[Samba] add machine account with sudo instead of root account
Is this possible to add machine account from several different tech user accounts. What I have been reading on the Internet sounds like it is possible. In my smb.conf file I tried to do it like this. add user script = /usr/bin/sudo /usr/sbin/useradd -d /dev/null -g ntmach -c 'Machine Account' -s /bin/false -M %u The reason I want to do this I use sysprep to automate the installation of w2k computers to add the machine account into the domain without user assistance. The main reason to do this is the text file that sysprep uses does not encrypt the user account password for adding the machine account to the domain in the sysprep config file. So, I would like to setup an account to just have rights to add computer accounts and nothing else which sounds like sudo can do this. I am I right? I believe I got sudo configured right, because I can use it to do things with my user account that normally can't do without sudo. Any help would be appreciate! Thanks -Glenn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] $B#N#O%/%j%C%/!y9b2AGch%-%c%s%Z!%sCf!*(B
$B%5%$%H%*!%J!MM!*(B $B}F~$r(B1.5$BG\$KA}$d$7$^$;$s$+!)(B $BFMA3$N%a!%k?=$7Lu$4$6$$$^$;$s!#(B $B$3$NEY!J@R$G$O?7%5!%S%9!X#M#r(B.$B#N#O!Y$r(B $B3+;OCW$7$^$7$?$N$G$4OMm:9$7e$2$F$*$j$^$9!#(B $BJ@R!?7%5!%S%9!X#M#r(B.$B#N#O!Y$O%5%$%H$N(B $B#T#O#P%Z![EMAIL PROTECTED]G/NpG'Z(B $B5Z$SF~B`=P5!9=$G$NHsF~%f!%6!ItJ,(B $B!J#N#O!#E#X#I#T!B`=P$J$I!K$r!(B $B!7HBS%5%$%HMM$O#1%/%j%C%/!a#51_(B $B!#P#C%5%$%HMM$O#1%/%j%C%/!a#11_(B $B$GGch$5$;$FD:$/$b$N$G$9!#(B $B!z(B--$B!z(B $B$5$i$K!%*!%W%K%s%0%-%c%s%Z!%s$HCW$7$^$7$F(B $B#87nCf$K!X#M#r(B.$B#N#O!Y%P%J!$r5.%5%$%HFb$N(B $BF~B`=P5!9=$N2$KE=$C$FD:$1$kl9g!(B $B!7HBS%5%$%HMM$O#1%/%j%C%/!a#1#21_!JDLo#71_!K(B $B!#P#C%5%$%HMM$O#1%/%j%C%/!a#51_!JDLo#21_!K(B $B$GGch$5$;$FD:$-$^$9!*!*(B $B!z(B--$B!z(B $B8=u!F~B`=P5!9=$r$*;}$A$G$J$$%*!%J!MM$G$b(B $B#T#O#P%Z![EMAIL PROTECTED]:$1$l$P(B $BGchBP]$H$J$j$^$9!#(B $BJ@R$ND4::$G$OK,LdT$NFb!F~B`=P5!9=$G$N(B $BHsF~%f!%6!$O:GDc(B2$B!s!:G9b(B15$B!s$bB8:_$7$^$9!#(B $B:#$^$G}F~BP]$K$J$i$J$+$C$?HsF~%f!%6!(B $B%/%j%C%/$rJ@R$,A4$FGchCW$7$^$9!#(B $Bu67E*$K$b#2#0#0#3G/#1#07n$+$iK!N'5,@)$K$h$k(B $B%[EMAIL PROTECTED]/NpG'Z5!9=$N5AL3IU$1$,;\9T$5$l(B $B$k;v$b$$j$^$9$N$G!$3$N5!2q$KG/NpG'Z5!9=$NL5$$(B $B%5%$%HMM$OG/NpG'Z5!9=$NF3F~$HF1;~$KJ@R?7%5!%S%9(B $B!X#M#r(B.$B#N#O!Y$r@'Hs$H$b$48!F$2$5$$!#(B $B$J$*!4JC1EPO?$G%*!%J!4IM}%Z!%8$+$i(B $B%j%%k%?%$%`$K}F~$,3NG'$G$-$^$9!#(B $B\$7$/$O25-$N%5%$%H$G$4Mw2$5$$!#(B $B7HBSHG!X#M#r(B.$B#N#O!Y(B http://www.mrno.jp/i/ $B#P#CHG!X#M#r(B.$B#N#O!Y(B http://www.mrno.jp/ $B:G8e$K!$3$A$i$Nj0c$$$G%5%$%H%*!%J!MM0J30$K(B $B$3$N%a!%k$,FO$$$F$*$j$^$7$?$i?4$h$j$*OM$S?=$7e$2$^$9!#(B // $B!!3t02qR%%k%U%!!%+%s%Q%K!!!%7%9%F%`3+H/It(B $B!!C4Ev0f9,;R(B $B!!([EMAIL PROTECTED] // -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Slow Windows XP shared browsing.
On Mon, 2003-08-11 at 18:40, Matthew Scarrow wrote: I tried blocking 445 tcp and udp and then tested but it didn't fix the problem. Thanks i was saying unblock... you could also try disabling netbios over tcp in on the client to see what that does (just to see if this is the problem) really no speculation substitutes for careful reading of the logs brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] upgrade SAMBA
Hi, my problem is: HOW I can upgrade SAMBA from 2.2.7a to 2.2.8a? Thanks for help -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Converting smbpasswd from Samba-2.0 to Samba-2.2 ?
Hi, I have a smbpasswd file from a Samba-2.0.x, generated with pwdump2 [1] . I'm in a NT-PDC to Samba-PDC migration. The documentation says that it generates Samba-2.0 style smbpasswd file [2]. But I would like to use the smbpasswd on a Samba-2.2.x machine. I've read that smbpasswd format changed . Is there a tool to convert smbpasswd from 2.0 to 2.2 ? I cannot find one. Any URL or HOWTO will be greatly appreciated. Thanks in advance. [1] http://razor.bindview.com/tools/desc/pwdump2_readme.html [2] http://www.coruscant.demon.co.uk/mike/samba/PDC_migration_HOWTO.txt Salut, Sinner -- http://www.ibiblio.org/sinner/ Linux User # 89976 Linux Machine # 38068 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] documentation inconsistency
I'm running samba 3 on debian linux (both x86 and alpha), and I noticed that the /etc/default/samba comment: # How should Samba (nmbd and smbd) run? Possible values are daemons # or inetd. contradicts the actual behaviour in /etc/init.d/samba: start) echo -n Starting Samba daemons: echo -n nmbd start-stop-daemon --start --quiet --exec /usr/sbin/nmbd -- -D if [ $RUN_MODE != inetd ]; then echo -n smbd start-stop-daemon --start --quiet --exec /usr/sbin/smbd -- -D fi echo . ;; in that only the behaviour of smbd is governed by the RUN_MODE variable. Phil = Given that Dubya has control of a such vast arsenal, I'm sure the most pressing issue on his mind is : Which bombs would Jesus drop? (-- mm) __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with adding Windows printer drivers to a Samba box
Chris Nolan chris at itoperations.com.au Thu Aug 14 10:22:11 GMT 2003 Hi all! Here is an interesting problem: I have installed Mandrake 9.0 on two server boxes, both of which are running very happily and have been for a year now (and a year or two before that on earlier versions of Mandrake). I was able to successfully add printer drivers to one of these boxes (as it was the only one running Samba at the time, called MAIN) without any problems. Yesterday, I had to install some drivers for a Toshiba photocopier (for all those considering Toshiba photocopier purchase/rental for network printing *DON'T*. Their drivers are horrible, unstable bodies of code). Ah, interesting. Do you have access to the source code? On the existing Samba box and on the new one (with security = domain pointing at MAIN), I could not add the driver. It turns out that one of my administrator friends had previously added the driver to the MAIN box, after setting the following options on the [Printers] and [print$] shares: nt acl support = no write list = list of users read list = list of users Apparently, this resulted in the Toshiba driver spewing method call failures to the screens of the workstations. He cleaned that up and deleted the printer driver files from MAIN (but not the driver). I have since used rpcclient to remove the driver entry. Now, whether adding to the MAIN box or the newly setup Samba instance (on a box called GRUNTMASTER), I always get Operation could not be completed when attempting to add the driver. The logs show that Samba's conversation with the client attempting to add the driver results in a service (along the lines of ::{a34af-25df4-cdf4a-a65gc}) not being found. Oh Samba gods of ye almighty list, do ye have any wisdom to bestow upon us merely very experienced and grizzled administrators? Oh ye miserable Samba user, do ye have the drive to make an effort of providing us with some of the the setting bits and bytes you decided to put on probe for our running smbd and nmbd services? Oh ye darn Samba follower of mine, be ensured that our godmighty powers are still not enough to read minds and remote smb.confs if no ethernal or seasonal ether link is provided to lead into your machine, and if no devilish SSH daemon accepts my very own password...;-) The fact that my Samba server at this client's premises has required more than 30 minutes of my attention this year is very depressing! Bah! What a shame!! Ye shall act in penance for 30 * 30 minutes now, helping on this list more inexperienced users than you are to find the divine way to their complete Samba enlightenment . Regards, Chris Cheers, Kurt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Howto released: Using OpenLDAP on Debian Woody to serveLinux and Samba users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Message: 33 Date: Tue, 12 Aug 2003 01:17:35 +0200 From: Markus Amersdorfer [EMAIL PROTECTED] Subject: [Samba] Howto released: Using OpenLDAP on Debian Woody to serve Linux and Samba users To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII Hi everyone! I'd like to finally announce version 1.0 of my (unofficial) LDAP-Howto Using OpenLDAP on Debian Woody to serve Linux and Samba users: http://homex.subnet.at/~max/ldap/ I hope it may be of help to somebody. Of course, I'm always glad to hear about your opinion, additions, corrections or any other kind of add-ons. I notice that you do reference the mandrakesecure.net articles (since it's down, you may want to link to my personal copy, which may however be slightly out-of-date, my last edits were sent as diffs ... but is accessible here: http://ranger.dnsalias.com/samba-ldap-advanced.php There are a number of issues I addressed which you missed (even though you pulled some things straight from it) ... - -it is possible to set it up that machine accounts are created on the fly, in fact it can be setup such that non-root users can do join machines and have accounts added, which is how we default on Mandrake (by good file permissions). It was not covered in detail, since the packages are setup to work out-the-box. - -you should not need to edit the files from migration-tools (http://ranger.dnsalias.com/samba-ldap-advanced.php#initldap) - -I would seriously reccomend samba-2.2.8a over previous releases, since password changes from a BDC work (this only started working in 2.2.8 IIRC), but of course Debian doesn't have packages :-/ Anyway, I think it would be better to improve the samba docs in respect to LDAP setup, unfortunately I won't have time to do anything myself for at least 6 weeks. Regards, Buchan - -- |--Another happy Mandrake Club member--| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/OPDwrJK6UGDSBKcRAhdIAJ44kthrPY8F0L5VPByH5ty0CLgF8QCfaV2L c7fCYNXzOrWroqlRiZ7lxls= =4W1a -END PGP SIGNATURE- ** Please click on http://www.cae.co.za/disclaimer.htm to read our e-mail disclaimer or send an e-mail to [EMAIL PROTECTED] for a copy. ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Finally winbind on RH9 working, but why ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 7 Aug 2003 [EMAIL PROTECTED] wrote: Since your email address ends with samba.org, I'll take your word for it *grin*. Sorry for all my mails then, but I did not know that...I guess most manuals these days are kinda hybrid. Yeah. Everythings in kind of a transition state at the moment. 3.0 is real close now :-) cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/MzSQIR7qMdg1EfYRAmySAKCrc3f/Itu7/qJy6b5kG1fQ3HV6CACgy51o VHGNtxGiEN+RDVXpQpo348M= =fDMl -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] CVS / winbindd broken?
Thanks that was it. I had a make distclean in my buildscript, but somehow it didn't get executed. Thanks again. Christoph Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 6 Aug 2003, Christoph 2 wrote: Hi, since yesterday morning i get an error compiling the cvs-tree of samba: Compiling nsswitch/winbindd_ads.c nsswitch/winbindd_ads.c: In function `trusted_domains': nsswitch/winbindd_ads.c:819: error: incompatible types in assignment make: *** [nsswitch/winbindd_ads.o] Fehler 1 everything is fine. Just checked anonymous cvs tree as well. Did you run make clean after refreshing your checkout? This function has changed recently. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/MSMIIR7qMdg1EfYRAlhpAJ4x3dU5OWq6ErPPKHiTOEPuObV5TgCfXyqR e9apZL1oGJnQExfi4a6GMQg= =N3/u -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] CIFS mount problem on Linux
hi, I have a SUN machine running samba server. The vxfs shares on this machine is shared thru samba server SUN Machine -- SunOS 5.8 Generic_108528-14 sun4u sparc SUNW,Ultra-80 Samba -- 2.2.4 I am trying to remotely mount this share from the SUN machine, on my Linux machine (the linux kernel supports cifs). Linux -- Red Hat 7.3 Linux Kernel -- 2.4.20-18.7XFS1.30pre2smp Linux CIFS Client version -- 0.8.2 When i try to cifs mount a share ISUXXX, from Machine IPAddress, on my linux machine i see the below problem: Try1: mount.cifs //IPAddress/ISUXXX /someMountPoint -o username=userName,password=passwd --- My linux box starts hanging ! Does not take any mouse, keyboard events. The machine seems to be alive (i can ping it) Try2: mount -t cifs //IPAddress/ISUXXX /someMountPoint Asks for password : I enter password --- My linux box starts hanging ! Does not take any mouse, keyboard events. The machine is not even alive (cannot ping) In this case i do not give any usename, i think it picks it from the USER env (which might be a wrong username) Do u think iam missing something ? I appreciate u'r help. Thanks, -Sangeetha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Finally winbind on RH9 working, but why ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 6 Aug 2003 [EMAIL PROTECTED] wrote: e.g. if someone running 2.2.8a successfully would have the time to run 'getent group' on a domain member and garantee me that he does NOT see the same messages appearing in the log for that member on the samba PDC, that would tell me I'm looking in the right direction.., Samab 2.2 does not support winbind as a domain member of a Samba domain. You need Samba 3 for this. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/MR2QIR7qMdg1EfYRAnszAJ9UvQadQssjYu6O/gvZXZ5OsWg00QCfcg4L wmacv8uEzh9Abo87alB+SRs= =8glT -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sticky bit
Hi all. I configured a samba share: ;- [soft] comment = Software browseable = yes path = /mnt/soft writable = no write list = nikitin stiven @root public = yes create mode = 0664 directory mode = 1757 ;- Now users create files with -rw-rw-r-- permissions and directories with drwx-r-xrwx My question is: why doesn't samba set a sticky bit on directories? Any hints appreciated. TIA -- Alexey A. Nikitin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] joining a samba pdc domain
Errmmm http://samba.mirror.ac.uk/samba/docs/man/Samba-HOWTO-Collection.html#AEN1402 second point maybe. H. On Wednesday 06 Aug 2003 3:07 pm, you wrote: On Wed, 6 Aug 2003 09:42:05 +0100 Howard Miller wrote: What exactly do you mean by it then fails, what exactly happens. Just a thought - have you tried rebooting the machine and logging in as the local administrator before you try joining the domain. yes It won't work if there are shares open. no share open what i mean is that after sending the root name and password, i get an error message saying the windows was unable to contact or join the domain. I think it is basically telling me that it can't authenticate my root password, but i have added root to my smbpasswd several times! H. On Tuesday 05 Aug 2003 8:53 pm, [EMAIL PROTECTED] wrote: dear all, i will outline the problem im having before posting my smb.conf, just in case someone knows what to trouble-check. i have a samba PDC set-up, no firewalls, the windows machine WILL mount the shares fine, but it wont join the domain. I mean that I have entered the machine name as a trust account into both passwd and smbpasswd, and when I join the domain in win2k, it actually asks me for my username and password, and i enter my root name and password. however, it then fails. I cant figure it out, everything else works, except the final authentication to allow my win2k machine join the samba domain. 1) what ./configure options MUST be set? 2) what's the minimum global configuration? 3) what's the minimal win2k settting (i disabled WINS and set-up the LMHOSTS file to have one line, which is the samba server) thanks Sam Seaver -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC Functions
On Thu, 2003-08-07 at 23:33, Mike Miller wrote: Well The windows 2000 machine is trying to obtain the SID for a user [domain\username], is that 2k machine joined to the samba domain? the SID is not really a secret so i don't know why it would be tight about them if the sid is just the machine's SID + a user ID 2*UID+2 (if i recall correctly) you can determine the samba machine's SID with rpcclient (lsaquery command) but it is very tight about such security of the users' SIDs. windows is tight or samba is tight? It _will_ give me a list of users, but not their SIDs in order to assign file permissions to these users. there should be no users on the win2k machine in a pdc environment. Are you trying to migrate to samba? There is tool to suck out the info from an NT4 pdc (vampire) but I'm not aware of any tool to migrate from 2k to samba. I don't know how to determine the SIDs of your 2k users but they must be in the 2k user manager somewhere. What's stopping you from just recreating all the users on the new PDC? I don't really understand what you're trying to do... sorry brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3b3 + ADS
Solved. Recompiled krb5 with openldap. Will On Thu, 31 Jul 2003 10:20:28 -0700 Will Froning [EMAIL PROTECTED] wrote: For your freebsd box: Did you install openldap? You can do that from the ports tree. Then after configure, make sure you get HAVE_LDAP, HAVE_LDAP_H in config.h. If not, try to give the ldap header and library paths to the configure script. [cowers in shame] Yeah kinda forgot that one... Ok so I got ADS compiled in now, but I cannot join the domain. [SAMBA 3b3 BOX] marmar# /usr/local/bin/kinit [EMAIL PROTECTED] [EMAIL PROTECTED]'s Password: marmar# net join -U Administrator Administrator password: [2003/07/31 08:43:48, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267) krb5_cc_get_principal failed (No such file or directory) [2003/07/31 08:43:48, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274) krb5_get_credentials failed for [EMAIL PROTECTED] (Unknown error: -1765328369)[2003/07/31 08:43:48, 1] utils/net_ads.c:ads_startup(176) ads_connect: Server is unavailable [2003/07/31 08:43:49, 1] utils/net.c:net_find_server(258) no server to connect to Unable to find a suitable server [2003/07/31 08:43:50, 1] utils/net.c:net_find_server(258) no server to connect to Unable to find a suitable server [DC3 LOG ENTRIES] Authentication Ticket Granted: User Name: Administrator Supplied Realm Name:STK.REALM User ID: STK\administrator Service Name: krbtgt Service ID: STK\krbtgt Ticket Options:0x0 Ticket Encryption Type: 0x17 Pre-Authentication Type: 2 Client Address: 10.10.9.13 Service Ticket Request Failed: User Name: User Domain: Service Name: dc3$ Ticket Options:0x0 Failure Code: 0xF Client Address: 10.10.9.13 I have dc3 and dc2 shortname entries in /etc/hosts. Below is the smb.conf file relevant entries (I've tried it with and without the workgroup entry). [global] workgroup = STK realm = stk.realm security = ads netbios name = MARMAR encrypt passwords = yes I appreciate any help on this one. Please CC me on the reply. Thanks, Will -- Will Froning Unix Sys. Admin. [EMAIL PROTECTED] -- Will Froning Unix Sys. Admin. (209)946-7470 (209)662-4725 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Server-side printer settings?
Chris Nolan chris at itoperations.com.au Thu Aug 14 10:30:35 GMT 2003 Hi all! I have a situtation that I want to get happening: We have just installed a colour photocopier with duplexing at a client's office. We're looking to have four printers pointing at this one device, I guess you mean four print*queues*... with the following settings (one for each printer): * Black and White * Black and White, Duplexed * Colour * Colour Duplexed My question is, can we have server-side settings for this sort of thing? Yes. See http://www.linuxprinting.org/kpfeifle/SambaPrintHOWTO/Samba-HOWTO-Collection-3.0-PrintingChapter-11th-draft.html#11_2_10 http://www.linuxprinting.org/kpfeifle/SambaPrintHOWTO/Samba-HOWTO-Collection-3.0-PrintingChapter-11th-draft.html#11_1 My question is, do you know which Unix print sub-system your Samba server relies on? Do you mind telling? Do you know which kind of client Windows OS there are using this Samba server? My reading of the rpcclient man page says that servers can contain settings, but I would like to be able to do the following: * Specify which users can modify the settings for themselves and those that can't Every user can modify settings for themselves. * Specify which users can update the server-side settings Users listed in the printer admin setting of smb.conf (plus root) can modify the server-side settings. Server-side settings are used as defaults, in case users don't specify or change user-side settings. * (If possible but highly unlikely) Specify which parts of the printer settings can be modified in the first case Not possible. All responses that make me smarter welcome! Depending on *what* *exactly* you want to effectivly achieve by having different user groups access different parts of the printer admin, there might be workarounds. It would involve the editing of the printer driver's PPD, to remove options that are not meant to be user-selectable (and leaving only the one[s] which should be used). F.e. your Black and White queue would not have a Colour option, and your Colour Duplex not a black and white and simplex one. Of course, your users would still be able to switch queues if they wanted the other option in printing. (You could fiddle with the access to the queues too, of course), Smarter now?;-) Regards, Chris Cheers, Kurt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] password profiles problem
Hi all, 1) How could I change my samba password in win 2K side? 2) I cannot create the profiles after logging in samba domain. Why? Regards Kenny - Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Joining a domain with XP
Hi, I need help to make a WIN XP to join a samba domain running on samba 2.2.8a(or possible to run on 3beta). Everytime i try to make it join the message says that i must be sure if it's a Netbios domain name or dns based domain named. Here it's a netbios domain name with a WINS server running on samba. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] very big files
are you running on x86 platform? if so, you really should have seen 2 GB file cause that's the limit of kernel. there's a patch for that but i can't find it anywhere. so like you, i stuck in it too. i planned to copy my minidv files to samba serers. those files are 13GB each. what a pity. let's wait for kernel 2.6. - Original Message - From: Tomas Charvat [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 11, 2003 3:06 PM Subject: [Samba] very big files greeting guys i just mounted my w2k shares to my linux i wated to copy some huge files (63Gb 1 file ) to my linux box, but i see only 1G of that file and it realy copy only 1 GB ... do you have any tip ? regards tomas charvat -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC Functions
On Fri, 2003-08-08 at 10:41, Mike Miller wrote: What I'm attempting to do is get services for unix working on a win2k box, running off of a samba PDC. I am having great difficulty doing so. I have added a trust relationship and added the 2k server into the domain. I then try and change ownership to anyone in the domain without luck. It always gives me that the Sid Lookup Failed. Microsoft said the following and basically told me to use an NT/2k PDC. I completely trust the machine in every way, so I'm not too worried about security of the machine, however I want it to work on these RPC calls to get the SIDs. For some reason, it doesn't seem to be giving me any SIDs. Any ideas? I'm afraid I don't... Perhaps somebody who has done this before will pipe up. If not you'll probably have to use tcpdump to see what exactly the 2k unix services are trying to do so that the samba team will know what calls are not being emulated correctly. good luck brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RE: Finally winbind on RH9 working, but why ?
[EMAIL PROTECTED] admin]# wbinfo -u administrator Guest TsInternetUser [EMAIL PROTECTED] admin]# wbinfo -g DHCP Users DHCP Administrators WINS Users Domain Computers Domain Controllers Schema Admins Enterprise Admins Cert Publishers Domain Admins Domain Users Domain Guests Jeremy Lahners Manager, I.T. The Schemmer Associates Inc. (402) 493-4800 (P) (402) 493-7951 (F) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 05, 2003 10:40 AM To: Lahners, Jeremy Cc: [EMAIL PROTECTED] Subject: Re: Finally winbind on RH9 working, but why ? No... just tested it :( if you have time : does you output of wbinfo resembles this : [EMAIL PROTECTED] root]# wbinfo -u root jo [EMAIL PROTECTED] root]# wbinfo -g Domain Admins Domain Users I REALLY wonder where these groups are stored on the pdc... I find no trace of them in /etc/samba/smbpasswd or anywhere... On Tue, 5 Aug 2003 10:08:13 -0500 Lahners, Jeremy wrote: I don't have winbind under shadow. I don't know if that would matter or not. Jeremy Lahners Manager, I.T. The Schemmer Associates Inc. (402) 493-4800 (P) (402) 493-7951 (F) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 05, 2003 10:05 AM To: Lahners, Jeremy Cc: [EMAIL PROTECTED] Subject: Re: Finally winbind on RH9 working, but why ? Thanks for the reply ! But no such luck : #group: db files nisplus nis passwd: files winbind shadow: files winbind group: files winbind #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files *grin* On Tue, 5 Aug 2003 09:34:27 -0500 Lahners, Jeremy wrote: I had similar problems with getent on one of my servers. After some investigation, I had forgotten to edit /etc/nsswitch.conf to add winbind to the users and groups there. Wbinfo worked great, nothing from getent. After the change, and a restart of winbind (don't know if that was necessary or not) all was well. Jeremy Lahners [EMAIL PROTECTED] The Schemmer Associates Inc. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Maybe I'll rephrase it shorter : 1) eventhough 'wbinfo -g' gives me the correct groups, they do not show up when I go 'getent group'. Can it be the spaces in the Samba groups 'Domain Admins' and 'Domain Users'? Where is the information about these groups stored on the Samba pdc? 2) I only get winbind to do it's job (which is connecting to a local share on the domain member with a winbind user) when I a) set the parameter 'winbind cache timeout = 0' OR b) create the user locally on the domain member, which is of course what we try to avoid by using winbind... any idea's why playing with the cache timeout causes a difference? Thanks in advance... the full story is below but I guess it's to long for anyone to read *grin* Jo De Baer NEOlabs - http://www.neolabs.be - mailto:[EMAIL PROTECTED] NEOlabs - http://www.neolabs.be - mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc getsid to a recently patched NT4 machine
the only thing to happen has been the server has had the patch for the windows rpc problem now the responce to a command that has worked perfectly for weeks of testing doesn't work anymore. instead it spews this out [2003/08/08 11:50:31, 0] libsmb/namequery.c:getlmhostsent(588) getlmhostsent: Ill formed hosts line [ lots of random signs rpcclient vomits this out getlmhostsent: Ill formed hosts line [ gibberish if it is the case that this is the fault of microsofts security patch how much would it cost to hire a hitman and a torturer to hunt down the people behind it? So ranting venom aside is it the patches fault or is something broken? Help would be nice i was set to move the domain next week and was doing a few final tests (ergo another restart) I'm ready to murder... (depending on who's fault it is, if it's mine suicide may be in order) Anyway help would be nice -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Different Printer Model for different Arch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Aug 2003, Ryan Novosielski wrote: One last question -- is this a limitation of Samba, or the method of driver handling (ie. present in NT/2K server also)? it's present in NT/2K server as well. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/OTW9IR7qMdg1EfYRAtICAJ0dqTiBnXW2i7/jZmsFNGXd3xKk8QCg8std y7X6pL+GRQ/3/KMeCrg4fmY= =pD5x -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] cups addprinter fails dos error 0x00000013 (Samba 3b3)
Chris Puttick chris at centralmanclc.com wrote on Samba-Digest: Tue Aug 12 14:57:22 GMT 2003 Hi As per subject line... Samba 3 beta 3 installed and functional (e.g. appears in browse lists on windows, shares accessible etc.) on SuSE 8.2. CUPS 1.1.18 configured and functional, cups drivers installed. Using cupsaddsmb results in failure with DOS code 0x0013: Running command: rpcclient localhost -N -U'root%**' -c 'adddriver Windows NT x86 coloura3:cupsdrvr.dll:coloura3.ppd:cupsui.dll:cups.hlp:NULL:RAW:NULL' result was DOS code 0x0013 Attaching with rpcclient and running adddriver results in same error. The print$ subdirectory W32X86 is created, but not the expected 2 one. The cups drivers are successfully copied into W32X86, as is the ppd. Any thoughts? If further information is needed, let me know. smb.conf below. Regards Chris Puttick [global] workgroup = TRINITY netbios aliases = zulu2 server string = security = SHARE Try with setting security = USER and repeat cupsaddsmb -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] hp/ux 11i
Hello, I have a query regarding Samba running on a hp/ux machine. We currently have a hp/ux 11.0 server, with Samba version 2.0.7. We are building a new server running hp/ux 11i. I would like to know what the latest version of Samba is called, and if it will run on hp/ux 11.i ? Kind regards, Stuart. Stuart Williams F3.3, Syngenta, CTL, Alderley Park. Tel: 01625 51 6299 (ext.) 26299 (Int.) * e-mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-PDC Problem
On 05.08.2003 16:21 Uhr, Todd Johnson [EMAIL PROTECTED] wrote: This is a small section of our networks smb.conf file. We are running 2.2.8a with NIS and I want samba to emulate a PDC. I have ran down the Unofficial HowTO on this but still come up with this problem. The smb.conf file shows we want to use domain logins (domain logins = yes). The bottom file shows what testparms spits out in the log and domain logins = no in this case. Does anyone have any ideas where its picking up the no? [global] netbios name = eagle1 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 server string = BOA Samba local master = yes preferred master = yes domain logons = yes domain master = yes workgroup = anc-smb interfaces = *.*.*.* logon home = /walrus/%U log file = /var/log/samba-log.%m log level = 2 max log size = 50 lock directory = /var/lock/samba printcap name = /etc/printcap security = user wins support = yes dns proxy = yes os level = 99 remote announce = *.*.*.* deadtime = 15 Notice where domain logins = yes When I do a testparm to see our settings this is a brief section of the report mangled stack = 50 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%L\%Uprofile logon drive = logon home = /walrus/%U domain logons = No If the smb.conf file says domain logons = yes then why is it picking it up as domain logons = No? Thoughts? Are you trying to join a XP box or what OS? If it is XP, you have to change a registry key, go to xp-samba.linuxgod.net/Samba.php. Otherwise make sure you have a $ at the end of all machine trust accounts, and are you adding machine trust accounts into smbpasswd manually? Make sure to do smbpasswd -a -m machinename without the $, it will add it. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sum: Samba on Solaris 7 exhibits slow performance whenswitch from SECURITY=USER to SECURITY=DOMAIN on WinXP clients
Apparently had to do with having DNS setup on the PDC. We were using another Solaris 7 box on the network to be the primary DNS. When we configured the PDC running Active Directory to be a DNS server and pointed the WinXP boxes to it, everything worked fine. Thanks, Tom At 03:14 PM 6/19/2003 -0400, Thomas G. Tri, P.E. wrote: Dear List: I have a network (about 30 PCs) that was working fine using SECURITY=USER. Last weekend we switched over to take advantage of a Win2K server (recently added to the network) to be used as a PDC, Active Directory, etc. The network clients are a mix of WinXP, Win2K-SP3, and WinNT-SP5. After the switch, the WinXP clients started experiencing a severe slowdown after a short period of time. The time before the symptoms occur varies from a couple of minutes to maybe an hour. If they reboot, the performance is again normal. The slowness symptoms are exhibited as random, major delays in opening a Word doc or Excel spreadsheet, navigating with Explorer, etc. The application will load at normal speed, the document loads, but then the hour glass cursor will stay present for up to 20 or 30 seconds or more before control is returned to the user. Any help / insight would be greatly appreciated! Misc Info: Running Samba 2.2.8 on Sun Ultra 2 server with Solaris 7. Running ftp to retrieve files from the server show performance above 9MB/sec on a 40MB file Copying files from the server to the WinXP PCs seems fine. Running Samba at debug = 2 for that PC shows normal file opens / closes. Running Samba at debug = 3 shows a lot of info, but none discernable as a problem (I'm not a SAMBA expert, but have been using for some 6 or 7 years now.) Using local, not roaming profiles. Win2K Server on a P3-450MHz PC - sole purpose is as a PDC and a license / software metering server Settings were for SECURITY=USER [global] workgroup = SKEES log file = /var/opt/samba/log.%m max log size = 2000 name resolve order = host wins bcast max open files = 1000 socket options = IPTOS_LOWDELAY TCP_NODELAY os level = 255 preferred master = Yes wins support = Yes kernel oplocks = No guest account = guest create mask = 0660 directory mask = 0770 force directory mode = 02000 hosts allow = 192.168.254. hosts deny = 0.0.0.0/0 short preserve case = No Current Settings for USER=DOMAIN [global] security = DOMAIN -Added password server = * --Added workgroup = NTDOMAIN--changed log file = /var/opt/samba/log.%m max log size = 2000 name resolve order = host wins bcast max open files = 1000 socket options = IPTOS_LOWDELAY TCP_NODELAY os level = 255 preferred master = Yes wins support = Yes kernel oplocks = No guest account = guest create mask = 0660 directory mask = 0770 force directory mode = 02000 hosts allow = 192.168.254. hosts deny = 0.0.0.0/0 short preserve case = No encrypt passwords = yes Added -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] known relationship between dynamic dns update (with bind9and dhcp3) and os level and/or prefered master?
Hello, I'm using samba 2.2.8a with bind 9 and dhcpd 3 everything on one machine. I setup dynamic dns updates for the Windows NT, 2000 and XP client so their hostnames will get an reverse and forward dns entry (dhcp always add the reverse entry; w2k and xp add the forward entry themself and for nt the dhcp is doing the forward entry because nt cannot do dns updates). Then I added samba on the machine to act as WINS server ( wins server = yes) without any other special options (PDC is a NT4 machine). The dynamic dns updates still works. Then I set os level = 250 prefered master = yes and the XP Client (didn't tested w2k and nt until now) is know always trying to set/update the dns reverse and forward entry via GSS-TSIG (MS dialect of the normal bind TSIG) on bind9. Is this behaviour know? Or better is it documented somewhere? Maybe it could be that from os level x the client is sure it talks with a Windows 2000 Server and communicates with this machine (samba and dns are on the same one) in an other way (signed dns updated). If its not known/documented I will try to collect more details on this. Thanks alot. -- Nol Kthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: Dies ist ein digital signierter Nachrichtenteil -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] DID IT! - Samba 2.2.8a+LDAP+PDC
On Sat, Aug 09, 2003 at 07:28:41PM -0500, PHELPS, SCOTT wrote: I am so stoked I just had to share this with y'all. I just SEAMLESSLY migrated all of my machines and users over to my new Gentoo Linux Server. I even kept the same: domain name and old PDC NetBios name. The trickiest part was getting all of the users to keep their same profile, but I managed that by cloning the RID and Lanman/NT hashes for the user accounts. Free at last! # include much_backpatting.h Cool ! Congratulations ! What a nice post :-). I always explain to people I meet that Samba is the worst piece of software in the world because no one ever comes up to me and tells me it just works - they always say : but I have this one problem. Nice to hear about a success :-). Cheers, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba - printing fails with Canon ir5000i
Hi, I've got an interesting problem with the Samba spoolss support. We've recently received a new networked printer/copier - a Canon ir5000i. The machine comes with a CD that provides various drivers, including ones for NT4, which is our dekstop OS. I have set this up via TCP/IP printing support on an NT machine, and all works fine. When the driver is hosted on a Samba (2.2.8) box, the generated PCL is corrupt. My Samba setup goes like this:- User on NT4 WS - Samba 2.2.8 server on Debian - LPRng - printer. This works fine for all the printers in the building, except this one. I can print to the ir5000i from an NT machine with locally installed drivers and MS TCP/IP printing without any trouble. If I use the above method, but print to file, take the resulting file, and then print it from my Linux machine with lpr, it works perfectly. If I print to the ir5000i using identical printer drivers installed on the Samba server, I get a line of garbage characters across the top of the page, and nothing else. Printing to file, and then attempting to print the file via lpr generates the same result. Has anyone got any ideas? It's looking to me like a bug in the Samba spoolss code, but I've no clue where to go from here. Mike. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC Functions
On Thu, 2003-08-07 at 23:22, Mike Miller wrote: Hi, I am trying to set up Samba as a PDC on our network and having some difficulty. I established a trusted machine account and added it to the domain. Samba will however not release the SIDs needed by our servers working off of it. what are you talking about? I don't know what releasing a SID means. brad PS don't cross post to samba-technical -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba vs. Windows : significant difference intimestamphandling ?
Hi, mourik jan c heupink wrote: [...] and (now that i have your attention... :)) what software do you use to backup your reisersf/acls partitions? as what i read was that you can use basically any backup program to backup the data, but usually the acls are not backed up. i heard amanda is supposed to be good? amanda is good, but it is a backup-management-system, not a backup program. It calls an external program for every disk to backup to get the real backup done. If you have a program that gets the acl's for your fs, then you will be able to make amanda use it and save your acl's. If not, you won't get them backuped. But this thread gets discussed every few month on another mailinglist (amanda-users). [...] Christoph -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Where did groupmap info stored?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 31 Jul 2003, Beast wrote: Hi, When using smbpasswd backend, i can get 'default' groupmap list, i assume it were on secret.tdb. But when i use ldap as a backend, i can not get this 'default' groupmap anymore. So where it was stored or should i create it manuaaly on ldap? Tks. if you are using ldapsam as the passdb , the group mapping information is assumed to be stored in the directory as well. When using tdbsam or smbpasswd, it gets written to group_mapping.tdb. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/Mz6nIR7qMdg1EfYRAiQzAKDsEPDaN2/0B8OGq6rLTHwrjFadpQCgtEP+ M8M1u2LhA0zD8vYTHkD50x8= =plTB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error on joining a Windows 2003 ADS domain with Samba3.0 Beta 3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Aug 2003, Axel Suppantschitsch wrote: Hi guys, everytime I try to join my Samba 3.0 Beta 3 server to my Windows 2003 ADS domain, net puts out following error: * SNIP * [2003/08/12 14:33:48, 1] libsmb/clikrb5.c:cli_krb5_get_ticket(343) krb5_set_default_tgs_ktypes failed (Program lacks support for encryption type)net: relocation error: net: undefined symbol: krb5_cc_initialize * SNAP * change the administrator password once one the 2003 DC. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/OeM5IR7qMdg1EfYRAl3VAKCDL8TkGKufYxgZpFpTJsga2rOA6QCg9F5m ouVGE9FC9+50g9YEfnKRRPc= =6Rkz -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Finally winbind on RH9 working, but why ?
Thanks for the reply ! But no such luck : #group: db files nisplus nis passwd: files winbind shadow: files winbind group: files winbind #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files *grin* On Tue, 5 Aug 2003 09:34:27 -0500 Lahners, Jeremy wrote: I had similar problems with getent on one of my servers. After some investigation, I had forgotten to edit /etc/nsswitch.conf to add winbind to the users and groups there. Wbinfo worked great, nothing from getent. After the change, and a restart of winbind (don't know if that was necessary or not) all was well. Jeremy Lahners [EMAIL PROTECTED] The Schemmer Associates Inc. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Maybe I'll rephrase it shorter : 1) eventhough 'wbinfo -g' gives me the correct groups, they do not show up when I go 'getent group'. Can it be the spaces in the Samba groups 'Domain Admins' and 'Domain Users'? Where is the information about these groups stored on the Samba pdc? 2) I only get winbind to do it's job (which is connecting to a local share on the domain member with a winbind user) when I a) set the parameter 'winbind cache timeout = 0' OR b) create the user locally on the domain member, which is of course what we try to avoid by using winbind... any idea's why playing with the cache timeout causes a difference? Thanks in advance... the full story is below but I guess it's to long for anyone to read *grin* Jo De Baer NEOlabs - http://www.neolabs.be - mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Possible samba options:
I plan to use samba to substitute two NT4 server (PDC/BDC) howewer I am not sure if it would fit: I have not been able to find either in the samba 3.0 and samba-tng documentation the following informations: 1. Can I have three different serever on which putting the home directories of the users (of course this would be set in their profiles) ? logon_home parameter seem to forbide this ... 2. can I have a PDC with samba, the BDC with NT4 and two member server (that offer only file sharing) with win2kserver ?? 3. can i use the samba password for mgetty, nis, and if possible all service but imap and pop that should always use unix password ? 4. is there some way from perl and php to validate an [domain]/username/password pair agianst nt passwords returning not only if the password is ok or not but also if the account is expired and or locked and of course if does exist ? Can you reply each question both for samba3.0 and samba-tng ?? -- Leonardo Boselli Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze tel +39 0554796431 cell +39 3488605348 fax +39 055495333 http://www.dicea.unifi.it/~leo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] problems accessing samba-share with win xp (pro of course)
hi all, we need to access a debian 3 /samba 3 beta 2 share from w2k-clients and xp-clients. my normal workstation is working under w2k, if i try to connect the share it works fine, no matter if i use my own workstation or a workstation running win xp. if someone who has a xp-machine as normal workstation tries to connect, the connetion to the samba-share is refused, no matter, if he tries from his xp-machine or my w2k-machine. googeling for that problem i found that xp uses another way to encrypt password, but this should be fixed since samba 2.2.x. any ideas?? thanks in advance lorenz my smb.conf: # NOTE: Whenever you modify this file you should run the command # testparm to check that you have not many any basic syntactic # errors. # #=== Global Settings === [global] log file = /var/log/samba/log.%m passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spas sword:* %n\n . socket options = TCP_NODELAY wins server = 130.10.116.10 encrypt passwords = true passwd program = /usr/bin/passwd %u #add user script = /usr/sbin/pw adduser %u #delete user script = /usr/sbin/pw deleteuser %u use spnego = no pam password change = yes server string = %h server (Samba %v) invalid users = root workgroup = ffzr1r os level = 2 name resolve order = wins bcast security = domain syslog = 0 preferred master = no panic action = /usr/share/samba/panic-action %d max log size = 1000 password server = * netbios name = ffzx0sa3 domain master = no preferred master = no idmap uid = 1-2 idmap gid = 1-2 winbind use default domain = yes winbind separator = / winbind uid = 1-2 winbind gid = 1-2 winbind enum users = yes winbind enum groups = yes template shell = /bin/false #template shell = /bin/bash template homedir = /home/%D/%u [homes] comment = Home Directories browseable = no # By default, the home directories are exported read-only. Change next # parameter to 'yes' if you want to be able to write to them. writable = no # File creation mask is set to 0700 for security reasons. If you want to # create files with group=rw permissions, set next parameter to 0775. create mask = 0700 # Directory creation mask is set to 0700 for security reasons. If you want to # create dirs. with group=rw permissions, set next parameter to 0775. directory mask = 0700 # Un-comment the following and create the netlogon directory for Domain Logons # (you need to configure Samba to act as a domain controller too.) ;[netlogon] ; comment = Network Logon Service ; path = /home/samba/netlogon ; guest ok = yes ; writable = no ; share modes = no [printers] comment = All Printers browseable = no path = /tmp printable = yes public = no writable = no create mode = 0700 # A sample share for sharing your CD-ROM with others. ;[cdrom] ; comment = Samba server's CD-ROM ; writable = no ; locking = no ; path = /cdrom ; public = yes # The next two parameters show how to auto-mount a CD-ROM when the # cdrom share is accesed. For this to work /etc/fstab must contain # an entry like this: # # /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0 # # The CD-ROM gets unmounted automatically after the connection to the # # If you don't want to use auto-mounting/unmounting make sure the CD # is mounted on /cdrom # ; preexec = /bin/mount /cdrom ; postexec = /bin/umount /cdrom [adminstuff] comment = Administrations Freigabe writeable = yes delete readonly = yes directory mode = 777 force directory mode = 777 create mode = 777 force create mode = 777 path = /share valid users = @IT-Service_glb,f996299,r997693,f992849,r992849 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Webpage problem with se.samba.org
I havent been able to find a email addresss for webpage problems. Please forward this email to the right person. The Swedish mirror se.samba.org hasnt been working for some time now. (connection refused) Could somebody please take at look at this problem. Regards Kenneth -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WINS Question?
Hi first yuo try update samba to latest from binary samba storage for redhat. (before uninstal redhat rpms and backup config.) Second check if two nmbd is running on samba machine. And last your samba must be online and not restarted when yuo power on client w2k machine to proper register in wins database. If not you must wait long time to refresh and then only try nmblookup. Bye. - Original Message - From: Martin Stacey [EMAIL PROTECTED] To: Samba [EMAIL PROTECTED] Sent: Wednesday, August 06, 2003 9:23 AM Subject: [Samba] WINS Question? I have setup my Samba server as a WINS server using the wins support = yes parameter. My remote network can see the Samba server at our head office fine. I have also setup the WINS setting on my PC (W2K Pro box) to point to the IP address of my Samba server. When I do a nmblookup -R -U IP address of WINS server name of my PC on my Samba server I get this reponse; querying pc1 on 10.1.1.251 wins_srv_died(): Could not mark WINS server 10.1.1.251 down. Address not found in server list. name_query failed to find name pc1 However, if I use the same command a query the Samba server I get this reponse; querying felix on 10.1.1.251 10.1.1.251 felix00 Why isn't my Samba server storing the NetBIOS name of my PC? BTW, I am using Samba 2.2.7 supply by RH on a RH 7.3 box. Martin Stacey IT Support Manager Safcol Australia Pty Ltd -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] A question about Samba as a PDC, Windows 2000 and the user'Administrator'
Morning everyone. I was doing some thinking this weekend about a couple of things. Basically, about the use of the account 'Administrator', the default account for Win2K. Our setup: Samba 2.2.8a with LDAP on the backend, running as the PDC. What I was curious about is how to effectively use the 'administrator' account, (the default administrator account that is used on Windows 2000) for my Windows 2000 machines that are on my network. For instance, I know I can log in with a normal user, but, what about if I wanted to log in with the administrator account? Also, if I wanted to use the 'Run as' feature that comes with Windows 2000? Would it be best to just add an account called administrator to the domain admins account? I already have a 'root' account that I use to join machines to the domain. Should I just add the administrators account to the domain admins account? Will this let me log in effectively with administrator privileges to my Windows 2000 computers as well as use the ''Run as feature? Thanks everyone. Jason -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Default ACL problem on Samba share
Hi, I have installed Samba2-2.2.8a on Solaris 8 box with ACL support (--with-acl-support). But, I am having trouble to get default directory ACL permission to work in some directories using Window NT4 machines. The files are MS access 97 databases. After setting the permission for the directory, when the files were first copied to the directory, it follows the default permission, with file attribute archive set. But, as soon as someone modify the file, the permission of the file is reverted to whatever create mask and directory mask are set, plus any additional ACL user/group setting. I notice that the modified files does not have archive file attribute any more. If archive file attribute stays, the permission will not change, which is what I want. I have tried to put inherit acls = yes in either [GLOBE] or [share] section in smb.conf file, it does not make any difference. The weird thing is that in another directory under the same share, everything works fine, with same directory permission and same file. I would like for create mask and directory mask to be applied to only those directories that does not have ACL set. Is this possible? There is no acl related parameter setting in [globe] secrion. The specific share setting is as follows: [somegrp] path = /path/to/location create mask = 0666 directory mask = 0777 read only = No admin users = +some Please help. Thanks in advance. Xiaping -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] SIMPLE smb.conf file
Hi, I have been trying to get SWAT to work so I can configure it using a GUI. But as you can see on my last message, no luck. I have tryed what seems like hundreds of different configuration schemes using smb.conf and cannot seem to get things right. Here is the situation : Local network, internet on a router/firewall. two winXP machines, two win98 machines. No domain authentication, simple windows logons. Simple shares with share based authentication. The machine i'm installing Samba on is a Red Hat 9 machine. I want to set up samba so it will ask me for username/password on each individual share, or simply make the whole shares scheme pulic. I've tried to make shares public, and no matter what I do I always get the same error : \\Serviteur is not accessible. You might not have permission to use this network resource. Contact.. blah blah. The network path was not found. Even what I try to access my linux machine using SAMBA from itself I get a similar error. ( I can access the WinXP shares from Linux ) Here is my smb.conf : [global] workgroup = 5330-1 netbios name = Serviteur server string = Samba %V encrypt passwords = yes update encrypted = yes obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password %n\n *passwd:*all*:authentication*tokens*updated*succesfully* unix password sync = yes log level = 9 log file = /var/log/samba/%m.log max log size = 0 socket options = TCP_NODELAY SO_RECVBUF = 8192 SO_SNDBUF = 8192 os level = 33 domain master = No dns proxy = No guest account = guest printing = cups wins support = yes security = share [homes] comment = Home Directories valid users = %S read only = no create mask = 0664 directory mask = 0775 browseable = Yes [webroot] comment = apache webroot path = /var/www/html public = yes writeable = yes browseable = Yes create mask = 0777 THANKS ! Martin Legris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Access denied when printing to Samba printers
[EMAIL PROTECTED] wrote: Failure: - Printing anything to said printer shares. [...] [printers] comment = All printers path = /var/local/spool/samba [...] $ ls -ld /var/local/samba/spool/ drwxrwxrwt2 root nogroup 4096 Aug 7 13:24 /var/local/samba/spool/ OMFG. The spool directory Samba was looking for was not the same as the directory I created. Correct that error, and it's all fine now. Thank you to the samba list, and Corey Hart in particular, for assisting me in seeing what was right in front of my face :-) -- Ben Finney [EMAIL PROTECTED] IT Technical Support Officer Support Centre, The Muir Electrical Company ph: +61 3 9338 4300 web: http://www.thegoodguys.com.au/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind (?) Problem ....
I can't setup Authentication between samba Win NT [EMAIL PROTECTED] etc]# net join -U Administrator%pass [2003/08/12 20:22:55, 1] utils/net_ads.c:ads_startup(176) ads_connect: Connection refused [2003/08/12 20:22:56, 1] utils/net_rpc.c:run_rpc_command(154) rpc command function failed! (NT_STATUS_ACCESS_DENIED) Joined domain TRANSVARO. [EMAIL PROTECTED] root]# What is ads_.. ? if it is related to active directory service there are an error. because I'am using NT 4.0 Domain System. so, [EMAIL PROTECTED] root]# service winbind start Starting Winbind services: [FAILED] [EMAIL PROTECTED] root]# winbindd deamon doesn't start. followed is related log file. [ log.winbindd ] = [2003/08/13 05:59:21, 1] nsswitch/winbindd.c:main(846) winbindd version 3.0.0beta3 started. Copyright The Samba Team 2000-2003 [2003/08/13 05:59:21, 0] nsswitch/winbindd_util.c:winbindd_param_init(379) winbindd: idmap uid range missing or invalid [2003/08/13 05:59:21, 0] nsswitch/winbindd_util.c:winbindd_param_init(380) winbindd: cannot continue, exiting. == [ smb.conf ] [global] Name or Workgroup-Name workgroup = TRANSVARO server string = Samba Server printcap name = /etc/printcap load printers = yes log file = /var/log/samba/log.%m max log size = 50 security = domain password server = * encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins support = yes wins server = 10.1.0.225 dns proxy = no winbind separator = \ winbind uid = 1 - 2 (this line caused an error see log.winbindd) winbind gid = 1 - 2 winbind use default domain = yes netbios name = FULYA [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes == [ System ] === Samba 3.0.0beta3 on Redhat 9.0 Windows NT 4.0 Domain System I'am new member in this list. Adnan TOPCU Best Regards, TRANSVARO Elektron Aletleri San. ve Tic. A.S. Address: Fatih Cad. Dereboyu Sok. No:12 34660 Halkali - Istanbul - Turkey Phone: +90 (212) 473 0100 Fax: +90 (212) 473 0155 URL: http://www.transvaro.com.tr E-Mail: [EMAIL PROTECTED] NOT: Bu elektronik posta mesaji gizli olup, ayni zamanda ayricalikli olabilir; sartlar ne olursa olsun, gondericinin onceden onayini almaksizin, baskalarina iletmemeniz, icerigini kopyalamamaniz veya baskalarina aciklamamaniz gerekmektedir. Bu mesajin muhatabi degilseniz, bu durumu derhal tarafimiza bildirmenizi rica ederiz. Internet üzerinden yapilan iletisim guvenli olmayip, verilerin kasten veya tesadufen bozulmasi ve virus icermesi olasiligi vardir. Ayrica, elektronik posta, resmi olmayan ve cogunlukla kisaltilmis bir iletisim yontemidir. Dolayisiyla, burada yer alan bilgi veya tavsiyelere, gonderici ile ayrica gorusmeden guvenmeniz normal sartlar altinda uygun olmayabilir. NOTE: This e-mail is confidential and may also be privileged; under no circumstances should you forward it, or copy or disclose its contents, to any other person without the prior consent of the sender. If you are not an intended recipient of this e-mail, please notify us immediately. Internet communications are not secure and subject to possible data corruption, either accidentally or on purpose, and may contain viruses. Furthermore e-mail is an informal and often abbreviated method of communication. For these reasons, it will normally be inappropriate to rely on any nformation or advice contained herein without also discussing it with the sender. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: workgroup filter
| [EMAIL PROTECTED] lib]# more smb.conf | [global] | server string netbios name workgroup security | password server encrypt passwords wins server | winbind uid winbind gid winbind enum users winbind | enum groups winbind separator winbind use default | domain winbind cache time password level username | level | [tmp]path browseable writable public create mode | directory mode | | as you can see pretty normal settings Huh? Depends upon what you define as normal. Have you RTFM? Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Gerhard Schaller/HOL_DV/Kuester/DE istaußer Haus.
Ich bin außer Haus und für Sie leider nicht erreichbar in der Zeit vom 09.08.2003 bis 31.08.2003. Much to my regret I'm not in the office in the time from 09.08.2003 to 31.08.2003. Ich werde Ihre Nachricht nach meiner Rückkehr beantworten. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Slow Windows XP shared browsing.
On Mon, 2003-08-11 at 17:51, Mark Ford wrote: Home many users and what kind of Hard Drives in your server? I have a p100 server that comes up very quickly - i suspect a network timeout. Do you have a firewall set up ? You might be disallowing connections on 445 thus causing a timeout and reconnection on 139. I think you can force the client to avoid 445 (not sure about that) You'll want to have a look at the logs to see exactly what is happening on the server during the time your client is hung. brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Slow Windows XP shared browsing.
I've got some more info. I've tried Fooling around with Netbios setting and some of the dns services on xp client but nothing seemed to work. What I did find to work is this when the window freezes. Open task Manager and end task on My Computer. Then click file and Run New and type explorer to load up the desktop again becuase you ended it. Then browse the share and everything is good. Don't understand it and that's realy not a fix for the problem. Just thought I'd let you know. Matthew Scarrow ComIT Solutions Inc. www.comit.ca Paris: 519-442-0100 Brantford: 519-750-0933 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Plea for Help with Slow Roaming Profiles
Thus spake Matthew Scarrow ([EMAIL PROTECTED]) [12/08/03 10:53]: I just found out that the service WebClient on XP machines was causing about 10 minute delays when trying to browse the shares this may be the same problem you coming up against but in a diffrent situation. Try disabling WebClient service on you XP clients and see if that makes a diffrence. Thanks! I'll give this a shot. I also know that you need to fully disable EAP as well, as it can cause problems with network browsing. Just make sure that all checkboxes are disabled, and not grayed out. sigh -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] cups addprinter fails dos error 0x00000013 (Samba 3b3)
Hi As per subject line... Samba 3 beta 3 installed and functional (e.g. appears in browse lists on windows, shares accessible etc.) on SuSE 8.2. CUPS 1.1.18 configured and functional, cups drivers installed. Using cupsaddsmb results in failure with DOS code 0x0013: Running command: rpcclient localhost -N -U'root%**' -c 'adddriver Windows NT x86 coloura3:cupsdrvr.dll:coloura3.ppd:cupsui.dll:cups.hlp:NULL:RAW:NULL' result was DOS code 0x0013 Attaching with rpcclient and running adddriver results in same error. The print$ subdirectory W32X86 is created, but not the expected 2 one. The cups drivers are successfully copied into W32X86, as is the ppd. Any thoughts? If further information is needed, let me know. smb.conf below. Regards Chris Puttick [global] workgroup = TRINITY netbios aliases = zulu2 server string = security = SHARE map to guest = Bad User log level = 1 syslog = 0 time server = Yes unix extensions = Yes socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY printcap name = cups os level = 2 wins support = Yes idmap uid = 1-2 idmap gid = 1-2 printing = cups veto files = /*.eml/*.nws/riched20.dll/*.{*}/ [homes] comment = Home Directories valid users = %S read only = No create mask = 0640 directory mask = 0750 browseable = No [printers] comment = All Printers path = /var/spool/samba printer admin = root create mask = 0600 guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = root # force group = ntadmin create mask = 0666 guest ok = Yes [clcrechp2100] comment = HP2100 path = /var/spool/samba printer admin = root read only = No create mask = 0600 guest ok = Yes printable = Yes printer name = clcrechp2100 oplocks = No share modes = No [coloura3] comment = HP Colour Laserjet 8550DN path = /var/spool/samba printer admin = root read only = No create mask = 0600 guest ok = Yes printable = Yes printer name = coloura3 oplocks = No share modes = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] joining a samba pdc domain
The thing is nothing comes up in my logs at all, im posting my smb.conf below. Ive added and deleted and added again my machine and user accounts, when joining a domain from a win2k box, I actually DO get through to the domain, but it then turns away my root log-in (for first time) my smbpasswd file is in the right place and looked up ok! [global] ;basic server settings workgroup = radhakrishnan netbios name = monster server string = Samba PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 ;PDC settings os level = 64 local master = yes domain master = yes preferred master = yes domain logons = yes ;security and logging settings security = user encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 max log size = 50 hosts allow = 129.105.38.33 129.105.38.9 129.105.11.202 ;user profiles and home directory ; next line is 9x/ME specific logon home = \\%L\%U\.profile logon drive = H: logon path = \\%L\profiles\%U ;netlogon logon script = netlogon.bat #shares=== [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no -- Forwarded message -- From: Howard Miller [EMAIL PROTECTED] Date: Wed, 6 Aug 2003 15:15:18 +0100 Subject: Re: [Samba] joining a samba pdc domain Sorry... forget that bit about 2nd point - I can't count! Also, have you found and checked the logs yet? Does anything get written to the log when this fails? It usualy does. H. On Wednesday 06 Aug 2003 3:10 pm, Howard Miller wrote: Errmmm http://samba.mirror.ac.uk/samba/docs/man/Samba-HOWTO-Collection.html#AEN140 2 second point maybe. H. On Wednesday 06 Aug 2003 3:07 pm, you wrote: On Wed, 6 Aug 2003 09:42:05 +0100 Howard Miller wrote: What exactly do you mean by it then fails, what exactly happens. Just a thought - have you tried rebooting the machine and logging in as the local administrator before you try joining the domain. yes It won't work if there are shares open. no share open what i mean is that after sending the root name and password, i get an error message saying the windows was unable to contact or join the domain. I think it is basically telling me that it can't authenticate my root password, but i have added root to my smbpasswd several times! H. On Tuesday 05 Aug 2003 8:53 pm, [EMAIL PROTECTED] wrote: dear all, i will outline the problem im having before posting my smb.conf, just in case someone knows what to trouble-check. i have a samba PDC set-up, no firewalls, the windows machine WILL mount the shares fine, but it wont join the domain. I mean that I have entered the machine name as a trust account into both passwd and smbpasswd, and when I join the domain in win2k, it actually asks me for my username and password, and i enter my root name and password. however, it then fails. I cant figure it out, everything else works, except the final authentication to allow my win2k machine join the samba domain. 1) what ./configure options MUST be set? 2) what's the minimum global configuration? 3) what's the minimal win2k settting (i disabled WINS and set-up the LMHOSTS file to have one line, which is the samba server) thanks Sam Seaver -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] DID IT! - Samba 2.2.8a+LDAP+PDC
On Sat, 2003-08-09 at 05:33, Beast wrote: How many clients? 42 How many domain? 1 down 2 more to go :) How many site? will be 3 total Any req. for wins replication? not there yet but this is well documented and should be easy. Is ther any 'special' requirement such as password complexcity, account lockout after x bad attemps, logon from x ws etc? I don't enforce these policies. Not required in my environment. This *can* all be set up in LDAP though if that's your question. -- Scott -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind timeouts
-Original Message- From: Gerald (Jerry) Carter To: Chris Douglass Cc: [EMAIL PROTECTED] Sent: 8/7/2003 11:11 PM Subject: Re: [Samba] winbind timeouts -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 4 Aug 2003, Chris Douglass wrote: Hello, I have tried posting to comp.protocols.smb with no luck. Please help. I am running: Slackware 9.0 (x86) kernel 2.4.21 samba 3.0b3 MIT kerberos5 v1.2.7 I am testing samba 3.0b3 as part of migrating my site to Active Directory. Compiles/installs OK. When winbindd is started, it looks for the list of trusted domains and then queries those domains for user/group info. When I have the samba3b3 box joined to an NT4 domain, it takes about 15 minutes to get this info from all domains. (roughly 6+ user accounts in many domains.) When the machine is joined to the AD domain, though, it gets list of IP's for each domain on servers it can try to get the user/group data from. Many of the IP addresses it is obtaining are bad in almost every domain it contacts (cannot nslookup, ping, traceroute, or query WINS with any results). Winbindd just sits there until it times out, then tries the next one. The problem is that it takes many HOURS of waiting to get a full list generated so that I can run 'getent passwd'. Then I have to start the wait all over again so that 'getent group' works also. Once winbindd is queried, the test box is useless from the network until it's done (including plain Linux stuff like ssh) Everyting is fine at this point until I restart winbindd, then the whole thing starts over again. you have a DNS or name server problem. Fix that. Since posting I have come to this conclusion also. My local domains are no problem. Another IT dept is in charge of corporate wide DNS, and does not allow AD zones to be replicated upstream. Therefore AD DC's have an A record (authoritative) at the Corporate DNS servers, but no SRV records. I'm planning on fixing this by slaving zones from the other AD sites. Unfortunately the real problem domain is NT4. These are my questions: I thought that winbindd was supposed to cache all this info. Why doesn't it read the cache when it's restarted instead of getting new information? It does cache, on disk cache works well but does not contain everything. failed connection caches are in memory so they are reset upon restart. Once we get a connection we hold onto it as along as possible. Is there something that can be done to tell winbindd not to try to query servers that aren't actually up? Fix your name service. Where is this list of IP's coming from? Are these a bunch of dead accounts being reported from some Server Manager on a PDC? Are you using security = ads? Probably from a SRV record in DNS for _ldap._tcp.your domain Yes I am; but the offending domain is not AD. With an NT4 domain, this would be WINS only, right? I have 4 corporate wide WINS servers available to me. If I do 'net lookup dc PROBLEM_NT4_DOMAIN' I get a list of 24 IP's. Almost 1/2 of them have no entry in DNS, and 'wbinfo -I' also show no hostname. Barring a bad master browse list, where else can this come from? Thanks again, Chris cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/Mz8GIR7qMdg1EfYRAuS+AKCRJWTjlRuBYBHLiIOGONLFrGSIYQCgmym6 OnKHww+qn+qLZFWpndQ0cmU= =89ow -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't access shares after Win2k client reboot
I have a RedHat 7.2 (2.4.9-13) box running Samba (2.2.7). The box is a PDC for a couple of Win2k Pro SP4 boxes and serves a couple of shares. My problem is that, after rebooting a Win2k client, the client can't access the shares any more. If I try to access the shares, I am presented with a logon dialog which won't accept any domain userids/password. I checked the log files and noticed a couple of things that I feel might be relevant: - change_to_user: Invalid vuid used 100 - references to the userid guest. I am logging on to the Win2k client with a userid that is not a guest account. If I restart Samba (service smb restart) then everything goes back to normal, until the next time I reboot the Win2k box. Any suggestions appreciated. MV Do not send e-mail to the above address. I do not read e-mail sent there. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Different Printer Model for different Arch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Aug 2003, Ryan Novosielski wrote: But I guess the real question is, is there any way to modify the driver distribution that won't cause any trouble that will get the names to be the same, or must I wait for HP to repair the problem? Depends on the driver really. You can experiement on the INF file (like you did) but there might be other strings as well. The other alternative is to create 2 printers in smb.conf (one for win9x driver and one for NT/2k driver). cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/ORmLIR7qMdg1EfYRAsaSAKDJQI29sxqD42a/2nPC0FYPa9lAkACfe4bD 0dl8tqv+HQXW9DUEi2Fo+Hc= =ARqU -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Confusing - Migrating from 3.0-Alpha21 with ldapsam to3.0-Beta3 with ldapsam.
Hello list. To migrate from Samba 3.0-alpha21 to Samba 3.0-Beta3, I don't really know what has te be done. Believe me, I read all the docs and stuff. I read the samba schema for openldap has changed and that the smbldaptools, which I use to add machine and user accounts, do not support this new schema. But I also read about smbpasswd that it is able to do all this stuff now? Sorry, I just lost track of it all... Please help me. Kind regards, Eddie Lania. Elton B.V. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba3+KBC
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 4 Aug 2003, Jan Peuker wrote: Hi list, I run a Samba-3.0.0beta3 / Heimdal-0.6 system and want it to be the BDC of our Win2003-controlled domain. The reason is that we had to move from our perfectly working samba-PDC to a windows system and I want to keep the user profiles on the old, but stronger, Linux box(now on SuSE8.2). I get(kinit) a ticket of the Win2003 without any problem, even for admin users. But If I try to connect via smbclient(pam is set and configured, the option -k doesn't change anything) from the Linux to the Win2003 I get a NT_STATUS_MORE_PROCESSING_REQUIRED (and yes, accoring to the changes from beta2 to beta3 I think I _have_ a valid ticket). In Effect, I want every user to acces its shares on the old linux box like before but authenticated via the Win2003. Does anybody know what I'm doing wrong? Please retest with the latest SAMBA_3_0 cvs. We now have smb signing support so that we'll work with win2k3 out of the box. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/Mz6eIR7qMdg1EfYRAgsoAJ9SB8P/ucM18nwM6Sc7uSnpZIkZ5wCfZuWP HKTs/spEv3qhEXTNar6MzqU= =0QKY -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RES: [Samba] Manage user policy
I am interested in this too, but what I realy want is to lock the user account after a number of bad logins. The pdbedit tool that comes with samba 3.x suite does exactly what we want but it did not work for me. I set the number of bad logons to 3 using: pdbedit -p bad lockout attempt -C 3 When testing this trying to logon using bad password 3 times samba does not lock the account. But I think it should work for password's. Didn't test yet. Take a look at these docs http://samba.vernstok.nl/htmldocs/pdbedit.8.html http://marc.theaimsgroup.com/?l=samba-technicalm=105224209732235w=2 Luck for all! -- Fernando Henrique Ribeiro da Silva -- -Mensagem original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Em nome de John H Terpstra Enviada em: terça-feira, 12 de agosto de 2003 14:26 Para: Kaspars Cc: Samba Mailing List Assunto: Re: [Samba] Manage user policy On Tue, 12 Aug 2003, Kaspars wrote: Hi all, I interested in use Samba as PDC, but I want user account policy, that users use password not less than 8 symbols and users must change their password every 30 days... I search trough google, try little reading of many manuals, but didn`t find my answer... only what many people are interested in that too. btw, some ppl say that it can be done with new samba-3 and ldap, how, manuals? This can be done with Samba-3. You can set the password policy using: 1. Unix command line too is: pdbedit - see man page for pdbedit 2. Microsoft SrvTools.exe - can be installed on NT4 Workstation, Windows 200x / XP - use the Domain User Manager 3. Microsoft NEXUS.EXE - use this for domain management from Win 9x/Me - use the Domain User Manager - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0 PDC+LDAP
Damian Gerow wrote: What did you do to set up groupmapping? Nothing yet. I'm moving from the smbpasswd backend, and it 'just worked' in there. That's why I was asking for some docs -- I'm sure this is something that I'm missing, but I just don't know what. for docs look at SAMBA-HOWTO-Collection (part III 12) If I do /any/ sort of group mappings at all, I get this: What did you exactly do? [2003/08/10 21:45:44, 2] lib/interface.c:add_interfac79) added interface ip=192.168.42.11 bcast=192.168.42.255 nmask=255.255.255.0 [2003/08/10 21:45:44, 2] lib/smbldap.c:smbldap_search_domain_inf1228) Searching for:objectClass=sambaDomainsambaDomainName=SENTEX))] [2003/08/10 21:45:44, 2] lib/smbldap.c:smbldap_search_suffi1056) smbldap_search_suffix: searching for:objectClass=sambaDomainsambaDomainName=SENTEX))] [2003/08/10 21:45:44, 2] lib/smbldap.c:smbldap_open_connectio623) smbldap_open_connection: connection opened [2003/08/10 21:45:44, 2] passdb/pdb_ldap.c:ldapsam_search_one_grou1619) ldapsam_search_one_group: searching for:objectClass=sambaGroupMappingdisplayName=Domain Adminscn=Domain Admins)))] NT Group Domain Admins doesn't exist in mapping DB [2003/08/10 21:45:44, 2] utils/net.c:mai683) return code = -1 So I'm not sure what it's looking for in LDAP -- something with a cn of Domain\ Admins? But where? And why can't I add the group via 'net group add'? Whats the error when trying 'net group add'? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] DID IT! - Samba 2.2.8a+LDAP+PDC
On Sat, 2003-08-09 at 07:23, Markus Amersdorfer wrote: On Sat, 9 Aug 2003 19:28:41 -0500 PHELPS, SCOTT [EMAIL PROTECTED] wrote: Hi! I even kept the same: domain name and old PDC NetBios name. The trickiest part was getting all of the users to keep their same profile, but I managed that by cloning the RID and Lanman/NT hashes for the user accounts. Could you tell us, how you managed to keep the same domain name and the old PDC's NetBios name? (I always thought that a (NT4-)PDC can't be demoted to anything less than a BDC without re-installing the whole thing. This combined with Samba 2.2 not being able to handle BDCs would render it impossible to keep the old domain/NetBios names... but it galdly seems I was wrong!?) Many thanks in advance!! Cheers, Max I didn't demote the PDC to a BDC. I used the rpcclient utility to get the SID for the domain. Like this: [EMAIL PROTECTED] rpcclient YOUR_PDC -U administrator Enter Password: session setup ok Domain=[YOURDOMAIN] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] rpcclient $ lsaquery domain YOURDOMAIN has sid S-1-5-21-1363377815-237862100-1307212239 rpcclient $ quit You then use smbpasswd -W to force your Samba server to use this SID Keeping the NetBIOS name is not an issue, just copy all your shares from the old PDC over to Samba and you dumb windoze clients won't even know the difference! -- Scott -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems with adding Windows printer drivers to a Sambabox
Chris Nolan wrote: Hi all! Here is an interesting problem: I have installed Mandrake 9.0 on two server boxes, both of which are running very happily and have been for a year now (and a year or two before that on earlier versions of Mandrake). I was able to successfully add printer drivers to one of these boxes (as it was the only one running Samba at the time, called MAIN) without any problems. Yesterday, I had to install some drivers for a Toshiba photocopier (for all those considering Toshiba photocopier purchase/rental for network printing *DON'T*. Their drivers are horrible, unstable bodies of code). On the existing Samba box and on the new one (with security = domain pointing at MAIN), I could not add the driver. It turns out that one of my administrator friends had previously added the driver to the MAIN box, after setting the following options on the [Printers] and [print$] shares: nt acl support = no write list = list of users read list = list of users Apparently, this resulted in the Toshiba driver spewing method call failures to the screens of the workstations. He cleaned that up and deleted the printer driver files from MAIN (but not the driver). I have since used rpcclient to remove the driver entry. Now, whether adding to the MAIN box or the newly setup Samba instance (on a box called GRUNTMASTER), I always get Operation could not be completed when attempting to add the driver. The logs show that Samba's conversation with the client attempting to add the driver results in a service (along the lines of ::{a34af-25df4-cdf4a-a65gc}) not being found. This is probably completely unrelated, but -- this isn't one of those Toshiba copier/printer with two different possible controllers, is it? In other words, are you *sure* you have the right driver? I ask, because I have pulled my own hair out over this issue. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] admin users problem
Hi all, I supposed to assign user tom as admin user. But tom cannot login this section except I put him in the valid users. Here's the public section : [public] valid users = peter mary admin users = tom 1) How could I let him login ? 2) test this admin features? Ant - Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] make_server_info_info3: pdb_init_sam failed?
Trying toi run Debian/Unstable against an AD domain. Computer is joined to domain, but any operation yields this. Any hints? == log.nwl105 == [2003/08/07 14:13:06, 0] auth/auth_util.c:make_server_info_info3(983) make_server_info_info3: pdb_init_sam failed! [2003/08/07 14:13:20, 0] auth/auth_util.c:make_server_info_info3(983) make_server_info_info3: pdb_init_sam failed! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User directories and groups usage
At 10:30 14-8-03 -0700, you wrote: Morning everyone. I was playing around today with our PDC setup. One thing I noticed is that when I setup users to have their 'My Documents' directory be /home/user everything works well. One thing I noticed is that the directory, subdirectories and files have the owner of the user and the group as per assigned, and permissions as 700. If I wanted to set it up so a specific group would get assigned the group for everyones /home/user as well as specific permissions, would I need to add something like the following to my smb.conf, under the homes section: [homes] comment = Home Directories browseable = no writable = yes force group = daffy force create mode = 770 This would make a file readable, writable AND executable for user/group owning the files I would use: create mask = 660 This wil not make files executable. force directory mode = 440 This would make the directory readable only - not executable, so you can't see what's in it and its not writable. I would use: create mask = 0770 Which should set the group to 'daffy' for all files and directories created as well as set the new files with 770 and new directories as 440. That look about right? nope - see above - may I ask how you got to 770 and especially 440 ? To better understand this have a look at: http://www.ctssn.com/linux/lesson6.html Greetz, Cor Lem -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba vs. Windows : significant difference in timestamphandling ?
From:Dragan Krnic [EMAIL PROTECTED]12.08.2003 20:31 Please respond to dkrnic To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject:Re: Samba vs. Windows : significant difference in timestamp handling ? ... | Now a different user views the file. (Different | means, his username on the Options-dialog in any | Office-Application is different.) Can be faked by | simply changing username in options-dialog in Word | e.g in the same session. Why would you do that? This is for your convenience when trying to reproduce this behavior. Of course we do not change this option in normal business. It´s only to make clear that it´s not somthing like User-Profile/registry/rights problems ! Powerpoint must be restartet again, after the change was made.Same session refers to user-session, not PPT-Session. I mention this because I had the situation where different users with the same name (Administrator, which is the default setting in TSE environments)could not reproduce this behavior when looking at each other´s files. So the important difference that makes the fuss is an access with a different username in the Office-related registry branch, not a different userprofile. | while file is open: | Test.ppt mtime-12:49:16, ctime-12:49:16, atime-12:49:16 | | ps, looks like a new file ... | | after file is closed: | Test.ppt mtime-12:49:16, ctime-12:49:16, atime-12:49:16 | | ... still looks new to me ! Not my experience. Even after doing the fake number the mtime remains unmodified, atime gets changed, of course, and, what was not quite to expect, so does the ctime. restarted ppt ? see above ... Probably because, should the other user have changed anything and re-saved the file it would have belonged to him now. So PPT first changed ctime when it was quasi given over to the new user and then it changed back to original owner again when it was clear that the other user wouldn't commit his changes. Does belongs to him mean that he became owner of the file ? The owner (user and group) did not change. At no time. The file is (and was ever) owned by the creator. The given examples did not document this, sorry. | Now the same procedure again, | same environment except the file is stored on a | Windows2000 Workstation (with NT file system | tunneling disabled) | | file create: | size on disk: 8.192 bytes | created 15:48:36 modified 15:48:36 accessed 15:48:36 | | viewing by the same user | while file is open: | size on disk: 8.192 bytes | created 15:48:36 modified 15:48:36 accessed 15:48:36 | | file closed: | size on disk: 8.192 bytes | created 15:48:36 modified 15:48:36 accessed 15:48:36 | | O.K. that´s almost the same behavior that samba | shows. (Except that on windows, the file doesn´t | even look accessed) This can't be. But if it works like this, then it is a bug in MS Windows. Or a feature, if you so will. Can you confirm this behavior ? (Even if it can´t be ...) The access-time in Windows is not modified, when a file is copied. PPT locks the file and creates a copy in the user´s local temp-folder, works on it and then (when sth. is changed) replaces the original file with some modifications to the timestamps. (e.g. preserve original creation time) That´s what i observed, no evidence ... | | Question 1: | Can somebody please confirm this behavior ? ... never ran into any problems. Perhaps because we use reiserfs ... Might be a point ... | Question 2: | a) Does anybody know how the timestamp is changed | (File system API, System API, magic spell ...) and | why this mechanism fails on Linux/Samba/XFS ? | (dos_filetimes parameter already set to yes) Leave dos filetimes alone. They're about another bug in MS FAT where they tried to squeeze the time in too narrow a bit space so that they had to drop the lsb in effect counting only the even seconds of a day. Ooops, have a closer look: (excerpt from the samba-doc) dos filetimes (S) Under DOS and Windows, if a user can write to a file they can change the timestamp on it. Under POSIX semantics, only the owner of the file or root may change the timestamp. By default, Samba runs with POSIX semantics and refuses to change the timestamp on a file if the user smbd is acting on behalf of is not the file owner. Setting this option to yes allows DOS semantics and smbd will change the file timestamp as DOS requires. You shurely speak about dos_filetime_resolution. ... On my PCs the mtime remains unmodified. It's a weird thing if it happens under normal circumstances ... But if it only happens when you fake the identity from within the Office programs, well, I wouldn't bother really. I totally agree ! Thanks for your efforts an time spent so far. Frank -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3beta3 and NETAPP filer - cannot join domain [long]
Hi, when trying to get a Netapp filer (multi protocol) to join a domain controlled by samba 3.0.0beta3 with ldapsam backend, I ran into a small problem - the filer won't join the domain. So we set up another server with samba 3.0.0beta3 using tdbsam(?) as the passwd backend - and lo, the filer is able to join the domain. Both joins are NT4 joins - as the filer doesn't (and can't) find a _ldap service description in our DNS :) The LDAP driven samba server is just working fine otherwise, leaving more riddles for me. The filer in question is a Netapp F810 with OS 6.3.1R1, OpenLDAP is at version 2.1.22. A user root with uid 0 and sambaSID S-1-5-21...-1000 is available in the LDAP Directory, joining normal Workstations with root's credentials is possible. The filer's root account has the same credentials, Administrator, administrator and admin are mapped to the root account via user map in smb.conf (which does not make any difference at all). Sorry, this is going to be a long mail, I hope no one'll be angry because of me flooding the mailing list. But as I've been searching for the last week without getting *any* references to the problem I'm facing here, I hope that you'll understand (and someone has at least a hint for me in which direction further enlightenment might be found). Here are the relevant config file sections and logs, both at log level 5. If more information is needed I at least can offer logs from the ldapified server with higher loglevels. Because of length I edited the log files without leaving out relevant stuff (at least I do hope so). I can make *full* logfiles available via web if someone needs those. This is the smb.conf of the working server: | # Default setup to allow all from system to login if the account is | # on the system or using service homes | [global] |netbios name = TESTPDC |workgroup= NETAPP |smb passwd file = /opt/private/smbpasswd |os level = 65 |preferred master = yes |domain master= yes |local master = yes |security = User |encrypt passwords = yes |domain logons= yes |logon path = \\%N\profile\%u |logon drive = H: |logon home = \\testpdc\%u |logon script = logon.cmd |add user script = /usr/sbin/useradd \ | -d /dev/null \ | -g 100 \ | -s /bin/false \ | -M %u |wins support= yes |kernel oplocks = No |level2oplocks = No | | [netlogon] | path = /opt/samba/netlogon | read only = yes | guest ok = yes | write list = ntadmin,admin,root And this is the one of the other server: | [global] | workgroup = HAMMNEU | os level = 255 | kernel oplocks = No | netbios name = kytherea | security = user | encrypt passwords = Yes | guest account = nobody | map to guest = Never | null passwords = yes | domain master = yes | domain logons = yes | preferred master = yes | passdb backend = ldapsam:ldap://kytherea.br.de/ guest | ldap suffix = dc=br-online,dc=de | ldap admin dn = cn=Admin,dc=br-online,dc=de | ldap ssl = start_tls | ldap user suffix = ou=People | ldap machine suffix = ou=Computers | ldap group suffix = ou=Groups | ldap passwd sync = yes | log level = 5 | # idmap backend = ldap://kytherea.br.de/ | # ldap idmap suffix = ou=idmap,dc=br-online,dc=de | # idmap uid = 1-5 | idmap gid = 500- | ; add user script = /usr/local/sbin/smbldap-useradd.pl -m -d /dev/null -s /bin/false -g 1000 %u | interfaces = 10.65.33.52/255.255.255.0 | wins support = Yes | server string = Domain-Controller HA-Multimedia | time server = Yes | logon script = netlogon.bat | logon path = \\%L\profiles\%u | logon home = \\kytherea\%u | [netlogon] | comment = Network Logon Service | path = /var/lib/samba/netlogon | create mask = 0600 | directory mask = 0700 | browseable = No | read only = No | write list = ntadmin,admin,root This is what happens on the filer when trying to join the domain (this is the failure case, otherwise it just happily joins the domain) :) | filersin cifs setup | Enable CIFS access to the filer by a Windows(tm) PC | Your filer is currently only visible to PCs on the same net. | Do you wish to make the system visible via WINS? [no]: | This filer is currently configured as a Multiprotocol filer. | Do you want to configure this filer as a NTFS-only filer? [no]: | This filer is currently a member of the domain 'FILER' | If you want to change the name of the filer, or change | the filer's domain membership, you must delete its | existing account information. | Do you want to delete the existing filer
Re: [Samba] resuming downloads
Is there a linux version? (sorry, should've said; running debian unstable on kernel 2.4.21 with smbclient Version 3.0.0beta2-1 for Debian) Thanks again, Joel On Sun, 10 Aug 2003 [EMAIL PROTECTED] wrote: Is there a way to use smb to resume downloads of files from where it left off? And if so, how? Thanks, Joel -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba http://www.roeder.goe.net/~koepi/smbdownloader.html will do the job -- COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test -- 1. GMX TopMail - Platz 1 und Testsieger! 2. GMX ProMail - Platz 2 und Preis-Qualitätssieger! 3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] VMware and samba interoperability patches...
Has any progress been made about integrating the VMware samba-2.2.8a patch? VMware Inc was generous enough to add their value to this, and I think it's worth getting in. From [http://www.vmware.com/download/open_sources.html]: http://www.vmware.com/download1/software/support/vmware-samba-2.2.8a.diff Please CC me on any replies. Thanks! -- Daniel J Blueman COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test -- 1. GMX TopMail - Platz 1 und Testsieger! 2. GMX ProMail - Platz 2 und Preis-Qualitätssieger! 3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NetBIOS over ipsec using samba
I add info about browsing with only wins browsing all maybe not work. Wins suplied name to ip resolving system but not browser. Then in global section of your one samba use remote browse sync = as writed in samba man page. That works if your sambas is master browser on subnets. Thats all folks. - Original Message - From: Scott Shackelford [EMAIL PROTECTED] To: Eric A Rasor [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 06, 2003 10:59 PM Subject: RE: [Samba] NetBIOS over ipsec using samba I do use IPsec VPN with SAMBA with many locations. This it with both Firewall to Firewall VPN with 2 Sonicwalls, Firewall to Firewall with Sonicwall on one side and Netopia 9100 Router connected to a cable modem on the other. And Sonicwall firewall to Sonicwall VPN. In every scenario one thing is need in order to get things to work properly and this is a WINS server. Make sure every machine points to you WINS server (of course SAMBA can act as one and works very well.) This is due to NetBIOS broadcast will not go past any router. Since a looks like a router to NetBIOS, it will not be able to see machines in your network neighborhood unless you and the other machines are using the same WINS server. Once this is fixes, exchange server and domain logins will work fine. -Scott Shackelford -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Eric A Rasor Sent: Wednesday, August 06, 2003 4:34 PM To: [EMAIL PROTECTED] Subject: [Samba] NetBIOS over ipsec using samba I am sure someone has had success getting NetBIOS names to transfer from one side of a VPN to the other, but I'm not that person (yet). I have read all available documentation and newsgroups and have exhausted my patience. I have a linux box running 2.4.21 kernel with Freeswan on each end of a VPN (its working). I have Arno's iptables firewall installed on each end (It is working). I have samba 2.2.8a running on each of those machines (it is working). But for the life of me I can't get the settings correct using swat to make them exchange information. Here are the basic questions that I have which have been answered in mailing lists but with different answers (sometimes very opposite of each other). Some of the answers to these questions will eliminate the need for answering the others, I know... But please do, since I have not had any sleep for 4 days. 1. Does anybody have this scenario running successfully? Can I see your configuration? 2. Can the workgroup on each side of the VPN be the same? 3. Can the domain (Exchange Server) on one end have the same name as the workgroup? 4. Am I going about it wrong if I have the Exchange Server running on one side? 5. Should I just give up and write out big nasty lmhosts definitions? Thanks in advance ER -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba pdc w/2nd samba file server fails
folks, we have a samba pdc that is working well. we added a second samba file server as a member of this domain, but when trying to access the file server from a windows client we get the following error message on the windows client: incorrect password or username unknown and on the samba server, in the client-host's log: [2003/08/11 10:30:02, 0] smbd/password.c:domain_client_validate(1549) domain_client_validate: could not fetch trust account password for domain CAI the smb.conf file looks like this: security = domain password server = moe encrypt passwords = yes guest account = nobody local master = no domain master = no preferred master = no workgroup = CAI hosts allow = 192.168.100. i am unable to find how to setup a trust relationship between these 2 samba servers. is this possible, or do i have to use a local smbpasswd file? your help is appreciated... thanks, daryl -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: \\_SPAM_// [Samba] DID IT! - Samba 2.2.8a+LDAP+PDC
On Sat, 2003-08-09 at 01:02, Joshua Schmidlkofer wrote: Can you outline the process of getting LDAP working? I have failed in such attempts thus far. js Tell me specifically where you are running into trouble, and I'll be glad to help. -- Scott -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Upgrading Question...
Hi All, I'm running portupgrade on samba (FreeBSD box) and came across something I don't recall seeing when I initially installed it last year... lqqq configuration options k x x x Please select desired options: x x lqqk x x x [ ] syslog With syslog support x x x x [ ] ssl With ssl supportx x x x [ ] ldap With LDAP2 support x x x x [ ] nocups Without CUPSx x x x [ ] acl With ACL supportx x x x [ ] utmp With UTMP support x x x x [ ] msdfsWith MSDFS support x x x x [ ] quotaWith Quota support x x x x [ ] recycle With Recycle Binx x x x [ ] auditWith Audit x x x x [ ] winbind With Winbindx x x x [ ] wbauth With Winbind Auth Challenge x x x mqqj x tqqu x[ OK ] Cancel x mqqj I think I know what most of these do, but just to be safe how can I confirm what my current install is/was? This is an in-use machine, so I want the upgrade to be as smooth as possible... PS. I'm going from 'samba-2.2.6.p2_1' to 'samba-2.2.8a'... TIA Steve -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba v3b3, SuSE 8.0 enterprise, heimdal 0.6,openssl ADS issues
Hi again all, I'm trying to get samba 3b3 working with ADS on Suse 8.0 enterprise. I've installed heimdal kerberos 0.6 with openldap support. Now when I did that, I used the configure options of: ./configure --with-openldap=/usr/local/bin --with-openldap-include=/usr/local/include --with-openldap-lib=/usr/local/lib --enable-shared=yes there's another config option of --with-openldap-config with a note of ldap config utility What the devil is that? I can't seem to find any info on it, so am not sure if that's my problem. Anyway, when compiling samba v3b3 I get this error: Compiling libsmb/clikrb5.c libsmb/clikrb5.c: In function `krb5_princ_component': libsmb/clikrb5.c:398: warning: assignment discards qualifiers from pointer target type Compiling libsmb/clispnego.c with -fPIC looks dangerous. Than when I try a net ads join, I get: linux:/home/packages/samba-3.0.0beta3/source # bin/net ads join -U [EMAIL PROTECTED] [EMAIL PROTECTED] password: [2003/08/13 13:04:14, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267) krb5_cc_get_principal failed (No such file or directory) [2003/08/13 13:04:14, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274) krb5_get_credentials failed for [EMAIL PROTECTED] (Unknown error -1765328343) [2003/08/13 13:04:14, 1] utils/net_ads.c:ads_startup(176) ads_connect: Server is unavailable Now, the fix for the same problem under BSD (thanks to WIll Froning) is to compile kerberos with ldap support, which is why I'm not sure if the kerberos is compiling ok. Also, when I compile samba 3b1, I don't get the compile error and the net ads error is: suseserver2:/var/log/samba # net ads join -U [EMAIL PROTECTED] [EMAIL PROTECTED] password: [2003/08/13 10:14:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267) krb5_cc_get_principal failed (No such file or directory) [2003/08/13 10:14:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274) krb5_get_credentials failed for [EMAIL PROTECTED] (Unknown error 2529638927) [2003/08/13 10:14:26, 0] libads/ldap.c:ads_join_realm(1352) Host account for suseserver2 already exists - deleting old account [2003/08/13 10:14:26, 1] libads/krb5_setpw.c:ads_krb5_set_password(529) krb5_get_credentials failed (Unknown error 2529638927) ads_set_machine_password: Unknown error 2529638927 Notice, it actually lets me add the machine! Also, either machine, the 'net ads lookup' command works fine, as does klist, and kinit. Any ideas? Many thanks -Brian Otto -- The opinions expressed herein are my own and do not necessarily reflect those of my employers -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Production release date for samba 3.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Aug 2003 [EMAIL PROTECTED] wrote: I have to upgrade a number of samba servers to version 3 to fix an issue with NTLMv2. Our company is rolling out new XP desktop's (approx 2000 users) and have enforced a security policy on the XP clients of NTLMv2 only...sigh. I have setup a test server with 3.0 beta3 and verified that it works ok, I was wondering what date we could expect a production release of samba 3, or do/will any samba 2.x releases support NTLMv2. Real soon now. We are planing RC1 for this Friday. We'll have to see how that goes but I would expect at least one additional RC (but hopefully not much more than that). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/OLSVIR7qMdg1EfYRAksdAJwKM6518tFAkX+Xtulpm8tAJId9+ACgvkZd bRAZ1yRhveALIMqJJJoruDE= =/lg7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] porting samba client on Symbian OS
Hi. I want to port Samba Client (SMB/CIFS and NetBIOS) on Symbian OS. Samba code latest contains both client and server. I want details samba client files or directory and other necessary information. Regards ananda **Disclaimer Information contained in this E-MAIL being proprietary to Wipro Limited is 'privileged' and 'confidential' and intended for use only by the individual or entity to which it is addressed. You are notified that any use, copying or dissemination of the information contained in the E-MAIL in any manner whatsoever is strictly prohibited. *** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0b3: Cannot add machine to LDAP database
To my knowledge, the IDEALX perl scripts found in /usr/share/samba/scripts have not been updated for the new schema. The script setting used for adding a machine is typically set to use one of these. Could this be the problem? Jim C. Gonçal Badenes wrote: I am unable to add a machine to samba-3.0.beta3 running as a PDC. If I try to add the account manually I get the following errors: [EMAIL PROTECTED] root]# pdbedit -a -m icfo-pc018 failed to add user dn= uid=icfo-pc018$,ou=Systems,dc=icfo,dc=es with: Object class violation object class 'sambaSamAccount' requires attribute 'sambaSID' failed to modify/add user with uid = icfo-pc018$ (dn = uid=icfo-pc018$,ou=Systems,dc=icfo,dc=es) Unable to add machine! (does it already exist?) [EMAIL PROTECTED] root]# smbpasswd -a -m icfo-pc018 Failed initialise SAM_ACCOUNT for user icfo-pc018$. Failed to modify password entry for user icfo-pc018$ And if I try to add the account automatically from the windows box, I get a The user name could not be found error. Here is an excerpt from the samba.cnf configuration file: [global] security = user passdb backend = ldapsam:ldap://localhost,guest ldap admin dn = cn=Admin,dc=icfo,dc=es ldap ssl = start tls ldap delete dn = no ldap user suffix = ou=People ldap machine suffix = ou=Systems,dc=icfo,dc=es ldap trust ids = yes ldap suffix = dc=icfo,dc=es ldap passwd sync = yes local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes wins support = yes I have not put an add machine script in the configuration file because, according to the smb.conf man file This option is only required when using sam back-ends tied to the Unix uid method of RID calculation such as smbpasswd. Unfortunately, I have been reading the HOWTO-collection, the man pages and searching with Google, but I don't know how to proceed from here :-( What am I doing wrong? Can anyone help? Thanks in advance! Goncal goncal (dot) badenes (at) upc.es -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] trouble joining new pdc with xp and 2000
I set up the new server suse 8.2 and samba 2.2.7 now when I try to join the pdc I get the following error occured try to join xxx the account used is a computer account. Use your global user account when accessing this server. I have removed the root user and rebuilt it with this command smbpasswd -a root I got into this mess because I was trying to get my machines to log into the domain They would join it just fine but then when they tryed to log in they would get the error that the domain controler was not available or the computer account was not right. here is my global config and some log verbage that seems appropo Thanks!!! global] workgroup = DNH netbios name = JHADOWIN encrypt passwords = Yes log file = /dnh/samba.log log level = 3 time server = Yes unix extensions = Yes socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY domain admin group = root philt nathan scame sture logon script = logon.bat logon path = \\%L\profiles\\%u\%m logon drive = h: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes adduser script = /usr/sbin/useradd -g machines -c NT Machine Account -d /dev/null -s /bin/false %m\$ [2003/08/12 02:03:09, 3] smbd/reply.c:reply_sesssetup_and_X(858) Domain=[] NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] [2003/08/12 02:03:09, 3] smbd/reply.c:reply_sesssetup_and_X(868) sesssetupX:name=[] [2003/08/12 02:03:09, 3] smbd/sec_ctx.c:push_sec_ctx(297) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2003/08/12 02:03:09, 3] smbd/uid.c:push_conn_ctx(286) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2003/08/12 02:03:09, 3] smbd/sec_ctx.c:set_sec_ctx(329) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2003/08/12 02:03:09, 3] smbd/sec_ctx.c:get_current_groups(172) get_current_groups: user is in 2 groups: 65533, 65534 [2003/08/12 02:03:09, 3] smbd/sec_ctx.c:pop_sec_ctx(436) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2003/08/12 02:03:09, 3] smbd/sec_ctx.c:get_current_groups(172) get_current_groups: user is in 2 groups: 65533, 65534 [2003/08/12 02:03:09, 3] smbd/password.c:register_vuid(336) uid 65534 registered to name nobody [2003/08/12 02:03:09, 3] smbd/password.c:register_vuid(338) Clearing default real name [2003/08/12 02:03:09, 3] smbd/password.c:register_vuid(340) User name: nobody Real name: nobody [2003/08/12 02:03:09, 3] smbd/process.c:chain_reply(1023) Chained message -- Absolute Internet Services (http://www.aiserve.net) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sun and Informatica invite you to a Web seminar
Sun and Informatica Present Metadata Solutions: Enabling the Intelligent Enterprise Date: Wednesday, August 27, 2003 Time: 11:00amPDT/1:00pmCDT/2:00pmEDT Duration: One hour In today's economy, having in-depth and accurate data is key to getting visibility across your enterprise. Metadata management is required to access the impact of change and improve operational performance. Understanding where your metadata originates, where it resides and how it is linked in the enterprise is important because it enables: More efficient use of information assets Faster systems response to changes in the business Greater confidence in the data driving business decisions and reporting Join David Marco - internationally recognized expert in the field of data warehousing, business intelligence and the world's foremost authority on metadata - as well as industry experts from Sun and Informatica, as they discuss why and how innovative organizations deploy enterprise-class metadata solutions for critical analytical needs and competitive advantage. Tune in on Wednesday, August 27th to hear how Sun and Informatica - both ranked among the top ten this year within the DM Review 100 - enable the intelligent enterprise with their proven formula for success. The combination of the SunOne Application Server with Informatica's new Superglue Platform offers flexible, scalable, web-based architecture for enabling an enterprise metadata strategy across integration and business intelligence initiatives. register now at - http://www.dmreview.com/master.cfm?NavID=267sourcecode=dmd081303txt To unsubscribe please contact [EMAIL PROTECTED] and put unsubscribe Web seminar in the subject line. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WINS Question?
I got the same message: querying pc1 on 10.1.1.251 wins_srv_died(): Could not mark WINS server 10.1.1.251 down. Address not found in server list. name_query failed to find name pc1 However, if I use the same command a query the Samba server I get this reponse; querying felix on 10.1.1.251 10.1.1.251 felix00 Muchas Gracias Manuel Casoluengo Villanueva Network Administrator Mexico Coty Inc. www.coty.com Office: +011525-54494260 fax: +011525-54494249 mailto:[EMAIL PROTECTED] This message is intended for the use of the addressee and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of the information contained in this message is strictly unauthorized and prohibited. If you have received this message in error, please notify the sender by reply e-mail and delete the message from your system. Opinions, conclusions, or other statements in this message which do not relate to the business of Coty Inc., its subsidiaries or affiliates, are neither given nor endorsed by Coty Inc. Martin Stacey [EMAIL PROTECTED] Enviado por: Para: Samba [EMAIL PROTECTED] [EMAIL PROTECTED]cc: .samba.org Asunto: [Samba] WINS Question? 06/08/2003 02:23 a.m. Por favor, responda a martin I have setup my Samba server as a WINS server using the wins support = yes parameter. My remote network can see the Samba server at our head office fine. I have also setup the WINS setting on my PC (W2K Pro box) to point to the IP address of my Samba server. When I do a nmblookup -R -U IP address of WINS server name of my PC on my Samba server I get this reponse; querying pc1 on 10.1.1.251 wins_srv_died(): Could not mark WINS server 10.1.1.251 down. Address not found in server list. name_query failed to find name pc1 However, if I use the same command a query the Samba server I get this reponse; querying felix on 10.1.1.251 10.1.1.251 felix00 Why isn't my Samba server storing the NetBIOS name of my PC? BTW, I am using Samba 2.2.7 supply by RH on a RH 7.3 box. Martin Stacey IT Support Manager Safcol Australia Pty Ltd -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba _ This message is intended for the use of the addressee and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of the information contained in this message is strictly unauthorized and prohibited. If you have received this message in error, please notify the sender by reply e-mail and delete the message from your system. Opinions, conclusions, or other statements in this message which do not relate to the business of Coty Inc., its subsidiaries or affiliates, are neither given nor endorsed by Coty Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Ref: Samba + Cups: don't succeed to print from Windows2000 station
I took into account your answer. I installed and recompiled samba 2.2.8a. I didn't load glibc2 (which is not delivered with the Suse distribution), but all seems to be OK. I then tried rpcclient with: enumdrivers, getdriver.It works fine now. But I still have problems when asking to print from a windows station. The window station find the printer, but when I ask to print a document or the test page,I get: Impossible to print: problem of configuration of printer. Try .. and: Test page could not be printed. Do you want . On my Linux server, I can print from the samba guest user: cups_samba_entry. Do you think it is a problem with cups or with samba ? What can I do or test ? Hi Nadine, I have edited your smb.conf to best match my own setup. Lines beginning with - sign should be commented out. By most of them there is a short comment why. Lines beginning with + sign are new lines I added to make it look more like my setup. It should work at your side, but don't forget to first create the default mode by accessing the printer as root and performing the ritual I described in on of my previous letters. Good luck. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba vs. Windows : significant difference intimestamp handling ?
... On my PCs the mtime remains unmodified. It's a weird thing if it happens under normal circumstances ... But if it only happens when you fake the identity from within the Office programs, well, I wouldn't bother really. I totally agree ! Fine. Use reiserfs and don't worry about ctime. Why? Does reiserfs handle ctime in a different way than other linux filesystems? -- Honza Houstek -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't See NT Domain
Hello all, I have a RH8 machine with samba 2.2.5 installed, and it is working fine except I can't see the ntdomain on the network. The ntdomain can see it but it can't see the NT domain. When I smb:/// I see my other samba domain twice on the network. My other samba domain controller is a RH9 machine and it can see and access all three different domains just fine. Does anyone have any ideas? Thanks all Dominic Iadicicco South Country Library __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ADS and Winbind - ldconfig error
Hi, this is not samba related, yust ignore it for now. (libpgtcl.so belongs to postgres, so something with your postgres-configuration/ installation is broken) Christoph [EMAIL PROTECTED] wrote: I have been installing samba3.0 on debian to authenticate users from a 2000 server (AD). Using the samba3.0 how to document I have compiled and installed OpenLDAP, libkrb5-dev, krb5-user and samba3.0. When going by the how to, I get to the stage of typing /sbin/ldconfig -v | grep winbind and linux responds with a error of /sbin/ldconfig: cannot stat /usr/lib/libpgtcl.so: No such file or directory. It is a link to another file so I deleted the link and recreated it and it did the same thing. So then I copied the executable file to the /usr/lib directory and it still had the same problem. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sun and Informatica invite you to a Web seminar
Sun and Informatica Present Metadata Solutions: Enabling the Intelligent Enterprise Date: Wednesday, August 27, 2003 Time: 11:00amPDT/1:00pmCDT/2:00pmEDT Duration: One hour In today's economy, having in-depth and accurate data is key to getting visibility across your enterprise. Metadata management is required to access the impact of change and improve operational performance. Understanding where your metadata originates, where it resides and how it is linked in the enterprise is important because it enables: More efficient use of information assets Faster systems response to changes in the business Greater confidence in the data driving business decisions and reporting Join David Marco - internationally recognized expert in the field of data warehousing, business intelligence and the world's foremost authority on metadata - as well as industry experts from Sun and Informatica, as they discuss why and how innovative organizations deploy enterprise-class metadata solutions for critical analytical needs and competitive advantage. Tune in on Wednesday, August 27th to hear how Sun and Informatica - both ranked among the top ten this year within the DM Review 100 - enable the intelligent enterprise with their proven formula for success. The combination of the SunOne Application Server with Informatica's new Superglue Platform offers flexible, scalable, web-based architecture for enabling an enterprise metadata strategy across integration and business intelligence initiatives. register now at - http://www.dmreview.com/master.cfm?NavID=267sourcecode=dmd081303txt To unsubscribe please contact [EMAIL PROTECTED] and put unsubscribe Web seminar in the subject line. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Slow Windows XP shared browsing.
On Mon, 2003-08-11 at 18:11, Matthew Scarrow wrote: Just a quick question about the ports you mentioned. What is port 445 used for in xp. see http://support.microsoft.com/default.aspx?scid=kb;en-us;Q204279. for more info I'm no expert but I think it's essentially smb over ip without the netbios stuff brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba vs. Windows : significant difference intimestamphandling?
and (now that i have your attention... :)) what software do you use to backup your reisersf/acls partitions? Excellent question. I use tar, but before I start it I do a getfacl --skip-base -R . and save the output in a file that is bound to be the first on tape. When I restore such a tarball I do setfacl --restore= and all the ACLs are restored in a fell swoop. It is unbelievable how much faster both operations execute on a reiserfs as compared to any other fs (2 orders of magnitude faster). If you do a partial restore, you don't usually need explicit setfacl because the newly restored files inherit the correct ACLs from the parent dir, except if they themselves have additional irregular ACLs. Still, I'd rather the ACLs were singly backed up and restored, which according to a samba guy is what Sun does in their version of tar - each ACLs-infected file has 2 entries, the first contains only the ACLs, which an ACL-aware tar reads and uses to restore the original ACLs, and the second is the normal tar of the file. An ACL-unaware tar just overwrites the ACLs data with the data. For smb clients (WinDoze boxen) I use smbclient's tarmode extension and am about to add full ACLs support although in most cases all of the ACLs on an M$ system are totally predictable so backing them up is kinda redundant, but every now and then someone complains about it so let's get it behind us once. as what i read was that you can use basically any backup program to backup the data, but usually the acls are not backed up. i heard amanda is supposed to be good? I don't know what amanda does. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] LDAP winbind
I have been searching a bit for documentation on the use of LDAP in conjunction with winbindd. Can anyone please point me to further documentation (if it exists) on the use of these two products together in Samba 3 and what functionality they provide as a whole solution? I know how winbind works but I am confused about the LDAP backend. Can winbind populate (and keep updated) the LDAP directory? As a little background... I have a Win2k PDC and am adding two new Redhat 9 Samba 3 servers. Does it make any sense to have LDAP in this environment? Winbind too? Jeremy, In my mind, if you already have a W2k PDC, then you shouldn't need LDAP in the mix. I'd point the new RH servers to the PDC with WINBINDD and be done with it. For what it's worth - just my 2 cents. -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printing to FreeBSD server from XP using samba
I don't know anything about BSD and you don't say which printing system you use (cups, lprng, whatever), but: Printing with samba is simple. Your client transfers the job to the print server spool directory. Then, the print command on the sever is invoked to print that file. Then, the file is removed. SO: Have you verified that the print job has been transferred to your print server? I do this by changing my printing command in smb.conf to something like print command = echo %s was transferred /tmp/junk. That way the job is never printed and it just stays in your spool directory with that funny long smb name. (Using cups, you can't change the print commands in smb.conf, they tell me.) Then, if the job got transferred, try to print the job using the print command that your system is supposed to use for this file. This file will have been filtered by the XP client before being sent, so, you have to send it to a raw queue, likely. Or, maybe your client is sending postscript formatted jobs. You don't say in your post. If you can print a file like this, then you just have to set up a queue with the appropriate printing commands to get it done. I leave nothing to chance, and specify all the printing commands in my print queue, like so: [lp] comment = Raw Printer for Z53 # max print jobs = 1 path = /tmp create mask = 0700 guest ok = yes hosts allow = 192.168. printable = Yes printing = lprng # print command = echo Tried to print %s /SPOOL/junk.%s # print command = echo %J %p %s /tmp/junkJ; /usr/bin/lpr -Plp -J'%J' %s; rm %s # print command = echo %J %p %s /tmp/junkJ; j=`echo %J | sed s/^.*-//`; /usr/bin/lpr -Plp -J'$j' %s; rm %s # print command = echo %J %p %s /tmp/junkJ; /usr/bin/lpr -Plp -J'%J' %s; rm %s print command = echo %J %p %s/tmp/junkJ;\ a=`echo '%J' | sed s/^.*- //` ;\ echo This is truncated $a /tmp/junkJ;\ /usr/bin/lpr -Plp -J$a %s;\ rm %s lpq command = /usr/bin/lpq -Plp lprm command = /usr/bin/lprm -Plp %j lppause command = /usr/sbin/lpc hold -Plp %j lpresume command = /usr/sbin/lpc release -Plp %j printer name = lp # printer driver = Lexmark Z53 Series ColorFine # printer driver location = \\HAMMER2\AllFiles\usr\local\samba\printer share modes = No My printcap file for lp is as follows: lp|LP|z53-outfiles:\ :sd=/var/spool/lpd/lp:\ :mx#0:\ :lp=/dev/lp0:\ :sh:rw: There is also another complication. The testpage that is generated by the printer setup program may not be sent through the usual filtering mechanism as a regular print job. Thus, if you are sending postscript formatted files to your printserver with a printer that can handle postscript files, this same queue may not be able to handle the raw format in which the test page is sent. Note: All this information is what I have gleaned by much trial and error. I don't know how much will apply to your setup. One more thing, you have a [printers] share and then a share written for your particular printer. You might consider getting rid of the [printers] share. Then, add a few things to the [lp] share, like a path, printable, etc. Joel On Wed, Aug 13, 2003 at 08:34:05PM +1000, David Lodeiro wrote: A couple of days ago I set up my printer on my FreeBSD server and set it up so I could print from my FreeBSD client. This all works very well, printing from botht the server and the FBSD client. However, I also have samba set up for file serving with an XP box. I have been trying for quite some time now to set samba up to enable me to print from the XP client. My situation at the moment is that the XP client can detect the printer in explorer, I can set up a printer using a wizard to print to it without any errors, however when I go to print a test page, nothing happens. No errors, no printout, and the wierdest part is that nothing shows up in either the que on my xp box or on the lpq on the server. I started the smbd and nmbd demons with debugger set to 10 to see if I could find something out Firstly the relevant part of my printcap file Canoni850|bjc800:\ :lp=/dev/lpt0:\ :sd=/var/spool/lpd/Canoni850:\ :lf=/var/spool/lpd/Canoni850/log:\ :mx#0:\ :sh: To handle all the raw printing ( ie. from windows ) And the relevent art of my smb.con [printers] comment = Printers path = /var/spool/lpd browseable = no printable = yes public = yes # create mode = 4777 [Canoni850] comment = Canoni850 path = /var/spool/lpd/Canoni850 browseable = yes printable = yes # printer driver = Canon i850 [lp] comment = FreeBSD printer browseable = no printable = yes Here is what I got in log.smbd with log level at 10 [2003/08/12 23:40:55, 5]
Re: [Samba] Manage user policy
On Tue, 12 Aug 2003, Kaspars wrote: Hi all, I interested in use Samba as PDC, but I want user account policy, that users use password not less than 8 symbols and users must change their password every 30 days... I search trough google, try little reading of many manuals, but didn`t find my answer... only what many people are interested in that too. btw, some ppl say that it can be done with new samba-3 and ldap, how, manuals? This can be done with Samba-3. You can set the password policy using: 1. Unix command line too is: pdbedit - see man page for pdbedit 2. Microsoft SrvTools.exe - can be installed on NT4 Workstation, Windows 200x / XP - use the Domain User Manager 3. Microsoft NEXUS.EXE - use this for domain management from Win 9x/Me - use the Domain User Manager - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] I'm confused about W2K rpcclient getdriver response
Hi, I'm trying to query a W2K PDC for printer driver information in order to install those same drivers on a SAMBA 2.2.7 server. I executed an enumdrivers ms-rpc call to get the list of drivers, but the getdriver command fails for all but a couple of the drivers. I've included a representative instance below: cmd = getdriver HP LaserJet 4050 Series PCL Error opening printer handle for HP LaserJet 4050 Series PCL! result was NT_STATUS_UNSUCCESSFUL The question is, who's generating the error? Is it the samba rpcclient program or is it the W2K server? Or can one even tell at all from the response? At this point I'm not sure where to start looking. -- Rob _ _ _ _ __ _ _ _ _ /\_\_\_\_\/\_\ /\_\_\_\_\_\ /\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT, /\/_/__\/_/ __/\/_//\/_/ PROFUNDUM VIDITUR /\/_/_/_/_/ /\_\ /\/_//\/_/ /\/_/ \/_/ /\/_/_/\/_//\/_/ (Whatever is said in Latin \/_/ \/_/ \/_/_/_/_/ \/_/ appears profound) Rob Tanner UNIX Services Manager Linfield College, McMinnville OR (503) 434-2558 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 with partial AD integration
I have Samba 3.0 b3 installed with Kerberos 5. I get my ticket fine from the Win2K server. I'm having trouble finding out for sure some of these questions in relation to Samba 3.0. 1) Does winbind still have to be used to map UIDs and GIDs? Most stuff lists that this is for NT networks. Is this totally replaced by LDAP? 2) It there a guide out there for setting up LDAP with Kerberos 5 and Samba 3.0? Chapter 11 of the How to says that the schema section is out-of-date in reference to Samba 3. 3) Can LDAP be used to allow AD users to log in without a local account? If so how? 4) Still looking for a GUI Samba browser that will use my Kerberos ticket to log into machines in that realm. :( Any help would be greatly appreciated. Adam Oliver System Administrator Microsoft Certified Professional Even in trifling matters the depths of one's heart can be seen. From Hagakure, The Book of the Samurai -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba vs. Windows : significant difference intimestamp handling ?
Fine. Use reiserfs and don't worry about ctime. But reiserfs doesn´t support ACLs. Does it? Oh yes, it does. Big way. ?? I was under the impression that if i wanted acls, i should use xfs, ext3 (or jsf i believe) but NOT reisersf. Am I wrong? Does (for example) SuSE 8.2 with reisersf support acls out-of-the-box? And another, related, question: Which fs w/ acls do you (the experts here) recommend? I know that there are several alternatives, but which one has your preference, and why? (keeping things like maturity, stablity, various degrees of acl support (i don't know...?), ease of backup, all these sorts of things in mind) As I am about to upgrade our nt4 domain, and this is the time to take decisions like that. I would like to use SuSE 82 w/ reiserfs, * if it supports acls* (and I was under the impression that it didn't) Yours, mourik jan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] User directories and groups usage
Morning everyone. I was playing around today with our PDC setup. One thing I noticed is that when I setup users to have their 'My Documents' directory be /home/user everything works well. One thing I noticed is that the directory, subdirectories and files have the owner of the user and the group as per assigned, and permissions as 700. If I wanted to set it up so a specific group would get assigned the group for everyones /home/user as well as specific permissions, would I need to add something like the following to my smb.conf, under the homes section: [homes] comment = Home Directories browseable = no writable = yes force group = daffy force create mode = 770 force directory mode = 440 Which should set the group to 'daffy' for all files and directories created as well as set the new files with 770 and new directories as 440. That look about right? Thanks. Jason -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba + Cups: don't succeed to print from Windows 2000station
My samba version (on Suse distribution) is 2.2.7a-58. Can and must I a also this patch on this version and/or must I load samba 2.2.8 with the patch ? SuSE 8.2, I presume. You should really get 2.2.8a sources compressed with bzip2. Look for the files samba-2.2.8a.tar.bz2 and samba-vscan-0.3.2a.tar.bz2 at a samba mirror). Enclosed is a small bzip2-compressed tarball with the other things that SuSE uses to build samba as an RPM, but including the patch for bugs #52, #82 and #102. All of them are checked in 3.0betas but not yet consolidated in a new 2.x release (perhaps there will be no more 2.x releases). You should put both samba sources in the directory /usr/src/packages/SOURCES and unpack my tarball there with bzip2 -d samba.deps.tbz2 | tar xvf - and then execute: rpm -bb samba.spec 21 | tee /tmp/228a.build while still in that directory (the T-joint is so that you may have a log of what happened in case anything goes wrong so someone can have a look at it and tell you what). The following suite of installable RPM packages will then be created in /usr/src/packages/RPMS/i386 directory, which you may use to install patched samba properly with the command rpm -Uhv libsmbclient* samba*: libsmbclient-2.2.8a-4.i386.rpm libsmbclient-devel-2.2.8a-4.i386.rpm samba-2.2.8a-4.i386.rpm samba-client-2.2.8a-4.i386.rpm samba-doc-2.2.8a-4.i386.rpm samba-vscan-0.3.2a-0.i386.rpm Building samba means you need to have the gcc compiler and various devel libraries installed on your computer (they can be found on your distro's media), but when all is in place you only need patience. It takes a while (20'25 on my PC). The libraries needed: ncurses-devel, readline-devel, security, libacl-devel, libattr-devel, popt-devel, cups-devel, openssl, openssl-devel, pam-devel, openldap2-devel, gdbm, gdbm-devel, glibc-devel, glibc2-devel, glib-devel This might look like an overkill and perhaps it is. If someone knows better, please correct me. I haven't seen a manifest of required libraries anywhere but many people (including me) fail to build samba because one or other library is missing and it's not very obvious which one. Good luck, Nadine. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Server-side printer settings?
Hi all! I have a situtation that I want to get happening: We have just installed a colour photocopier with duplexing at a client's office. We're looking to have four printers pointing at this one device, with the following settings (one for each printer): * Black and White * Black and White, Duplexed * Colour * Colour Duplexed My question is, can we have server-side settings for this sort of thing? My reading of the rpcclient man page says that servers can contain settings, but I would like to be able to do the following: * Specify which users can modify the settings for themselves and those that can't * Specify which users can update the server-side settings * (If possible but highly unlikely) Specify which parts of the printer settings can be modified in the first case All responses that make me smarter welcome! Regards, Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba vs. Windows : significant difference intimestamphandling?
Fine. Use reiserfs and don't worry about ctime. Why? Does reiserfs handle ctime in a different way than other linux filesystems? It's not supposed to given the same instructions from clients but it appears to because perhaps it elicits different kind of response from Office. Maybe Office behaves different when the samba server's fs is reiser. Quite interesting. Can you describe any particular case of a different behavior (samba + ext2 vs. samba + reiser)? I really wonder where the roots of such differences are. Sorry to disappoint you, Honza. After I evaluated the major linux fs's I selected reiserfs and used it ever since. It just happens that the owner of this thread described a behaviour of Office software which I couldn't confirm on my own system. Since the only difference was the kind of fs I assumed that perhaps Office treats reiserfs slightly different than ext3. I may be wrong because some other difference in samba setup might as well be the cause but it's only a working hypothesis. It's not as though I said the moon is gonna fall from the sky tonight. Just that Office leaving mtime alone on my system instead of updating it, as it does on other people's system, might, just might, be because when Windows/Office negotiates what it can/can't do with a remote fs the checklist is in some small detail different for samba/reiserfs. In any case, reiserfs is superior to or at least as good as any other Linux fs. I do not discuss quality of the filesystems. I thought that there were no differences in the way of using access times between all linux native filesystems (ext2/3, reiser, xfs, jfs). There shouldn't be any differences. The difference pops up when a 3d party software like Office joins the game. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem adding server to domain using ldap
To make things more of a joke, I can browse the samba server with credentials of administrator and the appropriate password and access what is set as the home for administrator. Larry Brown wrote: I followed the howto's that I could find and believe I am close. However, I'm getting a message from the Windows2000 box I'm trying to add to the domain that the user (administrator) doesn't exist. I have the machine name added to the ldap server with machineName$ as its UID. I have been able to add a win98 box to the domain and login as administrator so I know samba is using the ldap for authentication (administer account doesn't exist on the samba box). However, the message stating the user doesn't exist persists. Does anyone have any idea what I'm missing? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Access denied when printing to Samba printers
Ben Finney wrote: The Win2000 client, when attempting to print a test page to the printer, immediately responds with Access denied and an offer to lead me through the printer troubleshooting help. Some other points that may be relevant: At one point I was using security = ads in an attempt to get things working; however, the (brief) success was had with security = domain. I'm still seeing krb5 messages though; is it possible to authenticate against a Win2000 Active Directory domain, in mixed mode, without using kerberos? I'm using winbindd via PAM, and set up /etc/pam.d/login and /etc/pam.d/samba such that authentication appears to be working. I'm happy to be told that this may be affecting it, if only someone can help me diagnose it. -- Ben Finney [EMAIL PROTECTED] IT Technical Support Officer Support Centre, The Muir Electrical Company ph: +61 3 9338 4300 web: http://www.thegoodguys.com.au/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba v3b3, SuSE 8.0 enterprise,heimdal 0.6,openssl ADS issues
Thanks to all who pointed me in the right direction, I got this working, wooho! -- The opinions expressed herein are my own and do not necessarily reflect those of my employers -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba