but the windows computers cannot see anything on the Linux system. The following diagnoses have already been made: I shut off the modem connecting to the internet, then disabled all firewalls. No improvement. I looked in the router for its table of attached devices. It lists a device name for the windows computers, a blank for the Linux computer. The device name is what windows puts after \\ on a remote file name, and what Samba calls netbios name. The only communication from a windows computer that responds is ping 192.168.0.4 . A ping with a netbios name fails with the diagnostic: A ping request could not find host Dell. Please check the name and try again. File /etc/samba/smb.conf (with most comments omitted) looks like: [global] #--authconfig--start-line-- # Generated by authconfig on 2009/07/04 13:50:55 # DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--) # Any modification may be deleted or altered by authconfig in future workgroup = GLORP security = user idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = false winbind offline logon = false #--authconfig--end-line-- server string = Samba Server Version %v netbios name = Dell hosts allow = 127. 192.168.0.1 192.168.0.2 192.168.0.3 192.168.0.4 192.168.0.5 log file = /var/log/samba/log.%m max log size = 50 log level = 3 passdb backend = tdbsam load printers = yes cups options = raw [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes What does it take to get windows to recognize the Linux system? Robert T McQuaid Mattawa Ontario Canada -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] bash change from "r...@myserver" to "administra...@myserver"
Hi Guys, I have posted this subject long time ago but this problem still persistently happens on my linux+pdc server. Here is my server detail , CentOs5.1 + Samba-3.0.25b + Fedora Directory Server So far every is running fine. It is just one thing I don't understand what I have done wrong. Normally if you open teminal window it should be like " [r...@myserver /]" but sometime when I sat in front the server and open a terminal then it showed "[administra...@myserver /]# " . And after I rebooted the server ,it changed back to [r...@myserver /]" I could not reconstruct the problem whether when it will happen again. Please find below my nsswitch.conf and system-auth file # # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd:db files nisplus nis #shadow:db files nisplus nis #group: db files nisplus nis passwd: files ldap shadow: files ldap group: files ldap #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files #networks: nisplus [NOTFOUND=return] files #protocols: nisplus [NOTFOUND=return] files #rpc:nisplus [NOTFOUND=return] files #ethers: nisplus [NOTFOUND=return] files #netmasks: nisplus [NOTFOUND=return] files bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files ldap rpc:files services: files ldap netgroup: files ldap publickey: nisplus automount: files ldap aliases:files nisplus == /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. authrequired pam_env.so authsufficientpam_unix.so nullok try_first_pass authrequisite pam_succeed_if.so uid >= 500 quiet authsufficientpam_ldap.so use_first_pass authrequired pam_deny.so account required pam_unix.so broken_shadow account sufficientpam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so passwordrequisite pam_cracklib.so retry=3 passwordsufficientpam_unix.so md5 shadow nullok try_first_pass use_authtok passwordsufficientpam_ldap.so use_authtok passwordrequired pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_ldap.so Thank you , Tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] VFS recycle & force user
I tried both - "recycle:repository = .recycle/%U" and also "recycle:repository = .recycle/%u" But with same result - samba maked directory .recycle/force_user :( L. On Tue, 7 Jul 2009, Dale Schroeder wrote: Try recycle:repository = .recycle/%U That changes service user to session user. Dale dese...@linuxbox.cz wrote: Hi, i have problem with share with parametr "force user" Here i my settings of VFS modul recycle vfs object = recycle recycle:repository = .recycle/%u recycle:maxsize = 5000 recycle:exclude = *.tmp *.temp *.o *.obj ~$* recycle:exclude_dir = sdileni/*/profile* tmp temp cache recycle:versions = yes recycle:touch = yes recycle:keeptree = yes and this is my share [my_share] path = /home/sdileni/instalace comment = software, instalace force group = smbgroup force user = smbuser public = yes If i delete some file from this share, then samba make directory .recycle/smbuser. But in older version (for example Samba 3.3.0) samba maked directory .recycle/real_user - and this i need! It's possible? I must have something new in configuration or is this new behavior of samba? thanks, Lukas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
