Re: [Samba] Re: Wow im dumb
On Wed, 2003-01-08 at 18:24, Jim wrote: Samba uses 137, 138 and 139 according to the docs however you may also want 445 which is M$'s AD. Stephen Kuhn wrote: On Wed, 2003-01-08 at 14:07, tufkal wrote: I think the reason im getting problems is the PC that is running SAMBA is also my firewall, and it blocks pretty much all requests, even from internal addresses. What port(s) do I need to open? Or now am I really confused? port 139 Beauty - learn something new everyday that I don't RTFM! (Guess I should do that someday...I'll get around to it...) -- Wed Jan 8 19:00:01 EST 2003 7:00pm up 1:48, 4 users, load average: 0.16, 0.18, 0.57 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- It is not well to be thought of as one who meekly submits to insolence and intimidation. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba 2.2.7 (cosmetic ?) bug
FYI : problem with smbstatus -b using samba 2.2.7 on mandrake 8.0 with custom kernel 2.4.19, acls (on ext2), winbind, quotas domain separator \ smbstatus -S ouputs lines like this : share DOMAIN\USER-1 DOMAIN\GROUP-1 pid# user-1 (192.168.1.1) Mon Jan 6 15:39:34 2003 whereas smbstatus -b outputs lines like this : pid# DOMAIN\Uuser-1 Wed Jan 8 09:17:40 2003 any winbind/acl info is otherwise ok (getfacl, ls -l, ...) with -b, the username (now in lowercase) is prefixed by its first letter in uppercase (ie user john will display as Jjohn, user as Uuser) but in one case : if the client is a nt server the prefix letter becomes a lowercase m (nt-srv will display as mnt-srv) well it doesn't seem to hurt, but... - * - * - * - * - * - * - Bien sûr que je suis perfectionniste ! Mais ne pourrais-je pas l'être mieux ? Thierry ITTY eMail : [EMAIL PROTECTED] FRANCE -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba help
To whom it may concern I am a tech student who is using samba on one computer and windows 200 pro on another, (with cross over cables) I am configuring the smbd and nmbd, I have created my users, printers, and I have also created and made it possible for them to have a folder with the users name on it that they can access. My problem lies where every time a new user logs on with his name and password the folder from the previous user carries over to the new users account, how do I correct this problem? Desperately wanting to know and learn Computer Tech student Marilyn Flores
[Samba] Problem with some applications
Hi, I have a few apps that won't work with samba; when I install the application locally i don't have problems, when I install them on a samba share I get the following error: Unable to register g:\path to\ONWDB.dll Other applications do work correct... Any ideas or more info needed? greetz Hans -- Hans Scheffers http://www.jiffie.nl/stamboom/ Croll's Query: If tin whistles are made of tin, what are foghorns made of? Linux Kernel 2.4.18-19 on a i686 - userid 282784 @ http://counter.li.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Default domain for winbindd?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Message: 18 Date: Tue, 7 Jan 2003 16:47:44 -0800 From: Chris Palmer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Samba] Default domain for winbindd? [...] It'd be nice if there were an smb.conf option for [global] like default = winbind domain =3D WHATEVER. Is there a plan to include such a feature = in the future, or does this feature exist and I just haven't found it? Try 'winbind use default domain' in the global section of smb.conf, and it will use the default domain (the one which is already listed in 'workgroup'). It's not supported by the samba team on 2.2.x, but it works quite well for authentication via pam (there are apparently issues with samba, specifically ACLs). We (Mandrake 9.0) use it when selecting Windows Domain as the authentication method during installation (out-the-box winbind works on it ...), but our config for that setup doesn't have any file shares enabled to ensure people don't have problems which aren't of their own making ... Buchan - -- |--Another happy Mandrake Club member--| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+G/QqrJK6UGDSBKcRAufdAKCzENIXCPasg35OhM9nd8LD8gpZLgCgrfG7 XJvdL64iqOqD+0JBuF6lp24= =XJGD -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] password validation
Hello, when using security = server and encrypt passwords = yes , user is validate using secret.tdb, password server or /etc/password? i have create diferrent password for all three above (but same username), it seems it can use all of password. i'm using samba 2.2.7, it seems the default value for encrypt passwords is yes (which is no in smb.conf man pages), is it correct? TIA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with some applications
On Wed, 2003-01-08 at 20:41, Hans Scheffers wrote: Hi, I have a few apps that won't work with samba; when I install the application locally i don't have problems, when I install them on a samba share I get the following error: Unable to register g:\path to\ONWDB.dll Other applications do work correct... Any ideas or more info needed? greetz Hans What perms are setup on the Samba shares? Oh, and what application is this that is choking and puking? I tried in vain to locate onwdb.dll all over the place, so I can't identify the application... -- Wed Jan 8 21:05:00 EST 2003 9:05pm up 3:53, 4 users, load average: 0.22, 0.43, 0.37 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- I meant, said Iplsore bitterly, what is there in this world that makes living worthwhile? Death thought about it. CATS, he said eventually, CATS ARE NICE. -- Death is obviously not a dog person (Terry Pratchett, Sourcery) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SambaXP 2003
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, all! we would like to invite you to the 2nd samba eXPerience! Again one and a half day of talks, breaks and party will tell you almost everything about SAMBA in development and usage. We would appreciate to see you again in Göttingen! samba eXPerience 2003 * At April 14th and 15th 2003 developers and users will meet again in Göttingen, Germany at the second international SAMBA conference, the samba eXPerience 2003. The first conference in April 2002 has been a very successfull event with more than 160 participants from all over the world. To repeat this item in 2003 was an obligation for the organizers. The meeting will again take place in the awarded best german conference hotel Freizeit In. (And do not miss the party at monday night!) The call for papers is open until February 14th 2003. Please find all neccessary information at the conference homepage: http://sambaXP.org. CU in April! Volker -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Key-ID D32186CF, Fingerprint available: phone +49 551 370 iD8DBQE+G/rxOmSXH9Mhhs8RAtOWAKCWJNBz64vp2RBN3W3ziwz1afNfEgCff5kH o3HVGxMOhrQYOiOFVblq9BM= =nVOV -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba and bin/text modes
Hello samba, I would like an advice on following: is there any way how to tell samba what transfer mode to use? I think I read that samba does only binary and to use text you have to use something else. We have windows machines using text files on linux samba server and i need to transfer those files in text mode. Can anyone help me please? -- Best regards, Martin mail [EMAIL PROTECTED] mobile +421.907.303.393 icq34358414 wwwhttp://www.corwin.sk PGP key fingerprint 21365ca05ecfd8aeb1cf19c838fff033 In those days spirits were brave, the stakes were high, men were real men, women were real women and small furry creatures from Alpha Centauri were real small furry creatures from Alpha Centauri. by Douglas Adams -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] oot: reply-to
Hello, I'm just subcribe this list and it seems when replying to mail from this list, reply goes to sender instead of the list (whic is little bit annoying). is it by default or my mail client did not handle it properly? tks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Troubleshooting Printer setup
Resolved ! I am running SuSE V8.0, and Samba 2.2.7a on a small network server. I have been having problems relating to sorting out printing from an NT4 workstation to a laser printer on the Samba server. I had to reboot my Windoze PC and am logged in as myself (I have Administrator rights). I can see the shares by looking for the computer through Network Neighborhood from Windows NT using the ip 192.168.0.5 or by the PC name penguinand can proceed to launch the wizard and add the printer, however it fails on trying to finish the process. I get the error message: Operation could not be completed. Access denied! I am assuming that a configuration file is not being written due probably to a permissions issue, if this is the case then I am at a loss to know what and where the permissions have to be changed. Error in samba configuration. [printers] needed public = yes. Thanks, John Could someone set me straight here? Any advice appreciated. John This email has been pre-scanned using the latest Anti Virus software for your peace of mind. Please remember to maintain your own anti virus up to date with the latest reference files. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba This email has been pre-scanned using the latest Anti Virus software for your peace of mind. Please remember to maintain your own anti virus up to date with the latest reference files. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] oot: reply-to
if you reply to all it will go to the sender and cc to the list - Kristyan Osborne IT Technician Longhill High School 01273 391672 -- Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. -Original Message- From: Beast [mailto:[EMAIL PROTECTED]] Sent: 08 January 2003 17:32 To: [EMAIL PROTECTED] Subject: [Samba] oot: reply-to Hello, I'm just subcribe this list and it seems when replying to mail from this list, reply goes to sender instead of the list (whic is little bit annoying). is it by default or my mail client did not handle it properly? tks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] oot: reply-to
On Thu, 2003-01-09 at 04:32, Beast wrote: Hello, I'm just subcribe this list and it seems when replying to mail from this list, reply goes to sender instead of the list (whic is little bit annoying). is it by default or my mail client did not handle it properly? tks. First time I remember it being mentioned...hmmm...but never seemed to have any problems before... -stephen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Nuevo software de autopublicacion -Publicidad-
Title: Nota informativa - Publicidad Con nuestro nuevo software, solo hay que rellenar formularios, nunca fu tan facil. Haga tambien sus catlogos en CD. (con autoarranque a partir de la informacin ya introducida). DESCARGUESE NUESTRO programa demostracin gratuito. VEA POSIBILIDADES EN... BORRAR su e-mail automticamente CLICK AQUI ___ Mensaje publicitario. Los datos que disponemos no tienen caracter personal de ningn tipo. Este mensaje se enva en concordancia con la nueva legislacin sobre correo electrnico (LSSI) (Articulos 18,19 y 21 titulo lll. Comunicaciones comerciales via electronica).
Re: [Samba] Eudora slow moving from samba 1.9.18p10 to latest
Paul: It's really a pretty basic smb.conf # Global parameters [global] workgroup = XXX log file = /xxx/xxx/samba/log.%m max log size = 2000 name resolve order = host wins bcast max open files = 1000 os level = 255 preferred master = Yes wins support = Yes kernel oplocks = No guest account = xxx create mask = 0660 directory mask = 0770 force directory mode = 02000 hosts allow = 192.168.254. short preserve case = No include = /opt/samba/lib/smb.conf. [home] comment = Home Directories path = /export/home read only = No create mask = 0600 directory mask = 0700 guest ok = Yes I had guessed you where running a pop3 daemon of some kind. I was just intrigued by your statement 'which pick up their mail boxes from home directories on Solaris machines using samba shares.' I took that as you where some how reading the /var/mail mailboxes directly without using pop3 by mounting them thru a share. We actually use a different Solaris box as our pop3/imap mail server. The above smb.conf is from our file server where the Eudora mailboxes, address books, etc are kept for each user. I use the [home] share above instead of the default [homes] so that users can see other directories in /export/home other than their own. Good Luck. At 11:14 AM 01/08/2003 +, Paul Ostro wrote: Hi, Thomas. Thanks for the reply. We are running a pop3 daemon on a Solaris (2.8) machine - not sure which one. Eudora runs on NT clients and gets mail from the pop3 daemon. The Eudora mailboxes (and other files) are on the users home directories, which are mounted by a drive letter. Eudora places the incoming mail from pop3 into these mailboxes. The home directory drive is mounted onto a Samba share. I suspect it is the settings for this share which are causing Eudora to run slowly. If you have a comparable setup, and it is working OK, would you be willing to share your [global] settings and the settings from the mailbox share, all from smb.conf? You may want to disguise paths etc for security reasons? Thanks again, Paul At 14:41 07/01/03, Thomas G. Tri wrote: We are also running Eudora (v5.1 v5.2) against a Samba server v2.2.7 running Solaris 2.7. How are the PC clients picking up their mail boxes from home directories. Are you creating some kind of symbolic link to the mailboxes in /var/mail? Is the Solaris box retrieving the mail from /var/mail into their home directories? Are you running a pop3 or imap server on the Solaris box? We are using an old version of Sun Internet Mail Server (v2.0) as a pop3 server without problems. Thanks, Tom At 05:00 PM 01/06/2003 +, [EMAIL PROTECTED] wrote: Message: 13 Date: Mon, 06 Jan 2003 11:01:29 + To: [EMAIL PROTECTED] From: Paul Ostro [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [Samba] Eudora slow moving from samba 1.9.18p10 to latest We are (only just) upgrading from Samba 1.9.18p10 to the latest 2.2.7a. We run Eudora 5.1 on our PC clients, which pick up their mail boxes from home directories on Solaris machines using samba shares. When we install the new Samba, all our Samba clients slow down incredibly. I suspect here is a change in the Samba config file requirements between the versions? Has anyone else already solved this, please? Thanks, Paul Dept. Medical Physics, UCL Hospitals, LONDON WC1E 6JA -- Dr. Paul Ostro CEng SRCSc Tel: 020 7679 6272 Dept. Medical Physics, Fax: 020 7679 6269 UCL Hospitals, Shropshire House (1st Floor)Email: [EMAIL PROTECTED] 11-20, Capper St., [EMAIL PROTECTED] LONDON WC1E 6JA -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with some applications
Permissions i have set to 777... no change what so ever The application is a dutch bank application, using its own database format ... the other choking one is antoher bank its application, this application just gives a runtime dll error, without even telling which dll causes teh problem. Installing them both locally solves the problems.. Greetz On Wed, 2003-01-08 at 11:14, Stephen Kuhn wrote: On Wed, 2003-01-08 at 20:41, Hans Scheffers wrote: Hi, I have a few apps that won't work with samba; when I install the application locally i don't have problems, when I install them on a samba share I get the following error: Unable to register g:\path to\ONWDB.dll Other applications do work correct... Any ideas or more info needed? greetz Hans What perms are setup on the Samba shares? Oh, and what application is this that is choking and puking? I tried in vain to locate onwdb.dll all over the place, so I can't identify the application... -- Wed Jan 8 21:05:00 EST 2003 9:05pm up 3:53, 4 users, load average: 0.22, 0.43, 0.37 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- I meant, said Iplsore bitterly, what is there in this world that makes living worthwhile? Death thought about it. CATS, he said eventually, CATS ARE NICE. -- Death is obviously not a dog person (Terry Pratchett, Sourcery) -- Hans Scheffers http://www.jiffie.nl/stamboom/ E.T. GO HOME!!! (And take your Smurfs with you.) Linux Kernel 2.4.18-19 on a i686 - userid 282784 @ http://counter.li.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with some applications
I'm not sure it is best idea to set permission into 777, maybe you should try permisions 777 for directories and 744 for files? It's only idea... Lukasz Permissions i have set to 777... no change what so ever The application is a dutch bank application, using its own database format ... the other choking one is antoher bank its application, this application just gives a runtime dll error, without even telling which dll causes teh problem. Installing them both locally solves the problems.. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem with some applications
you probably want to play with some locking things like fake oplocks or oplocks = yes or no. These kind of apps sometimes still use old 16 bit code and do WeIrD calls to novell-style locking and such. -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Hans Scheffers Verzonden: Wednesday, January 08, 2003 3:06 PM Aan: [EMAIL PROTECTED] Onderwerp: Re: [Samba] Problem with some applications Permissions i have set to 777... no change what so ever The application is a dutch bank application, using its own database format ... the other choking one is antoher bank its application, this application just gives a runtime dll error, without even telling which dll causes teh problem. Installing them both locally solves the problems.. Greetz On Wed, 2003-01-08 at 11:14, Stephen Kuhn wrote: On Wed, 2003-01-08 at 20:41, Hans Scheffers wrote: Hi, I have a few apps that won't work with samba; when I install the application locally i don't have problems, when I install them on a samba share I get the following error: Unable to register g:\path to\ONWDB.dll Other applications do work correct... Any ideas or more info needed? greetz Hans What perms are setup on the Samba shares? Oh, and what application is this that is choking and puking? I tried in vain to locate onwdb.dll all over the place, so I can't identify the application... -- Wed Jan 8 21:05:00 EST 2003 9:05pm up 3:53, 4 users, load average: 0.22, 0.43, 0.37 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- I meant, said Iplsore bitterly, what is there in this world that makes living worthwhile? Death thought about it. CATS, he said eventually, CATS ARE NICE. -- Death is obviously not a dog person (Terry Pratchett, Sourcery) -- Hans Scheffers http://www.jiffie.nl/stamboom/ E.T. GO HOME!!! (And take your Smurfs with you.) Linux Kernel 2.4.18-19 on a i686 - userid 282784 @ http://counter.li.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] FW: files with dot at the end of the name
-Original Message- From: Tim Potter [mailto:[EMAIL PROTECTED]] Sent: Monday, January 06, 2003 5:12 PM To: Mitchell, Sharlene K. (KTR)~U Subject: Re: files with dot at the end of the name On Mon, Jan 06, 2003 at 03:48:41PM -0600, Mitchell, Sharlene K. (KTR)~U wrote: I am having trouble with reading files with dots at the end of the name. We are using a Unix machine as our map server. When looking at the files on the Unix side, the files I am trying to read have the following format . where a is an alphabetic character. When I copy a file, the dot is stripped off; however, when I try to read the content directly through Samba, I get an error. Do we have something set incorrectly in Samba? This is a Unix - W2K interface. Please send your question to [EMAIL PROTECTED] The mailman-owner address is for administration of the mailing lists only. Regards, Tim. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Sigh....ok once more with feeling
Message: 1 Subject: Re: [Samba] Sighok once more with feeling From: Stephen Kuhn [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Organization: Kuhn Media Australia Date: 08 Jan 2003 15:26:31 +1100 On Wed, 2003-01-08 at 15:17, tufkal wrote: The firewall didnt help matters. I think its FUBAR and I need to reformat anyways, so ill reformat and reinstall and put fresh SAMBA up, on Mandrake 9.0. I'd like to point out that MDK 9 DOES have some firewall issues - with the built-in stuff - most users end up removing it altogether and using a different package other than the one that comes bundled with MDK. If you can manage to NOT install the Shorewall (or whatever it's called) from the MDK installation, I think you might fare a tad bit better on the initial setup of Samba... ...can't hurt to try. There's nothing wrong with shorewall (I have it in production on many 8.2 boxes, and a few 9.0 boxes, with some default setups, some very complex ones using the MNF interface to modify rules). There is one issue affecting internet connection sharing on 9.0, incorrect setting of the NIC as gateway (it's listed in the errata). Unofortunately most users posting haven't even bothered to read the errata before blaming something new ... Anyway, configuring a firewall is no trivial matter, and the poster didn't try with his firewall disabled to prove whether it was the firewall or not (though I suspect it wasn't). Please don't FUD the list, unless you have a bug report in Mandrake bugzilla ... (https://qa.mandrakesoft.com) or an issue in Mandrakeexpert.com to which you are willing to refer us. The system has 2 NICs and NET_MASQ shares internet to the XP machine. Therein it acts as a DHCP server and has a firewall. I will open 139 from the start next time. From this basic square one setup, how do I get to my objective? Objective being, all I want is to be able to access directories on my linux box from my windows box via Explorer for drag drop. I can mount on my linux box, folders being shared by the windows machine. I have been able to do that for a while (I love LinNeighborhood). I just wanna do the reverse. I think that once your firewall issues are resolved, the next steps are easy. Somehow I think not, since IIRC, he was getting a user/password prompt. Probably needs to apply the signorseal reg patch to his XP box. Of course, testing with another os on the client (knoppix or win9x/winnt/win2ksp3) or shutting down the firewall to test would help narrow down the problem. Buchan -- |--Another happy Mandrake Club member--| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How to enforce the client to download the profile from the server
Thanks a lot for your help. The problem is partially solved. However, for the Samba Server not to overwrite the profile, I have to delete the exclusion list every time I logout from the client, i.e. ntuser.ini is being written back to the server every time i logout with the same Exclusion List, although I changed it before login in. Could you please tell me where can i change settings (may be default user on Samba Server?) so i won't get the same ntuser.ini written to the server every time i logout. Thanks you in advance! Dimitry. - Original Message - From: Laurent Hofmann [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 20, 2002 8:53 PM Subject: [Samba] Re: How to enforce client to download the profile form server hello, as a clue you should take a look at ntuser.ini in the profile location of an user : [General] ExclusionList=Local Settings;Temporary Internet Files;Historique;Temp;Local Settings\Application Data\Microsoft\Outlook; This is the list of folders of the profile that do not synchronize... I think this can help ;) Please send me your feedback :) Laurent HOFMANN Owens, Bob [EMAIL PROTECTED] a Ècrit dans le message de news: [EMAIL PROTECTED] Help to see your smb.conf but here is mine it may help. [global] logon path = \\%L\Profiles\%U [Profiles] path = /data/domain/Profiles/ browseable = no writable = yes valid users = @domusers create mode = 0770 directory mode = 0770 force group = root -Original Message- From: Dimitry Surkov [mailto:[EMAIL PROTECTED]] Sent: Friday, December 20, 2002 10:07 AM To: [EMAIL PROTECTED] Subject: [Samba] How to enforce client to download the profile form server Dear all, i have the following problem. my smb.conf is working, but clients cannot download their profiles from the server. I explain this on an example: i have two windows machines: #1 and #2 i) i delete all local profiles in windows and a profile of user in unix ii) login to machine #1, have the win dialog as though i just started the machine for the first time (which is true), set my personal settings in Outlook. logout iii) login to machine #1 again and everything functions o.k., logout iii) login to machine #2, i have the same win dialog as though i just started the machine, although it is not the case, since i was on machine #1 already and no settings in Outlook. logout iv) login to machine #1, the profile is gone, i do not have the win start dialog again, but my outlook settings are gone. What could it be? It seems that the windows machine uploads the profile to the server, but in case of start on the same machine the local profile is being used. However the new machine does not download the profile, but overwrites it with a new locally created profile. SO, as i see it the problem is: the client does not download the profile form the samba server. Please help. Thanks in advance. Dimitry Surkov mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Tree
Seems I have a bit of a problem with my new installation of Samba. I am trying to connect to my Win98 machine from the linux setup using the following: smbclient //buffy/ve1drg and I get this: tree connect failed: ERRSRV - ERRinvnetname (Invalid network name in tree connec t.) Anyone have anythoughts on where I should look. I can reach the Linux machine from Windows98 but I get this error above, when I try and go the other way. Windows98 machine is called 'buffy' and ve1drg is a user on that machine.. -- T.L.Gervais Coldbrook, NS Canada. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Removing requirement for local machine accounts
I'm looking for a way to not have to worry about machine accounts on the server. My organization is looking to move thousands of machines and many locations to XP and, if possible, we'd like to avoid the headache of managing more system and samba accounts. Basically, I'd like a way to say I don't care who joins my domain, just do whatever is necessary to make them think they have. I'd be willing to pay for such a feature (please contact me via email). It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). Any help to reach my goal is appreciated. Thanks! -- Dan Peterson [EMAIL PROTECTED] http://danp.net A bunch of programs like this adds complexity, which is a security problem itself. --Jim Reid, http://groups.google.com/groups?selm=aklouh$8t1$[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing requirement for local machine accounts
Hi Dan, To allow everyone to join your domain you can use this in your smb.conf (got this idea from Art): add user script = sudo /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ With this you will give rights to everyone to create users, I think it's a little dangerous and you'll still have to manage the machine accounts created by the users. Hope it helps. Bruno. Dan Peterson wrote: I'm looking for a way to not have to worry about machine accounts on the server. My organization is looking to move thousands of machines and many locations to XP and, if possible, we'd like to avoid the headache of managing more system and samba accounts. Basically, I'd like a way to say I don't care who joins my domain, just do whatever is necessary to make them think they have. I'd be willing to pay for such a feature (please contact me via email). It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). Any help to reach my goal is appreciated. Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing requirement for local machine accounts
Bruno Gimenes Pereti [EMAIL PROTECTED] wrote: add user script = sudo /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ Unfortunately, this is where the headache comes from. We rsync necessary password files (both system and samba) to many FreeBSD and Linux machines every few minutes. These are generated from a PostgreSQL database which we'd rather not clutter with extra accounts if possible. So, that's why I'd like each samba instance to just do whatever it needs to do to let machines think they've joined the domain without caring about system and samba accounts. -- Dan Peterson [EMAIL PROTECTED] http://danp.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] VS: oplock_break (PR#26342)
-Oprindelig meddelelse- Fra: Simo Sorce [mailto:[EMAIL PROTECTED]] Sendt: 8. januar 2003 15:40 Til: Preben Sørensen Cc: Andrew Tridgell; Jeremy Allison; [EMAIL PROTECTED] Emne: Re: oplock_break (PR#26342) Please send help request to the users mailinglist [EMAIL PROTECTED] Simo. On Wed, 2003-01-08 at 15:38, [EMAIL PROTECTED] wrote: Full_Name: Preben Sørensen Samba_Version: 2.2.5 Server_OS: SCO Open Server 5.0.5 Client_OS: win98 Submission from: (NULL) (217.157.4.170) After changing from VisionFS ver. 3.1 to Samba 2.2.5 on a SCO Open Server ver. 5.0.5, the server work very slow, sometimes the users event can't save document on the server. In the server log fil /usr/adm/syslog there is logged at lot of entries about smbd as below. When I change back to VisionFS, the SCO Open Server run normaly. thor is the name of SCO Open Server. Can you help me? Best regards Preben Sørensen Dec 19 13:15:42 thor smbd[1678]: oplock_break: receive_smb timed out after 30 seconds. Dec 19 13:15:42 thor smbd[1678]: oplock_break failed for file word/pc3/13268-200.doc (dev = 12a, inode = 52773, file_id = 7). Dec 19 13:15:42 thor smbd[1678]: [2002/12/19 13:15:42, 0] smbd/oplock.c:oplock_break(868) Dec 19 13:15:42 thor smbd[1678]: oplock_break: client failure in oplock break in file word/pc3/13268-200.doc Dec 19 13:16:28 thor smbd[2206]: [2002/12/19 13:16:28, 0] smbd/oplock.c:oplock_break(790) Dec 19 13:16:28 thor smbd[2206]: oplock_break: end of file from client Dec 19 13:16:28 thor smbd[2206]: oplock_break failed for file word/dokument/sh1.doc (dev = 12a, inode = 51201, file_id = 1). Dec 19 13:16:28 thor smbd[2206]: [2002/12/19 13:16:28, 0] smbd/oplock.c:oplock_break(878) Dec 19 13:16:28 thor smbd[2206]: oplock_break: client failure in break - shutting down this smbd. Dec 19 13:17:00 thor smbd[2352]: [2002/12/19 13:17:00, 0] smbd/oplock.c:request_oplock_break(1008) Dec 19 13:17:00 thor smbd[2352]: request_oplock_break: no response received to oplock break request to pid 2206 on port 1288 for dev = 12a, inode = 51201, file_id = 1 Dec 19 13:17:31 thor smbd[2352]: [2002/12/19 13:17:31, 0] smbd/oplock.c:oplock_break(796) Dec 19 13:17:31 thor smbd[2352]: oplock_break: receive_smb timed out after 30 seconds. Dec 19 13:17:31 thor smbd[2352]: oplock_break failed for file word/dokument/sh1.doc (dev = 12a, inode = 51201, file_id = 1). Dec 19 13:17:31 thor smbd[2352]: [2002/12/19 13:17:31, 0] smbd/oplock.c:oplock_break(868) Dec 19 13:17:31 thor smbd[2352]: oplock_break: client failure in oplock break in file word/dokument/sh1.doc Dec 19 13:34:41 thor smbd[2744]: [2002/12/19 13:34:41, 0] lib/util_sock.c:read_data(436) Dec 19 13:34:41 thor smbd[2744]: read_data: read failure for 4. Error = Connection reset by peer Dec 19 13:41:42 thor smbd[3344]: [2002/12/19 13:41:42, 0] smbd/oplock.c:oplock_break(796) Dec 19 13:41:42 thor smbd[3344]: oplock_break: receive_smb timed out after 30 seconds. Dec 19 13:41:42 thor smbd[3344]: oplock_break failed for file word/dokument/sh1.doc (dev = 12a, inode = 51201, file_id = 1). Dec 19 13:41:42 thor smbd[3344]: [2002/12/19 13:41:42, 0] smbd/oplock.c:oplock_break(868) Dec 19 13:41:42 thor smbd[3344]: oplock_break: client failure in oplock break in file word/dokument/sh1.doc Dec 19 14:59:19 thor smbd[5346]: [2002/12/19 14:59:19, 0] smbd/oplock.c:oplock_break(796) Dec 19 14:59:19 thor smbd[5346]: oplock_break: receive_smb timed out after 30 seconds. Dec 19 14:59:19 thor smbd[5346]: oplock_break failed for file word/dokument/sh1.doc (dev = 12a, inode = 51201, file_id = 1). Dec 19 14:59:19 thor smbd[5346]: [2002/12/19 14:59:19, 0] smbd/oplock.c:oplock_break(868) Dec 19 14:59:19 thor smbd[5346]: oplock_break: client failure in oplock break in file word/dokument/sh1.doc Dec 19 15:07:23 thor smbd[5402]: [2002/12/19 15:07:23, 0] smbd/oplock.c:oplock_break(796) Dec 19 15:07:23 thor smbd[5402]: oplock_break: receive_smb timed out after 30 seconds. Dec 19 15:07:23 thor smbd[5402]: oplock_break failed for file word/dokument/brev-g.inc (dev = 12a, inode = 47791, file_id = 7). -- Simo Sorce- [EMAIL PROTECTED] Samba Team- http://www.samba.org Italian Site - http://samba.xsec.it -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing requirement for local machine accounts
On Wed, 2003-01-08 at 10:57, Dan Peterson wrote: I'm looking for a way to not have to worry about machine accounts on the server. My organization is looking to move thousands of machines and many locations to XP and, if possible, we'd like to avoid the headache of managing more system and samba accounts. Basically, I'd like a way to say I don't care who joins my domain, just do whatever is necessary to make them think they have. I'd be willing to pay for such a feature (please contact me via email). lucky for you this is already in place... as machines join a domain you can configure things so that the machine account is auto-created - see the howto collection. You may want to commission an automatic machine account deletion when machines leave the domain... As far as i know that doesn't happen yet. It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). the aliasing idea can't work because each machine must have its own password(it's updated automatically every x days) brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RH8 and Samba 3
Greetings everyone, Just a quick question, I hope. I installed the 3.0 alpha for an RH 8.0 test server. In the smb.conf file I have printing=cups and printcap=cups. In the cups.conf I have printcap=/etc/printcap When I start the Samba server and look at the log.smbd, it's telling me can't open printcap file cups for read! Is there a setting I have missed doing the upgrade? It was working fine with 2.2.7a. Thanks in advance :) Darin Bawden, -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing requirement for local machine accounts
Bradley W. Langhorst wrote: It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). the aliasing idea can't work because each machine must have its own password(it's updated automatically every x days) This is not strictly true. The machine passwords are kept in the file smbpasswd not in /etc/passwd. You could hack smbpasswd to always create machine accounts with a fixed UID. Then you only need one account in /etc/passwd with this UID instead of one account for each machine. -- == Herb Lewis Silicon Graphics Networking Engineer 1600 Amphitheatre Pkwy MS-510 Strategic Software Organization Mountain View, CA 94043-1351 [EMAIL PROTECTED] Tel: 650-933-2177 http://www.sgi.com Fax: 650-932-2177 PGP Key: 0x8408D65D == -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Error
Title: Samba Error Hello, I am trying to configure samba to basically allow win2k clients authenticate users using their NIS passwords. I have samba configured to specs as mentioned in documentation I came across, however I am unable to get this going. I am running Linux 7.2 and smaba 2.2.1a. I have also tried using Linux 7.3 with samba 2.2.7a and still received the same errors. I have also enabled plain text password on the win2k clients. I configured samba and ran the command ypcat passwd | mksmbpasswd.sh /etc/samba/smbpasswd Which goes ahead and grabs the NIS passwd file and cats it out to smbpasswd with place holders (XXX). I then add the syntax +:: in the /etc/passwd so that it can go out and check NIS for authentication as well. In theory (correct me if I am wrong) when I am trying to log in from the win2k client, it should try to authenticate from /etc/samba/smbpasswd then if it doesnt find the user it bounces out to /etc/passwd where it should check for the user their and if it reaches the end of the file it should then read +:: and bounce out to NIS. However this not occurring. At this point I just want to get the win2k clients to simply log in using NIS as its authentication so that I dont have to create separate accounts for the students both on the Unix and samba side. If this sounds a bit crazy (cause believe me at this point I have tried everything and could be losing my mind) or you cant understand what I am saying please do not hesitate to give me a call so that I may explain my situation better. Any help/assistance would be appreciate. Thanks in advance. Regards, Bobby Perez Voice: 732/445-3418 Email: [EMAIL PROTECTED]
FW: [Samba] RH8 and Samba 3
did you compile the cups support into samba ? ./configure --enable-cups -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Darin Bawden Verzonden: Wednesday, January 08, 2003 6:06 PM Aan: Samba List Onderwerp: [Samba] RH8 and Samba 3 Greetings everyone, Just a quick question, I hope. I installed the 3.0 alpha for an RH 8.0 test server. In the smb.conf file I have printing=cups and printcap=cups. In the cups.conf I have printcap=/etc/printcap When I start the Samba server and look at the log.smbd, it's telling me can't open printcap file cups for read! Is there a setting I have missed doing the upgrade? It was working fine with 2.2.7a. Thanks in advance :) Darin Bawden, -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing requirement for local machine accounts
On Wed, 2003-01-08 at 12:05, Herb Lewis wrote: Bradley W. Langhorst wrote: It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). the aliasing idea can't work because each machine must have its own password(it's updated automatically every x days) This is not strictly true. The machine passwords are kept in the file smbpasswd not in /etc/passwd. You could hack smbpasswd to always create machine accounts with a fixed UID. Then you only need one account in /etc/passwd with this UID instead of one account for each machine. sure - you could also use one of the nua passdb backends in samba3. I should have mentioned that in my first response. thanks for the clarification. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Account Disabled Error
Title: Account Disabled Error Has anyone come across the error Your account has been disabled. Please see your system administrator I receive this error when attempting to log in to my samba server from a Win2k client. Regards, bobby
[Samba] WinXP/WordXP Read-only problem
I'm experimenting with Samba 2.2.7a in my home office-- all is well except only I can open my Word files copied to our Samba share. All other users can only open them Read-only. Please help me correct this. Thanks, --EdB [EMAIL PROTECTED] Here's the smb.conf file: [global] netbios name = Server01 workgroup = TKG os level = 64 preferred master = yes domain master = yes local master = yes encrypt passwords = Yes security = user domain logons = Yes logon path = \\%N\homes\share\profiles\%u logon drive = U: logon home = \\%N\homes\%u logon script = logon.bat [NETLOGON] path = /usr/local/samba/lib/netlogon read only = yes write list = ntadmin [homes] comment = Home Directories browseable = no writable = yes guest ok = no read only = no [share] comment = Server Share path = /home/share public = yes read only = no write list = @staff -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RH8 and Samba 3
On Wed, Jan 08, 2003 at 11:06:04AM -0600, Darin Bawden wrote: Greetings everyone, Just a quick question, I hope. I installed the 3.0 alpha for an RH 8.0 test server. In the smb.conf file I have printing=cups and printcap=cups. In should this not be printecap=yer cups printcap fully qualified path name? the cups.conf I have printcap=/etc/printcap When I start the Samba server and look at the log.smbd, it's telling me can't open printcap file cups for -- David Bear College of Public Programs/ASU Mail Code 0803 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Firewalls (was: Sigh....ok once more with feeling)
I'm sure you all already know this, but it's generally better to have the firewall be a separate physical machine from any server or client machines. Among other reasons, if an attacker can exploit an application running on the firewall machine, the efficacy of the firewall is compromised. You should dedicate a hardened, minimally configured machine for firewall use. If you have lots of money, the Cisco PIX firewalls are reasonably good. OpenBSD on a PC is an excellent low-cost option. -- Chris PalmerSystems ProgrammerGeneEd -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with some applications
i know, but this was just for testing... the permissions can't be a problem anymore then greetz On Wed, 2003-01-08 at 15:24, £ukasz Maria Mcis³awski OP wrote: I'm not sure it is best idea to set permission into 777, maybe you should try permisions 777 for directories and 744 for files? It's only idea... Lukasz Permissions i have set to 777... no change what so ever The application is a dutch bank application, using its own database format ... the other choking one is antoher bank its application, this application just gives a runtime dll error, without even telling which dll causes teh problem. Installing them both locally solves the problems.. -- Hans Scheffers http://www.jiffie.nl/stamboom/ For a holy stint, a moth of the cloth gave up his woolens for lint. Linux Kernel 2.4.18-19 on a i686 - userid 282784 @ http://counter.li.org -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] RH8 and Samba 3
You would think so. However, according to the Samba docs, if im using cups I should set this to cups. At least, that's my understanding. Also, I've a production server running samba 2.2.7a w/out any problems, and its smb.conf is set to =cups. that's why I'm confused. Darin Bawden -Original Message- From: David Bear [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 12:11 PM To: Darin Bawden Cc: Samba List Subject: Re: [Samba] RH8 and Samba 3 On Wed, Jan 08, 2003 at 11:06:04AM -0600, Darin Bawden wrote: Greetings everyone, Just a quick question, I hope. I installed the 3.0 alpha for an RH 8.0 test server. In the smb.conf file I have printing=cups and printcap=cups. In should this not be printecap=yer cups printcap fully qualified path name? the cups.conf I have printcap=/etc/printcap When I start the Samba server and look at the log.smbd, it's telling me can't open printcap file cups for -- David Bear College of Public Programs/ASU Mail Code 0803 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RH8 and Samba 3
On January 8, [EMAIL PROTECTED] said: On Wed, Jan 08, 2003 at 11:06:04AM -0600, Darin Bawden wrote: Greetings everyone, Just a quick question, I hope. I installed the 3.0 alpha for an RH 8.0 test server. In the smb.conf file I have printing=cups and printcap=cups. In should this not be printecap=yer cups printcap fully qualified path name? Nope. printcap=cups and printing=cups works just fine. Cheers, Waider. -- [EMAIL PROTECTED] / Yes, it /is/ very personal of me. for god's sake, give me some credit. i may be an egocentric jerk, but i'm not a COMPLETE asshole. - Meredith -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem with some applications
On Thu, 2003-01-09 at 01:35, Steve Hardy wrote: you probably want to play with some locking things like fake oplocks or oplocks = yes or no. These kind of apps sometimes still use old 16 bit code and do WeIrD calls to novell-style locking and such. -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Hans Scheffers Verzonden: Wednesday, January 08, 2003 3:06 PM Aan: [EMAIL PROTECTED] Onderwerp: Re: [Samba] Problem with some applications Permissions i have set to 777... no change what so ever The application is a dutch bank application, using its own database format ... the other choking one is antoher bank its application, this application just gives a runtime dll error, without even telling which dll causes teh problem. Installing them both locally solves the problems.. Aside from playing with the oplocks, has this program been installed on a network before, or in a manner similar but using drive letters beyond C:\ and D:\ ? Because it would seem to me (thinking of an application issue first) that since the program is unable to locate owndb.dll, it's not necessarily able to search in that path for the dll...? Just a thought, though... -- Thu Jan 9 05:25:01 EST 2003 5:25am up 6:15, 4 users, load average: 0.51, 0.47, 0.49 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- If all men were brothers, would you let one marry your sister? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NetLogin error 5722 / Domain password server not available.
When W2K clients try to access a samba server joined to the domain, we get a NETLOGIN 5722 event: The session setup from the computer SAMBA failed to authenticate. The name of the account referenced in the security database is SAMBA$. The following error occured: Access is denied. The samba side of things is a bit more verbose (note error at bottom of page) I've found numerous references to this error online, but no solutions. One post suggested re-joining the domain, which I've attempted- the join succeeds, but authentication still fails. Join process: a) Add pre-Win2K account with AD Users and computers b) sudo smbpasswd -j EXAMPLE -r W2K -U Administrator%passwd c) in smb.conf: security = domain password server = W2K [2003/01/05 16:49:38, 3] /SourceCache/samba/samba-21/source/lib/util_sock.c:open_socket_out(830) Connecting to 192.168.1.2 at port 445 [2003/01/05 16:49:38, 4] /SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_req_chal(221) cli_net_req_chal: LSA Request Challenge from W2K to SAMBA: 965B45EE4F419A71 [2003/01/05 16:49:38, 4] /SourceCache/samba/samba-21/source/libsmb/credentials.c:cred_session_key(60) cred_session_key [2003/01/05 16:49:38, 4] /SourceCache/samba/samba-21/source/libsmb/credentials.c:cred_create(91) cred_create [2003/01/05 16:49:38, 4] /SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_auth2(132) cli_net_auth2: srv:\\WI2K acct:SAMBA$ sc:2 mc: SAMBA chal B58AF439B186C221 neg: 1ff [2003/01/05 16:49:38, 0] /SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_auth2(157) cli_net_auth2: Error NT_STATUS_ACCESS_DENIED [2003/01/05 16:49:38, 0] /SourceCache/samba/samba-21/source/rpc_client/cli_login.c:cli_nt_setup_creds(74) cli_nt_setup_creds: auth2 challenge failed [2003/01/05 16:49:38, 0] /SourceCache/samba/samba-21/source/smbd/password.c:connect_to_domain_password_server(1340) connect_to_domain_password_server: unable to setup the PDC credentials to machine W2K. Error was : NT_STATUS_OK. [2003/01/05 16:49:38, 0] /SourceCache/samba/samba-21/source/smbd/password.c:domain_client_validate(1558) domain_client_validate: Domain password server not available. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with rpcclient and installing PS-Driver
--bKyqfOwhbdpXa4YI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, i want to install the Adobe-PS Drivers into samba, so that the Clients can download them. I first had Samba 2.2.3 from debian woody, where the cupsaddsmb program did'nt work at all. I the upgraded to samba 2.2.7 and tried to install all the drivers by hand using rpcclient. Now I've got 2 problems: First one is that I cannot deinstall the various drivers from the servers list. When I do a 'rpcclient -U root localhost -c deldriver HPDeskjet' I get the following Output: | cmd =3D deldriver HPDeskjet | Failed to remove driver HPDeskjet for arch [Windows 4.0] - error 0xbb9! | Failed to remove driver HPDeskjet for arch [Windows NT x86] - error | 0xbb9! But the driver is in the list: | cmd =3D enumdrivers |=20 | [Windows 4.0] | Printer Driver Info 1: | Driver Name: [HPDeskjet] | Printer Driver Info 1: | Driver Name: [HPDeskJet] | Printer Driver Info 1: | Driver Name: [HPDeskJetGray] |=20 | [Windows NT x86] | Printer Driver Info 1: | Driver Name: [HPDeskjet] | Printer Driver Info 1: | Driver Name: [HPDeskJetGray] | Printer Driver Info 1: | Driver Name: [HPDeskJet] =09 The second problem is that I also cannot use the above mentioned driver to set it to a printer with 'rpcclient -U root localhost -c setdriver HPDeskjet HPDeskjet'. It stops with the following error: | cmd =3D setdriver HPDeskjet HPDeskjet | Unable to retrieve printer information! | result was NT_STATUS_UNSUCCESSFUL But a printer with exactly that name exists under cups and works fine for local printing. BTW I use cups 1.1.15 from debian. Andreas --bKyqfOwhbdpXa4YI Content-Type: application/pgp-signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE+HHbFEeTwtO5zjFYRAp/hAJ430uT6dqAUoAIREWVdbgEZ65biYACeJtp7 OmRr7T4VkLtT9GU5jybPAlo= =XSfQ -END PGP SIGNATURE- --bKyqfOwhbdpXa4YI-- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Removing Samba
Does anyone know how to remove Samba, using the RPM utility? I have tried but not sure on the correct use of RPM and of course I am not sure of the proper name for removing Samba?? -- T.L.Gervais Coldbrook, NS Canada. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind: How many users?
Hi, how many users do you have in the NT domains you use with winbind? Are there any experiences with some thousand or more users? I'm especially interested in winbind's performance. Kind regards, Heiko -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing Samba
Ted, This is an more of a RedHat/Mandrake/Whatever YourLinuxDistroNameIs question than a Samba question, but here is an answer: rpm -qa | grep samba will get you the samba related package names. rpm -e samba-related-packagename will remove those packages. If that doesn't fix your wagon (and even if it does), please include your OS Distribution, OS Version, and any other info that might help a person know your situation better before suggestion something (or ignoring your post). Good luck to you, Troy Ted Gervais [EMAIL PROTECTED] 01/08/03 01:12PM Does anyone know how to remove Samba, using the RPM utility? I have tried but not sure on the correct use of RPM and of course I am not sure of the proper name for removing Samba?? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba (2.2.7a) + openldap (2.0.x)
Buchan Milne wrote: Ignacio Coupeau wrote: Buchan Milne wrote: Hi, I was following some of the howto at http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html#patches to include the ldap referral patches in the samba packages for Mandrake, but it seems that samba does not compile with the patch (I can give you the error later, but AFAICR it was incompatible 2nd argument passed to function on line 289 of pdb_ldap.c (I think where ldap_connect_system calls auth_rebind_proc). The tls stuff in the lib/include are a bit special... I going to apply the patch to the latest samba-2.2.7a. If you plan is use starttls the standard openldap libraries (at least in RedHat) should be replaced by ones with start_tls support. Try a search with: ldapsearch -ZZ -H ldap://your_FQDN_ldap_server/ filter attr list -d 256 [bgmilne@bgmilne bgmilne]$ ldapsearch -x -ZZ -H ldap://ldap.cae.co.za; (uid=bgmilne) dn -LLL dn: uid=bgmilne,ou=People,dc=cae,dc=co,dc=za (This is on cooker, but TLS works fine on Mandrake 8.0 through 9.0. also perform a search in the /usr/include: [root@bilbo htdocs]# egrep LDAP_API_FEATURE_X_OPENLDAP|LDAP_API_VERSION|REFERRAL|TLS /usr/include/* you should obtain some like: This box runs Mandrake cooker, original problem was on my home machine running 9.0, but 9.0 ships with 2.0.25-7mdk, and my cooker box currently has 2.0.27-1mdk. look for: #define LDAP_API_VERSION 2004 #define LDAP_REFERRAL 0x0a /* LDAPv3 */ #define LDAP_CHASE_SUBORDINATE_REFERRALS 0x0020U #define LDAP_CHASE_EXTERNAL_REFERRALS0x0040U #define LDAP_EXOP_START_TLS 1.3.6.1.4.1.1466.20037 On cooker (don't currently have a 9.0 build devel box available, will check at home on 9.0) I get: /usr/include/ldap.h:#define LDAP_API_VERSION2004 /usr/include/ldap.h:#define LDAP_REFERRAL 0x0a /* LDAPv3 */ /usr/include/ldap.h:#define LDAP_CHASE_SUBORDINATE_REFERRALS0x0020U /usr/include/ldap.h:#define LDAP_CHASE_EXTERNAL_REFERRALS 0x0040U /usr/include/ldap.h:#define LDAP_EXOP_START_TLS 1.3.6.1.4.1.1466.20037 But, on cooker it seems to compile fine ... so I guess I should upgrade to 2.0.27 on my 9.0 boxen that need referrals. Seems I was wrong (left out ldap switch ...), it doesn't compile on cooker, here is the error: Compiling passdb/pdb_ldap.c passdb/pdb_ldap.c: In function `ldap_connect_system': passdb/pdb_ldap.c:289: warning: passing arg 2 of `ldap_set_rebind_proc' from incompatible pointer type passdb/pdb_ldap.c:289: too many arguments to function `ldap_set_rebind_proc' make: *** [passdb/pdb_ldap.o] Error 1 And make the patch conditional so we don't try and apply it on 8.0 through 9.0 (for which we still build updated samba RPMS for each release). Or would it be possible to have referrals work with older openldap versions? I see a comment about a ./configure test Anyone else have the referral patch working on 2.2.7a against openldap-2.0.x ? Regards, Buchan -- |--Another happy Mandrake Club member--| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with SAMBA File Sharing
Hi I have a problem with my samba box, I configure my samba box like a member server with security = domain, when I share a resource (folder) I see it like a printer instead disk..., Any idea?? Thanks My smb.conf [global] workgroup = PALACIOHIERRO netbios name = Aldo_Damian server string = SysAdmin -- Aldo Damian security = domain password server = BDCPALACIO PALACIOBK encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd username map = /usr/local/samba/lib/users.map log file = /usr/local/samba/var/log.%m log level = 2 max log size = 1024 unix password sync = no domain master = no local master = no ; Inactive Client Connections keep alive = 60 deadtime = 5 os level = 2 ; Filesystem map archive = yes map system = yes map hidden = yes ; Net options socket options = TCP_NODELAY SO_KEEPALIVE=20 interfaces = 127.0.0.1 132.147.158.90 [MyStuff] comment = MyStuff path = /home/aldo valid users = ambrizalo # allow hosts = 132.147.141.165 public = no printable = yes browseable = yes case sensitive = no follow symlinks = yes create mode = 0660 directory mode = 0770 [Home] comment = Home path = /opt/MyMusic valid users = ambrizalo public = no printable = yes browseable = yes -- Aldo Damian Ambriz Martinez Depto Sistemas Operativos El Palacio de Hierro S.A. de C.V 52295401 ext 1118 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] WinXP/WordXP Read-only problem
Do you need to chmod the files that have already been written there? The ever popular chmod 666, or 660 if group ownership is correct. ~ Daniel -Original Message- From: Ed Breuninger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 2:07 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] WinXP/WordXP Read-only problem Thanks so far, I've taken your comments and revised my smb.conf file (below), restarted the server, re-logged into my XP box, yet my read-only problem continues. Any other thoughts? Thanks, --Ed [global] netbios name = Server01 workgroup = TKG os level = 64 preferred master = yes domain master = yes local master = yes encrypt passwords = Yes security = user domain logons = Yes logon path = \\%N\homes\share\profiles\%u logon drive = U: logon home = \\%N\homes\%u logon script = logon.bat [NETLOGON] path = /usr/local/samba/lib/netlogon read only = yes write list = ntadmin [homes] comment = Home Directories browseable = no writable = yes guest ok = no read only = no [share] comment = Server Share path = /home/share public = yes read only = no create mask = 0775 force create mode = 0775 force directory mode = 0775 write list = @staff -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem with SAMBA File Sharing
set printable = no on your shares. -Original Message- From: Aldo Damian Ambriz Martinez -- Unix SysAdmin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 2:37 PM To: [EMAIL PROTECTED] Subject: [Samba] Problem with SAMBA File Sharing Hi I have a problem with my samba box, I configure my samba box like a member server with security = domain, when I share a resource (folder) I see it like a printer instead disk..., Any idea?? Thanks My smb.conf [global] workgroup = PALACIOHIERRO netbios name = Aldo_Damian server string = SysAdmin -- Aldo Damian security = domain password server = BDCPALACIO PALACIOBK encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd username map = /usr/local/samba/lib/users.map log file = /usr/local/samba/var/log.%m log level = 2 max log size = 1024 unix password sync = no domain master = no local master = no ; Inactive Client Connections keep alive = 60 deadtime = 5 os level = 2 ; Filesystem map archive = yes map system = yes map hidden = yes ; Net options socket options = TCP_NODELAY SO_KEEPALIVE=20 interfaces = 127.0.0.1 132.147.158.90 [MyStuff] comment = MyStuff path = /home/aldo valid users = ambrizalo # allow hosts = 132.147.141.165 public = no printable = yes browseable = yes case sensitive = no follow symlinks = yes create mode = 0660 directory mode = 0770 [Home] comment = Home path = /opt/MyMusic valid users = ambrizalo public = no printable = yes browseable = yes -- Aldo Damian Ambriz Martinez Depto Sistemas Operativos El Palacio de Hierro S.A. de C.V 52295401 ext 1118 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] WinXP/WordXP Read-only problem
OK, that did it for the existing files. But if I save a new file to the Samba share, or copy a file from my PC to the share, same problem. More ideas? On Wed, 8 Jan 2003 14:42:06 -0500 [EMAIL PROTECTED] wrote: Do you need to chmod the files that have already been written there? The ever popular chmod 666, or 660 if group ownership is correct. ~ Daniel -Original Message- From: Ed Breuninger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 2:07 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] WinXP/WordXP Read-only problem Thanks so far, I've taken your comments and revised my smb.conf file (below), restarted the server, re-logged into my XP box, yet my read-only problem continues. Any other thoughts? Thanks, --Ed [global] netbios name = Server01 workgroup = TKG os level = 64 preferred master = yes domain master = yes local master = yes encrypt passwords = Yes security = user domain logons = Yes logon path = \\%N\homes\share\profiles\%u logon drive = U: logon home = \\%N\homes\%u logon script = logon.bat [NETLOGON] path = /usr/local/samba/lib/netlogon read only = yes write list = ntadmin [homes] comment = Home Directories browseable = no writable = yes guest ok = no read only = no [share] comment = Server Share path = /home/share public = yes read only = no create mask = 0775 force create mode = 0775 force directory mode = 0775 write list = @staff -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: smbclient with accent
Eh ! Nobody has a solution to my problem ? Victor... Lopes Victor wrote: hi, I connect to an NT server from an AIX server which have install the samba 2.2.5 suite. For this, i use the command smbclient I connect, with no problem on this server NT. I move in the repertories with the order cd. But when, i found a directory on the NT with i can't move on it. I always have an error of directory not found. Smbclient see me the correct name of directory with his accent but impossible to move it. Does i have a character of escape which enables me to protect the accent ? cd Données not perform :-( thanks for your response ! victor... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Tuning for a large environment
Hello, I am currently using Samba 2.2.3a on a Sequent box running DYNIX/ptx v4.0. We are serving up approximatly 4.5 terrabytes of data from a Hitachi Data Systems storage array connected to our server by fiber channel. Many of our users are on Citrix which connects to our SAMBA server via a Gigabit Ethernet connection. There are still others that are connecting directly from their PCs which are connected to 10/100 ethernet which then goes to a FDDI backbone which the Samba server is on directly. In the last six months, we've a significant upgrade in which we have gone from about 20% of our users being Win2k and 80% on Win9x to 90% Win2k and 10% Win9x. In the last week we have noticed some serious performance degredations. We found ourselves in a position at one point where the box was made unusable because we reached the maximum number of UDP Protocol Control Blocks that the OS was configured to handle. We have since quadrupled the number and have not had the server itself become unusable but we are still haveing slow downs reported by users. We also turned off oplocks which seems to have helped the sitution this morning but we are back where we started this afternoon. I am looking for some tuning suggestions that might be able to help this. I am currently looking at Appendix B from using Samba for information on Performance Tuning. I understand that this book was written for the 2.0 series of Samba but I'm assuming that it is still pertenant. Are there any additional suggestions? Additionally, from looking in netstat, we have noticed that there are a large number of TCP sockets in a CLOSE_WAIT state. There are also a large number of UDP sockets open but they are only listening on the loopback interface. Is this normal? Thank you all very much for your help and I would appreciate any help or comments. Chris Donovan Lanier Worldwide # Samba config file created using SWAT # Names and IPs changed :) # Global parameters [global] workgroup = LANIER netbios name = SAMBA server string = SAMBA interfaces = 192.168.127.52/24 127.0.0.1/0 192.168.120.34/24 192.168.115.11/24 #netbios aliases = SAMBA7 bind interfaces only = No security = DOMAIN encrypt passwords = Yes password server = NT1 NT2 password level = 9 use mmap = no log file = /d/samba/logs/log.%m include = /d/samba/cfg/pernode/smb.conf.%m name resolve order = wins host bcast lmhosts # shared mem size = 4194304 socket options = TCP_NODELAY SO_SNDBUF=24576 SO_RCVBUF=24576 max xmit = 65535 oplocks = no load printers = no domain master = no local master = yes preferred master = yes os level = 10 dns proxy = No wins server = 192.168.129.38 message command = /usr/bin/mailx -s 'message from %f on %m' nt ss %s ; rm %s admin users = u1, u2, mcaffee read only = No create mask = 0770 force create mode = 070 security mask = 0707 directory mask = 02770 force directory mode = 02770 directory security mask = 0707 #hosts allow = ALL map hidden = Yes map archive = No postexec = /bin/true root preexec = /bin/true root postexec = /bin/true dos filetimes = Yes follow symlinks = Yes wide links = Yes exec = touch %H/.lastlogin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] WinXP/WordXP Read-only problem
To the samba share with force create mode = 0775 force directory mode = 0775 Or a different one? ~ Daniel -Original Message- From: Ed Breuninger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 3:01 PM To: Jarboe, Daniel - Data Center Operations [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: [Samba] WinXP/WordXP Read-only problem OK, that did it for the existing files. But if I save a new file to the Samba share, or copy a file from my PC to the share, same problem. More ideas? On Wed, 8 Jan 2003 14:42:06 -0500 [EMAIL PROTECTED] wrote: Do you need to chmod the files that have already been written there? The ever popular chmod 666, or 660 if group ownership is correct. ~ Daniel -Original Message- From: Ed Breuninger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 2:07 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] WinXP/WordXP Read-only problem Thanks so far, I've taken your comments and revised my smb.conf file (below), restarted the server, re-logged into my XP box, yet my read-only problem continues. Any other thoughts? Thanks, --Ed [global] netbios name = Server01 workgroup = TKG os level = 64 preferred master = yes domain master = yes local master = yes encrypt passwords = Yes security = user domain logons = Yes logon path = \\%N\homes\share\profiles\%u logon drive = U: logon home = \\%N\homes\%u logon script = logon.bat [NETLOGON] path = /usr/local/samba/lib/netlogon read only = yes write list = ntadmin [homes] comment = Home Directories browseable = no writable = yes guest ok = no read only = no [share] comment = Server Share path = /home/share public = yes read only = no create mask = 0775 force create mode = 0775 force directory mode = 0775 write list = @staff --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Autocad file corruption...
I am having problems with autocad file corruption. My users are draftsman and access project files via samba over the network. This problem occurs after a file has been worked on and someone attempts open a file that they were working on. There is no indication of a problem while the file is open and being worked on. But when they try to re-open it, autocad thinks the file is corrupt and it cannot be salvaged. Our autocad dealer has suggested that it could be a problem with the NIC but I have run diagnostics on server and client NIC's and found no problem. -- Bob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Version 2.2.7 on a True64 UNIX Cluster V5.1
Hello, I've put Samba to work on a True64 UNIX version 5.1 in cluster. When doing, ping server , from windows machines the response is not the IP of the cluster but the IP of the machines. The cluster is only 2 machines and they are connected via shared memory. Does anybody has some ideas to bind the Samba server to respond to the IP of the cluster ? Thanks and have a happy new year.
RE: [Samba] WinXP/WordXP Read-only problem
You the Man! That did it all, Daniel. Thanks so much for your excellent and timely help! --Ed If you needed world writable in your directories, you will need it in your create mask and force create mode too. So, for wide-open permissions, instead of 0775, use 0777 ~ Daniel -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba domain member can't validate users against 3.0 DC
Hello, I've a samba 3.0 (today's cvs) server running as a PDC. The Win2K/NT Clients can login without any visible problems, but samba 2.2.7a domain member can't validate users in security=domain mode. I've followed the howto in the docs and joyning the domain with 'smbpasswd -j BRGS -r ALDEBARAN -Uroot%pw' works just fine, the samba 3.0 DC even creates the machine$ account in LDAP. To be sure I've also set up a samba 2.2.7a PDC (in another WG) with the same LDAP backend: It works! It seems that a domain member can authenticate users against a samba 2.2 DC but not against a 3.0 one. This is the log from the domain member (I can post a debug log if needed): [2003/01/08 20:01:51, 0] smbd/server.c:main(707) smbd version 2.2.7a started. Copyright Andrew Tridgell and the Samba Team 1992-2002 [2003/01/08 20:02:08, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157) cli_net_auth2: Error NT_STATUS_ACCESS_DENIED [2003/01/08 20:02:08, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72) cli_nt_setup_creds: auth2 challenge failed [2003/01/08 20:02:08, 0] smbd/password.c:connect_to_domain_password_server(1367) connect_to_domain_password_server: unable to setup the PDC credentials to machine ALDEBARAN. Error was : NT_STATUS_OK. [2003/01/08 20:02:08, 0] smbd/password.c:domain_client_validate(1599) domain_client_validate: Domain password server not available. With log level 2 the PDC doesn't show any unusual messages. Again, I'll post a much bigger debug log if it can help. smb.conf of member server: [global] security = domain password server = 172.16.0.1 workgroup = BRGS server string = Gateway (samba %v) wins server = wins1 log level = 2 encrypt passwords = yes os level = 2 smb.conf of PDC: [global] workgroup = BRGS netbios name = ALDEBARAN server string = PDC (samba %v) encrypt passwords = Yes security = user log level = 5 log file = /var/log/samba/log.%m max log size = 5 unix charset = CP850 logon path = \\einstein\profiles\%U logon script = sonstige.bat logon drive = h: logon home = \\sirius\%U domain logons = Yes os level = 32 preferred master = yes domain master = yes local master = yes wins support = yes #wins partners = wins2.brgs.org passdb backend = ldapsam_nua:ldap://ldap1.brgs.org ldap ssl = no ldap admin dn = cn=root,dc=brgs,dc=org ldap suffix = dc=brgs,dc=org ldap user suffix = ou=People ldap machine suffix = ou=Machines non unix account range = 8000-8999 ldap trust ids = yes ldap passwd sync = yes unix password sync = yes passwd chat = *enter*password* %n\n %n*ok* passwd program = /usr/local/bin/cracklib_check %u ciao Dariush -- PGP Fingerprint: 0x886C99A1 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing Samba
Ted, No problem, but you still didn't include the info I asked for. :-| What are you installing Samba on? Red Hat Linux? What version? 5.1? On what hardware? A 486? Where did you get the original RPMs for the Samba verson that is installed now? Did they come on the same CD as the distribution? Do you know what the filenames are? What is the output of the 'rpm -qa | grep samba' command that I sent previously (it doesn't change anything just provides information). Where did you get the RPMs for the version of Samba you want to install now (the one you tried to update to)? Did they come from the same vendor, or the Samba web site? What is the name of the file (or files)? I could try to guess at the details, but I could waste a lot of time doing that. Please fill in the blanks so I don't have to try, and keep the conversation on the list so others can possibly benefit from whatever answers are given (and perhaps correct mine if I am wrong). Good luck, Troy Ted Gervais [EMAIL PROTECTED] 01/08/03 01:54PM On Wednesday 08 January 2003 03:27 pm, Troy.A Johnson wrote: Thanks Troy for your quick response. I should have said a bit more than what I did. I think I have messed up my Samba installation such that I think it best to just start over. An Update using the latest release of Samba and using RPM files won't work. And rather than do everything by hand I thought if I could just use RPM to remove what I have, I could than load up a new version of Samba without any difficulties. At least that is what I was thinking. Thanks.. Ted, This is an more of a RedHat/Mandrake/Whatever YourLinuxDistroNameIs question than a Samba question, but here is an answer: rpm -qa | grep samba will get you the samba related package names. rpm -e samba-related-packagename will remove those packages. If that doesn't fix your wagon (and even if it does), please include your OS Distribution, OS Version, and any other info that might help a person know your situation better before suggestion something (or ignoring your post). Good luck to you, Troy Ted Gervais [EMAIL PROTECTED] 01/08/03 01:12PM Does anyone know how to remove Samba, using the RPM utility? I have tried but not sure on the correct use of RPM and of course I am not sure of the proper name for removing Samba?? -- T.L.Gervais Coldbrook, NS Canada. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] nautilus problem and smbclient question
Hi, I'm having a problem getting smb to work through Nautilus and in trying to diagnose the problem, I ended up with another problem with smbclient(1), or more likely a misunderstanding on my part about how it is supposed to work. I'm using the following packages on an up2date RH8.0 box. # rpm -qa | grep samba samba-common-2.2.7-2 samba-2.2.7-2 samba-client-2.2.7-2 # rpm -qa | grep nautilus nautilus-2.0.6-6 When I type smb:/// into the location field in nautilus, I see 2 icons; one is called Network Neighborhood and the other is the name of my workgroup. Next I double click on the workgroup icon and I can see all the computers in the workgroup. The nautilus location field now says smb://my workgroup name Now I double click on a computer that has I share that I want to browse. I can see the directories on that computer and one is the share that I am interested in. There is also an icon called Shares on computer but this has a no read and no write emblem. The nautilus location field now says smb://computer. Here's where my problem occurs. When I double click on the directory called Shared that I want to browse, a login dialog pops up. I enter my Windows user name and password but then I get a message that says You do not have the permissions necessary to view the contents of Shared I know that I do have permission to view the contents of Shared so to check it I entered this from the command line: # smbclient //computer/Shared -U steveb%password ... [Domain=my domain] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] smb: \ ls ... a directory listing. So my first question is: Can anyone tell me how to debug my nautilus problem? I noticed in the smbclient man page that if you do not use the -U switch, it looks at the environment variables $USER and then $LOGNAME both of which are set to steve in my case. My windows username is different to my Linux username and so I included the following line in the global section of my smb.conf file: username map = /etc/samba/smbusers and this file includes the line steve = steveb but when I try this line, it fails # smbclient //computer/Shared ... session setup failed: NT_STATUS_LOGON_FAILURE By using Ethereal I found that the mapping of steve to steveb is not happening. My second question is how do I get smbclient to use the /etc/samba/smbusers file? If you've read this far, I'm already impressed and if you can help I will be even more impressed. Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Autocad file corruption...
Lawrence, Dave, I am using Samba version 2.2.5 on debian stable (but not debian package, we just build it). Autocad version is 2002. Our office has about 15 draftsman and designers who are heavy autocad users. Several have been reporting the problem so it does tend to point to the network unless it's something in the Samba config. I have not looked at the switches, just the NIC in the file server. It's a 3com vortex. I have used mii-diag to check this card. From what I can tell, the -w switch will look for inconsistancies in the card and this seems to indicate all is well. I guess I should start thinking about the switches. On Wed, 2003-01-08 at 15:22, Lawrence Walton wrote: I am having problems with autocad file corruption. My users are draftsman and access project files via samba over the network. This problem occurs after a file has been worked on and someone attempts open a file that they were working on. There is no indication of a problem while the file is open and being worked on. But when they try to re-open it, autocad thinks the file is corrupt and it cannot be salvaged. It might help if you told us _what_ version of Autocad. And what version of SAMBA. Right now I have whole offices using cadd without corruption. I have one office that has some file locking problems, thats with 2000i with the civil plugins. It was easily resolved by, (this is just with the civil plugin btw.) level2 oplocks = no Make sure that CAD is configured for a multi-user environment. Use the most current version of samba to, I do. -- Bob Wooldridge EDM Incorporated http://www.edm-inc.com 314 231-5485 ext 111 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Autocad file corruption...
-Original Message- From: Robert A Wooldridge [mailto:[EMAIL PROTECTED]] I am using Samba version 2.2.5 on debian stable (but not debian package, we just build it). Autocad version is 2002. Our office has about 15 draftsman and designers who are heavy autocad users. Several have been reporting the problem so it does tend to point to the network unless it's something in the Samba config. I have not looked at the switches, just the NIC in the file server. It's a 3com vortex. I have used mii-diag to check this card. From what I can tell, the -w switch will look for inconsistancies in the card and this seems to indicate all is well. I guess I should start thinking about the switches. Mostly, make sure the NIC and the switch agree about whether the connection is full or half duplex. If this is wrong you'll probably have noticed bad file transfer performance (but only in one direction), as well, though. Another dead giveaway is when the NIC reports a lot of late collisions, but the switch doesn't, or vice versa. (Unless you have managed switches you may not have any way of knowing how many collisions the switch is seeing, though.) Turning off oplocks will probably help. Oplocks are unforgiving of network problems. The performance hit probably won't be terrible if you have to run with oplocks disabled. My suspicions point towards a network problem or misconfiguration because we've used Samba 2.2.1 through 2.2.7a with AutoCAD versions 2000i through 2002 without any corruption, except for that one user who had a bad network connection. We only have about five CAD users but they hit the file server pretty heavily, because many of our drawings reference several dozen xrefs each. These kinds of problems can be really difficult to nail down. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba help
No gaurenty that this will help but the first thing I would check is to ensure consistant userids and groups. Also make sure any math you are doing in scripts you might be using is good. [EMAIL PROTECTED] wrote: To whom it may concern I am a tech student who is using samba on one computer and windows 200 pro on another, (with cross over cables) I am configuring the smbd and nmbd, I have created my users, printers, and I have also created and made it possible for them to have a folder with the users name on it that they can access. My problem lies where every time a new user logs on with his name and password the folder from the previous user carries over to the new users account, how do I correct this problem? Desperately wanting to know and learn Computer Tech student Marilyn Flores -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
I just ran across this myself. I guess I dont understand why there needs to be machine names in /etc/passwd if you are storing everything in LDAP. Am I missing a configuration option here? Can one of you samba geniuses point me in the right direction please? Thank you! I have exactly the same bug. Your original email was dated 24 May 2002 so I can safely assume that either you solved the problem or have since been institutionalized. ;-) Anyway, I sure could use your help. Jim C. Dear samba guru, I have a little bug i can't solve. It is pretty misterious to me, must be a problem how samba execute the add user script. Now here is the situation. I've compiled samba 2.2.4 with ldap 2.0.23 to run as PDC with win2k workstations. Everything works as expected except the add user script to add workstation automaticly to the domain. add user script = /usr/local/sbin/smbldap-useradd.pl -w %u This script is working fine when i run it in command line. But when it's executed by samba when trying to join the domain, it fails in a weird way. Here is the log : [2002/05/16 14:34:34, 0] passdb/pdb_ldap.c:pdb_getsampwnam(777) LDAP search ((uid=yannick-2k_)(objectclass=sambaAccount)) returned 0 entries. [2002/05/16 14:34:34, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) get_md4pw: Workstation yannick-2k$: no account in domain [2002/05/16 14:45:48, 0] passdb/pdb_ldap.c:pdb_getsampwnam(777) LDAP search ((uid=yannick-2k_)(objectclass=sambaAccount)) returned 0 entries. [2002/05/16 14:45:49, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929) User yannick-2k$ does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user. I also tried the unix passwd sync parameters, and got some other problems that are unresolved since i posted them a couple days ago. (Samba+PDC+LDAP (add user script + unix passwd sync) Can't call perl script) There is just something i don't get (how samba are executing the scripts since they are working in command line!). A little hand would be appreaciated! Thanks, Yannick Tousignant == Network Administrator OKA Computer Systems ltd. -- Terry Davis http://approbation.org/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] (no subject)
I am at a loss...thank you! here is my config: http://approbation.org/smb.conf On Wed, 2003-01-08 at 19:45, Bradley W. Langhorst wrote: On Wed, 2003-01-08 at 20:40, Terry Davis wrote: I just ran across this myself. I guess I dont understand why there needs to be machine names in /etc/passwd if you are storing everything in LDAP. Am I missing a configuration option here? Can one of you samba geniuses point me in the right direction please? there don't need to be machine names (or usernames) in /etc/passwd when using ldapsam... what does your smb.conf file look like? i'm using the smbldap tools with no problems add machine script = /usr/sbin/smbldap-useradd.pl -w -n %u i'm also using an nua backend (this is from samba3) passdb backend = ldapsam_nua:ldap://localhost/ non unix account range = 1-2 brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- Terry Davis http://approbation.org/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] GS PDF creator
The %J variable contains the file name sent by the client. You might try something like: -sOutputFile=/var/tmp/%J.pdf Joel On Wed, Jan 08, 2003 at 05:23:42PM -0800, Gabe Austin wrote: This is a snip of my smb.conf file. This share will create a pdf file and deposit the output in a samba share for retrieval. It works. On the client side you add a printer pointing to the smbpdf share and give it a PS printer driver. When you print to this printer(smbpdf) it creates the pdf file. I'd like to change one thing and this thing is golden. When printing a file called file.txt the conversion takes place and when you go to /var/tmp the file is named something like smbprn.07.xavd1g.pdf. I'd like the output file to be the same as the input file is this possible? i.e. file.txt into file.pdf Thanks for your help. Gabe [smbpdf] comment = PDF Generator path = /var/spool/samba printable = yes print command = gs -dNOPAUSE -dbatch -q -sDEVICE=pdfwrite -sOutputFile=/var/tmp/%s.pdf %s 1/dev/null 21; rm -f %s -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Inheriting Group Ownership on File Move
Hi, Is it possible with samba to enforce the inheritance of group ownership on a per-directory basis, for files moved without copying? My situation is as follows: directory 'a' has permissions: 2770 (drwxrws---) and has owner = 'root' group = 'a' directory 'b' has permissions: 2770 (drwxrws---) and has owner = 'root' group = 'b' As per setgid behaviour, any file created in either of those directories will have the group id (except for superuser etc) inherited from the group of the directory. this works great for most things except in one circumstance: When a windows user cuts and pastes a file (for example) from directory 'a' to directory 'b' then the group ownership is not changed. The file is moved without re-creation, so the ownership is not changed. In an Unix environment this is perfectly fine and the behaviour you expect... but from the windows user's perspective it may not be correct. If they were to copy, paste and then delete the original - then the group is set. SO, Is there any way within samba to alter the behaviour of file operations that result in a move, so that the group id of the file is inherited from the destination directory, when the destination directory has the SetGID bit enabled? I know that you can set this on a per-share basis, but this is not always convenient, and forcing all users to copy/paste/delete instead of cut/paste (or move) is a difficult policy to maintain :/ Any information would be greatly appreciated. Nathan. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] (no subject)
On Wed, 2003-01-08 at 20:40, Terry Davis wrote: I just ran across this myself. I guess I dont understand why there needs to be machine names in /etc/passwd if you are storing everything in LDAP. Am I missing a configuration option here? Can one of you samba geniuses point me in the right direction please? there don't need to be machine names (or usernames) in /etc/passwd when using ldapsam... what does your smb.conf file look like? i'm using the smbldap tools with no problems add machine script = /usr/sbin/smbldap-useradd.pl -w -n %u i'm also using an nua backend (this is from samba3) passdb backend = ldapsam_nua:ldap://localhost/ non unix account range = 1-2 brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] how to use mcf5272 to visit a windows
hello: Now i am using uclinux on mcf5272 which is a embeded cpu . Now my mcf5272 can visit a linux pc by ethernet port. Can you tell me how to use mcf5272 to visit a windows pc by mcf5272's ethernet port. And mcf5272 can read and write datas of the windows pc. I have heard something like smbmount maybe useful. And i have downloaded your samba-latest.tar.gz,which is 2.2.7a - 10th December 2002. Can you tell me what shoul i do to run samba on uclinux system? thank you!!! - »¶Ó·ÃÎÊ¡¡http://www.2911.net ÔÉÏÍøºÅÂë2911ÒѸÄΪ96692£¬×ʷѲ»±ä Ç벦96692ÉÏÍø£¬ Óû§Ãû£º2911 ÃÜ Â룺2911 µç»°ºÅÂ룺96692 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Removing requirement for local machine accounts
Couple of things. 1. Isn't it true that if you kept your Linux and Samba user accounts in an LDAP database that this issue would disappear? You could use both the posixAccount and sambaAccount object classes and the system would check for a user and viola! There is one already there and it is literally the same one! This is something I am currently implementing however I am having some trouble getting the database structure right. Herb Lewis wrote: Bradley W. Langhorst wrote: It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). the aliasing idea can't work because each machine must have its own password(it's updated automatically every x days) This is not strictly true. The machine passwords are kept in the file smbpasswd not in /etc/passwd. You could hack smbpasswd to always create machine accounts with a fixed UID. Then you only need one account in /etc/passwd with this UID instead of one account for each machine. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba (2.2.7a) + openldap (2.0.x)
Seems I was wrong (left out ldap switch ...), it doesn't compile on
cooker, here is the error:
Compiling passdb/pdb_ldap.c
passdb/pdb_ldap.c: In function `ldap_connect_system':
passdb/pdb_ldap.c:289: warning: passing arg 2 of `ldap_set_rebind_proc'
from incompatible pointer type
passdb/pdb_ldap.c:289: too many arguments to function
`ldap_set_rebind_proc'
make: *** [passdb/pdb_ldap.o] Error 1
What the real problem, is that the ldap_set_rebind_proc now takes 2 par
instead of 3. On line 289 ( I think remove the ,NULL from the call
and recompile. It should then recompile fine.
I am testing this at the moment. I now wish I could figure out the
autoconf stuff so that it could be tested for.
I hope this helps. Please let me know if it works for you.
Mailed
Lee
--- samba-2.2.7/source/passdb/pdb_ldap.c.ldap 2002-12-10 16:58:15.0 +0200
+++ samba-2.2.7/source/passdb/pdb_ldap.c2003-01-08 18:38:19.0 +0200
@@ -65,6 +65,7 @@
static struct ldap_enum_info global_ldap_ent;
+static pstring ldap_secret;
extern pstring samlogon_user;
extern BOOL sam_logon_in_ssb;
@@ -218,13 +219,60 @@
}
/***
+ ldap rebind proc to rebind w/ the admin dn when following referrals
+***/
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) (LDAP_API_VERSION 2000)
+/** @TODO Add a configure check for the rebind_proc version that doesn't take
+the last argument and include a #define here. */
+static int auth_rebind_proc( LDAP *ld,
+ LDAP_CONST char *url,
+ ber_tag_t request,
+ ber_int_t msgid,
+ void *arg)
+{
+int rc;
+if ( ( rc = ldap_simple_bind_s( ld, lp_ldap_admin_dn(), ldap_secret ) ) ==
+LDAP_SUCCESS )
+{
+DEBUG( 2, ( Rebind successful\n ) );
+}
+else {
+DEBUG( 0, ( Rebind failed: %s\n, ldap_err2string( rc ) ) );
+}
+return rc;
+}
+#else
+static int auth_rebind_proc ( LDAP * ld,
+ char **whop,
+ char **credp,
+ int *methodp,
+ int freeit,
+ void *arg )
+{
+/** @TODO Use the samba utility functions here. */
+register char *to_clear = *credp;
+if ( freeit ) {
+free( *whop );
+*whop = NULL;
+while ( *to_clear != '\0' ) *to_clear++ = '\0';
+free( *credp );
+*credp = NULL;
+}
+else {
+*whop = strdup( lp_ldap_admin_dn() );
+*credp = strdup( ldap_secret );
+*methodp = LDAP_AUTH_SIMPLE;
+}
+return LDAP_SUCCESS;
+}
+#endif
+
+/***
connect to the ldap server under system privilege.
**/
static BOOL ldap_connect_system(LDAP * ldap_struct)
{
int rc;
static BOOL got_pw = False;
- static pstring ldap_secret;
/* get the password if we don't have it already */
if (!got_pw !(got_pw=fetch_ldap_pw(lp_ldap_admin_dn(), ldap_secret,
sizeof(pstring
@@ -237,6 +285,12 @@
/* removed the sasl_bind_s EXTERNAL stuff, as my testsuite
(OpenLDAP) doesnt' seem to support it */
+DEBUG( 10, ( ldap_connect_system: setting rebind proc\n ) );
+if ( ( rc = ldap_set_rebind_proc( ldap_struct, auth_rebind_proc ) ) !=
+LDAP_SUCCESS )
+{
+DEBUG( 2, (warning: setting rebind proc failed: %s\n referrals may not
+work\n, ldap_err2string( rc ) ) );
+}
+
DEBUG(10,(ldap_connect_system: Binding to ldap server as \%s\\n,
lp_ldap_admin_dn()));
[Samba] Re: (no subject)
There don't. I have no problem joining the domain if I add the machine by hand to the ldap database. I just can't get it to add itself automagically like it is supposed to. I think this may be due to some issues with the scripts. I've just gotten a new one to try though. Terry Davis wrote: I just ran across this myself. I guess I dont understand why there needs to be machine names in /etc/passwd if you are storing everything in LDAP. Am I missing a configuration option here? Can one of you samba geniuses point me in the right direction please? Thank you! I have exactly the same bug. Your original email was dated 24 May 2002 so I can safely assume that either you solved the problem or have since been institutionalized. ;-) Anyway, I sure could use your help. Jim C. Dear samba guru, I have a little bug i can't solve. It is pretty misterious to me, must be a problem how samba execute the add user script. Now here is the situation. I've compiled samba 2.2.4 with ldap 2.0.23 to run as PDC with win2k workstations. Everything works as expected except the add user script to add workstation automaticly to the domain. add user script = /usr/local/sbin/smbldap-useradd.pl -w %u This script is working fine when i run it in command line. But when it's executed by samba when trying to join the domain, it fails in a weird way. Here is the log : [2002/05/16 14:34:34, 0] passdb/pdb_ldap.c:pdb_getsampwnam(777) LDAP search ((uid=yannick-2k_)(objectclass=sambaAccount)) returned 0 entries. [2002/05/16 14:34:34, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) get_md4pw: Workstation yannick-2k$: no account in domain [2002/05/16 14:45:48, 0] passdb/pdb_ldap.c:pdb_getsampwnam(777) LDAP search ((uid=yannick-2k_)(objectclass=sambaAccount)) returned 0 entries. [2002/05/16 14:45:49, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929) User yannick-2k$ does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user. I also tried the unix passwd sync parameters, and got some other problems that are unresolved since i posted them a couple days ago. (Samba+PDC+LDAP (add user script + unix passwd sync) Can't call perl script) There is just something i don't get (how samba are executing the scripts since they are working in command line!). A little hand would be appreaciated! Thanks, Yannick Tousignant == Network Administrator OKA Computer Systems ltd. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Samba help
To whom it may concern I am a tech student who is using samba on one computer and windows 200 pro on another, (with cross over cables) I am configuring the smbd and nmbd, I have created my users, printers, and I have also created and made it possible for them to have a folder with the users name on it that they can access. My problem lies where every time a new user logs on with his name and password the folder from the previous user carries over to the new users account, how do I correct this problem? Desperately wanting to know and learn Computer Tech student Marilyn Flores
Re: Samba help
On Wed, Jan 08, 2003 at 04:00:30AM -0500, [EMAIL PROTECTED] wrote: I have created my users, printers, and I have also created and made it possible for them to have a folder with the users name on it that they can access. My problem lies where every time a new user logs on with his name and password the folder from the previous user carries over to the new users account, how do I correct this problem? Desperately wanting to know and learn No, you probably don't want to know this one ;-)) It's an NT/2000 bug. You can't do anything about it. NT is essentially a single user OS... Volker msg05259/pgp0.pgp Description: PGP signature
RE: permission upgrade during O_TRUNC
Yeah I thought about implementing it the way it's in CVS now but didn't dare touch your code :P, although I just found another instance of attributes changing the whole story goes for READONLY as well ... hmm let me make a table - H - H - S - S - R - R - RH - RH - SH - SH H * - H S * - S R * - R So it seems you can only upgrade the attributes if NONE of the original attributes were set, and if so, you take all of the new attributes. Currently the code always takes the new attributes if you're upgrading system or hidden so you'd get S H - H H S - S and worse: S HR - HR H SR - SR It probably doesn't make much of a difference but hey, you never know :) Makes the code easier too 'cause you get if(old_dos_mode == 0 new_dos_mode != 0) *returned_mode = new_dos_mode Which is even easier (yay!). Sorry for the part misinformation in previous posts :) grtz, Steve -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens [EMAIL PROTECTED] Verzonden: Wednesday, January 08, 2003 3:10 AM Aan: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Onderwerp: Re: permission upgrade during O_TRUNC On Tue, Jan 07, 2003 at 10:53:41AM +0100, [EMAIL PROTECTED] wrote: Hey there, I posted a quick fix for a problem I found with all samba's up to 2.2.7a on the general samba list, which describes the following problem: In Windows, if you create a file with NORMAL attributes and ALWAYS_CREATE, close the file and then re-create it with, say, HIDDEN and ALWAYS_CREATE, the file *should* be upgraded to HIDDEN. The other way around, ie. starting with HIDDEN and re-creating with NORMAL should keep the file as HIDDEN. Currently, samba always keep the original attributes. This causes windows to incorrectly store hidden and system files from in a roaming profile which gets you that stupid popping-up Desktop.ini in new profiles after the second login (because the files are not hidden on the profile directory). Why windows opens the files as non-hidden first is unknown to me :) Anyways, here is a patch that fixes it. I have tried my best to make it as clean as possible but as I know little of samba internals it may be wrong ... This works for me, and stops Desktop.ini appearing all over the place. I haven't found any problems with it yet. Thanks for this - I didn't apply exactly this patch but it inspired me to write something I believe is correct. I applied it to HEAD and 3.0, and will back-port to 2.2.x. Thanks once again ! Jeremy. PS. Andrew Bartlett - we now pass the torture test OPEN #9 when map hidden and map system are set :-).
RE: permission upgrade during O_TRUNC
not entirely true again
the error in the current code is
S - SR = SR
H - HR = HR
which should be
S - SR = S
H - HR = H
that's all. Still simplifies the code.
Index: open.c
===
RCS file: /cvsroot/samba/source/smbd/open.c,v
retrieving revision 1.128
diff -u -r1.128 open.c
--- open.c 8 Jan 2003 02:09:14 - 1.128
+++ open.c 8 Jan 2003 09:51:50 -
@@ -717,20 +717,19 @@
* the file attributes need to be changed.
*/
- *returned_mode = (mode_t)0;
+ if(old_dos_mode == (mode_t)0 new_dos_mode != (mode_t)0)
+ *returned_mode = new_dos_mode;
+ else
+ *returned_mode = (mode_t)0;
/* If we're mapping SYSTEM and HIDDEN ensure they match. */
if (lp_map_system(SNUM(conn))) {
if ((old_dos_mode FILE_ATTRIBUTE_SYSTEM) !(new_dos_mode
FILE_ATTRIBUTE_SYSTEM))
return False;
- if (!(old_dos_mode FILE_ATTRIBUTE_SYSTEM) (new_dos_mode
FILE_ATTRIBUTE_SYSTEM))
- *returned_mode = new_mode;
}
if (lp_map_hidden(SNUM(conn))) {
if ((old_dos_mode FILE_ATTRIBUTE_HIDDEN) !(new_dos_mode
FILE_ATTRIBUTE_HIDDEN))
return False;
- if (!(old_dos_mode FILE_ATTRIBUTE_HIDDEN) (new_dos_mode
FILE_ATTRIBUTE_HIDDEN))
- *returned_mode = new_mode;
}
return True;
}
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Namens Steve Hardy
Verzonden: Wednesday, January 08, 2003 10:42 AM
Aan: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Onderwerp: RE: permission upgrade during O_TRUNC
Yeah I thought about implementing it the way it's in CVS now
but didn't dare
touch your code :P, although I just found another instance of
attributes
changing the whole story goes for READONLY as well ...
hmm let me make a table
- H - H
- S - S
- R - R
- RH - RH
- SH - SH
H * - H
S * - S
R * - R
So it seems you can only upgrade the attributes if NONE of
the original
attributes were set, and if so, you take all of the new attributes.
Currently the code always takes the new attributes if you're upgrading
system or hidden so you'd get
S H - H
H S - S
and worse:
S HR - HR
H SR - SR
It probably doesn't make much of a difference but hey, you
never know :)
Makes the code easier too 'cause you get
if(old_dos_mode == 0 new_dos_mode != 0)
*returned_mode = new_dos_mode
Which is even easier (yay!). Sorry for the part
misinformation in previous
posts :)
grtz,
Steve
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Namens
[EMAIL PROTECTED]
Verzonden: Wednesday, January 08, 2003 3:10 AM
Aan: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Onderwerp: Re: permission upgrade during O_TRUNC
On Tue, Jan 07, 2003 at 10:53:41AM +0100,
[EMAIL PROTECTED] wrote:
Hey there, I posted a quick fix for a problem I found with
all samba's up
to 2.2.7a on the general samba list, which describes the following
problem:
In Windows, if you create a file with NORMAL attributes and
ALWAYS_CREATE,
close the file and then re-create it with, say, HIDDEN and
ALWAYS_CREATE,
the file *should* be upgraded to HIDDEN. The other way around, ie.
starting with HIDDEN and re-creating with NORMAL should
keep the file as
HIDDEN. Currently, samba always keep the original
attributes. This causes
windows to incorrectly store hidden and system files from
in a roaming
profile which gets you that stupid popping-up Desktop.ini
in new profiles
after the second login (because the files are not hidden on
the profile
directory). Why windows opens the files as non-hidden first
is unknown to
me :) Anyways, here is a patch that fixes it. I have tried
my best to make
it as clean as possible but as I know little of samba
internals it may be
wrong ...
This works for me, and stops Desktop.ini appearing all over
the place. I
haven't found any problems with it yet.
Thanks for this - I didn't apply exactly this patch but it
inspired me
to write something I believe is correct. I applied it to
HEAD and 3.0,
and will back-port to 2.2.x.
Thanks once again !
Jeremy.
PS. Andrew Bartlett - we now pass the torture test OPEN #9 when map
hidden and map system are set :-).
SambaXP 2003
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, all! we would like to invite you to the 2nd samba eXPerience! Again one and a half day of talks, breaks and party will tell you almost everything about SAMBA in development and usage. We would appreciate to see you again in Göttingen! samba eXPerience 2003 * At April 14th and 15th 2003 developers and users will meet again in Göttingen, Germany at the second international SAMBA conference, the samba eXPerience 2003. The first conference in April 2002 has been a very successfull event with more than 160 participants from all over the world. To repeat this item in 2003 was an obligation for the organizers. The meeting will again take place in the awarded best german conference hotel Freizeit In. (And do not miss the party at monday night!) The call for papers is open until February 14th 2003. Please find all neccessary information at the conference homepage: http://sambaXP.org. CU in April! Volker -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Key-ID D32186CF, Fingerprint available: phone +49 551 370 iD8DBQE+G/rxOmSXH9Mhhs8RAtOWAKCWJNBz64vp2RBN3W3ziwz1afNfEgCff5kH o3HVGxMOhrQYOiOFVblq9BM= =nVOV -END PGP SIGNATURE-
A humble request for help
Hi Everyone, I'm currently working on a thesis investigating how Open Source is affected by the influence of money and the interests of commercial companies. As the SAMBA Server efforts is the foundation of many companies it is interesting to study how their entrance to the scene have affected the community. The thesis as well as research papers surrounding it will be released under the GNU Free Documentation License and as soon as the first drafts are available they will be published so that the community may comment upon it. In order to improve the research, it would be great if you guys could spend a few minutes on this one. I have included below a list of the most active persons on this mailinglist during the year 2002. I have tried to establish their employer as far as e-mail adresses and google could help me out, but there are lots of unknowns, and probably some errors too. So please, send me patches. Also, if you belive that there are others who should be on this list, or someone who shouldn't please let me know. I'm missing Andrew Tridgell from this list, anybody who can tell me why? If there are someone out there who would be willing to answer some more detailed questions, such as how long they've been doing Open Source development as a source of income and how they think it have affected them and their efforts, please drop me a line. I'd be forever grateful. I am also very interested in interviewing developers who are major contributors on their free-time. Andrew Bartlett,Unknown / Self-financed Gerald Carter,VA Linux Richard Sharpe,Pansas Jeremy Allison,VA Linux Simo Sorce,Xsec Stefan Metzmacher,Unknown / Self-financed Tim Potter,VA Linux Christopher R. Hertel,Unknown / Self-financed Jelmer Vernooij,Unknown / Self-financed Steve Langasek,Unknown / Self-financed Andrew Esh,TriCord ? David Collier-Brown,SUN Microsystems Volker Lendecke,Service Network GmbH Rafal Szczesniak,Unknown / Self-financed Jim McDonough,IBM Alexander Bokovoy,Sam-Solutions Luke Kenneth Casson Leighton,Unknown / Self-financed Bradley W. Langhorst,Unknown / Self-financed Don McCall,HP Ulf Bertilsson,Unknown / Self-financed Urban Widmark,Enlight Mike Gerdts,Alcatel Luke Howard,PADL Software Pty Ltd David Lee,University of Durham Juergen Hasch,Unknown / Self-financed Steven French,IBM Andreas Moroder,Unknown / Self-financed Best Regards, Stefan Görling
Re: Update on Samba fcntl problem with Solaris?
I have been trying to get the bug fix from Sun, and based on the trusses I have sent, they believe that the problem I'm having is not the same as that reported in the bug 4700402. They are working on those trusses now. From my experience with this problem and the way I've seen others describe it on the list, I believe I have the same cpu hog/locking problem mentioned in the bug. This has continued through 2.2.7a. A kernel update was released, but did not yet include the fix for 4700402. Jeff
More Kerberos-related questions
Hi, My ultimate goal is to get access to a DFS (an IBM DCE application) filesystem on a Linux machine. I am dreaming of the following solution : (1) Samba server which understands Kerberos credentials and which serves up the DFS filesystem as a share(2) a Linux mount of the smbfs share and with the Linux server set up to understand Kerberos credentials. The question here would be if the smbfs client side would understand the kerberos credentials of the user? Any thoughts on whether this setup would work / not work? Thanks, Kenneth
Re: Samba 2.2.7a and LDAP Rebind for Slave enviroment ...
Standard Samba 2.2.7 does not rebind to do updates. This is a
problem when using LDAP and a replicated directory.
I did try this on the normal mail-list, but got no responce so I hoped
to try here.
I found http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html,
which has a patch to add rebind. Which I am going to try, because I need
it and it looks right, not that I am a programmer or anything like that.
Okay, I gave up hoping that somebody would fix my problem ... so I did
the unthinkable ... I went out and tried to fix it myself. I am no
programmer, so I need a little help ...
First, I took the patch at the above address and googled the net until
I found something reguarding ldap rebind.
All that I had to do to get pdb_ldap.c to compile was to remove the ,
NULL line 289, but then I get the following warning ...
passdb/pdb_ldap.c: In function `ldap_connect_system':
passdb/pdb_ldap.c:289: warning: passing arg 2 of `ldap_set_rebind_proc'
from incompatible pointer type
Now, unlike some projects I have compile, Samba has very few warning,
now is this one a problem?
Also, I don't know who to make an autoconf ( I think ) check to put in
the thrid parameter for ldap_set_rebind_proc function.
This compiles and I will be testing in the morning on a devs box. So I
will let everybody who is interested know tomorrow ... no fingers, toes
and a few other things are all crossed.
Mailed
Lee
P.S. Great work guys.
--- samba-2.2.7/source/passdb/pdb_ldap.c.ldap 2002-12-10 16:58:15.0 +0200
+++ samba-2.2.7/source/passdb/pdb_ldap.c2003-01-08 18:38:19.0 +0200
@@ -65,6 +65,7 @@
static struct ldap_enum_info global_ldap_ent;
+static pstring ldap_secret;
extern pstring samlogon_user;
extern BOOL sam_logon_in_ssb;
@@ -218,13 +219,60 @@
}
/***
+ ldap rebind proc to rebind w/ the admin dn when following referrals
+***/
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) (LDAP_API_VERSION 2000)
+/** @TODO Add a configure check for the rebind_proc version that doesn't take
+the last argument and include a #define here. */
+static int auth_rebind_proc( LDAP *ld,
+ LDAP_CONST char *url,
+ ber_tag_t request,
+ ber_int_t msgid,
+ void *arg)
+{
+int rc;
+if ( ( rc = ldap_simple_bind_s( ld, lp_ldap_admin_dn(), ldap_secret ) ) ==
+LDAP_SUCCESS )
+{
+DEBUG( 2, ( Rebind successful\n ) );
+}
+else {
+DEBUG( 0, ( Rebind failed: %s\n, ldap_err2string( rc ) ) );
+}
+return rc;
+}
+#else
+static int auth_rebind_proc ( LDAP * ld,
+ char **whop,
+ char **credp,
+ int *methodp,
+ int freeit,
+ void *arg )
+{
+/** @TODO Use the samba utility functions here. */
+register char *to_clear = *credp;
+if ( freeit ) {
+free( *whop );
+*whop = NULL;
+while ( *to_clear != '\0' ) *to_clear++ = '\0';
+free( *credp );
+*credp = NULL;
+}
+else {
+*whop = strdup( lp_ldap_admin_dn() );
+*credp = strdup( ldap_secret );
+*methodp = LDAP_AUTH_SIMPLE;
+}
+return LDAP_SUCCESS;
+}
+#endif
+
+/***
connect to the ldap server under system privilege.
**/
static BOOL ldap_connect_system(LDAP * ldap_struct)
{
int rc;
static BOOL got_pw = False;
- static pstring ldap_secret;
/* get the password if we don't have it already */
if (!got_pw !(got_pw=fetch_ldap_pw(lp_ldap_admin_dn(), ldap_secret,
sizeof(pstring
@@ -237,6 +285,12 @@
/* removed the sasl_bind_s EXTERNAL stuff, as my testsuite
(OpenLDAP) doesnt' seem to support it */
+DEBUG( 10, ( ldap_connect_system: setting rebind proc\n ) );
+if ( ( rc = ldap_set_rebind_proc( ldap_struct, auth_rebind_proc ) ) !=
+LDAP_SUCCESS )
+{
+DEBUG( 2, (warning: setting rebind proc failed: %s\n referrals may not
+work\n, ldap_err2string( rc ) ) );
+}
+
DEBUG(10,(ldap_connect_system: Binding to ldap server as \%s\\n,
lp_ldap_admin_dn()));
Re: [Lustre-devel] Re: fixing redundant network opens on Linux filecreation
I don't see where you are coming from here. Could you be more specific on whether you think the entity declaring an intent is user-space, the VFS code in fs/*.c, the filesystem driver code in fs/*/*.c or what? As a general principle, any of those things could declare intent. In the Lustre design we're talking about, I don't believe any of them does. Hence my objection to the term intent. Based on that word, I thought at first I might just have missed something in the definition of the interface, but I don't think so anymore. I don't really see where you can change your mind in the middle of creating a file, unless there was an error somewhere along the way. I don't either. (And apparently, simple errors are no exception in the Lustre design). Hence, you have declared significantly more than an intent when you did the lookup. If you call sys_mkdir() you have declared an intent to create a directory Not as intent is usually understood. If you call sys_mkdir(), you have commanded the kernel to create the directory. That's a lot different from declaring that you intend to create the directory. I believe the lustre patch works. I also believe it uses the wrong terminology, creates an interface to filesystem drivers that is brittle and hard to understand, and doesn't solve as wide a range of problems as it could. I believe that what it calls a declaration of intent is really a declaration of what POSIX system call the caller is in the middle of performing. On the other hand, it has been pointed out that one of its goals was to minimize the changes to fs/*.c. I agree the patch is a good way to achieve that goal. If it were my decision, I would solve the Lustre problem, and the Samba problem, and some of my own as well, by putting higher level filesystem driver interfaces into Linux, such as some other kernels do. Let the filesystem driver do the whole lookup, create directory, add directory entry operation if it wants to, and in that case make just that one call to the filesystem driver and be done. Let the filesystem driver deal with the problems of failures halfway through the sequence. But suggestions I've made to give more power to filesystem drivers have in the past met resistance from those who want to keep centralized control and maintain uniformity among the various filesystem types).
Re: [Lustre-devel] Re: fixing redundant network opens on Linux file creation
Hi, I have no objections to a name change. We are not so religious about intent as a name. On Wed, Jan 08, 2003 at 10:52:51AM -0700, Bryan Henderson wrote: I don't see where you are coming from here. Could you be more specific on whether you think the entity declaring an intent is user-space, the VFS code in fs/*.c, the filesystem driver code in fs/*/*.c or what? As a general principle, any of those things could declare intent. In the Lustre design we're talking about, I don't believe any of them does. Hence my objection to the term intent. Based on that word, I thought at first I might just have missed something in the definition of the interface, but I don't think so anymore. I don't really see where you can change your mind in the middle of creating a file, unless there was an error somewhere along the way. open with O_CREATE | O_EXCL is a good example. I don't either. (And apparently, simple errors are no exception in the Lustre design). Hence, you have declared significantly more than an intent when you did the lookup. If you call sys_mkdir() you have declared an intent to create a directory Not as intent is usually understood. If you call sys_mkdir(), you have commanded the kernel to create the directory. That's a lot different from declaring that you intend to create the directory. I believe the lustre patch works. I also believe it uses the wrong terminology, creates an interface to filesystem drivers that is brittle and hard to understand, and doesn't solve as wide a range of problems as it could. I believe that what it calls a declaration of intent is really a declaration of what POSIX system call the caller is in the middle of performing. On the other hand, it has been pointed out that one of its goals was to minimize the changes to fs/*.c. I agree the patch is a good way to achieve that goal. If it were my decision, I would solve the Lustre problem, and the Samba problem, and some of my own as well, by putting higher level filesystem driver interfaces into Linux, such as some other kernels do. Let the filesystem driver do the whole lookup, create directory, add directory entry operation if it wants to, and in that case make just that one call to the filesystem driver and be done. Let the filesystem driver deal with the problems of failures halfway through the sequence. But suggestions I've made to give more power to filesystem drivers have in the past met resistance from those who want to keep centralized control and maintain uniformity among the various filesystem types). That proposal has been made by many other people, everywhere. Of course we could work with that too. Personally I rather like the Linux VFS because it does locking etc: Al Viro has made it very clear that e.g. locking for renames, which is incredibly hard, is best done once (what you call centralized) than many times by different file systems. This is the one single reason that we used the intent solution: it can make use of the VFS infrastructure better than high level calls. But again, I'm not religious about this -- I am religious about getting correctness for clustering file systems. And we have had to do some other things (like dealing with dentries in highly non-standard ways) to get correctness. And of course, we have many problems left... - Peter - --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ Lustre-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/lustre-devel - Peter -
Re: More Kerberos-related questions
My ultimate goal is to get access to a DFS (an IBM DCE application) filesystem on a Linux machine. I am dreaming of the following solution : (1) Samba server which understands Kerberos credentials and which serves up the DFS filesystem as a share(2) a Linux mount of the smbfs share and with the Linux server set up to understand Kerberos credentials. The question here would be if the smbfs client side would understand the kerberos credentials of the user? I think you could do this using delegation. -- Luke -- Luke Howard | PADL Software Pty Ltd | www.padl.com
Re: More Kerberos-related questions
On Thu, 9 Jan 2003, Luke Howard wrote: My ultimate goal is to get access to a DFS (an IBM DCE application) filesystem on a Linux machine. I am dreaming of the following solution : (1) Samba server which understands Kerberos credentials and which serves up the DFS filesystem as a share(2) a Linux mount of the smbfs share and with the Linux server set up to understand Kerberos credentials. The question here would be if the smbfs client side would understand the kerberos credentials of the user? I think you could do this using delegation. Luke, I'm afraid you'll have to explain it a bit more. Searching the web for samba or smbfs in conjunction with delegation doesnt turn up anything but false positives. I assume you mean that I somehow have to get the authentication piece on the Linux client side for smbfs delegated to something else (the Samba server side? Isnt that the way things normally happen?). Thanks, Kenneth
Re: More Kerberos-related questions
On Thu, 2003-01-09 at 08:40, Kenneth Stephen wrote: On Thu, 9 Jan 2003, Luke Howard wrote: My ultimate goal is to get access to a DFS (an IBM DCE application) filesystem on a Linux machine. I am dreaming of the following solution : (1) Samba server which understands Kerberos credentials and which serves up the DFS filesystem as a share(2) a Linux mount of the smbfs share and with the Linux server set up to understand Kerberos credentials. The question here would be if the smbfs client side would understand the kerberos credentials of the user? I think you could do this using delegation. Luke, I'm afraid you'll have to explain it a bit more. Searching the web for samba or smbfs in conjunction with delegation doesnt turn up anything but false positives. I assume you mean that I somehow have to get the authentication piece on the Linux client side for smbfs delegated to something else (the Samba server side? Isnt that the way things normally happen?). If you were to connect to Samba using the CIFS VFS client (when it gets kerberos support) or smbmount from Samba 3.0 (slightly modified), you can pass a kerberos ticket to the server. The server can be 'trusted for delegation' by the KDC, which means that it can take the ticket passed from the client, and use it in the client's place. (In this case to acquire access to DCE resources). I'm not sure why you would want to do this however, when you could just mount the DFS stuff onto Linux (I assume there is a client...). This would be more interesting with Win2k clients doing kerberos authentication and getting access to previously unix-only resources. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part
Re: More Kerberos-related questions
On Thu, Jan 09, 2003 at 09:03:03AM +1100, Andrew Bartlett wrote: I'm not sure why you would want to do this however, when you could just mount the DFS stuff onto Linux (I assume there is a client...). A quick web search shows me that there are DFS clients available for Linux; but perhaps there's a licensing issue? -- Steve Langasek postmodern programmer msg05272/pgp0.pgp Description: PGP signature
Re: More Kerberos-related questions
On Wed, 8 Jan 2003, Steve Langasek wrote: On Thu, Jan 09, 2003 at 09:03:03AM +1100, Andrew Bartlett wrote: I'm not sure why you would want to do this however, when you could just mount the DFS stuff onto Linux (I assume there is a client...). A quick web search shows me that there are DFS clients available for Linux; but perhaps there's a licensing issue? Steve, Such is the case. The only one that I would consider (if I had the budget) would be the one from Entegrity - everything else looks iffy. Unfortunately, I dont have the budget. If I bring up the issue with management they would simply tell me to get rid of Linux and run AIX[1] (which does have DFS[2]). Fortunately for me, I intend to support a development environment with this setup so a performance problem due to convoluted architecture is not an issue (i.e. use Samba to get access to DFS). Thanks, Kenneth [1] You may ask Why dont you run AIX then? The answer is : hardware. I have plenty of Intel boxes (which wont run AIX) lying around but no spare RS/6000 boxes. [2] In this case, the DFS license would technically cost me nothing since I work at IBM. Of course, IBM has dropped support for DFS, but thats another story.
Re: More Kerberos-related questions
Well, FWIW, the OSF are looking into releasing the complete DCE 1.2 sources under the LGPL. Some work would be needed to get the DFS client integrated but I believe it has already been done for Linux; google for Jim Doyle's work on Linux-DCE. Doing a CIFS to DFS gateway would be cool, though. I think you could either have SAMBA forward an addressless ticket to the DFS server or have the client acquire a ticket for DFS which is included in the CIFS AP_REQ. I must confess that although I understand the concepts I don't really understand the protocols involved in ticket forwarding and delegation. -- Luke From: Steve Langasek [EMAIL PROTECTED] Subject: Re: More Kerberos-related questions To: Andrew Bartlett [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], Luke Howard [EMAIL PROTECTED], [EMAIL PROTECTED] Date: Wed, 8 Jan 2003 16:08:06 -0600 On Thu, Jan 09, 2003 at 09:03:03AM +1100, Andrew Bartlett wrote: I'm not sure why you would want to do this however, when you could just mount the DFS stuff onto Linux (I assume there is a client...). A quick web search shows me that there are DFS clients available for Linux; but perhaps there's a licensing issue? -- Steve Langasek postmodern programmer [Attachment: a2, application/pgp-signature] -- Luke Howard | PADL Software Pty Ltd | www.padl.com
Re: [Lustre-devel] Re: fixing redundant network opens on Linux filecreation
I have no objections to a name change. We are not so religious about intent as a name. How religious are you about the idea of having to have BOTH a lookup2() that contains all the information necessary to create a directory if the name is available, AND a subsequent create directory call? Because once you remove the word intent from the description, that looks even more silly. It is the relationship between those two (sometimes 3) redundant calls that is the real substance in what otherwise appears to be just a naming issue.
Re: [Lustre-devel] Re: fixing redundant network opens on Linux file creation
Bryan, On Wed, Jan 08, 2003 at 06:08:48PM -0800, Bryan Henderson wrote: I have no objections to a name change. We are not so religious about intent as a name. How religious are you about the idea of having to have BOTH a lookup2() that contains all the information necessary to create a directory if the name is available, AND a subsequent create directory call? Because once you remove the word intent from the description, that looks even more silly. Good question. For mkdir your solution is much preferrable. So no religion here at all. But mkdir is an easy case, possibly the easiest. For open, rename, setattr and dealing with symbolic links we found having the separation of the lookup phase with intents and actual execution to be quite useful, since the symbolic links may bring you back to another file system. It is the relationship between those two (sometimes 3) redundant calls that is the real substance in what otherwise appears to be just a naming issue. Yes, and the answer is sometimes - in the mkdir case it (moderately) easy to give the whole task to the file system (symlinks remain hairy), in open, rename, setattr we found a lot of useful VFS functionality between lookup and operation. - Peter -
[PATCH] audit handling of waitpid() status codes
I found a data-corruption bug in ccache a few weeks ago relating to
incorrect handling of wait() status codes, so I thought I would do a
quick check for similar things in Samba.
A patch is included:
- several cases where child process failure is not detected
- one inverted boolean
- better messages when child processes crash
- one fixme I easily see how to handle
- one typo
I think the external behaviour is otherwise the same.
Could somebody please review this?
--
Martin
cvs server: Diffing .
cvs server: Diffing aparser
cvs server: Diffing aparser/templates
cvs server: Diffing auth
cvs server: Diffing bin
cvs server: Diffing client
Index: client/smbmount.c
===
RCS file: /data/cvs/samba/source/client/smbmount.c,v
retrieving revision 1.57
diff -u -r1.57 smbmount.c
--- client/smbmount.c 13 Nov 2002 02:21:55 - 1.57
+++ client/smbmount.c 9 Jan 2003 06:09:08 -
@@ -79,7 +79,11 @@
break;
}
/* If we get here - the child exited with some error status */
- exit(status);
+ if (WIFSIGNALLED(status)) {
+ exit(128 + WTERMSIG(status));
+ } else {
+ exit(WEXITSTATUS(status));
+ }
}
signal( SIGTERM, SIG_DFL );
@@ -499,6 +503,9 @@
if (WIFEXITED(status) WEXITSTATUS(status) != 0) {
fprintf(stderr,smbmnt failed: %d\n, WEXITSTATUS(status));
/* FIXME: do some proper error handling */
+ exit(1);
+ } else if (WIFSIGNALLED(status)) {
+ fprintf(stderr, smbmnt killed by signal %d\n, WTERMSIG(status));
exit(1);
}
cvs server: Diffing codepages
cvs server: Diffing groupdb
cvs server: Diffing include
cvs server: Diffing intl
cvs server: Diffing lib
Index: lib/smbrun.c
===
RCS file: /data/cvs/samba/source/lib/smbrun.c,v
retrieving revision 1.20
diff -u -r1.20 smbrun.c
--- lib/smbrun.c28 Jul 2002 02:20:15 - 1.20
+++ lib/smbrun.c9 Jan 2003 06:09:08 -
@@ -130,6 +130,11 @@
return WEXITSTATUS(status);
}
#endif
+#if defined(WIFSIGNALLED) defined(WTERMSIG)
+ if (WIFSIGNALLED(status)) {
+ return 128 + WTERMSIG(status);
+ }
+#endif
return status;
}
Index: lib/util_file.c
===
RCS file: /data/cvs/samba/source/lib/util_file.c,v
retrieving revision 1.36
diff -u -r1.36 util_file.c
--- lib/util_file.c 28 Jun 2002 03:19:20 - 1.36
+++ lib/util_file.c 9 Jan 2003 06:09:08 -
@@ -362,7 +362,7 @@
while ((n = read(fd, buf, sizeof(buf))) 0) {
tp = Realloc(p, total + n + 1);
if (!tp) {
- DEBUG(0,(file_pload: failed to exand buffer!\n));
+ DEBUG(0,(file_pload: failed to expand buffer!\n));
close(fd);
SAFE_FREE(p);
return NULL;
@@ -372,6 +372,8 @@
}
if (p) p[total] = 0;
+ /* FIXME: Perhaps ought to check that the command completed
+* successfully; if not the data may be truncated. */
sys_pclose(fd);
if (size) *size = total;
cvs server: Diffing libads
cvs server: Diffing libsmb
cvs server: Diffing locking
cvs server: Diffing msdfs
cvs server: Diffing nmbd
cvs server: Diffing nsswitch
cvs server: Diffing pam_smbpass
cvs server: Diffing pam_smbpass/samples
cvs server: Diffing param
cvs server: Diffing passdb
cvs server: Diffing po
cvs server: Diffing popt
cvs server: Diffing printing
cvs server: Diffing profile
cvs server: Diffing python
cvs server: Diffing python/examples
cvs server: Diffing python/examples/spoolss
cvs server: Diffing python/examples/tdbpack
cvs server: Diffing python/samba
cvs server: Diffing registry
cvs server: Diffing rpc_client
cvs server: Diffing rpc_parse
cvs server: Diffing rpc_server
cvs server: Diffing rpcclient
cvs server: Diffing sam
cvs server: Diffing script
cvs server: Diffing smbd
Index: smbd/chgpasswd.c
===
RCS file: /data/cvs/samba/source/smbd/chgpasswd.c,v
retrieving revision 1.97
diff -u -r1.97 chgpasswd.c
--- smbd/chgpasswd.c8 Jan 2003 07:02:18 - 1.97
+++ smbd/chgpasswd.c9 Jan 2003 06:09:09 -
@@ -408,20 +408,20 @@
(We were waiting for the wrong process ID\n));
return (False);
}
- if (WIFEXITED(wstat) == 0)
+ if (WIFEXITED(wstat))
{
DEBUG(3,
- (The process exited while we were waiting\n));
+ (The
Re: Samba 2.2.7a and LDAP Rebind for Slave enviroment ...
Herb Lewis wrote: You might want to check out the code in the head branch as this already I would, but I am not a programmer, and downloading head would take almost forever here in the middle of the sticks. has a test for ldap_set_rebind_proc having either 2 or 3 parameters. The rest of your problem may already be fixed there as well. If that was the case, I beleive Andrew would have picked it up and fixed, but then he also focus all his efforts of head. Maybe if I can test this and ( I think Jerry ) see's that it works, he might included it ... It's a start, plus I see another Samba 2.2.7a user has run into this problem also. So I am thinking that we might need to put this in soon, or we are going to see alot of people run into this problem. I also recompiled half my test system before running into this half solution ... and that all takes time and that means TCO go up ... Thanks. Mailed Lee
CVS update: sambaweb
Date: Wed Jan 8 09:18:18 2003 Author: vlendec Update of /data/cvs/sambaweb In directory dp.samba.org:/tmp/cvs-serv30679 Modified Files: samba.html Log Message: SambaXP 2003 announced Revisions: samba.html 1.173 = 1.174 http://www.samba.org/cgi-bin/cvsweb/sambaweb/samba.html?r1=1.173r2=1.174
CVS update: samba/source/utils
Date: Wed Jan 8 17:59:52 2003 Author: sharpe Update of /data/cvs/samba/source/utils In directory dp.samba.org:/tmp/cvs-serv13924/utils Modified Files: editreg.c Log Message: Some fixes to editreg. Clientgen should not be touched, and an update to configure that Herb needs. Revisions: editreg.c 1.26 = 1.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/editreg.c?r1=1.26r2=1.27
CVS update: samba/source
Date: Wed Jan 8 18:33:17 2003 Author: herb Update of /data/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv16924/samba/source Modified Files: configure Log Message: reran autoconf Revisions: configure 1.361 = 1.362 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure?r1=1.361r2=1.362
CVS update: samba/source/smbd
Date: Wed Jan 8 21:42:54 2003 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv4145/smbd Modified Files: Tag: SAMBA_3_0 process.c server.c Log Message: Ensure we don't get an invalid number for total smbd's if the tdb update fails. Jeremy. Revisions: process.c 1.92.2.7 = 1.92.2.8 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/process.c?r1=1.92.2.7r2=1.92.2.8 server.c1.372.2.9 = 1.372.2.10 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/server.c?r1=1.372.2.9r2=1.372.2.10
CVS update: samba/source/smbd
Date: Wed Jan 8 22:17:03 2003 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv4995/smbd Modified Files: Tag: APPLIANCE_HEAD open.c process.c server.c Log Message: Ensure we don't get an invalid number for total smbd's if the tdb update fails. Fix for CR#1504. Jeremy. Revisions: open.c 1.62.2.18 = 1.62.2.19 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/open.c?r1=1.62.2.18r2=1.62.2.19 process.c 1.43.2.26 = 1.43.2.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/process.c?r1=1.43.2.26r2=1.43.2.27 server.c1.304.2.29 = 1.304.2.30 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/server.c?r1=1.304.2.29r2=1.304.2.30
CVS update: samba/source/smbd
Date: Wed Jan 8 22:24:29 2003 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv7770/smbd Modified Files: Tag: APPLIANCE_HEAD open.c Log Message: Fix for changing attributes on a file open. No CR. Jeremy. Revisions: open.c 1.62.2.19 = 1.62.2.20 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/open.c?r1=1.62.2.19r2=1.62.2.20
CVS update: samba/source/smbd
Date: Wed Jan 8 22:25:46 2003 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv7791/smbd Modified Files: Tag: SAMBA_2_2 open.c Log Message: Fix for changing attributes on a file truncate. Jeremy. Revisions: open.c 1.62.4.60 = 1.62.4.61 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/open.c?r1=1.62.4.60r2=1.62.4.61
CVS update: samba/source/include
Date: Wed Jan 8 22:27:55 2003 Author: jra Update of /data/cvs/samba/source/include In directory dp.samba.org:/tmp/cvs-serv8006/include Modified Files: Tag: SAMBA_2_2 proto.h Log Message: Ensure smbd process count never gets to -1 if limiting number of processes. Jeremy. Revisions: proto.h 1.900.2.408 = 1.900.2.409 http://www.samba.org/cgi-bin/cvsweb/samba/source/include/proto.h?r1=1.900.2.408r2=1.900.2.409
