[Samba] Problem joining Member Server to domain
I am following this guide https://wiki.samba.org/index.php/Samba4/Domain_Member to add my Samba 4.0.3 file server as a Member Server, but I am stuck with an error message after trying to run this command: # net ads join -U administrator Using short domain name -- SAM Joined '' to dns domain 'sam.ba' No DNS domain configured for . Unable to perform DNS Update. DNS update failed: NT_STATUS_INVALID_PARAMETER # The error is the same whether trying to connect Windows 2008 R2 or Samba 4 AD DC. Kerberos and Samba configuration files are the same as in the guide. After changing the entry in hosts file to "127.0.0.1 hostname.sam.ba hostname" the error message becomes: # net ads join -U administrator Enter administrator's password: Using short domain name -- SAM Joined '' to dns domain 'sam.ba' DNS Update for hostname.sam.ba failed: ERROR_DNS_UPDATE_FAILED DNS update failed: NT_STATUS_UNSUCCESSFUL # I am able to set this server up and running as an additional DC, but not as a Member Server. How to troubleshoot this error? Or maybe there is a better option to authenticate users against AD for Samba 4 file share access? -- View this message in context: http://samba.2283325.n4.nabble.com/Problem-joining-Member-Server-to-domain-tp4647512.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] how to upload printer driver from 64bit windows 7/8?
Hello, Anyone know how to upload 64bit printer driver to a samba server from x64 windows so that all x64 PC can do point and print? When I browser to //server with 64bit windows 7/8 , there's no "Printers" folder at the server. I cannot view the printer properties and upload printer driver as I usually do with 32bit windows XP. Any help? Thanks Kind regards Graeme Porter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Update DNS Records When Client IP Changes
I recently changed my entire DHCP setup around causing all my clients to receive new IP addresses. I was running it so that all the clients used DHCP, but the DHCP server was issuing out preferred addresses, so basically none of the client's addresses ever changed. When I changed my DHCP setup I did away with the preferred addresses setup and now all my clients are issued IP addresses at random. The problem is that the Samba 4.0.5 server (running the internal DNS server) still has all the old A records for the old addresses. I was under the impression that the entries (since they were created automatically when the computer joined the domain) were dynamic and changed if the client's IP address changed. Thats how it was when I ran Server 2008 R2. Is this not the case in Samba? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP_Migration_to_Samba
Hello Alexander Am 03.04.2013 10:32, schrieb Alexander Grober: Can it be possible to migrate an existing LDAP users ( or schemas) on Ubuntu 10.04.2 to the new Samba4 (Ubuntu 12.04.2) server? What exaclty you want to do? Is your current LDAP a samba3 installation? Then this might be the page you are looking for: http://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO Or is it just a LDAP server with unix accounts? Then you can write a small script that brings the accounts and its attributes to samba4. You only have to assign new passwords with samba-tool then (can be scripted, too). Please provide some more information what exactly you want to do. Then it's easier to help. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [samba4] crash of winbind after "ls -l /usr/local/samba/var/locks/sysvol"
Many thanks Michae for your answer,l here the results of bisect and some samba 'strange' console output. I hope this can help best regards Philippe - to produce the problem : - ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-fhs make install samba -i -M single wbinfo --uid-info 300 - last bisect : - git bisect good f77d5d6479c879c8770fbc9a6ca5656ef3e41019 is the first bad commit commit f77d5d6479c879c8770fbc9a6ca5656ef3e41019 Author: Timur Bakeyev Date: Wed Feb 27 16:25:07 2013 -0800 Fix bug # 9666 - Broken filtering of link-local addresses. This patch should address the problem with Link Local addresses on FreeBSD and Linux. Reviewed-by: Jeremy Allison Autobuild-User(v4-0-test): Karolin Seeger Autobuild-Date(v4-0-test): Fri Mar 1 18:21:19 CET 2013 on sn-devel-104 :04 04 e022079ce7298f5cfa9d99e51e7afedb35048b02 164c1aba055b0179d3b47f415f6e3e5b3cd7 M lib - and interesting : the samba console log when the wbinfo is working well is MUCH shorter : wbinfo ok : - Terminating connection - 'wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 interpret_string_addr_internal: getaddrinfo failed for name (null) (flags 4) [Name or service not known] not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 interpret_addr: host address is invalid for host fe80::5246:5dff:fea3:7167%eth0 Terminating connection - 'wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] wbinfo doing samba crash :: - Terminating connection - 'wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 interpret_string_addr_internal: getaddrinfo failed for name (null) (flags 4) [Name or service not known] not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 not adding non-broadcast interface tun0 not adding non-broadcast interface tun1 /usr/sbin/smbd: Allowed connection from 192.168.1.113 (192.168.1.113) /usr/sbin/smbd: init_oplocks: initializing messages. /usr/sbin/smbd: Transaction 0 of length 194 (0 toread) /usr/sbin/smbd: switch message SMBnegprot (pid 14995) conn 0x0 /usr/sbin/smbd: Requested protocol [PC NETWORK PROGRAM 1.0] /usr/sbin/smbd: Requested protocol [MICROSOFT NETWORKS 1.03] /usr/sbin/smbd: Requested protocol [MICROSOFT NETWORKS 3.0] /usr/sbin/smbd: Requested protocol [LANMAN1.0] /usr/sbin/smbd: Requested protocol [LM1.2X002] /usr/sbin/smbd: Requested protocol [DOS LANMAN2.1] /usr/sbin/smbd: Requested protocol [LANMAN2.1] /usr/sbin/smbd: Requested protocol [Samba] /usr/sbin/smbd: Requested protocol [NT LANMAN 1.0] /usr/sbin/smbd: Requested protocol [NT LM 0.12] /usr/sbin/smbd: GENSEC backend 'gssapi_spnego' registered /usr/sbin/smbd: GENSEC backend 'gssapi_krb5' registered /usr/sbin/smbd: GENSEC backend 'gssapi_krb5_sasl' registered /usr/sbin/smbd: GENSEC backend 'schannel' registered /usr/sbin/smbd: GENSEC backend 'spnego' registered /usr/sbin/smbd: GENSEC backend 'ntlmssp' registered /usr/sbin/smbd: GENSEC backend 'krb5' registered /usr/sbin/smbd: GENSEC backend 'fake_gssapi_krb5' registered /usr/sbin/smbd: ldb_wrap open of secrets.ldb /usr/sbin/smbd: AUTH backend 'sam'
Re: [Samba] Samba 3.6.13 configuration file issue
On Tue, Mar 26, 2013 at 02:22:19PM +0100, taom...@inwind.it wrote: > > https://bbs.archlinux.org/viewtopic.php?id=160161 > > This is my issue report for 3.6.13 version. Looking at the thread posts, it > is a common issue. After some test what I found is that samba (only 3.6.13 > version) in share mode completely ignores the "force user" and "force group" > directives. > Please add this to the bug tracking system, I don't have a bugzilla account > and I think it would be ridiculous creating it only for one issue report. Known bug which will be fixed in the next version. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't ping on the samba server with it's name
FIrst thing that comes to mind: is the machine that the samba4 AD DC is on also set as primary DNS on the client? A little bit more details about the setup would be welcome (clients receive ip-settings via dhcp? or static ips in a test-env?) Michael 2013/4/21 Ikram Dissem > Hi, > > I'm trying to configure samba as an AD DC so i'm referring to the > configuration described on the sambawiki > Everytthing works fine except that when i wont to manage Samba AD domain > with windows, this one didn't ping on the server machine only by the IP > adress. > it can't recognize the server by it's name > > i attached two capture screens one concerning the error and the other > concerning ip adress of the samba server > > i really don't know how to solve this problem, i should administrate the > samba domain as soon as possible > > Thanks for your response > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- Michael De Groote ICT-coordinator Sint-Pietersschool Korbeek-Lo ICT-support Sancta Maria Basisschool Leuven -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 migration
Follow the classic upgrade howto: https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO On Tue, Apr 2, 2013 at 10:28 AM, alxgrb wrote: > I have a question ... > > How can I migrate existing LDAP users ( or schemas) on Ubuntu 10.04.2 to > the > new Samba4 (Ubuntu 12.04.2) server? > > Does anyone have an idea? > Thanks for support > > Alex > > > > -- > View this message in context: > http://samba.2283325.n4.nabble.com/Samba4-migration-tp4646168.html > Sent from the Samba - General mailing list archive at Nabble.com. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- Atentamente, Andreas Calvo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 home share problem
On 30/04/13 14:32, Ricky Nance wrote: So for the homes (Yes HOMES not HOME) share to work you need winbind functioning (not necessarily pam auth, but at least winbind). You can follow http://wiki.samba.org/index.php/Samba4/Winbind ... If I get some time today I will write up some sharing stuff in the S4 howto. You will also need to add under [global] template homedir = /home/%U (if you want /home/username to work, it defaults to /home/DOMAIN/USERNAME or template homedir = /home/%D/%U ) Ricky @Ricky. Maybe you could you include information about being able to have whatever home directory you like by pulling unixHomeDirectory? It overcomes the restriction of the smb.conf template. I don't think the DC winbind does this yet so include a health warning too? Maybe this would be a good place to link out to: https://wiki.samba.org/index.php/Samba4/Domain_Member since the s4 howto seems to cater only for the DC (if it's the howto I think you have in mind) Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 home share problem
So for the homes (Yes HOMES not HOME) share to work you need winbind functioning (not necessarily pam auth, but at least winbind). You can follow http://wiki.samba.org/index.php/Samba4/Winbind ... If I get some time today I will write up some sharing stuff in the S4 howto. You will also need to add under [global] template homedir = /home/%U (if you want /home/username to work, it defaults to /home/DOMAIN/USERNAME or template homedir = /home/%D/%U ) Ricky On Tue, Apr 30, 2013 at 1:53 AM, Dave Pawson wrote: > On 30 April 2013 06:56, Daniel Müller wrote: > > Need to be: [home] not [homes] > > > http://www.sloop.net/smb.conf.html#SECTION DESCRIPTIONS > > shows [homes] not singular [home] > > HTH DaveP > > > > > > > > And you are up and running > > > > --- > > EDV Daniel Müller > > > > Leitung EDV > > Tropenklinik Paul-Lechler-Krankenhaus > > Paul-Lechler-Str. 24 > > 72076 Tübingen > > > > Tel.: 07071/206-463, Fax: 07071/206-499 > > eMail: muel...@tropenklinik.de > > Internet: www.tropenklinik.de > > --- > > -Ursprüngliche Nachricht- > > Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] > Im > > Auftrag von Csányi Krisztián > > Gesendet: Samstag, 23. März 2013 20:34 > > An: samba@lists.samba.org > > Betreff: [Samba] Samba4 home share problem > > > > Hi, > > > > I have installed Samba4 and the home share functionality is not > working. > > > > Samba version: 4.0.1 > > OS: Debian Squeeze > > Kernel: 2.6.32-5-amd64 > > > > The smb.conf: > > [global] > > workgroup = TESZT > > realm = TESZT.HU > > netbios name = FILESERVER > > server role = active directory domain controller > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > drepl, > > winbind, ntp_signd, kcc, dnsupdate > > load printers = no > > printing = bsd > > printcap name = /dev/null > > show add printer wizard = no > > disable spoolss = yes > > log level = 3 > > syslog = 3 > > syslog only = yes > > logon path = > > # logon home = \\fileserver\homes\%U > > logon drive = H: > > logon script = %U.cmd > > > > [netlogon] > > path = > > /opt/samba4/var/lib/samba/sysvol/fileserver.teszt.hu/scripts > > read only = No > > > > [sysvol] > > path = /opt/samba4/var/lib/samba/sysvol > > read only = No > > > > [homes] > > path = /home > > read only = no > > > > After a net use h: /home command on client I get this: > > System error 53 has occured. The network path was not found. > > > > The user I try: Administrator and the client OS is Windows XP Pro. > > I think the rights on the server are ok. > > When I try to set the home for Administrator in AD I get the answer: > > The system could not create the startfolder > > (\\fileserver\homes\Administrator), > > because can't find path. > > > > Is there anybody who can use this functionality? > > > > Please help. > > > > Thanks for the replies. > > > > Chris > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > -- > Dave Pawson > XSLT XSL-FO FAQ. > Docbook FAQ. > http://www.dpawson.co.uk > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ACL defaults and masks
Hello! In samba 3 we used create mask , force create.. to set file permisions. In samba 4 as I understand those options are ignored and default acls are used instead. But, is it possible to set by default different permisions on files and folders? For example on folders rwx, and on files rw-. Because I dont want to give x permision to file as I think it can be dangerous. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] segfault Re: Errors, errors, errors in log
On Mon, 29 Apr 2013 22:39:05 +0400 Александр Свиридов wrote: > Yes, I compiled it from source. So, as far as I uderstand you, you suggest > me to delete samba and install it again from source. > > If I am right, than I have three questions. > 1) How can I save current AD settings, to upload them into new samba? Running make install should not overwrite any runtime state. That said, backups are always encouraged. > 2) As I understand I have revision: 5727bfa. It has a meaning to install new > revision only if new revision has the necessary fix. But how can I check it? After updating your source tree, you can check to see whether the proposed fix is included by running git log. Please see: https://wiki.samba.org/index.php/Build_Samba#Updating_via_git Cheers, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3 dynamically enable or disable share
On Mon, 2013-04-29 at 07:05 -0700, Mauricio Alvarez wrote: > Michael, > > I really don't want to repartition--again! But yes, your idea is intresting. > As a point of note that is what LVM is for, the 20th century called and wants partitions back. Getting back on topic why not consider using registry based share definitions and make use of the available parameter. And then have Samba come up with the shares in "available = no" configuration, and when the script that mounts the disk is successful it updates the share definition so that it becomes "available = yes" using net conf? JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 classicupgrade w7 clients errors
We faced the following error while testing a Kerberos login on a linux machine joined in the domain by likewise-open: root@test:/etc# kinit test Password for test@MYDOMAIN.LOCAL : Warning: Your password will expire in less than one hour on Thu Jan 1 01:00:00 1970 What do actually mean: Minimum password age (days): 0 Maximum password age (days): 0 I've dumped all users from the builtin LDAP in Samba v4, and none of them had any reference to the password expiration date - they did have a value for the last time they changed the password though. It seems that it is really important to set a password expiration date after a classic upgrade, isn't it? On Tue, Apr 30, 2013 at 10:00 AM, Andreas Calvo wrote: > These are the current settings for the password expiration policy in the > domain: > Password complexity: on > Store plaintext passwords: off > Password history length: 0 > Minimum password length: 8 > Minimum password age (days): 0 > Maximum password age (days): 0 > > Is it necessary to set a value? > A lot of users are seeing the pop-up "windows needs your credentials. Log > off and on again". > > > On Mon, Apr 29, 2013 at 3:11 AM, Andrew Bartlett wrote: > >> On Sun, 2013-04-28 at 14:31 +0200, Andreas Calvo wrote: >> > I've changed some of my test users passwords, just to renew the password >> > expiration date. >> > I may check if they are still expired or if I have to set a new >> expiration >> > policy. >> > Is it set as a GPO or using the samba-tools? >> >> Password expiry for the domain is applied using samba-tool: >> >> samba-tool domain passwordsettings >> >> As Samba can't read GPO files (but can serve them to clients), we don't >> follow anything from the GPO. The only exception is that if a windows >> DC shares the domain, and it has the GPO files, it will 'fix' the >> directory to match the GPO. >> >> Andrew Bartlett >> -- >> Andrew Bartlett >> http://samba.org/~abartlet/ >> Authentication Developer, Samba Team http://samba.org >> >> >> > > > -- > Atentamente, > Andreas Calvo > -- Atentamente, Andreas Calvo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 classicupgrade w7 clients errors
These are the current settings for the password expiration policy in the domain: Password complexity: on Store plaintext passwords: off Password history length: 0 Minimum password length: 8 Minimum password age (days): 0 Maximum password age (days): 0 Is it necessary to set a value? A lot of users are seeing the pop-up "windows needs your credentials. Log off and on again". On Mon, Apr 29, 2013 at 3:11 AM, Andrew Bartlett wrote: > On Sun, 2013-04-28 at 14:31 +0200, Andreas Calvo wrote: > > I've changed some of my test users passwords, just to renew the password > > expiration date. > > I may check if they are still expired or if I have to set a new > expiration > > policy. > > Is it set as a GPO or using the samba-tools? > > Password expiry for the domain is applied using samba-tool: > > samba-tool domain passwordsettings > > As Samba can't read GPO files (but can serve them to clients), we don't > follow anything from the GPO. The only exception is that if a windows > DC shares the domain, and it has the GPO files, it will 'fix' the > directory to match the GPO. > > Andrew Bartlett > -- > Andrew Bartletthttp://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > > > -- Atentamente, Andreas Calvo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba